pkgs/tools/admin/clair/default.nix at netboot-syslinux-multiplatform · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / tools / admin / clair / default.nix

at netboot-syslinux-multiplatform 950 B view raw

 1{ lib
 2, buildGoModule
 3, fetchFromGitHub
 4, makeWrapper
 5, rpm
 6, xz
 7}:
 8
 9buildGoModule rec {
10  pname = "clair";
11  version = "4.6.1";
12
13  src = fetchFromGitHub {
14    owner = "quay";
15    repo = pname;
16    rev = "v${version}";
17    hash = "sha256-Nd73GQJUYkFMyvMLAUgu/LQuDEW74s9+YKwqnftPoPM=";
18  };
19
20  vendorHash = "sha256-V9Y+dZv3RKiyzGJB1o4+M4QQeRpBkCtJOr2zyjTCKTY=";
21
22  nativeBuildInputs = [
23    makeWrapper
24  ];
25
26  subPackages = [
27    "cmd/clair"
28    "cmd/clairctl"
29  ];
30
31  ldflags = [
32    "-s"
33    "-w"
34    "-X main.Version=${version}"
35  ];
36
37  postInstall = ''
38    wrapProgram $out/bin/clair \
39      --prefix PATH : "${lib.makeBinPath [ rpm xz ]}"
40  '';
41
42  meta = with lib; {
43    description = "Vulnerability Static Analysis for Containers";
44    homepage = "https://github.com/quay/clair";
45    changelog = "https://github.com/quay/clair/blob/v${version}/CHANGELOG.md";
46    license = licenses.asl20;
47    maintainers = with maintainers; [ marsam ];
48  };
49}