feat: rename Vault to OpenBao in build files

.gitignore

@@ -32,7 +32,7 @@ _testmain.go
 /http/web_ui/*.*
 /http/web_ui/**/*.*
 
-# Vault-specific
+# OpenBao-specific
 example.hcl
 example.vault.d
 

Dockerfile

@@ -6,23 +6,23 @@ FROM alpine:3.18 as default
 
 ARG BIN_NAME
 # NAME and PRODUCT_VERSION are the name of the software in releases.hashicorp.com
-# and the version to download. Example: NAME=vault PRODUCT_VERSION=1.2.3.
-ARG NAME=vault
+# and the version to download. Example: NAME=openbao PRODUCT_VERSION=1.2.3.
+ARG NAME=openbao
 ARG PRODUCT_VERSION
 ARG PRODUCT_REVISION
 # TARGETARCH and TARGETOS are set automatically when --platform is provided.
 ARG TARGETOS TARGETARCH
 
 # Additional metadata labels used by container registries, platforms
 # and certification scanners.
-LABEL name="Vault" \
-      maintainer="Vault Team <vault@hashicorp.com>" \
-      vendor="HashiCorp" \
+LABEL name="OpenBao" \
+      maintainer="OpenBao Team <openbao@lists.lfedge.org>" \
+      vendor="OpenBao" \
       version=${PRODUCT_VERSION} \
       release=${PRODUCT_REVISION} \
       revision=${PRODUCT_REVISION} \
-      summary="Vault is a tool for securely accessing secrets." \
-      description="Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log."
+      summary="OpenBao is a tool for securely accessing secrets." \
+      description="OpenBao is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. OpenBao provides a unified interface to any secret, while providing tight access control and recording a detailed audit log."
 
 COPY LICENSE /licenses/mozilla.txt
 
@@ -42,28 +42,28 @@ COPY dist/$TARGETOS/$TARGETARCH/$BIN_NAME /bin/
 # storage backend, if desired; the server will be started with /vault/config as
 # the configuration directory so you can add additional config files in that
 # location.
-RUN mkdir -p /vault/logs && \
-    mkdir -p /vault/file && \
-    mkdir -p /vault/config && \
-    chown -R ${NAME}:${NAME} /vault
+RUN mkdir -p /openbao/logs && \
+    mkdir -p /openbao/file && \
+    mkdir -p /openbao/config && \
+    chown -R ${NAME}:${NAME} /openbao
 
 # Expose the logs directory as a volume since there's potentially long-running
 # state in there
-VOLUME /vault/logs
+VOLUME /openbao/logs
 
 # Expose the file directory as a volume since there's potentially long-running
 # state in there
-VOLUME /vault/file
+VOLUME /openbao/file
 
 # 8200/tcp is the primary interface that applications use to interact with
-# Vault.
+# OpenBao.
 EXPOSE 8200
 
 # The entry point script uses dumb-init as the top-level process to reap any
-# zombie processes created by Vault sub-processes.
+# zombie processes created by OpenBao sub-processes.
 #
 # For production derivatives of this container, you shoud add the IPC_LOCK
-# capability so that Vault can mlock memory.
+# capability so that OpenBao can mlock memory.
 COPY .release/docker/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 ENTRYPOINT ["docker-entrypoint.sh"]
 
@@ -86,33 +86,33 @@ ARG TARGETOS TARGETARCH
 
 # Additional metadata labels used by container registries, platforms
 # and certification scanners.
-LABEL name="Vault" \
-      maintainer="Vault Team <vault@hashicorp.com>" \
-      vendor="HashiCorp" \
+LABEL name="OpenBao" \
+      maintainer="OpenBao Team <openbao@lists.lfedge.org>" \
+      vendor="OpenBao" \
       version=${PRODUCT_VERSION} \
       release=${PRODUCT_REVISION} \
       revision=${PRODUCT_REVISION} \
-      summary="Vault is a tool for securely accessing secrets." \
-      description="Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log."
+      summary="OpenBao is a tool for securely accessing secrets." \
+      description="OpenBao is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. OpenBao provides a unified interface to any secret, while providing tight access control and recording a detailed audit log."
 
 COPY LICENSE /licenses/mozilla.txt
 
 # Set ARGs as ENV so that they can be used in ENTRYPOINT/CMD
 ENV NAME=$NAME
 ENV VERSION=$VERSION
 
-# Set up certificates, our base tools, and Vault. Unlike the other version of
+# Set up certificates, our base tools, and OpenBao. Unlike the other version of
 # this (https://github.com/hashicorp/docker-vault/blob/master/ubi/Dockerfile),
-# we copy in the Vault binary from CRT.
+# we copy in the OpenBao binary from CRT.
 RUN set -eux; \
     microdnf install -y ca-certificates gnupg openssl libcap tzdata procps shadow-utils util-linux
 
 # Create a non-root user to run the software.
-RUN groupadd --gid 1000 vault && \
-    adduser --uid 100 --system -g vault vault && \
-    usermod -a -G root vault
+RUN groupadd --gid 1000 openbao && \
+    adduser --uid 100 --system -g openbao openbao && \
+    usermod -a -G root openbao
 
-# Copy in the new Vault from CRT pipeline, rather than fetching it from our
+# Copy in the new OpenBao from CRT pipeline, rather than fetching it from our
 # public releases.
 COPY dist/$TARGETOS/$TARGETARCH/$BIN_NAME /bin/
 
@@ -121,37 +121,37 @@ COPY dist/$TARGETOS/$TARGETARCH/$BIN_NAME /bin/
 # storage backend, if desired; the server will be started with /vault/config as
 # the configuration directory so you can add additional config files in that
 # location.
-ENV HOME /home/vault
-RUN mkdir -p /vault/logs && \
-    mkdir -p /vault/file && \
-    mkdir -p /vault/config && \
+ENV HOME /home/openbao
+RUN mkdir -p /openbao/logs && \
+    mkdir -p /openbao/file && \
+    mkdir -p /openbao/config && \
     mkdir -p $HOME && \
-    chown -R vault /vault && chown -R vault $HOME && \
+    chown -R openbao /openbao && chown -R openbao $HOME && \
     chgrp -R 0 $HOME && chmod -R g+rwX $HOME && \
-    chgrp -R 0 /vault && chmod -R g+rwX /vault
+    chgrp -R 0 /openbao && chmod -R g+rwX /openbao
 
 # Expose the logs directory as a volume since there's potentially long-running
 # state in there
-VOLUME /vault/logs
+VOLUME /openbao/logs
 
 # Expose the file directory as a volume since there's potentially long-running
 # state in there
-VOLUME /vault/file
+VOLUME /openbao/file
 
 # 8200/tcp is the primary interface that applications use to interact with
-# Vault.
+# OpenBao.
 EXPOSE 8200
 
 # The entry point script uses dumb-init as the top-level process to reap any
-# zombie processes created by Vault sub-processes.
+# zombie processes created by OpenBao sub-processes.
 #
 # For production derivatives of this container, you shoud add the IPC_LOCK
-# capability so that Vault can mlock memory.
+# capability so that OpenBao can mlock memory.
 COPY .release/docker/ubi-docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 ENTRYPOINT ["docker-entrypoint.sh"]
 
-# Use the Vault user as the default user for starting this container.
-USER vault
+# Use the OpenBao user as the default user for starting this container.
+USER openbao
 
 # # By default you'll get a single-node development server that stores everything
 # # in RAM and bootstraps itself. Don't use this configuration for production.

Makefile

@@ -28,21 +28,21 @@ endif
 
 default: dev
 
-# bin generates the releasable binaries for Vault
+# bin generates the releasable binaries for OpenBao
 bin: prep
 	@CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS) ui' sh -c "'$(CURDIR)/scripts/build.sh'"
 
-# dev creates binaries for testing Vault locally. These are put
+# dev creates binaries for testing OpenBao locally. These are put
 # into ./bin/ as well as $GOPATH/bin
 dev: BUILD_TAGS+=testonly
 dev: prep
-	@CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS)' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
+	@CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS)' OPENBAO_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
 dev-ui: BUILD_TAGS+=testonly
 dev-ui: assetcheck prep
-	@CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS) ui' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
+	@CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS) ui' OPENBAO_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
 dev-dynamic: BUILD_TAGS+=testonly
 dev-dynamic: prep
-	@CGO_ENABLED=1 BUILD_TAGS='$(BUILD_TAGS)' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
+	@CGO_ENABLED=1 BUILD_TAGS='$(BUILD_TAGS)' OPENBAO_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
 
 # *-mem variants will enable memory profiling which will write snapshots of heap usage
 # to $TMP/vaultprof every 5 minutes. These can be analyzed using `$ go tool pprof <profile_file>`.
@@ -55,14 +55,14 @@ dev-dynamic-mem: BUILD_TAGS+=memprofiler
 dev-dynamic-mem: dev-dynamic
 
 # Creates a Docker image by adding the compiled linux/amd64 binary found in ./bin.
-# The resulting image is tagged "vault:dev".
+# The resulting image is tagged "openbao:dev".
 docker-dev: BUILD_TAGS+=testonly
 docker-dev: prep
-	docker build --build-arg VERSION=$(GO_VERSION_MIN) --build-arg BUILD_TAGS="$(BUILD_TAGS)" -f scripts/docker/Dockerfile -t vault:dev .
+	docker build --build-arg VERSION=$(GO_VERSION_MIN) --build-arg BUILD_TAGS="$(BUILD_TAGS)" -f scripts/docker/Dockerfile -t openbao:dev .
 
 docker-dev-ui: BUILD_TAGS+=testonly
 docker-dev-ui: prep
-	docker build --build-arg VERSION=$(GO_VERSION_MIN) --build-arg BUILD_TAGS="$(BUILD_TAGS)" -f scripts/docker/Dockerfile.ui -t vault:dev-ui .
+	docker build --build-arg VERSION=$(GO_VERSION_MIN) --build-arg BUILD_TAGS="$(BUILD_TAGS)" -f scripts/docker/Dockerfile.ui -t openbao:dev-ui .
 
 # test runs the unit tests and vets the code
 test: BUILD_TAGS+=testonly
@@ -176,9 +176,9 @@ bootstrap: ci-bootstrap
 	go generate -tags tools tools/tools.go
 
 # Note: if you have plugins in GOPATH you can update all of them via something like:
-# for i in $(ls | grep vault-plugin-); do cd $i; git remote update; git reset --hard origin/master; dep ensure -update; git add .; git commit; git push; cd ..; done
+# for i in $(ls | grep openbao-plugin-); do cd $i; git remote update; git reset --hard origin/master; dep ensure -update; git add .; git commit; git push; cd ..; done
 update-plugins:
-	grep vault-plugin- go.mod | cut -d ' ' -f 1 | while read -r P; do echo "Updating $P..."; go get -v "$P"; done
+	grep openbao-plugin- go.mod | cut -d ' ' -f 1 | while read -r P; do echo "Updating $P..."; go get -v "$P"; done
 
 static-assets-dir:
 	@mkdir -p ./http/web_ui
@@ -195,10 +195,10 @@ test-ember-enos: install-ui-dependencies
 	@echo "--> Running ember tests with a real backend"
 	@cd ui && yarn run test:enos
 
-check-vault-in-path:
-	@VAULT_BIN=$$(command -v vault) || { echo "vault command not found"; exit 1; }; \
-		[ -x "$$VAULT_BIN" ] || { echo "$$VAULT_BIN not executable"; exit 1; }; \
-		printf "Using Vault at %s:\n\$$ vault version\n%s\n" "$$VAULT_BIN" "$$(vault version)"
+check-openbao-in-path:
+	@OPENBAO_BIN=$$(command -v openbao) || { echo "openbao command not found"; exit 1; }; \
+		[ -x "$$OPENBAO_BIN" ] || { echo "$$OPENBAO_BIN not executable"; exit 1; }; \
+		printf "Using OpenBao at %s:\n\$$ openbao version\n%s\n" "$$OPENBAO_BIN" "$$(openbao version)"
 
 ember-dist: install-ui-dependencies
 	@cd ui && npm rebuild node-sass
@@ -286,7 +286,7 @@ hana-database-plugin:
 mongodb-database-plugin:
 	@CGO_ENABLED=0 $(GO_CMD) build -o bin/mongodb-database-plugin ./plugins/database/mongodb/mongodb-database-plugin
 
-.PHONY: bin default prep test vet bootstrap ci-bootstrap fmt fmtcheck mysql-database-plugin mysql-legacy-database-plugin cassandra-database-plugin influxdb-database-plugin postgresql-database-plugin mssql-database-plugin hana-database-plugin mongodb-database-plugin ember-dist ember-dist-dev static-dist static-dist-dev assetcheck check-vault-in-path packages build build-ci semgrep semgrep-ci vet-godoctests ci-vet-godoctests
+.PHONY: bin default prep test vet bootstrap ci-bootstrap fmt fmtcheck mysql-database-plugin mysql-legacy-database-plugin cassandra-database-plugin influxdb-database-plugin postgresql-database-plugin mssql-database-plugin hana-database-plugin mongodb-database-plugin ember-dist ember-dist-dev static-dist static-dist-dev assetcheck check-openbao-in-path packages build build-ci semgrep semgrep-ci vet-godoctests ci-vet-godoctests
 
 .NOTPARALLEL: ember-dist ember-dist-dev
 

make.bat

@@ -13,7 +13,7 @@ REM Run target.
 for %%a in (%_TARGETS%) do (if x%1==x%%a goto %%a)
 goto usage
 
-REM bin generates the releasable binaries for Vault
+REM bin generates the releasable binaries for OpenBao
 :bin
 	call :generate
 	call .\scripts\windows\build.bat "%CD%"
@@ -24,7 +24,7 @@ REM bootstrap downloads required build tools
     for %%t in (%_EXTERNAL_TOOLS%) do (go get -u -v %%t)
 	goto :eof
 
-REM dev creates binaries for testing Vault locally. These are put
+REM dev creates binaries for testing OpenBao locally. These are put
 REM into ./bin/ as well as %GOPATH%/bin
 :dev
 	call :generate

scripts/build.sh

@@ -18,7 +18,7 @@ DIR="$( cd -P "$SOURCE_DIR/.." && pwd )"
 cd "$DIR"
 
 # Set build tags
-BUILD_TAGS="${BUILD_TAGS:-"vault"}"
+BUILD_TAGS="${BUILD_TAGS:-"openbao"}"
 
 # Get the git commit
 GIT_COMMIT="$("$SOURCE_DIR"/ci-helper.sh revision)"
@@ -55,8 +55,8 @@ IFS=$OLDIFS
 
 # Ensure the go bin folder exists
 mkdir -p ${BIN_PATH}
-rm -f ${BIN_PATH}/vault
-cp bin/vault ${BIN_PATH}
+rm -f ${BIN_PATH}/openbao
+cp bin/openbao ${BIN_PATH}
 
 # Done!
 echo

scripts/docker/Dockerfile

@@ -14,7 +14,7 @@ WORKDIR /go/src/github.com/hashicorp/vault
 COPY . .
 
 RUN make bootstrap \
-  && CGO_ENABLED=$CGO_ENABLED BUILD_TAGS="${BUILD_TAGS}" VAULT_DEV_BUILD=1 sh -c "'./scripts/build.sh'"
+  && CGO_ENABLED=$CGO_ENABLED BUILD_TAGS="${BUILD_TAGS}" OPENBAO_DEV_BUILD=1 sh -c "'./scripts/build.sh'"
 
 # Docker Image
 

scripts/docker/Dockerfile.ui

@@ -37,7 +37,7 @@ ENV PATH $GOROOT/bin:$GOPATH/bin:$PATH
 WORKDIR /go/src/github.com/hashicorp/vault
 COPY . .
 RUN make bootstrap static-dist \
-  && CGO_ENABLED=$CGO_ENABLED BUILD_TAGS="${BUILD_TAGS} ui" VAULT_DEV_BUILD=1 GOOS=linux GOARCH=amd64 sh -c "'./scripts/build.sh'"
+  && CGO_ENABLED=$CGO_ENABLED BUILD_TAGS="${BUILD_TAGS} ui" OPENBAO_DEV_BUILD=1 GOOS=linux GOARCH=amd64 sh -c "'./scripts/build.sh'"
 
 # Docker Image