# Spec file for Velociraptor - Endpoint Visibility and Forensic Collection Tool
# Created following Fedora Go Packaging Guidelines
# https://docs.fedoraproject.org/en-US/packaging-guidelines/Golang/

%global goipath         github.com/Velocidex/velociraptor
Version:                0.75

%gometa
%global debug_package %{nil}

%global common_description %{expand:
Velociraptor is an advanced open-source endpoint monitoring, digital
forensic and cyber response platform. It provides you with the ability to more
effectively respond to a wide range of digital forensic and cyber incident
response investigations and data breaches.

This package includes the full Velociraptor server with embedded web GUI.
The web interface is compiled from React/Node.js sources and bundled per
Fedora Node.js packaging guidelines.}

Name:           velociraptor
Release:        %autorelease
Summary:        Endpoint visibility and forensic collection tool

License:        AGPL-3.0-only AND Apache-2.0 AND BSD-2-Clause AND BSD-2-Clause-Views AND BSD-3-Clause AND GPL-2.0-only AND ISC AND LGPL-3.0-only AND LGPL-3.0-or-later WITH LGPL-3.0-linking-exception AND MIT AND MPL-2.0
URL:            %{gourl}
Source0:        %{gosource}
Source1:        velociraptor-%{version}-vendor.tar.gz
Source2:        velociraptor-%{version}-node_modules.tar.gz

# To regenerate Source2 (node_modules tarball):
# Download source, cd gui/velociraptor && npm ci --ignore-scripts
# tar czf velociraptor-VERSION-node_modules.tar.gz node_modules/

# Web UI bundling justification:
# Velociraptor's web interface consists of a React application with
# approximately 1,232 npm dependencies (see gui/velociraptor/package-lock.json).
# Per Fedora's Node.js packaging guidelines, bundling is the preferred approach
# for web applications. Individual packaging of these components is impractical.

# Major bundled npm dependencies
Provides: bundled(nodejs-react) = 16.14.0
Provides: bundled(nodejs-react-dom) = 16.14.0
Provides: bundled(nodejs-bootstrap) = 5.3.8
Provides: bundled(nodejs-axios) >= 1.12.2
Provides: bundled(nodejs-ace-builds) = 1.43.3
Provides: bundled(nodejs-recharts) = 2.15.4
Provides: bundled(nodejs-react-bootstrap) = 2.10.10
Provides: bundled(nodejs-markdown-it) = 14.1.0
Provides: bundled(nodejs-moment) >= 2.30.1
Provides: bundled(nodejs-webpack) = 5.102.0
# See gui/velociraptor/package-lock.json for complete list (~1232 packages)

# Build only on architectures where Go is supported
ExclusiveArch:  %{go_arches}

BuildRequires:  golang >= 1.22
BuildRequires:  go-rpm-macros
BuildRequires:  gcc
BuildRequires:  yara-devel
BuildRequires:  pkgconfig
BuildRequires:  nodejs >= 18
BuildRequires:  nodejs-devel
BuildRequires:  npm

%description
%{common_description}

%prep
%goprep
# Extract vendor dependencies
tar xf %{SOURCE1}
# Extract node_modules for GUI build
tar xf %{SOURCE2}

# Create helper script to run fileb0x using vendored dependencies
# This avoids the need for make.go which requires non-vendored mage/mage
cat > run_fileb0x.go << 'EOF'
//go:build ignore

package main

import (
	"fmt"
	"os"

	"github.com/Velocidex/fileb0x/runner"
)

func main() {
	if len(os.Args) < 2 {
		fmt.Fprintf(os.Stderr, "Usage: %s <b0x.yaml> [<b0x.yaml>...]\n", os.Args[0])
		os.Exit(1)
	}

	for _, asset := range os.Args[1:] {
		fmt.Printf("Processing %s...\n", asset)
		if err := runner.Process(asset); err != nil {
			fmt.Fprintf(os.Stderr, "Error processing %s: %v\n", asset, err)
			os.Exit(1)
		}
	}
}
EOF

%build
# Set CGO flags for GCC 15 compatibility
export CGO_CFLAGS="-std=gnu99 -Wno-error=implicit-function-declaration -Wno-error=incompatible-pointer-types"
export CGO_ENABLED=1

# Step 1: Build the React GUI with npm (using bundled node_modules)
# node_modules was extracted from Source2 in %prep, so we skip npm ci
cd gui/velociraptor
npm run build
cd ../..

# Step 2: Fix vite build - replace absolute paths with template variables
# This allows the GUI to work when hosted under different base paths
sed -i 's|="/app/assets/index|="{{.BasePath}}/app/assets/index|g' gui/velociraptor/build/index.html

# Step 3: Embed static assets using fileb0x (using vendored runner)
# This generates ab0x.go files that embed artifacts, config, GUI, and crypto files
go run -mod=vendor run_fileb0x.go artifacts/b0x.yaml config/b0x.yaml gui/velociraptor/b0x.yaml crypto/b0x.yaml

# Step 4: Build the Velociraptor binary with embedded GUI and all assets
mkdir -p output
go build -mod=vendor \
    -tags "server_vql extras release yara" \
    -ldflags="-w -s -X 'www.velocidex.com/golang/velociraptor/config.build_time=$(date -u +%%Y-%%m-%%dT%%H:%%M:%%SZ)' -X 'www.velocidex.com/golang/velociraptor/config.commit_hash=%{version}'" \
    -o output/velociraptor-v%{version}-linux-amd64 \
    ./bin/ 

%install
# Install the binary
install -D -m 0755 output/velociraptor-v*-linux-amd64 %{buildroot}%{_bindir}/velociraptor

%check
# Verify the binary executes and shows version
%{buildroot}%{_bindir}/velociraptor version

%files
%license LICENSE
%doc README.md
%{_bindir}/velociraptor

%changelog
%autochangelog