blob: e6a09ce9b9cebfad479460bcb7f9038c5890fbf4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
# Maintainer: Vitalii Kuzhdin <vitaliikuzhdin@gmail.com>
_pkgname="openfga"
pkgname="${_pkgname}-bin"
pkgver=1.14.2
pkgrel=1
pkgdesc="High performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar"
arch=(
'aarch64'
'i686'
'x86_64'
)
url="https://openfga.dev"
_url="https://github.com/${_pkgname}/${_pkgname}"
license=(
'Apache-2.0'
)
makedepends=(
'cosign'
'slsa-verifier'
)
provides=(
"${_pkgname}"
)
conflicts=(
"${_pkgname}"
)
backup=(
"etc/${_pkgname}"
)
_pkgsrc="${_pkgname}-${pkgver}"
source=(
"${_pkgname}."{service,sysusers,tmpfiles,yaml}
"${_pkgsrc}-README.md::${_url}/raw/refs/tags/v${pkgver}/README.md"
"${_pkgsrc}-CHANGELOG.md::${_url}/raw/refs/tags/v${pkgver}/CHANGELOG.md"
"${_pkgsrc}-LICENSE::${_url}/raw/refs/tags/v${pkgver}/LICENSE"
"${_pkgsrc}-checksums.txt::${_url}/releases/download/v${pkgver}/checksums.txt"
"${_pkgsrc}-checksums.txt.pem::${_url}/releases/download/v${pkgver}/checksums.txt.pem"
"${_pkgsrc}-checksums.txt.cosig::${_url}/releases/download/v${pkgver}/checksums.txt.sig" # rename to not confuse OpenPGP
"${_pkgsrc}.intoto.jsonl::${_url}/releases/download/v${pkgver}/${_pkgname}.intoto.jsonl"
)
source_aarch64=(
"${_url}/releases/download/v${pkgver}/${_pkgsrc//-/_}_linux_arm64.tar.gz"
)
source_i686=(
"${_url}/releases/download/v${pkgver}/${_pkgsrc//-/_}_linux_386.tar.gz"
)
source_x86_64=(
"${_url}/releases/download/v${pkgver}/${_pkgsrc//-/_}_linux_amd64.tar.gz"
)
sha256sums=('6f5b8d7257f4158b3800346d9fa0679e1041c92987b0303f04439a54e3488580'
'0236b9c80bc4a6ca17c0cc5cae1091a0225cdc29163667661353d42927ecb1e7'
'ac8e4f66ab7fd0540f58d3de61940f0dea1494fa05b4b984796c1db41a053ea1'
'1929be63a6466a045939235754e2d2cfd4ca430c304698a6089614c6b8eec6d1'
'd805fc7020dce2918bcb4b084a680c46c068fb3f42877f624b3d9e98c2f6af24'
'5cfb534f5a1a7addc8c2aff1a1b10f051964405f025c03c436b9e7c921d392ce'
'1c46d7b2bed94d457d745f28cabeb31f8d6c81dd9035bc5d24039989ee1e1bff'
'82afcae37f141cfe724e7e54b32e8a221fe5adbc912eb36e4942ffb9d762f614'
'e850b3233953d0d0d0bdb4f5dc154a1ebab6d10b2e992be986cae5c6b7aeb461'
'f3ea4673276d3a61a5cef2cc66be23f45a21a6a0957ecd24cb059ddf4cd5f4eb'
'cfa42283be76869801a33230500fe410107d3bbe36adccfed6d0012f78f512d9')
sha256sums_aarch64=('5fe6c3dfd966a64ff0060f1bb6dc23a7a7132306c550f763924a3928023bfe00')
sha256sums_i686=('2eac2725bd1efba9484b6987da5e7b921dcb16db23744414f134adb440a4fe18')
sha256sums_x86_64=('5ea9d3846b21a0a3ea7009fe9c7e294a33bc73a0a9020f30b5443ead101258cd')
verify() {
export COSIGN_EXPERIMENTAL=true
local source_carch="source_${CARCH}[0]"
local source_arch="${!source_carch}"
local source_artifact="${source_arch##*/}"
cosign verify-blob \
--certificate "${_pkgsrc}-checksums.txt.pem" \
--signature "${_pkgsrc}-checksums.txt.cosig" \
--certificate-identity "${_url}/.github/workflows/release.yaml@refs/tags/v${pkgver}" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
"${_pkgsrc}-checksums.txt"
sha256sum -c --ignore-missing "${_pkgsrc}-checksums.txt"
slsa-verifier verify-artifact "${source_artifact}" \
--provenance-path "${_pkgsrc}.intoto.jsonl" \
--source-uri "${_url#https://}" \
--source-tag "v${pkgver}"
}
prepare() {
cd "${srcdir}"
mkdir -p "completions"
chmod +x ./"${_pkgname}"
}
build() {
cd "${srcdir}"
for _sh in bash fish powershell zsh; do
./"${_pkgname}" completion "${_sh}" > "completions/${_pkgname}.${_sh}"
done
}
package() {
cd "${srcdir}"
install -vDm755 "${_pkgname}" "${pkgdir}/usr/bin/${_pkgname}"
install -vDm644 "${_pkgsrc}-CHANGELOG.md" "${pkgdir}/usr/share/doc/${_pkgname}/CHANGELOG.md"
install -vDm644 "${_pkgsrc}-README.md" "${pkgdir}/usr/share/doc/${_pkgname}/README.md"
install -vDm644 "${_pkgsrc}-LICENSE" "${pkgdir}/usr/share/licenses/${_pkgname}/LICENSE"
install -vDm644 "${_pkgname}.service" "${pkgdir}/usr/lib/systemd/system/${_pkgname}.service"
install -vDm644 "${_pkgname}.sysusers" "${pkgdir}/usr/lib/sysusers.d/${_pkgname}.conf"
install -vDm644 "${_pkgname}.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/${_pkgname}.conf"
install -vDm664 "${_pkgname}.yaml" "${pkgdir}/etc/${_pkgname}"
cd "completions"
install -vDm644 "${_pkgname}.bash" "${pkgdir}/usr/share/bash-completion/completions/${_pkgname}"
install -vDm644 "${_pkgname}.fish" "${pkgdir}/usr/share/fish/vendor_completions.d/${_pkgname}.fish"
install -vDm644 "${_pkgname}.powershell" "${pkgdir}/usr/share/powershell/Completions/${_pkgname}.ps1"
install -vDm644 "${_pkgname}.zsh" "${pkgdir}/usr/share/zsh/site-functions/_${_pkgname}"
}
|