diff options
-rw-r--r-- | .SRCINFO | 12 | ||||
-rw-r--r-- | .gitignore | 3 | ||||
-rw-r--r-- | PKGBUILD | 28 |
3 files changed, 43 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..28ed98848cf3 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,12 @@ +pkgbase = witness + pkgdesc = Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance. + pkgver = 0.1.12 + pkgrel = 1 + url = https://github.com/testifysec/witness + arch = any + license = Apache + makedepends = go + source = witness-0.1.12.tar.gz::https://github.com/testifysec/witness/archive/v0.1.12.tar.gz + sha256sums = e02ee5cb340f9f703ea2204a4aed1d506c547979ca02155ad909968835ea5b19 + +pkgname = witness diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000000..b774d65f9ddb --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +pkg +build +witness-* diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..dfaed01f4e87 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,28 @@ +# Maintainer: Aditya Sirish <aditya@saky.in> + +pkgname=witness +pkgver=0.1.12 +pkgrel=1 +pkgdesc="Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance." +arch=('any') +license=('Apache') +url="https://github.com/testifysec/witness" +makedepends=('go') +source=("$pkgname-$pkgver.tar.gz::$url/archive/v$pkgver.tar.gz") +sha256sums=('e02ee5cb340f9f703ea2204a4aed1d506c547979ca02155ad909968835ea5b19') + +build() { + export CGO_CPPFLAGS="${CPPFLAGS}" + export CGO_CFLAGS="${CFLAGS}" + export CGO_CXXFLAGS="${CXXFLAGS}" + export CGO_LDFLAGS="${LDFLAGS}" + export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=readonly -modcacherw" + + cd "$pkgname-$pkgver" + go build -o bin/${pkgname} +} + +package() { + cd "$pkgname-$pkgver" + install -Dm 755 -t "${pkgdir}/usr/bin" bin/${pkgname} +} |