about summary refs log tree commit diff
path: root/nixpkgs/pkgs/tools/security/tracee/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/tools/security/tracee/default.nix')
-rw-r--r--nixpkgs/pkgs/tools/security/tracee/default.nix33
1 files changed, 15 insertions, 18 deletions
diff --git a/nixpkgs/pkgs/tools/security/tracee/default.nix b/nixpkgs/pkgs/tools/security/tracee/default.nix
index c1615c1ddf56..315ec08116af 100644
--- a/nixpkgs/pkgs/tools/security/tracee/default.nix
+++ b/nixpkgs/pkgs/tools/security/tracee/default.nix
@@ -12,22 +12,28 @@
 , nixosTests
 , testers
 , tracee
+, makeWrapper
 }:
 
 buildGoModule rec {
   pname = "tracee";
-  version = "0.13.1";
+  version = "0.20.0";
 
   src = fetchFromGitHub {
     owner = "aquasecurity";
     repo = pname;
-    rev = "v${version}";
-    hash = "sha256-YO5u/hE5enoqh8niV4Zi+NFUsU+UXCCxdqvxolZImGk=";
+    # project has branches and tags of the same name
+    rev = "refs/tags/v${version}";
+    hash = "sha256-OnOayDxisvDd802kDKGctaQc5LyoyFfdfvC+2JpRjHY=";
   };
-  vendorHash = "sha256-swMvJe+Dz/kwPIStPlQ7d6U/UwXSMcJ3eONxjzebXCc=";
+  vendorHash = "sha256-26sAKTJQ7Rf5KRlu7j5XiZVr6CkAC6fm60Pam7KH0uA=";
 
   patches = [
     ./use-our-libbpf.patch
+    # can not vendor dependencies with old pyroscope
+    # remove once https://github.com/aquasecurity/tracee/pull/3927
+    # makes it to a release
+    ./update-pyroscope.patch
   ];
 
   enableParallelBuilding = true;
@@ -47,7 +53,7 @@ buildGoModule rec {
   buildPhase = ''
     runHook preBuild
     mkdir -p ./dist
-    make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES} bpf-core all
+    make $makeFlags ''${enableParallelBuilding:+-j$NIX_BUILD_CORES} bpf all
     runHook postBuild
   '';
 
@@ -63,29 +69,20 @@ buildGoModule rec {
 
     mkdir -p $out/bin $lib/lib/tracee $share/share/tracee
 
-    mv ./dist/tracee $out/bin/
-    mv ./dist/tracee.bpf.core.o $lib/lib/tracee/
+    mv ./dist/{tracee,signatures} $out/bin/
+    mv ./dist/tracee.bpf.o $lib/lib/tracee/
     mv ./cmd/tracee-rules/templates $share/share/tracee/
 
     runHook postInstall
   '';
 
-  doInstallCheck = true;
-  installCheckPhase = ''
-    runHook preInstallCheck
-
-    $out/bin/tracee --help
-    $out/bin/tracee --version | grep "v${version}"
-
-    runHook postInstallCheck
-  '';
-
   passthru.tests = {
     integration = nixosTests.tracee;
+    integration-test-cli = import ./integration-tests.nix { inherit lib tracee makeWrapper; };
     version = testers.testVersion {
       package = tracee;
       version = "v${version}";
-      command = "tracee --version";
+      command = "tracee version";
     };
   };
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-20 08:28:35 +0000