pkgs/tools/security/secretscanner/default.nix at 24.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / pkgs / tools / security / secretscanner / default.nix

at 24.05-pre 58 lines 1.2 kB view raw

 1{ lib
 2, buildGoModule
 3, fetchFromGitHub
 4, hyperscan
 5, pkg-config
 6, protobuf
 7, protoc-gen-go
 8, protoc-gen-go-grpc
 9}:
10
11buildGoModule rec {
12  pname = "secretscanner";
13  version = "1.2.0";
14
15  src = fetchFromGitHub {
16    owner = "deepfence";
17    repo = "SecretScanner";
18    rev = "refs/tags/v${version}";
19    fetchSubmodules = true;
20    hash = "sha256-lTUZLuEiC9xpHYWn3uv4ZtbvHX6ETsjxacjd/O0kU8I=";
21  };
22
23  vendorHash = "sha256-lB+fiSdflIYGw0hMN0a9IOtRcJwYEUPQqaeU7mAfSQs=";
24
25  excludedPackages = [
26    "./agent-plugins-grpc/proto" # No need to build submodules
27  ];
28
29  nativeBuildInputs = [
30    pkg-config
31    protobuf
32    protoc-gen-go
33    protoc-gen-go-grpc
34  ];
35
36  buildInputs = [
37    hyperscan
38  ];
39
40  preBuild = ''
41    # Compile proto files
42    make -C agent-plugins-grpc go
43  '';
44
45  postInstall = ''
46    mv $out/bin/SecretScanner $out/bin/$pname
47  '';
48
49  meta = with lib; {
50    description = "Tool to find secrets and passwords in container images and file systems";
51    homepage = "https://github.com/deepfence/SecretScanner";
52    changelog = "https://github.com/deepfence/SecretScanner/releases/tag/v${version}";
53    platforms = [ "x86_64-linux" ];
54    license = with licenses; [ mit ];
55    maintainers = with maintainers; [ fab ];
56  };
57}
58