blob: 5ffbef0e60f6043fe8d5bf436aa54081ffdd4d8a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
# Contributor: Christian Kampka <christian@kampka.net>
# Contributor: omni <omni+alpine@hack.org>
# Maintainer: Gennady Feldman <gena01@gmail.com>
pkgname=vault
pkgver=1.7.4
pkgrel=1
pkgdesc="tool for encryption as a service, secrets and privileged access management"
url="https://www.vaultproject.io/"
arch="all"
license="MPL-2.0"
makedepends="libcap bash make go python3 go-bindata-assetfs"
install="$pkgname.pre-install"
pkgusers="vault"
pkggroups="vault"
subpackages="$pkgname-openrc"
options="!check"
source="$pkgname-$pkgver.tar.gz::https://github.com/hashicorp/vault/archive/v$pkgver.tar.gz
vault.confd
vault.hcl
vault.initd
"
# secfixes:
# 1.7.4-r0:
# - CVE-2021-38554
# 1.7.2-r0:
# - CVE-2021-32923
# 1.7.1-r0:
# - CVE-2021-27400
# - CVE-2021-27668
# 1.6.3-r0:
# - CVE-2021-3282
# 1.5.7-r0:
# - CVE-2020-25594
# - CVE-2021-3024
# 1.5.6-r0:
# - CVE-2020-35177
# 1.5.4-r0:
# - CVE-2020-16250
# - CVE-2020-16251
# - CVE-2020-17455
# - CVE-2020-25816
# 1.4.3-r0:
# - CVE-2020-13223
build() {
export GOFLAGS="$GOFLAGS -trimpath -mod=readonly -modcacherw"
make prep
go build -v -o bin/$pkgname \
-ldflags "-X github.com/hashicorp/vault/version.GitDescribe='$pkgver'"
}
package() {
install -m755 -D "$srcdir/$pkgname.initd" \
"$pkgdir/etc/init.d/$pkgname"
install -m644 -D "$srcdir/$pkgname.confd" \
"$pkgdir/etc/conf.d/$pkgname"
install -m755 -o root -g vault -D bin/$pkgname \
"$pkgdir/usr/sbin/$pkgname"
# Allow vault to use mlock as "vault" user.
setcap cap_ipc_lock=+ep \
"$pkgdir/usr/sbin/$pkgname"
install -m640 -o root -g vault -D "$srcdir/$pkgname.hcl" \
"$pkgdir/etc/$pkgname.hcl"
install -m750 -o vault -g vault -d "$pkgdir/var/lib/$pkgname"
}
sha512sums="
ec2f13741a182f1127424cd135ca1d5e9000e5e1cb3410135d805ff5cebb728091ffd67c7fea2134b1488ec13c8e298683adae23cb7ef87d8d35404ffddf9be3 vault-1.7.4.tar.gz
6f3f30e5c9d9dd5117f18fce0e669f0cd752a6be4910405d6b394f15273372731ee887a5ba4c700293e5b8bc2bf40fd69d4337156f77b03549d2dc2c0a666bec vault.confd
eed200a6db0686a9f9948a2fce151340125cddc209522b4b6de22c447c78296eaf948c80ee8fd241e0093df6409477f2de1aea23edb97f27a4427396fe03ad2f vault.hcl
9a1846a10eff015cf7d4c8c2c20540c125213302925e54bdfae1c1ec9c43bf0e97b3433c041615c9fdc7d5e9468a0f606321991c597af3be92025bd5042c08df vault.initd
"
|
