tjh.dev
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
1{ lib
2, fetchFromGitHub
3, python3
4}:
5
6python3.pkgs.buildPythonApplication rec {
7 pname = "kube-hunter";
8 version = "0.6.8";
9
10 src = fetchFromGitHub {
11 owner = "aquasecurity";
12 repo = pname;
13 rev = "refs/tags/v${version}";
14 sha256 = "sha256-+M8P/VSF9SKPvq+yNPjokyhggY7hzQ9qLLhkiTNbJls=";
15 };
16
17 SETUPTOOLS_SCM_PRETEND_VERSION = version;
18
19 nativeBuildInputs = with python3.pkgs; [
20 setuptools-scm
21 ];
22
23 propagatedBuildInputs = with python3.pkgs; [
24 netaddr
25 netifaces
26 requests
27 prettytable
28 urllib3
29 ruamel-yaml
30 future
31 packaging
32 pluggy
33 kubernetes
34 ];
35
36 nativeCheckInputs = with python3.pkgs; [
37 pytestCheckHook
38 requests-mock
39 ];
40
41 postPatch = ''
42 substituteInPlace setup.cfg \
43 --replace "dataclasses" "" \
44 --replace "kubernetes==12.0.1" "kubernetes" \
45 --replace "--cov=kube_hunter" ""
46 '';
47
48 pythonImportsCheck = [
49 "kube_hunter"
50 ];
51
52 disabledTests = [
53 # Test is out-dated
54 "test_K8sCveHunter"
55 ];
56
57 meta = with lib; {
58 description = "Tool to search issues in Kubernetes clusters";
59 homepage = "https://github.com/aquasecurity/kube-hunter";
60 license = with licenses; [ asl20 ];
61 maintainers = with maintainers; [ fab ];
62 };
63}