tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / development / tools / konstraint / default.nix
at fix-function-merge 50 lines 1.7 kB view raw
1{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: 2 3buildGoModule rec { 4 pname = "konstraint"; 5 version = "0.38.0"; 6 7 src = fetchFromGitHub { 8 owner = "plexsystems"; 9 repo = pname; 10 rev = "v${version}"; 11 sha256 = "sha256-02vmIsYGX6HB7k1HArMpNY+UxVX24IyraNPu13ht2qQ="; 12 }; 13 vendorHash = "sha256-eD0K2te9+9x0fUYMVZ6SreV2AhkYwBzQHUTyeNwuEHc="; 14 15 # Exclude go within .github folder 16 excludedPackages = ".github"; 17 18 nativeBuildInputs = [ installShellFiles ]; 19 20 ldflags = [ "-s" "-w" "-X github.com/plexsystems/konstraint/internal/commands.version=${version}" ]; 21 22 postInstall = '' 23 installShellCompletion --cmd konstraint \ 24 --bash <($out/bin/konstraint completion bash) \ 25 --fish <($out/bin/konstraint completion fish) \ 26 --zsh <($out/bin/konstraint completion zsh) 27 ''; 28 29 doInstallCheck = true; 30 installCheckPhase = '' 31 runHook preInstallCheck 32 $out/bin/konstraint --help 33 $out/bin/konstraint --version | grep "${version}" 34 runHook postInstallCheck 35 ''; 36 37 meta = with lib; { 38 homepage = "https://github.com/plexsystems/konstraint"; 39 changelog = "https://github.com/plexsystems/konstraint/releases/tag/v${version}"; 40 description = "Policy management tool for interacting with Gatekeeper"; 41 mainProgram = "konstraint"; 42 longDescription = '' 43 konstraint is a CLI tool to assist with the creation and management of templates and constraints when using 44 Gatekeeper. Automatically copy Rego to the ConstraintTemplate. Automatically update all ConstraintTemplates with 45 library changes. Enable writing the same policies for Conftest and Gatekeeper. 46 ''; 47 license = licenses.mit; 48 maintainers = with maintainers; [ jk ]; 49 }; 50}