diff options
Diffstat (limited to 'nixpkgs/pkgs/applications/virtualization')
11 files changed, 89 insertions, 50 deletions
diff --git a/nixpkgs/pkgs/applications/virtualization/appvm/default.nix b/nixpkgs/pkgs/applications/virtualization/appvm/default.nix index fdbfb27dfb86..e96a8b7d46d7 100644 --- a/nixpkgs/pkgs/applications/virtualization/appvm/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/appvm/default.nix @@ -30,7 +30,7 @@ buildGoModule rec { sha256 = "sha256-FL5olOy1KufULyqI2dJeS0OnKzC3LfPWxnia2i4f4yY="; }; - vendorSha256 = "sha256-8eU+Mf5dxL/bAMMShXvj8I1Kdd4ysBTWvgYIXwLStPI="; + vendorHash = "sha256-8eU+Mf5dxL/bAMMShXvj8I1Kdd4ysBTWvgYIXwLStPI="; nativeBuildInputs = [ makeWrapper ]; diff --git a/nixpkgs/pkgs/applications/virtualization/buildkit-nix/default.nix b/nixpkgs/pkgs/applications/virtualization/buildkit-nix/default.nix index 5e0ddf6a0405..2d5e61a30d41 100644 --- a/nixpkgs/pkgs/applications/virtualization/buildkit-nix/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/buildkit-nix/default.nix @@ -11,7 +11,7 @@ buildGoModule rec { sha256 = "sha256-gKTCBz7om1M7UBzyMJDetNGcKLkQKMyuzwrHBbuuifM="; }; - vendorSha256 = "sha256-1H5oWgcaamf+hocABWWnzJUjWiqwk1ZZtbBjF6EKzzU="; + vendorHash = "sha256-1H5oWgcaamf+hocABWWnzJUjWiqwk1ZZtbBjF6EKzzU="; CGO_ENABLED = 0; diff --git a/nixpkgs/pkgs/applications/virtualization/conmon-rs/Cargo.lock.patch b/nixpkgs/pkgs/applications/virtualization/conmon-rs/Cargo.lock.patch deleted file mode 100644 index 480b76445a61..000000000000 --- a/nixpkgs/pkgs/applications/virtualization/conmon-rs/Cargo.lock.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff --git a/Cargo.lock b/Cargo.lock -index 4cd154b..fee3267 100644 ---- a/Cargo.lock -+++ b/Cargo.lock -@@ -323,7 +323,7 @@ dependencies = [ - - [[package]] - name = "conmon-common" --version = "0.5.1" -+version = "0.6.0" - dependencies = [ - "capnp", - "capnpc", -@@ -331,7 +331,7 @@ dependencies = [ - - [[package]] - name = "conmonrs" --version = "0.5.1" -+version = "0.6.0" - dependencies = [ - "anyhow", - "capnp", -@@ -376,7 +376,7 @@ dependencies = [ - - [[package]] - name = "conmonrs-cli" --version = "0.5.1" -+version = "0.6.0" - dependencies = [ - "capnp", - "capnp-rpc", diff --git a/nixpkgs/pkgs/applications/virtualization/conmon-rs/default.nix b/nixpkgs/pkgs/applications/virtualization/conmon-rs/default.nix index 84c0e3613851..7599c5eb6652 100644 --- a/nixpkgs/pkgs/applications/virtualization/conmon-rs/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/conmon-rs/default.nix @@ -7,22 +7,19 @@ rustPlatform.buildRustPackage rec { pname = "conmon-rs"; - version = "0.6.0"; + version = "0.6.1"; src = fetchFromGitHub { owner = "containers"; repo = pname; rev = "v${version}"; - sha256 = "sha256-RQ3cVM7aEuCCmOCr4UWkxBMr66tdYFl0nNO7tXY05vE="; + sha256 = "sha256-B8uloch+ucOLIIR64GE5Z8ahe2NLqPmDGcugQVSqpl4="; }; - # Cargo.lock is out of date for this release. - cargoPatches = [ ./Cargo.lock.patch ]; - nativeBuildInputs = [ capnproto protobuf ]; doCheck = false; - cargoHash = "sha256-BNowZkD+y1jh25EvfhQzvT5BZzrq46KBd69AJ//9enE="; + cargoHash = "sha256-hEhAnNppiyY6EcdHfri534ih8VUfpT7lO9L4mFJ6Caw="; meta = with lib; { description = "An OCI container runtime monitor written in Rust"; diff --git a/nixpkgs/pkgs/applications/virtualization/cri-o/default.nix b/nixpkgs/pkgs/applications/virtualization/cri-o/default.nix index 4cbc7b20d562..c6ee442d02fe 100644 --- a/nixpkgs/pkgs/applications/virtualization/cri-o/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/cri-o/default.nix @@ -15,13 +15,13 @@ buildGoModule rec { pname = "cri-o"; - version = "1.28.0"; + version = "1.28.1"; src = fetchFromGitHub { owner = "cri-o"; repo = "cri-o"; rev = "v${version}"; - sha256 = "sha256-vVw3mVliu9JiCgTpwBfubaOkEkNJD4Tb1M7HARg5VjA="; + sha256 = "sha256-4RwR4aM+h0cqogJ9sxoODlPGaXH2PALFoBU3jv/6Agg="; }; vendorHash = null; diff --git a/nixpkgs/pkgs/applications/virtualization/docker/default.nix b/nixpkgs/pkgs/applications/virtualization/docker/default.nix index 4b8fc566bff0..392bb4dacc50 100644 --- a/nixpkgs/pkgs/applications/virtualization/docker/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/docker/default.nix @@ -7,12 +7,13 @@ rec { , mobyRev, mobyHash , runcRev, runcHash , containerdRev, containerdHash - , tiniRev, tiniHash, buildxSupport ? true, composeSupport ? true + , tiniRev, tiniHash + , buildxSupport ? true, composeSupport ? true, sbomSupport ? false # package dependencies , stdenv, fetchFromGitHub, fetchpatch, buildGoPackage , makeWrapper, installShellFiles, pkg-config, glibc , go-md2man, go, containerd, runc, docker-proxy, tini, libtool - , sqlite, iproute2, docker-buildx, docker-compose + , sqlite, iproute2, docker-buildx, docker-compose, docker-sbom , iptables, e2fsprogs, xz, util-linux, xfsprogs, git , procps, rootlesskit, slirp4netns, fuse-overlayfs, nixosTests , clientOnly ? !stdenv.isLinux, symlinkJoin @@ -159,7 +160,8 @@ rec { }); plugins = lib.optional buildxSupport docker-buildx - ++ lib.optional composeSupport docker-compose; + ++ lib.optional composeSupport docker-compose + ++ lib.optional sbomSupport docker-sbom; pluginsRef = symlinkJoin { name = "docker-plugins"; paths = plugins; }; in buildGoPackage (lib.optionalAttrs (!clientOnly) { @@ -273,7 +275,7 @@ rec { To enable the docker daemon on NixOS, set the `virtualisation.docker.enable` option to `true`. ''; license = licenses.asl20; - maintainers = with maintainers; [ offline vdemeester periklis maxeaubrey ]; + maintainers = with maintainers; [ offline vdemeester periklis amaxine ]; mainProgram = "docker"; }; }); diff --git a/nixpkgs/pkgs/applications/virtualization/docker/sbom-disable-tests.patch b/nixpkgs/pkgs/applications/virtualization/docker/sbom-disable-tests.patch new file mode 100644 index 000000000000..2bf3116da814 --- /dev/null +++ b/nixpkgs/pkgs/applications/virtualization/docker/sbom-disable-tests.patch @@ -0,0 +1,28 @@ +diff --git a/test/cli/all_formats_expressible_test.go b/test/cli/all_formats_expressible_test.go +index 3f40a46..5ba04e8 100644 +--- a/test/cli/all_formats_expressible_test.go ++++ b/test/cli/all_formats_expressible_test.go +@@ -8,7 +8,8 @@ import ( + "github.com/anchore/syft/syft" + ) + +-func TestAllFormatsExpressible(t *testing.T) { ++// Disabled because it needs a running docker daemon ++func disabledTestAllFormatsExpressible(t *testing.T) { + commonAssertions := []traitAssertion{ + func(tb testing.TB, stdout, _ string, _ int) { + tb.Helper() +diff --git a/test/cli/sbom_cmd_test.go b/test/cli/sbom_cmd_test.go +index 0a0771c..a086c3b 100644 +--- a/test/cli/sbom_cmd_test.go ++++ b/test/cli/sbom_cmd_test.go +@@ -8,7 +8,8 @@ import ( + "github.com/docker/sbom-cli-plugin/internal" + ) + +-func TestSBOMCmdFlags(t *testing.T) { ++// Disabled because it needs a running docker daemon ++func disabledTestSBOMCmdFlags(t *testing.T) { + hiddenPackagesImage := getFixtureImage(t, "image-hidden-packages") + coverageImage := getFixtureImage(t, "image-pkg-coverage") + tmp := t.TempDir() + "/" diff --git a/nixpkgs/pkgs/applications/virtualization/docker/sbom.nix b/nixpkgs/pkgs/applications/virtualization/docker/sbom.nix new file mode 100644 index 000000000000..7314eb2029fd --- /dev/null +++ b/nixpkgs/pkgs/applications/virtualization/docker/sbom.nix @@ -0,0 +1,43 @@ +{ buildGoModule +, fetchFromGitHub +, docker +, lib +}: + +buildGoModule rec { + pname = "docker-sbom"; + version = "0.6.1"; + + src = fetchFromGitHub { + owner = "docker"; + repo = "sbom-cli-plugin"; + rev = "tags/v${version}"; + hash = "sha256-i3gIogHb0oW/VDuZUo6LGBmvqs/XfMXjpvTTYeGCK7Q="; + }; + + patches = [ + # Disable tests that require a docker daemon to be running + # in the sandbox + ./sbom-disable-tests.patch + ]; + + vendorHash = "sha256-XPPVAdY2NaasZ9bkf24VWWk3X5pjnryvsErYIWkeekc="; + + nativeBuildInputs = [ docker ]; + + installPhase = '' + runHook preInstall + install -D $GOPATH/bin/sbom-cli-plugin $out/libexec/docker/cli-plugins/docker-sbom + + mkdir -p $out/bin + ln -s $out/libexec/docker/cli-plugins/docker-sbom $out/bin/docker-sbom + runHook postInstall + ''; + + meta = with lib; { + description = "Plugin for Docker CLI to support SBOM creation using Syft"; + homepage = "https://github.com/docker/sbom-cli-plugin"; + license = licenses.asl20; + maintainers = with maintainers; [ raboof ]; + }; +} diff --git a/nixpkgs/pkgs/applications/virtualization/gvisor/default.nix b/nixpkgs/pkgs/applications/virtualization/gvisor/default.nix index a07c98be49f5..3e0349b5109e 100644 --- a/nixpkgs/pkgs/applications/virtualization/gvisor/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/gvisor/default.nix @@ -22,7 +22,7 @@ buildGoModule rec { sha256 = "sha256-rADQsJ+AnBVlfQURGJl1xR6Ad5NyRWSrBSpOFMRld+o="; }; - vendorSha256 = "sha256-iGLWxx/Kn1QaJTNOZcc+mwoF3ecEDOkaqmA0DH4pdgU="; + vendorHash = "sha256-iGLWxx/Kn1QaJTNOZcc+mwoF3ecEDOkaqmA0DH4pdgU="; nativeBuildInputs = [ makeWrapper ]; diff --git a/nixpkgs/pkgs/applications/virtualization/nixpacks/default.nix b/nixpkgs/pkgs/applications/virtualization/nixpacks/default.nix index 513da2279614..ca097adac773 100644 --- a/nixpkgs/pkgs/applications/virtualization/nixpacks/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/nixpacks/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "nixpacks"; - version = "1.13.0"; + version = "1.14.0"; src = fetchFromGitHub { owner = "railwayapp"; repo = pname; rev = "v${version}"; - sha256 = "sha256-xUQpo9KqKXKz1nT+eqmIX1domBHGsFO1DQoR/lDdncM="; + sha256 = "sha256-Rt65BXrDFne7bT26yQLVMNwwgN8JAmXLrGx/BLlInkI="; }; - cargoHash = "sha256-6OuDZzX7mCc8LiC808eu1fa1OspA5+Yk5h3VxusgFDU="; + cargoHash = "sha256-dZbLLxvkJzApl9+MwbZRJQXFzMHOfbikwEZs9wFKZHQ="; # skip test due FHS dependency doCheck = false; diff --git a/nixpkgs/pkgs/applications/virtualization/ops/default.nix b/nixpkgs/pkgs/applications/virtualization/ops/default.nix index 484eeeb41c11..56829737ead9 100644 --- a/nixpkgs/pkgs/applications/virtualization/ops/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/ops/default.nix @@ -15,7 +15,7 @@ buildGoModule rec { proxyVendor = true; # Doesn't build otherwise - vendorSha256 = "sha256-65VvUy4vGTfZgsXGJVSc/yU5R5MhSKJyMMsvPOCThks="; + vendorHash = "sha256-65VvUy4vGTfZgsXGJVSc/yU5R5MhSKJyMMsvPOCThks="; # Some tests fail doCheck = false; |