blob: b07acf93231bd5545d7f64ce0a790900cb7c5c58 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
# Maintainer: Ariadne Conill <ariadne@dereferenced.org>
pkgname=cosign
pkgver=2.0.1
pkgrel=6
pkgdesc="container signing tool with support for ephemeral keys and Sigstore signing"
url="https://github.com/sigstore/cosign"
arch="all"
license="Apache-2.0"
# pcsc-lite-libs needed at runtime for smartcard support
depends="pcsc-lite-libs"
makedepends="go pcsc-lite-dev"
# NOTE: We can't use the default bashcomp, etc splitters because they take everything,
# the default splitters should be improved somehow.
subpackages="
sget
sget-bash-completion:_sget_bashcomp
sget-fish-completion:_sget_fishcomp
sget-zsh-completion:_sget_zshcomp
$pkgname-bash-completion
$pkgname-fish-completion
$pkgname-zsh-completion
"
source="https://github.com/sigstore/cosign/archive/v$pkgver/cosign-$pkgver.tar.gz"
options="chmod-clean !check"
# secfixes:
# 1.12.1-r0:
# - CVE-2022-36056
# 1.10.1-r0:
# - CVE-2022-35929
# 1.5.2-r0:
# - CVE-2022-23649
export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}"
export GOTMPDIR="${GOTMPDIR:-"$srcdir"}"
export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"
build() {
mkdir build
go build -o build/ \
-tags -tags=pivkey,pkcs11key \
-ldflags=-X=sigs.k8s.io/release-utils/version.gitVersion="v$pkgver" \
"$builddir"/cmd/...
for i in bash fish zsh; do
"$builddir"/build/cosign completion $i > "$builddir"/cosign.$i
"$builddir"/build/sget completion $i > "$builddir"/sget.$i
done
}
check() {
make test
}
package() {
install -Dm755 "$builddir"/build/cosign "$pkgdir"/usr/bin/cosign
install -Dm755 "$builddir"/build/sget "$pkgdir"/usr/bin/sget
for i in cosign sget; do
install -Dm644 "$builddir"/$i.bash "$pkgdir"/usr/share/bash-completion/completions/$i
install -Dm644 "$builddir"/$i.fish "$pkgdir"/usr/share/fish/completions/$i.fish
install -Dm644 "$builddir"/$i.zsh "$pkgdir"/usr/share/zsh/site-functions/_$i
done
}
sget() {
pkgdesc="secure container image fetching tool"
amove /usr/bin/sget
}
_sget_bashcomp() {
amove /usr/share/bash-completion/completions/sget
}
_sget_fishcomp() {
amove /usr/share/fish/completions/sget.fish
}
_sget_zshcomp() {
amove /usr/share/zsh/site-functions/_sget
}
sha512sums="
2d8ce3c495818091e8077503fd2266bd0f3d8ee8a76f2a9b27ab1ab1cf1e2a01fee3ce6138f54d634015010d80e8193f79a8029dd3eb7a09c4b457be16ee4e50 cosign-2.0.1.tar.gz
"
|
