# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4

PortSystem          1.0
PortGroup           golang 1.0

go.setup            github.com/hashicorp/vault 1.18.3 v
# Delete this on next update to use golang PortGroup's default ('archive')
github.tarball_from tarball
revision            0

homepage            https://www.vaultproject.io

description         \
    A Tool for Managing Secrets

long_description    \
    HashiCorp Vault secures, stores, and tightly controls access to tokens, \
    passwords, certificates, API keys, and other secrets in modern computing. \
    Vault handles leasing, key revocation, key rolling, and auditing. Through \
    a unified API, users can access an encrypted Key/Value store and network \
    encryption-as-a-service, or generate AWS IAM/STS credentials, SQL/NoSQL \
    databases, X.509 certificates, SSH credentials, and more.

categories          security
installs_libs       no
# Hashicorp Vault is now licensed under the BSL
# https://www.hashicorp.com/license-faq#aug-10-announcement
license             Commercial Permissive
maintainers         {gmail.com:herby.gillot @herbygillot} \
                    openmaintainer

# Vault's build process requires the git repository.
fetch.type          git

# The "dev" build target must be used to build just the binary for this
# platform, instead of for ALL platforms
# - https://www.vaultproject.io/docs/install/index.html#compiling-from-source
build.cmd           make
build.target        bootstrap
build.post_args     dev

# Bootstrap target must run before dev, so we disable parallel building.
use_parallel_build  no

# As of Vault 1.4.0, vault-plugin-* modules are listed in go.sum with checksums
# different from those provided by the official Go module registry. Therefore
# we specify GOPRIVATE so that these modules are not fetched through the
# official Go module proxy.
#
# - https://github.com/hashicorp/vault/issues/8696
build.env-append    "GOPRIVATE=github.com/hashicorp/vault-plugin*" \
                    PATH=$env(PATH):${gopath}/bin

# Allow deps to be fetched at build time
go.offline_build no

destroot {
    xinstall -m 0755 ${gopath}/bin/${name} ${destroot}${prefix}/bin/${name}
}

variant ui description {Enable the Web UI} {
    build.post_args     static-dist dev-ui

    depends_lib-append  path:bin/node:nodejs16 \
                        path:bin/npm:npm8 \
                        port:yarn

    platform darwin {
        if {${os.major} < 13} {
            depends_lib-replace \
                        path:bin/node:nodejs16 \
                        path:bin/node:nodejs14
        }
    }

    post-patch {
        # Force JS pipeline to run on Node versions greater than Nodejs10
        reinplace -E {s|"node": " >= 10.* <11"|"node": ">= 10.*"|} \
            ${worksrcpath}/ui/package.json
    }
}

github.livecheck.regex {([0-9.]+)}