From 142a9c0465fc8a5259ee2dc7b7ef3a13403cc753 Mon Sep 17 00:00:00 2001
From: Gibson Ong <gibsonorx@Gibsons-MacBook-Pro.local>
Date: Tue, 19 May 2026 22:27:10 +0800
Subject: [PATCH] not working

---
 .build/go.sh              |  3 ++-
 .build/system.sh          |  1 +
 Dockerfile                | 10 +++++-----
 Makefile                  | 25 +++++++++++++++++++++++++
 scripts/docker/Dockerfile |  2 +-
 5 files changed, 34 insertions(+), 7 deletions(-)

diff --git a/.build/go.sh b/.build/go.sh
index 758ba0d7a1..55a22a9a07 100644
--- a/.build/go.sh
+++ b/.build/go.sh
@@ -5,4 +5,5 @@ set -e
 
 host_arch="$(dpkg --print-architecture)"
 host_arch="${host_arch##*-}"
-curl -L "https://go.dev/dl/go${GO_VERSION}.linux-${host_arch}.tar.gz" | tar -C /opt -zxv
+# curl -L "https://go.dev/dl/go${GO_VERSION}.linux-${host_arch}.tar.gz" | tar -C /opt -zxv
+curl -L "https://go.dev/dl/go1.26.3.linux-amd64.tar.gz" | tar -C /opt -zxv
diff --git a/.build/system.sh b/.build/system.sh
index 6a9aa79b39..0ad32c2c15 100644
--- a/.build/system.sh
+++ b/.build/system.sh
@@ -14,6 +14,7 @@ install() {
 # https://packages.ubuntu.com/search?suite=noble&section=all&arch=any&keywords=crossbuild-essential&searchon=names
 
 apt-get update
+apt-get upgrade -y --no-install-recommends
 apt-get install -y --no-install-recommends build-essential \
   gcc-s390x-linux-gnu \
   crossbuild-essential-s390x \
diff --git a/Dockerfile b/Dockerfile
index 523f4dfc8c..834d7cfc45 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -74,7 +74,7 @@ EXPOSE 8200
 # For production derivatives of this container, you should add the IPC_LOCK
 # capability so that Vault can mlock memory.
 COPY .release/docker/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
-ENTRYPOINT ["docker-entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
 
 # Use the Vault user as the default user for starting this container.
 USER ${NAME}
@@ -125,7 +125,7 @@ COPY ${LICENSE_SOURCE}/ /licenses/
 # this (https://github.com/hashicorp/docker-vault/blob/master/ubi/Dockerfile),
 # we copy in the Vault binary from CRT.
 RUN set -eux; \
-    microdnf install -y ca-certificates gnupg openssl libcap tzdata procps shadow-utils util-linux tar
+    microdnf install -y ca-certificates gnupg openssl libcap tzdata procps shadow-utils util-linux tar bash
 
 # Create a non-root user to run the software.
 RUN groupadd --gid 1000 vault && \
@@ -171,7 +171,7 @@ EXPOSE 8200
 # For production derivatives of this container, you should add the IPC_LOCK
 # capability so that Vault can mlock memory.
 COPY .release/docker/ubi-docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
-ENTRYPOINT ["docker-entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
 
 # Use the Vault user as the default user for starting this container.
 USER ${NAME}
@@ -188,7 +188,7 @@ FROM ubi AS ubi-hsm-fips
 
 ## Builder:
 #
-#  A build container used to build the Vault binary. We use focal because the
+#  A build container used to build the Vault binary. We use noble because the
 #  version of glibc is old enough for all of our supported distros for editions
 #  that require CGO. This container is used in CI to build all binaries that
 #  require CGO.
@@ -206,7 +206,7 @@ FROM ubi AS ubi-hsm-fips
 #  If you have a linux machine you can also share the tools
 #    GOBIN="$(go env GOPATH)/bin" make tools
 #    docker run -it -v $(pwd):/build -v $(go env GOMODCACHE):/go-mod-cache -v "$(go env GOPATH)/bin":/opt/tools/bin --env GITHUB_TOKEN=$GITHUB_TOKEN --env GO_TAGS='ui enterprise cgo hsm venthsm' --env GOARCH=s390x --env GOOS=linux --env VERSION=1.20.0-beta1 --env VERSION_METADATA=ent.hsm --env GOMODCACHE=/go-mod-cache --env CGO_ENABLED=1 builder make ci-build
-FROM ubuntu:focal AS builder
+FROM ubuntu:noble AS builder
 
 # Pass in the GO_VERSION as a build-arg
 ARG GO_VERSION
diff --git a/Makefile b/Makefile
index e42f721a8a..c616712df1 100644
--- a/Makefile
+++ b/Makefile
@@ -1,3 +1,28 @@
+VAULT_VERSION := 0.0.0-dev-2
+
+podman-push:
+	podman push quay.io/rhn-support-gong/vault:$(VAULT_VERSION)
+
+dist/linux/amd64/vault:
+	mkdir -p dist/linux/amd64
+	GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o dist/linux/amd64/vault .
+
+.dev-licenses:
+	mkdir -p .dev-licenses
+	cp LICENSE .dev-licenses/
+
+podman-build: dist/linux/amd64/vault .dev-licenses
+	podman build \
+	--platform linux/amd64 \
+	--target ubi \
+	--build-arg BIN_NAME=vault \
+	--build-arg NAME=vault \
+	--build-arg PRODUCT_VERSION=$(VAULT_VERSION) \
+	--build-arg LICENSE_SOURCE=.dev-licenses \
+	--build-arg LICENSE_DEST=/licenses \
+	-t quay.io/rhn-support-gong/vault:$(VAULT_VERSION) \
+	-f Dockerfile .
+
 # Determine this makefile's path.
 # Be sure to place this BEFORE `include` directives, if any.
 THIS_FILE := $(lastword $(MAKEFILE_LIST))
diff --git a/scripts/docker/Dockerfile b/scripts/docker/Dockerfile
index a2ff6fd848..6803d6e7ff 100644
--- a/scripts/docker/Dockerfile
+++ b/scripts/docker/Dockerfile
@@ -59,7 +59,7 @@ EXPOSE 8200
 # For production derivatives of this container, you should add the IPC_LOCK
 # capability so that Vault can mlock memory.
 COPY ./scripts/docker/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
-ENTRYPOINT ["docker-entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
 
 # Use the Vault user as the default user for starting this container.
 USER vault