41 lines
1.4 KiB
Bash
41 lines
1.4 KiB
Bash
|
#!/usr/bin/env nix-shell
|
||
|
#!nix-shell -i bash -p curl gnused gawk nix-prefetch
|
||
|
|
||
|
set -euo pipefail
|
||
|
|
||
|
ROOT="$(dirname "$(readlink -f "$0")")"
|
||
|
NIX_DRV="$ROOT/package.nix"
|
||
|
if [ ! -f "$NIX_DRV" ]; then
|
||
|
echo "ERROR: cannot find vault-bin in $ROOT"
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
function calc_hash () {
|
||
|
local version=$1
|
||
|
local arch=$2
|
||
|
url="https://releases.hashicorp.com/vault/${version}/vault_${version}_${arch}.zip"
|
||
|
zip_hash=$(nix-prefetch-url --unpack $url)
|
||
|
nix hash to-sri --type sha256 "$zip_hash"
|
||
|
}
|
||
|
|
||
|
replace_sha() {
|
||
|
sed -i "s#$1 = \"sha256-.\{44\}\"#$1 = \"$2\"#" "$NIX_DRV"
|
||
|
}
|
||
|
|
||
|
# https://releases.hashicorp.com/vault/1.9.4/vault_1.9.4_linux_arm64.zip
|
||
|
VAULT_VER=$(curl -Ls -w "%{url_effective}" -o /dev/null https://github.com/hashicorp/vault/releases/latest | awk -F'/' '{print $NF}' | sed 's/v//')
|
||
|
|
||
|
VAULT_LINUX_X86_SHA256=$(calc_hash "$VAULT_VER" "linux_386")
|
||
|
VAULT_LINUX_X64_SHA256=$(calc_hash "$VAULT_VER" "linux_amd64")
|
||
|
VAULT_DARWIN_X64_SHA256=$(calc_hash "$VAULT_VER" "darwin_amd64")
|
||
|
VAULT_LINUX_AARCH64_SHA256=$(calc_hash "$VAULT_VER" "linux_arm64")
|
||
|
VAULT_DARWIN_AARCH64_SHA256=$(calc_hash "$VAULT_VER" "darwin_arm64")
|
||
|
|
||
|
sed -i "s/version = \".*\"/version = \"$VAULT_VER\"/" "$NIX_DRV"
|
||
|
|
||
|
replace_sha "i686-linux" "$VAULT_LINUX_X86_SHA256"
|
||
|
replace_sha "x86_64-linux" "$VAULT_LINUX_X64_SHA256"
|
||
|
replace_sha "x86_64-darwin" "$VAULT_DARWIN_X64_SHA256"
|
||
|
replace_sha "aarch64-linux" "$VAULT_LINUX_AARCH64_SHA256"
|
||
|
replace_sha "aarch64-darwin" "$VAULT_DARWIN_AARCH64_SHA256"
|