## START: Set by rpmautospec
## (rpmautospec version 0.8.1)
## RPMAUTOSPEC: autorelease, autochangelog
%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
    release_number = 1;
    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
    print(release_number + base_release_number - 1);
}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
## END: Set by rpmautospec

# trustee.spec
# Generated by rust2rpm 20

%bcond_without check

%global crate trustee

Name:           trustee
Version:        0.14.0
Release:        %{?autorelease}%{!?autorelease:1%{?dist}}
Summary:        Confidential Containers Trust and Attestation Framework

# Upstream license specification: Apache-2.0
License:        Apache-2.0
URL:            https://github.com/confidential-containers/trustee
Source0:        %{url}/archive/refs/tags/v%{version}.tar.gz
# Vendored guest-components for kbs_protocol dependency
Source1:        https://github.com/confidential-containers/guest-components/archive/refs/tags/v%{version}/guest-components-%{version}.tar.gz

Patch: 0001-Remove-non-KBS-components-from-workspace.patch
Patch: 0002-Configure-KBS-for-passport-resource-mode-with-minima.patch
Patch: 0003-Update-dependency-versions-to-match-Fedora-packages.patch
Patch: 0004-Replace-jwt-simple-with-jsonwebtoken.patch
Patch: 0005-Replace-git-dependencies-with-local-paths-and-Fedora.patch
Patch: 0006-Remove-kms-dependency-and-aliyun-feature.patch
Patch: 0007-Gate-rvps-test-imports-behind-coco-as-builtin-featur.patch
Patch: 0008-Replace-concat-kdf-crate-with-OpenSSL-implementation.patch


ExclusiveArch:  x86_64

BuildRequires:  rust-packaging >= 21-2
BuildRequires:  systemd
BuildRequires:  openssl-devel
BuildRequires:  pkg-config
BuildRequires:  sgx-devel
BuildRequires:  git-core

%description
Trustee is a unified trust and attestation framework for Confidential Computing.
It provides key management, attestation services, and reference value management
for confidential containers and virtual machines.

This is a meta-package that installs all trustee components.

#===============================================================================

%package kbs
Summary:        Key Broker Service for Confidential Computing
Requires:       openssl

%description kbs
The Key Broker Service (KBS) is a key management component for Confidential
Computing scenarios. It provides secure key distribution for confidential
containers and virtual machines. KBS supports multiple backend storage
systems and attestation services.

#===============================================================================

%prep
%autosetup -n trustee-%{version} -a1 -p1 -S git
%cargo_prep

%generate_buildrequires
%cargo_generate_buildrequires

%build
%cargo_build
%cargo_license_summary
%{cargo_license} > LICENSE.dependencies

%install
# Install KBS
install -D -m 755 target/rpm/kbs %{buildroot}%{_bindir}/kbs

%if %{with check}
%check
%cargo_test
%endif

%files kbs
%license LICENSE
%license LICENSE.dependencies
%doc README.md
%{_bindir}/kbs

%changelog
## START: Generated by rpmautospec
* Fri Oct 24 2025 John Doe <packager@example.com> - 0.14.0-1
- Uncommitted changes
## END: Generated by rpmautospec