pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / pkgs / tools / security / kubesec / default.nix
at 24.11-pre 55 lines 1.4 kB view raw
1{ lib 2, buildGoModule 3, fetchFromGitHub 4, installShellFiles 5}: 6 7buildGoModule rec { 8 pname = "kubesec"; 9 version = "2.14.0"; 10 11 src = fetchFromGitHub { 12 owner = "controlplaneio"; 13 repo = pname; 14 rev = "v${version}"; 15 sha256 = "sha256-RNLvmoHna5EO0/p24opBagyWzzNbmFkWGzkUXirdWe0="; 16 }; 17 vendorHash = "sha256-+Y5k9PRxnBR3lqi4T+3DH4Pw+cyHtt9+9OX4aw0CVl0="; 18 19 nativeBuildInputs = [ installShellFiles ]; 20 21 ldflags = [ 22 "-s" 23 "-w" 24 "-X github.com/controlplaneio/kubesec/v${lib.versions.major version}/cmd.version=v${version}" 25 ]; 26 27 # Tests wants to download the kubernetes schema for use with kubeval 28 doCheck = false; 29 30 postInstall = '' 31 installShellCompletion --cmd kubesec \ 32 --bash <($out/bin/kubesec completion bash) \ 33 --fish <($out/bin/kubesec completion fish) \ 34 --zsh <($out/bin/kubesec completion zsh) 35 ''; 36 37 doInstallCheck = true; 38 installCheckPhase = '' 39 runHook preInstallCheck 40 41 $out/bin/kubesec --help 42 $out/bin/kubesec version | grep "${version}" 43 44 runHook postInstallCheck 45 ''; 46 47 meta = with lib; { 48 description = "Security risk analysis tool for Kubernetes resources"; 49 mainProgram = "kubesec"; 50 homepage = "https://github.com/controlplaneio/kubesec"; 51 changelog = "https://github.com/controlplaneio/kubesec/blob/v${version}/CHANGELOG.md"; 52 license = with licenses; [ asl20 ]; 53 maintainers = with maintainers; [ fab jk ]; 54 }; 55}