tjh.dev
1{
2 lib,
3 buildGoModule,
4 fetchFromGitHub,
5 makeWrapper,
6 rpm,
7 xz,
8}:
9
10buildGoModule rec {
11 pname = "clair";
12 version = "4.8.0";
13
14 src = fetchFromGitHub {
15 owner = "quay";
16 repo = "clair";
17 rev = "v${version}";
18 hash = "sha256-itIjDdTKQ0PCfOkefXxqu6MpdWK3F1j6ArvaInQd/hc=";
19 };
20
21 vendorHash = "sha256-CpIOQiEjQGC6qeoxRS/jFohUnELefAX0KOERudL6BGM=";
22
23 nativeBuildInputs = [
24 makeWrapper
25 ];
26
27 subPackages = [
28 "cmd/clair"
29 "cmd/clairctl"
30 ];
31
32 ldflags = [
33 "-s"
34 "-w"
35 "-X main.Version=${version}"
36 ];
37
38 postInstall = ''
39 wrapProgram $out/bin/clair \
40 --prefix PATH : "${
41 lib.makeBinPath [
42 rpm
43 xz
44 ]
45 }"
46 '';
47
48 meta = {
49 description = "Vulnerability Static Analysis for Containers";
50 homepage = "https://github.com/quay/clair";
51 changelog = "https://github.com/quay/clair/blob/v${version}/CHANGELOG.md";
52 license = lib.licenses.asl20;
53 maintainers = with lib.maintainers; [ ];
54 };
55}