pkgs/development/tools/analysis/tfsec/default.nix at 22.05

tjh.dev / nixpkgs

fork atom

nixpkgs mirror (for testing) github.com/NixOS/nixpkgs

nix

fork atom

nixpkgs / pkgs / development / tools / analysis / tfsec / default.nix

at 22.05 38 lines 940 B view raw

wrap content

 1{ lib
 2, buildGoModule
 3, fetchFromGitHub
 4}:
 5
 6buildGoModule rec {
 7  pname = "tfsec";
 8  version = "1.21.2";
 9
10  src = fetchFromGitHub {
11    owner = "aquasecurity";
12    repo = pname;
13    rev = "v${version}";
14    sha256 = "sha256-oKHGowW/LetNGtMA/sTWhmc98Tt6X475CbpqI88g4Jc=";
15  };
16
17  ldflags = [
18    "-s" "-w"
19    "-X github.com/aquasecurity/tfsec/version.Version=${version}"
20    ## not sure if this is needed (https://github.com/aquasecurity/tfsec/blob/master/.goreleaser.yml#L6)
21    # "-extldflags '-fno-PIC -static'"
22  ];
23
24  vendorSha256 = "sha256-l39wXMgJLWIf0TcM6VQpcV4ckHqW/SjMy07e9w7dbgs=";
25
26  subPackages = [
27    "cmd/tfsec"
28    "cmd/tfsec-docs"
29    "cmd/tfsec-checkgen"
30  ];
31
32  meta = with lib; {
33    description = "Static analysis powered security scanner for terraform code";
34    homepage = "https://github.com/aquasecurity/tfsec";
35    license = licenses.mit;
36    maintainers = with maintainers; [ fab marsam peterromfeldhk ];
37  };
38}