mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-08-05 21:37:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
280568d50b
aports/community/vault/APKBUILD

117 lines
3.5 KiB
Plaintext
Raw Blame History

# Contributor: Hoang Nguyen <folliekazetani@protonmail.com>
# Contributor: Christian Kampka <christian@kampka.net>
# Contributor: omni <omni+alpine@hack.org>
# Maintainer: Mike Crute <mike@crute.us>
pkgname=vault
pkgver=1.13.2
pkgrel=0
pkgdesc="Tool for encryption as a service, secrets and privileged access management"
url="https://www.vaultproject.io/"
# riscv64: ftbfs
# arm: https://github.com/golang/go/issues/58425
arch="all !armhf !armv7 !riscv64"
license="MPL-2.0"
makedepends="libcap-utils make go python3 nodejs npm yarn"
install="$pkgname.pre-install"
pkgusers="vault"
pkggroups="vault"
subpackages="$pkgname-openrc"
options="!check"
source="$pkgname-$pkgver.tar.gz::https://github.com/hashicorp/vault/archive/v$pkgver.tar.gz
vault.confd
vault.hcl
vault.initd
"
# secfixes:
# 1.13.2-r0:
# - CVE-2023-2197
# 1.11.4-r0:
# - CVE-2022-41316
# 1.9.4-r0:
# - CVE-2022-25243
# - CVE-2022-25244
# 1.7.2-r0:
# - CVE-2021-32923
# 1.7.1-r0:
# - CVE-2021-27400
# - CVE-2021-27668
# 1.6.3-r0:
# - CVE-2021-3282
# 1.5.7-r0:
# - CVE-2020-25594
# - CVE-2021-3024
# 1.5.6-r0:
# - CVE-2020-35177
# 1.5.4-r0:
# - CVE-2020-16250
# - CVE-2020-16251
# - CVE-2020-17455
# - CVE-2020-25816
# 1.4.3-r0:
# - CVE-2020-13223
export CGO_ENABLED=0
export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}"
export GOTMPDIR="${GOTMPDIR:-"$srcdir"}"
export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"
export GOFLAGS="$GOFLAGS -trimpath -mod=readonly -modcacherw"
build() {
# Runs go-get to fetch tools dependencies
make bootstrap
# Build plugins
grep "^[a-z].*plugin[:]" Makefile | cut -f1 -d: | while IFS= read -r plugin; do
echo "--> Building $plugin"
make "$plugin"
done
# Build Web UI
#
# JOBS needs to be limited because the builders have many cores which
# causes nodejs to run a thread per core and crash with std::bad_alloc
# errors
case "$CARCH" in
# sass C library fails to link with musl on x86
x86) _gotags="vault";;
*)
JOBS=4 NODE_OPTIONS="--openssl-legacy-provider" make static-dist
_gotags="vault ui" ;;
esac
local _goldflags="
-X github.com/hashicorp/vault/sdk/version.Version=$pkgver
-X github.com/hashicorp/vault/sdk/version.GitCommit=AlpineLinux
-X github.com/hashicorp/vault/sdk/version.BuildDate=$(date ${SOURCE_DATE_EPOCH:+ -d@${SOURCE_DATE_EPOCH}} "+%Y-%m-%dT%H:%M:%SZ")
"
go build -v -o bin/$pkgname -ldflags "$_goldflags" -tags "$_gotags"
}
package() {
install -m755 -D "$srcdir/$pkgname.initd" \
"$pkgdir/etc/init.d/$pkgname"
install -m644 -D "$srcdir/$pkgname.confd" \
"$pkgdir/etc/conf.d/$pkgname"
install -m755 -o root -g vault -D bin/$pkgname \
"$pkgdir/usr/sbin/$pkgname"
# Allow vault to use mlock as "vault" user.
setcap cap_ipc_lock=+ep \
"$pkgdir/usr/sbin/$pkgname"
install -m640 -o root -g vault -D "$srcdir/$pkgname.hcl" \
"$pkgdir/etc/$pkgname.hcl"
install -m750 -o vault -g vault -d "$pkgdir/var/lib/$pkgname"
}
sha512sums="
4cd63c9e1cab1f393d08930b9f608611aa5ed24dae98165e588f4347f10c232a3e7ebf547ff2a6c5e4f82884f9cfbf855bb0d2f8d4bb6a36bcf3c5687e59202d vault-1.13.2.tar.gz
6f3f30e5c9d9dd5117f18fce0e669f0cd752a6be4910405d6b394f15273372731ee887a5ba4c700293e5b8bc2bf40fd69d4337156f77b03549d2dc2c0a666bec vault.confd
eed200a6db0686a9f9948a2fce151340125cddc209522b4b6de22c447c78296eaf948c80ee8fd241e0093df6409477f2de1aea23edb97f27a4427396fe03ad2f vault.hcl
9a1846a10eff015cf7d4c8c2c20540c125213302925e54bdfae1c1ec9c43bf0e97b3433c041615c9fdc7d5e9468a0f606321991c597af3be92025bd5042c08df vault.initd
"
Reference in New Issue View Git Blame Copy Permalink