pkgs/development/tools/analysis/tfsec/default.nix at fix-function-merge

tjh.dev / nixpkgs

fork atom

nixpkgs mirror (for testing) github.com/NixOS/nixpkgs

nix

fork atom

nixpkgs / pkgs / development / tools / analysis / tfsec / default.nix

at fix-function-merge 44 lines 1.0 kB view raw

wrap content

 1{
 2  lib,
 3  buildGoModule,
 4  fetchFromGitHub,
 5}:
 6
 7buildGoModule rec {
 8  pname = "tfsec";
 9  version = "1.28.9";
10
11  src = fetchFromGitHub {
12    owner = "aquasecurity";
13    repo = "tfsec";
14    rev = "refs/tags/v${version}";
15    hash = "sha256-Dulbo5ZTw4+1XxjpnZ1aIsVPLVEqwQKdNMv+L9/j1wc=";
16  };
17
18  ldflags = [
19    "-s"
20    "-w"
21    "-X=github.com/aquasecurity/tfsec/version.Version=v${version}"
22    ## not sure if this is needed (https://github.com/aquasecurity/tfsec/blob/master/.goreleaser.yml#L6)
23    # "-extldflags '-fno-PIC -static'"
24  ];
25
26  vendorHash = "sha256-Hu530cBJWGtvMmQ6gbROXf5JBfkOfc4nwznsKBTegUk=";
27
28  subPackages = [
29    "cmd/tfsec"
30    "cmd/tfsec-docs"
31    "cmd/tfsec-checkgen"
32  ];
33
34  meta = with lib; {
35    description = "Static analysis powered security scanner for terraform code";
36    homepage = "https://github.com/aquasecurity/tfsec";
37    changelog = "https://github.com/aquasecurity/tfsec/releases/tag/v${version}";
38    license = licenses.mit;
39    maintainers = with maintainers; [
40      fab
41      peterromfeldhk
42    ];
43  };
44}