From 73131f932475180b8d5f4e0141d56e6b137713e8 Mon Sep 17 00:00:00 2001
From: Ben Vincent <ben@unkin.net>
Date: Sun, 8 Dec 2024 23:46:06 +1100
Subject: [PATCH] feat: add vault/1.18.2

- add vault rpm to be installed
- this is different from the HCP provided rpm which includes a service/config
---
 rpms/vault/1.18.2/release |  1 +
 rpms/vault/Dockerfile     | 24 ++++++++++++++++++++++++
 rpms/vault/nfpm.yaml      | 38 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 63 insertions(+)
 create mode 100644 rpms/vault/1.18.2/release
 create mode 100644 rpms/vault/Dockerfile
 create mode 100644 rpms/vault/nfpm.yaml

diff --git a/rpms/vault/1.18.2/release b/rpms/vault/1.18.2/release
new file mode 100644
index 0000000..d00491f
--- /dev/null
+++ b/rpms/vault/1.18.2/release
@@ -0,0 +1 @@
+1
diff --git a/rpms/vault/Dockerfile b/rpms/vault/Dockerfile
new file mode 100644
index 0000000..eacfaef
--- /dev/null
+++ b/rpms/vault/Dockerfile
@@ -0,0 +1,24 @@
+# Start with the AlmaLinux 8.10 base image
+FROM git.query.consul/unkin/almalinux8-buildagent:latest
+
+# Create output directory for RPMs
+RUN mkdir -p /app/dist
+
+# Set working directory
+WORKDIR /app
+
+ARG PACKAGE_RELEASE
+ENV PACKAGE_RELEASE=${PACKAGE_RELEASE}
+ARG PACKAGE_VERSION
+ENV PACKAGE_VERSION=${PACKAGE_VERSION}
+
+# Copy nfpm.yaml from the context into the container
+COPY nfpm.yaml /app/nfpm.yaml
+
+# Download the required files
+RUN dnf install -y unzip && \
+    wget -O /app/vault.zip https://releases.hashicorp.com/vault/${PACKAGE_VERSION}/vault_${PACKAGE_VERSION}_linux_amd64.zip && \
+    unzip vault.zip
+
+# Default command to build RPMs
+CMD nfpm pkg --config /app/nfpm.yaml --target /app/dist --packager rpm
diff --git a/rpms/vault/nfpm.yaml b/rpms/vault/nfpm.yaml
new file mode 100644
index 0000000..019b87c
--- /dev/null
+++ b/rpms/vault/nfpm.yaml
@@ -0,0 +1,38 @@
+# nfpm.yaml
+
+name: vault
+version: ${PACKAGE_VERSION}
+release: ${PACKAGE_RELEASE}
+arch: amd64
+platform: linux
+section: default
+priority: extra
+description: "Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log."
+
+maintainer: HashiCorp
+homepage: https://github.com/hashicorp/vault
+license: BUSL-1.1
+
+disable_globbing: false
+
+replaces:
+  - vault
+
+provides:
+  - vault
+
+# Files to include in the package
+contents:
+  - src: /app/vault
+    dst: /usr/bin/vault
+    file_info:
+      mode: 0755
+      owner: root
+      group: root
+
+# Scripts to run during installation/removal (optional)
+# scripts:
+#   preinstall: ./scripts/preinstall.sh
+#   postinstall: ./scripts/postinstall.sh
+#   preremove: ./scripts/preremove.sh
+#   postremove: ./scripts/postremove.sh
-- 
2.47.3