# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=ca-certificates
pkgver=20200603
pkgrel=0
pkgdesc="CA root certificates"
url="https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/"
arch="all"
options="!fhs !check"
license="MPL-2.0 GPL-2.0+"
depends="debianutils"
makedepends_build="python3"
makedepends_host="openssl-dev"
subpackages="$pkgname-doc"
triggers="ca-certificates.trigger=/usr/share/ca-certificates:/usr/local/share/ca-certificates:/etc/ssl/certs:/etc/ca-certificates/update.d"
install="$pkgname.post-deinstall"
source="https://dev.sick.bike/dist/$pkgname-$pkgver.tar.gz
	certhash
	"

build() {
	make
}

package() {
	make install DESTDIR="$pkgdir"

	(
		echo "# Automatically generated by ${pkgname}-${pkgver}-${pkgrel}"
		echo "# $(date -u)"
		echo "# Do not edit."
		cd "$pkgdir"/usr/share/ca-certificates
		find . -name '*.crt' | sort | cut -b3-
	) > "$pkgdir"/etc/ca-certificates.conf

	mkdir -p "$pkgdir"/etc/apk/protected_paths.d
	cat > "$pkgdir"/etc/apk/protected_paths.d/ca-certificates.list <<-EOF
		-etc/ssl/certs/ca-certificates.crt
		-etc/ssl/certs/ca-cert-*.pem
		-etc/ssl/certs/[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f].[r0-9]*
	EOF

	install -D -m755 "$srcdir"/certhash "$pkgdir"/etc/ca-certificates/update.d/certhash
}

sha512sums="0125600481666979e0b736572aca7d0e3c4bf01169bc67638ef7bdd4fc97a0ebbb70798df7275eac92dfc2d03b16de3f0adc8ad382fc9e2fb4d8223c923b2eef  ca-certificates-20200603.tar.gz
1efe48235f150052da6b872d2ebff174359825ab3bd66086c9d7f4c18dcd8aa8953c634dbf1aa8416d30d5623babf589660a25cf6e3a4cdcce707c14cc2f348a  certhash"