[BACK]Return to Makefile CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / pkgsrc / security / vault

File: [cvs.NetBSD.org] / pkgsrc / security / vault / Makefile (download)

Revision 1.13, Tue Jun 13 06:28:38 2017 UTC (2 years, 4 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.12: +2 -2 lines

Update security/vault to 0.7.3.

## 0.7.3 (June 7th, 2017)

SECURITY:

- Cert auth backend now checks validity of individual certificates
- App-ID path salting was skipped in 0.7.1/0.7.2

DEPRECATIONS/CHANGES:

- Step-Down is Forwarded

FEATURES:

- ed25519 Signing/Verification in Transit with Key Derivation
- Key Version Specification for Encryption in Transit
- Replication Primary Discovery (Enterprise)

IMPROVEMENTS:

- api/health: Add Sys().Health()
- audit: Add auth information to requests that error out
- command/auth: Add `-no-store` option that prevents the auth command
  from storing the returned token into the configured token helper
- core/forwarding: Request forwarding now heartbeats to prevent unused
  connections from being terminated by firewalls or proxies
- plugins/databases: Add MongoDB as an internal database plugin
- storage/dynamodb: Add a method for checking the existence of
  children, speeding up deletion operations in the DynamoDB storage backend
- storage/mysql: Add max_parallel parameter to MySQL backend
- secret/databases: Support listing connections
- secret/databases: Support custom renewal statements in Postgres
  database plugin
- secret/databases: Use the role name as part of generated credentials
- ui (Enterprise): Transit key and secret browsing UI handle large
  lists better
- ui (Enterprise): root tokens are no longer persisted
- ui (Enterprise): support for mounting Database and TOTP secret
  backends

BUG FIXES:

- auth/app-id: Fix regression causing loading of salts to be skipped
- auth/aws: Improve EC2 describe instances performance
- auth/aws: Fix lookup of some instance profile ARNs
- auth/aws: Resolve ARNs to internal AWS IDs which makes lookup at
  various points (e.g. renewal time) more robust
- auth/aws: Properly honor configured period when using IAM
  authentication
- auth/aws: Check that a bound IAM principal is not empty (in the
  current state of the role) before requiring it match the previously
  authenticated client
- auth/cert: Fix panic on renewal
- auth/cert: Certificate verification for non-CA certs
- core/acl: Prevent race condition when compiling ACLs in some
  scenarios
- secret/database: Increase wrapping token TTL; in a loaded scenario
  it could be too short
- secret/generic: Allow integers to be set as the value of `ttl` field
  as the documentation claims is supported
- secret/ssh: Added host key callback to ssh client config
- storage/s3: Avoid a panic when some bad data is returned
- storage/dynamodb: Fix list functions working improperly on Windows
- storage/file: Don't leak file descriptors in some error cases
- storage/swift: Fix pre-v3 project/tenant name reading

# $NetBSD: Makefile,v 1.13 2017/06/13 06:28:38 fhajny Exp $

DISTNAME=	vault-0.7.3
CATEGORIES=	security
MASTER_SITES=	${MASTER_SITE_GITHUB:=hashicorp/}

MAINTAINER=	filip@joyent.com
HOMEPAGE=	http://www.vaultproject.io/
COMMENT=	Tool for managing secrets
LICENSE=	mpl-2.0

GITHUB_TAG=	v${PKGVERSION_NOREV}

GO_DIST_BASE=	${DISTNAME}
GO_SRCPATH=	github.com/hashicorp/vault

USE_TOOLS+=		bash gmake

MAKE_ENV+=		GOPATH=${WRKDIR}:${PREFIX}/gopkg

INSTALLATION_DIRS+=	bin

do-build:
	cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} go build -o bin/vault

do-install:
	${INSTALL_PROGRAM} ${WRKSRC}/bin/vault ${DESTDIR}${PREFIX}/bin

.include "../../lang/go/go-package.mk"
.include "../../mk/bsd.pkg.mk"