pyrox.dev / nixpkgs
lol
fork atom

spiffe-vault: init at 0.6.2

06kellyjac fa9b8587 9900d650

+61
unified split
+61
pkgs/by-name/sp/spiffe-vault/package.nix
···
··· 1 + { 2 + lib, 3 + stdenv, 4 + buildGoModule, 5 + fetchFromGitHub, 6 + versionCheckHook, 7 + }: 8 + 9 + buildGoModule (finalAttrs: { 10 + pname = "spiffe-vault"; 11 + version = "0.6.2"; 12 + 13 + src = fetchFromGitHub { 14 + owner = "philips-labs"; 15 + repo = "spiffe-vault"; 16 + tag = "v${finalAttrs.version}"; 17 + hash = "sha256-KwfsusCrh+IlgipFFALnJWfw8LJucThT4p3j+XKk84s="; 18 + # populate values that require us to use git. By doing this in postFetch we 19 + # can delete .git afterwards and maintain better reproducibility of the src. 20 + leaveDotGit = true; 21 + postFetch = '' 22 + cd "$out" 23 + git rev-parse HEAD > $out/COMMIT 24 + # '0000-00-00T00:00:00Z' 25 + date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%m-%dT%H:%M:%SZ" > $out/SOURCE_DATE_EPOCH 26 + find "$out" -name .git -print0 | xargs -0 rm -rf 27 + ''; 28 + }; 29 + 30 + vendorHash = "sha256-lNKcnYh2BaDzimIZuzUWA6Qwn+/Jqi1UpLKupQUpVMQ="; 31 + 32 + ldflags = [ 33 + "-s" 34 + "-w" 35 + "-X github.com/philips-labs/spiffe-vault/cmd/spiffe-vault/cli.GitVersion=v${finalAttrs.version}" 36 + "-X github.com/philips-labs/spiffe-vault/cmd/spiffe-vault/cli.gitTreeState=clean" 37 + ]; 38 + 39 + preBuild = '' 40 + ldflags+=" -X github.com/philips-labs/spiffe-vault/cmd/spiffe-vault/cli.gitCommit=$(cat COMMIT)" 41 + ldflags+=" -X \"github.com/philips-labs/spiffe-vault/cmd/spiffe-vault/cli.buildDate=$(cat SOURCE_DATE_EPOCH)\"" 42 + ''; 43 + 44 + preCheck = '' 45 + # tests expect version ldflags not to be set 46 + unset ldflags 47 + ''; 48 + 49 + doInstallCheck = stdenv.buildPlatform.canExecute stdenv.hostPlatform; 50 + nativeInstallCheckInputs = [ versionCheckHook ]; 51 + versionCheckProgram = "${placeholder "out"}/bin/${finalAttrs.meta.mainProgram}"; 52 + versionCheckProgramArg = "version"; 53 + 54 + meta = { 55 + description = "Integrates Spiffe and Vault to have secretless authentication"; 56 + homepage = "https://github.com/philips-labs/spiffe-vault"; 57 + license = lib.licenses.mit; 58 + maintainers = with lib.maintainers; [ jk ]; 59 + mainProgram = "spiffe-vault"; 60 + }; 61 + })