From 17b7d3d9f9902efb8ce79db3ef8ee1b327b68186 Mon Sep 17 00:00:00 2001
From: dkwo <nicolopiazzalunga@gmail.com>
Date: Sun, 17 Sep 2023 09:43:11 -0400
Subject: [PATCH] sbctl: run checks, add kernel hook, update to 0.13

---
 srcpkgs/sbctl/files/kernel-hook-postinst | 17 +++++++++++++
 srcpkgs/sbctl/files/kernel-hook.confd    |  3 +++
 srcpkgs/sbctl/template                   | 31 ++++++++++++++++--------
 3 files changed, 41 insertions(+), 10 deletions(-)
 create mode 100644 srcpkgs/sbctl/files/kernel-hook-postinst
 create mode 100644 srcpkgs/sbctl/files/kernel-hook.confd

diff --git a/srcpkgs/sbctl/files/kernel-hook-postinst b/srcpkgs/sbctl/files/kernel-hook-postinst
new file mode 100644
index 0000000000000..c49ece0d0bedb
--- /dev/null
+++ b/srcpkgs/sbctl/files/kernel-hook-postinst
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
+# Kernel post-install hook for sbctl.
+#
+# Arguments passed to this script: $1 pkgname, $2 version.
+#
+
+[ -x usr/bin/sbctl ] || exit 0
+
+PKGNAME="$1"
+VERSION="$2"
+
+. "${ROOTDIR}/etc/default/sbctl-kernel-hook"
+
+[ -z "${SBCTL_SIGN_KERNEL}" ] && exit 0
+[ -e "boot/vmlinuz-${VERSION}" ] && usr/bin/sbctl sign -s boot/vmlinuz-${VERSION}
+[ -e "boot/vmlinux-${VERSION}" ] && usr/bin/sbctl sign -s boot/vmlinux-${VERSION}
diff --git a/srcpkgs/sbctl/files/kernel-hook.confd b/srcpkgs/sbctl/files/kernel-hook.confd
new file mode 100644
index 0000000000000..59a52c91c7de2
--- /dev/null
+++ b/srcpkgs/sbctl/files/kernel-hook.confd
@@ -0,0 +1,3 @@
+# Options for the kernel hook script installed by the sbctl package.
+# SBCTL_SIGN_KERNEL=yes
+# To let sbctl sign new kernel images, set it to 'yes'
diff --git a/srcpkgs/sbctl/template b/srcpkgs/sbctl/template
index 5d181cd62da0d..303e0ddd92001 100644
--- a/srcpkgs/sbctl/template
+++ b/srcpkgs/sbctl/template
@@ -1,26 +1,37 @@
 # Template file for 'sbctl'
 pkgname=sbctl
-version=0.10
-revision=3
+version=0.13
+revision=1
 build_style=go
+build_helper=qemu
 go_import_path="github.com/foxboron/sbctl"
+go_package="${go_import_path}/cmd/sbctl"
+# sbctl writes keys in /usr/share
+# go_ldflags="-X ${go_import_path}.DatabasePath=/etc/secureboot"
 hostmakedepends="asciidoc"
 short_desc="Secure Boot key manager"
 maintainer="Érico Nogueira <ericonr@disroot.org>"
 license="MIT"
 homepage="https://github.com/Foxboron/sbctl"
 distfiles="https://github.com/Foxboron/sbctl/archive/${version}.tar.gz"
-checksum=22c394e1ae3f80eafe85e331ca4499d2df28bebcc4421c0af89241b897a17774
+checksum=3d5b396985eabea4960377dbf81dbd891db473af20284edc7db1b4e891368c02
+export GOFLAGS="-buildmode=pie"
 
-do_build() {
-	make
-}
-
-do_install() {
-	make install PREFIX=/usr DESTDIR=$DESTDIR
-	# TODO: install completions, sbctl tries to run lsblk when generating them
+do_check() {
+	go test -v ./...
 }
 
 post_install() {
+	make man
+	vman docs/sbctl.8
 	vlicense LICENSE
+
+	SBCTL="${DESTDIR}/usr/bin/sbctl"
+	for shell in bash fish zsh; do
+		vtargetrun ${SBCTL} completion ${shell} > sbctl.${shell}
+		vcompletion sbctl.${shell} ${shell}
+	done
+
+	vinstall ${FILESDIR}/kernel-hook-postinst 744 etc/kernel.d/post-install 40-sbctl
+	vinstall ${FILESDIR}/kernel-hook.confd 644 etc/default sbctl-kernel-hook
 }