diff options
Diffstat (limited to 'nixpkgs/pkgs/applications/networking/cluster/helm/plugins/helm-secrets.nix')
-rw-r--r-- | nixpkgs/pkgs/applications/networking/cluster/helm/plugins/helm-secrets.nix | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/applications/networking/cluster/helm/plugins/helm-secrets.nix b/nixpkgs/pkgs/applications/networking/cluster/helm/plugins/helm-secrets.nix new file mode 100644 index 000000000000..bef5d230ece3 --- /dev/null +++ b/nixpkgs/pkgs/applications/networking/cluster/helm/plugins/helm-secrets.nix @@ -0,0 +1,44 @@ +{ lib, stdenv, fetchFromGitHub, makeWrapper, coreutils, findutils, getopt, gnugrep, gnused, sops, vault }: + +stdenv.mkDerivation rec { + pname = "helm-secrets"; + version = "3.5.0"; + + src = fetchFromGitHub { + owner = "jkroepke"; + repo = pname; + rev = "v${version}"; + hash = "sha256-EXCr0QjupsBBKTm6Opw5bcNwAD4FGGyOiqaa8L91/OI="; + }; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ getopt sops ]; + + # NOTE: helm-secrets is comprised of shell scripts. + dontBuild = true; + + # NOTE: Remove the install and upgrade hooks. + postPatch = '' + sed -i '/^hooks:/,+2 d' plugin.yaml + ''; + + installPhase = '' + runHook preInstall + + install -dm755 $out/${pname} $out/${pname}/scripts + install -m644 -Dt $out/${pname} plugin.yaml + cp -r scripts/* $out/${pname}/scripts + wrapProgram $out/${pname}/scripts/run.sh \ + --prefix PATH : ${lib.makeBinPath [ coreutils findutils getopt gnugrep gnused sops vault ]} + + runHook postInstall + ''; + + meta = with lib; { + description = "A Helm plugin that helps manage secrets"; + inherit (src.meta) homepage; + license = licenses.apsl20; + maintainers = with maintainers; [ yurrriq ]; + platforms = platforms.all; + }; +} |