APKBUILD 2.46 KB
Newer Older
Christian Kampka's avatar
Christian Kampka committed
1
# Contributor: Christian Kampka <christian@kampka.net>
omni's avatar
omni committed
2
# Contributor: omni <omni+alpine@hack.org>
3
# Maintainer: Gennady Feldman <gena01@gmail.com>
Christian Kampka's avatar
Christian Kampka committed
4
pkgname=vault
5
pkgver=1.8.0
omni's avatar
omni committed
6
pkgrel=0
omni's avatar
omni committed
7
pkgdesc="tool for encryption as a service, secrets and privileged access management"
Christian Kampka's avatar
Christian Kampka committed
8
url="https://www.vaultproject.io/"
omni's avatar
omni committed
9
arch="all"
10
license="MPL-2.0"
Leo's avatar
Leo committed
11
makedepends="libcap bash make go python3 go-bindata-assetfs"
12
install="$pkgname.pre-install"
Christian Kampka's avatar
Christian Kampka committed
13
14
pkgusers="vault"
pkggroups="vault"
15
subpackages="$pkgname-openrc"
16
options="!check"
Leo's avatar
Leo committed
17
source="$pkgname-$pkgver.tar.gz::https://github.com/hashicorp/vault/archive/v$pkgver.tar.gz
18
19
	vault.confd
	vault.hcl
Leo's avatar
Leo committed
20
21
	vault.initd
	"
Christian Kampka's avatar
Christian Kampka committed
22

23
# secfixes:
24
25
#   1.7.2-r0:
#     - CVE-2021-32923
26
27
28
#   1.7.1-r0:
#     - CVE-2021-27400
#     - CVE-2021-27668
omni's avatar
omni committed
29
30
#   1.6.3-r0:
#     - CVE-2021-3282
31
32
33
#   1.5.7-r0:
#     - CVE-2020-25594
#     - CVE-2021-3024
34
35
#   1.5.6-r0:
#     - CVE-2020-35177
36
37
38
39
40
#   1.5.4-r0:
#     - CVE-2020-16250
#     - CVE-2020-16251
#     - CVE-2020-17455
#     - CVE-2020-25816
41
42
43
#   1.4.3-r0:
#     - CVE-2020-13223

44
45
46
47
48
49
50
51
prepare() {
	default_prepare
	# fix build on riscv64
    go mod edit -replace \
        github.com/prometheus/procfs=github.com/prometheus/procfs@v0.6.0
    go mod download github.com/prometheus/procfs
}

Christian Kampka's avatar
Christian Kampka committed
52
build() {
omni's avatar
omni committed
53
	export GOFLAGS="$GOFLAGS -trimpath -mod=readonly -modcacherw"
54
55
	make prep
	go build -v -o bin/$pkgname \
Kevin Daudt's avatar
Kevin Daudt committed
56
		-ldflags "-X github.com/hashicorp/vault/version.GitDescribe='$pkgver'"
Christian Kampka's avatar
Christian Kampka committed
57
58
59
}

package() {
60
	install -m755 -D "$srcdir/$pkgname.initd" \
61
		"$pkgdir/etc/init.d/$pkgname"
62
63

	install -m644 -D "$srcdir/$pkgname.confd" \
64
		"$pkgdir/etc/conf.d/$pkgname"
65

66
	install -m755 -o root -g vault -D bin/$pkgname \
67
		"$pkgdir/usr/sbin/$pkgname"
68

69
70
	# Allow vault to use mlock as "vault" user.
	setcap cap_ipc_lock=+ep \
71
		"$pkgdir/usr/sbin/$pkgname"
72

73
	install -m640 -o root -g vault -D "$srcdir/$pkgname.hcl" \
74
		"$pkgdir/etc/$pkgname.hcl"
75

76
	install -m750 -o vault -g vault -d "$pkgdir/var/lib/$pkgname"
Christian Kampka's avatar
Christian Kampka committed
77
}
78

79
sha512sums="
80
493b109d4a8c20ce4600c5a9e6d2e39aaf7ef24e2bbb9f614f8eeb58989293d34f1b54d24b23195c66163fd90f47c19ee46cd38980d264cad163311d133b58f2  vault-1.8.0.tar.gz
Christian Kampka's avatar
Christian Kampka committed
81
6f3f30e5c9d9dd5117f18fce0e669f0cd752a6be4910405d6b394f15273372731ee887a5ba4c700293e5b8bc2bf40fd69d4337156f77b03549d2dc2c0a666bec  vault.confd
Henrik Riomar's avatar
Henrik Riomar committed
82
eed200a6db0686a9f9948a2fce151340125cddc209522b4b6de22c447c78296eaf948c80ee8fd241e0093df6409477f2de1aea23edb97f27a4427396fe03ad2f  vault.hcl
83
84
9a1846a10eff015cf7d4c8c2c20540c125213302925e54bdfae1c1ec9c43bf0e97b3433c041615c9fdc7d5e9468a0f606321991c597af3be92025bd5042c08df  vault.initd
"