# Contributor: Stefan Reimer # Maintainer: Stefan Reimer pkgname=falco pkgver=0.35.1 pkgrel=0 pkgdesc="Falco is the open source solution for runtime security for hosts, containers, Kubernetes and the cloud" url="https://github.com/falcosecurity/falco" arch="x86_64 aarch64" license="AGPL-3.0" makedepends="cmake bash linux-virt-dev linux-headers perl autoconf elfutils-dev libtool argp-standalone musl-fts-dev musl-libintl musl-obstack-dev" #protobuf-dev jq-dev openssl-dev curl-dev c-ares-dev grpc-dev yaml-dev yaml-cpp-dev jsoncpp-dev re2-dev" options="!check" source="$pkgname-$pkgver.tar.gz::https://github.com/falcosecurity/falco/archive/refs/tags/$pkgver.tar.gz" subpackages="$pkgname-kernel" # $pkgname-plugins" prepare() { [[ -d build ]] || mkdir build } build() { # Hack running the build inside a container other uname -r returns host kernel KERNEL_VERSION=$(basename $(ls -d /lib/modules/*-virt)) cd build cmake .. \ -DCMAKE_BUILD_TYPE=Release \ -DFALCO_VERSION=$pkgver \ -DCMAKE_INSTALL_PREFIX=/usr \ -DMUSL_OPTIMIZED_BUILD=On \ -DUSE_BUNDLED_DEPS=On KERNELDIR=/lib/modules/$KERNEL_VERSION/build make -j4 } package() { KERNEL_VERSION=$(basename $(ls -d /lib/modules/*-virt)) cd build make DESTDIR="${pkgdir}" KERNELDIR=/lib/modules/$KERNEL_VERSION/build install # We dont build anything on targets so remove sources rm -rf $pkgdir/usr/src rm -rf $pkgdir/usr/lib rm -rf $pkgdir/usr/include } kernel() { KERNEL_VERSION=$(basename $(ls -d /lib/modules/*-virt)) depends="linux-virt~$(echo $KERNEL_VERSION | sed -e 's/-.*$//')" cd src/$pkgname-$pkgver/build mkdir -p "$subpkgdir"/lib/modules/$KERNEL_VERSION/kernel gzip -9 -c driver/falco.ko > "$subpkgdir"/lib/modules/$KERNEL_VERSION/kernel/falco.ko.gz } sha512sums=" dc648d9b0a625a02320ff0235bbf4f4940e7ba40c684a8a1f972d34f0a3447b4a34e665d7fbc0ee1ec9a014f65f81a304dc76b4ec804fc7b4e448f330b9474af falco-0.35.1.tar.gz "