From 565491f8b3480cd48c550d2319e48f6526765cc2 Mon Sep 17 00:00:00 2001 From: Paul Stemmet Date: Sat, 20 Apr 2024 13:18:59 +0000 Subject: [PATCH] debian: add rules for open-vault Largely inherited from the open-consul build, however Vault's build requires separate steps for the UI component, and a more complex ldflags. --- debian/rules | 86 +++++++++++++++++++++++++++++++++++++++++ debian/vault-ldflags.sh | 17 ++++++++ 2 files changed, 103 insertions(+) create mode 100755 debian/rules create mode 100755 debian/vault-ldflags.sh diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..82606f5 --- /dev/null +++ b/debian/rules @@ -0,0 +1,86 @@ +#!/usr/bin/make -f + +# Defines: +# DEB_SOURCE +# DEB_VERSION +# DEB_VERSION_EPOCH_UPSTREAM +# DEB_VERSION_UPSTREAM_REVISION +# DEB_VERSION_UPSTREAM +# DEB_DISTRIBUTION +# SOURCE_DATE_EPOCH +include /usr/share/dpkg/pkg-info.mk + +#export DH_VERBOSE := 1 + +PKGNAME := open-vault +PKGALIAS := vault +PKGDIR := debian/$(PKGNAME) +SRCDIR := debian +BUILDDIR := dist +BUILDDATE := $(shell date -u '+%Y-%m-%dT%H:%M:%SZ' -d @$(SOURCE_DATE_EPOCH)) + +export DH_OPTIONS +export DEB_BUILD_OPTIONS ?= terse +export DEB_BUILD_MAINT_OPTIONS := hardening=+all +export YARNCACHE := /tmp/yarncache +export GO111MODULE := on +export GOFLAGS := -buildmode=pie -trimpath -mod=readonly -modcacherw +export GOCACHE := /tmp/gocache +export GOPATH := /tmp/gopath +export GOPROXY := https://proxy.golang.org,direct +export CGO_LDFLAGS = $(LDFLAGS) +export CGO_CFLAGS = $(CFLAGS) +export CGO_CPPFLAGS = $(CPPFLAGS) +export CGO_CXXFLAGS = $(CXXFLAGS) +# dh_golang doesn't do this for you +ifeq ($(DEB_HOST_ARCH), i386) + export GOARCH := 386 +else ifeq ($(DEB_HOST_ARCH), amd64) + export GOARCH := amd64 +else ifeq ($(DEB_HOST_ARCH), armhf) + export GOARCH := arm +else ifeq ($(DEB_HOST_ARCH), arm64) + export GOARCH := arm64 +endif + +%: + dh $@ --builddirectory=$(BUILDDIR) --buildsystem=golang --with=golang + +override_dh_clean: + rm -f debian/debhelper.log + dh_clean + +override_dh_auto_configure: + mkdir -p $(BUILDDIR) $(GOCACHE) $(GOPATH) $(YARNCACHE) /tmp/builder + setfacl -m "default:group::rwx" $(GOCACHE) $(GOPATH) $(YARNCACHE) /tmp/builder + mv $(SRCDIR)/$(PKGNAME).service $(SRCDIR)/$(PKGNAME).$(PKGALIAS).service + mv $(SRCDIR)/$(PKGNAME).default $(SRCDIR)/$(PKGNAME).$(PKGALIAS).default + mv $(SRCDIR)/$(PKGNAME).sysusers $(SRCDIR)/$(PKGNAME).$(PKGALIAS).sysusers + yarnpkg config set cacheFolder $(YARNCACHE) + ( cd "ui" && yarnpkg install ) + go mod download + $(SRCDIR)/vault-ldflags.sh \ + "v$(DEB_VERSION_UPSTREAM)" "$(DEB_VERSION)" "$(BUILDDATE)" \ + > $(BUILDDIR)/.ldflags + +override_dh_auto_build: + ( cd "ui" ; npm rebuild node-sass ; yarnpkg run build ) + go build -tags ui -ldflags "$$(< $(BUILDDIR)/.ldflags)" -o $(BUILDDIR) . + +override_dh_auto_install: + dh_installsysusers --name=$(PKGALIAS) + + install -D -m755 $(BUILDDIR)/vault $(PKGDIR)/usr/bin/$(PKGALIAS) + +override_dh_auto_test: + # Check vault runs and is the correct version + $(BUILDDIR)/vault --version | head -1 | grep -qF -- "v$(DEB_VERSION_UPSTREAM)" + +override_dh_installsystemd: + dh_installsystemd --name=$(PKGALIAS) + +override_dh_installinit: + dh_installinit --name=$(PKGALIAS) + +override_dh_golang: + @echo "Skipping! dh_golang does not support external GOPATH build depends..." diff --git a/debian/vault-ldflags.sh b/debian/vault-ldflags.sh new file mode 100755 index 0000000..f4903c8 --- /dev/null +++ b/debian/vault-ldflags.sh @@ -0,0 +1,17 @@ +#!/bin/sh + +# Small shim to properly generate the ldflags +# Vault expects for its buildconf + +xpath=github.com/hashicorp/vault/sdk/version +version=$1 commit=$2 builddate=$3 + +printf -- '%s ' \ + "-linkmode=external" \ + "-compressdwarf=false" \ + $( + printf -- "-X ${xpath}.%s " \ + "Version=${version}" \ + "GitCommit=${commit}" \ + "BuildDate=${builddate}" + )