commit 41becba8d22548cc15d7eabd8eb8737740fd3f54 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

sysdig: 0.33.1 -> 0.34.1

authored by Jörg Thalheim and committed by Jörg Thalheim 2 years ago 41becba8 5fd45b86

+42 -22

1 changed file

expand all

unified split

pkgs

os-specific

linux

sysdig

default.nix

+42 -22

pkgs/os-specific/linux/sysdig/default.nix

··· 1 - { lib, stdenv, fetchFromGitHub, fetchpatch, cmake, kernel, installShellFiles, pkg-config 2 - , luajit, ncurses, perl, jsoncpp, libb64, openssl, curl, jq, gcc, elfutils, tbb, protobuf, grpc 3 - , yaml-cpp, nlohmann_json, re2, zstd 1 + { lib, stdenv, fetchFromGitHub, cmake, kernel, installShellFiles, pkg-config 2 + , luajit, ncurses, perl, jsoncpp, openssl, curl, jq, gcc, elfutils, tbb, protobuf, grpc 3 + , yaml-cpp, nlohmann_json, re2, zstd, uthash, fetchpatch, fetchurl 4 4 }: 5 5 6 6 let 7 7 # Compare with https://github.com/draios/sysdig/blob/dev/cmake/modules/falcosecurity-libs.cmake 8 - libsRev = "59fb313475b82f842e9e9bbc1e0e629428c0a4cf"; 9 - libsSha256 = "sha256-IjzLbCOpB6EgPDgkGIyg1dNxHfYgU10OLgXrDOPmoTs="; 8 + libsRev = "0.13.1"; 9 + libsHash = "sha256-UNoXIkFr64Nr0XVAtV4+BMNpCk4w8Dn4waZek/ok4Uk="; 10 10 11 11 # Compare with https://github.com/falcosecurity/libs/blob/master/cmake/modules/valijson.cmake#L17 12 12 valijson = fetchFromGitHub { 13 13 owner = "tristanpenman"; 14 14 repo = "valijson"; 15 15 rev = "v0.6"; 16 - sha256 = "sha256-ZD19Q2MxMQd3yEKbY90GFCrerie5/jzgO8do4JQDoKM="; 16 + hash = "sha256-ZD19Q2MxMQd3yEKbY90GFCrerie5/jzgO8do4JQDoKM="; 17 + }; 18 + 19 + tinydir = fetchFromGitHub { 20 + owner = "cxong"; 21 + repo = "tinydir"; 22 + rev = "1.2.5"; 23 + hash = "sha256-qQhvLzpCYMAafBNRWlY5yklHrILM8BYD+xxF0l17+do="; 17 24 }; 18 25 19 26 # https://github.com/draios/sysdig/blob/0.31.5/cmake/modules/driver.cmake 20 27 driver = fetchFromGitHub { 21 28 owner = "falcosecurity"; 22 29 repo = "libs"; 23 - rev = libsRev; 24 - sha256 = libsSha256; 30 + rev = "6.0.1+driver"; 31 + hash = "sha256-e9TJl/IahrUc4Yq2/KssTz3IBjOZwXeLt1jOkZ94EiE="; 25 32 }; 26 33 34 + # can be dropped in next release 35 + uthashDevendorPatch = fetchpatch { 36 + url = "https://github.com/falcosecurity/libs/commit/0d58f798ab72e21a16ee6965c775cba2932e5100.patch"; 37 + hash = "sha256-5Y79M9u5rXZiKllJcXzDDw/3JKt0k/CgvWx+MZepkpw="; 38 + }; 39 + 40 + # https://github.com/falcosecurity/libs/blob/master/cmake/modules/b64.cmake 41 + base64 = fetchurl { 42 + url = "https://raw.githubusercontent.com/istio/proxy/1.18.2/extensions/common/wasm/base64.h"; 43 + hash = "sha256-WvHRHp5caMBDvH+2pMrU4ZptX6WvPcPaeVGtVBBCw64="; 44 + }; 27 45 in 28 46 stdenv.mkDerivation rec { 29 47 pname = "sysdig"; 30 - version = "0.33.1"; 48 + version = "0.34.1"; 31 49 32 50 src = fetchFromGitHub { 33 51 owner = "draios"; 34 52 repo = "sysdig"; 35 53 rev = version; 36 - sha256 = "sha256-qcJ9EcePrsKic+wgsck+pTrRdQic0xhzguH4EYVP0gk="; 54 + hash = "sha256-G1yr1wHiaGvLMtBZgh4eoiRNJiH0cghHqWFOjKYXXsw="; 37 55 }; 38 56 39 - patches = [ 40 - # https://github.com/draios/sysdig/pull/2024 41 - (fetchpatch { 42 - url = "https://github.com/draios/sysdig/commit/d9515aad2be660b2ba7ec8c0b4fb2467a10434af.patch"; 43 - sha256 = "sha256-3m+Rn8BZS8U8QTBDJ6x7kQbH6BE3HKgt1iNnRjPEr8k="; 44 - }) 45 - ]; 46 - 47 57 nativeBuildInputs = [ cmake perl installShellFiles pkg-config ]; 48 58 buildInputs = [ 49 59 luajit 50 60 ncurses 51 - libb64 52 61 openssl 53 62 curl 54 63 jq 55 64 gcc 56 65 elfutils 57 66 tbb 58 - libb64 59 67 re2 60 68 protobuf 61 69 grpc ··· 63 71 jsoncpp 64 72 nlohmann_json 65 73 zstd 74 + uthash 66 75 ] ++ lib.optionals (kernel != null) kernel.moduleBuildDependencies; 67 76 68 77 hardeningDisable = [ "pic" ]; ··· 72 81 owner = "falcosecurity"; 73 82 repo = "libs"; 74 83 rev = libsRev; 75 - sha256 = libsSha256; 84 + hash = libsHash; 76 85 }} libs 77 86 chmod -R +w libs 87 + pushd libs 88 + patch -p1 < ${uthashDevendorPatch} 89 + popd 90 + 78 91 cp -r ${driver} driver-src 79 92 chmod -R +w driver-src 93 + pushd driver-src 94 + patch -p1 < ${uthashDevendorPatch} 95 + popd 80 96 cmakeFlagsArray+=( 81 97 "-DFALCOSECURITY_LIBS_SOURCE_DIR=$(pwd)/libs" 82 - "-DVALIJSON_INCLUDE=${valijson}/include" 83 98 "-DDRIVER_SOURCE_DIR=$(pwd)/driver-src/driver" 84 99 ) 85 100 ''; ··· 90 105 "-DUSE_BUNDLED_B64=OFF" 91 106 "-DUSE_BUNDLED_TBB=OFF" 92 107 "-DUSE_BUNDLED_RE2=OFF" 108 + "-DUSE_BUNDLED_JSONCPP=OFF" 93 109 "-DCREATE_TEST_TARGETS=OFF" 110 + "-DVALIJSON_INCLUDE=${valijson}/include" 111 + "-DTINYDIR_INCLUDE=${tinydir}" 112 + "-DUTHASH_INCLUDE=${uthash}/include" 94 113 ] ++ lib.optional (kernel == null) "-DBUILD_DRIVER=OFF"; 95 114 96 115 env.NIX_CFLAGS_COMPILE = ··· 105 124 exit 1 106 125 fi 107 126 cmakeFlagsArray+=(-DCMAKE_EXE_LINKER_FLAGS="-ltbb -lcurl -lzstd -labsl_synchronization") 127 + install -D ${base64} build/b64/base64.h 108 128 '' + lib.optionalString (kernel != null) '' 109 129 export INSTALL_MOD_PATH="$out" 110 130 export KERNELDIR="${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"