about summary refs log tree commit diff
path: root/nixpkgs/pkgs/applications/virtualization
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/applications/virtualization')
-rw-r--r--nixpkgs/pkgs/applications/virtualization/appvm/default.nix2
-rw-r--r--nixpkgs/pkgs/applications/virtualization/buildkit-nix/default.nix2
-rw-r--r--nixpkgs/pkgs/applications/virtualization/conmon-rs/Cargo.lock.patch31
-rw-r--r--nixpkgs/pkgs/applications/virtualization/conmon-rs/default.nix9
-rw-r--r--nixpkgs/pkgs/applications/virtualization/cri-o/default.nix4
-rw-r--r--nixpkgs/pkgs/applications/virtualization/docker/default.nix10
-rw-r--r--nixpkgs/pkgs/applications/virtualization/docker/sbom-disable-tests.patch28
-rw-r--r--nixpkgs/pkgs/applications/virtualization/docker/sbom.nix43
-rw-r--r--nixpkgs/pkgs/applications/virtualization/gvisor/default.nix2
-rw-r--r--nixpkgs/pkgs/applications/virtualization/nixpacks/default.nix6
-rw-r--r--nixpkgs/pkgs/applications/virtualization/ops/default.nix2
11 files changed, 89 insertions, 50 deletions
diff --git a/nixpkgs/pkgs/applications/virtualization/appvm/default.nix b/nixpkgs/pkgs/applications/virtualization/appvm/default.nix
index fdbfb27dfb86..e96a8b7d46d7 100644
--- a/nixpkgs/pkgs/applications/virtualization/appvm/default.nix
+++ b/nixpkgs/pkgs/applications/virtualization/appvm/default.nix
@@ -30,7 +30,7 @@ buildGoModule rec {
     sha256 = "sha256-FL5olOy1KufULyqI2dJeS0OnKzC3LfPWxnia2i4f4yY=";
   };
 
-  vendorSha256 = "sha256-8eU+Mf5dxL/bAMMShXvj8I1Kdd4ysBTWvgYIXwLStPI=";
+  vendorHash = "sha256-8eU+Mf5dxL/bAMMShXvj8I1Kdd4ysBTWvgYIXwLStPI=";
 
   nativeBuildInputs = [ makeWrapper ];
 
diff --git a/nixpkgs/pkgs/applications/virtualization/buildkit-nix/default.nix b/nixpkgs/pkgs/applications/virtualization/buildkit-nix/default.nix
index 5e0ddf6a0405..2d5e61a30d41 100644
--- a/nixpkgs/pkgs/applications/virtualization/buildkit-nix/default.nix
+++ b/nixpkgs/pkgs/applications/virtualization/buildkit-nix/default.nix
@@ -11,7 +11,7 @@ buildGoModule rec {
     sha256 = "sha256-gKTCBz7om1M7UBzyMJDetNGcKLkQKMyuzwrHBbuuifM=";
   };
 
-  vendorSha256 = "sha256-1H5oWgcaamf+hocABWWnzJUjWiqwk1ZZtbBjF6EKzzU=";
+  vendorHash = "sha256-1H5oWgcaamf+hocABWWnzJUjWiqwk1ZZtbBjF6EKzzU=";
 
   CGO_ENABLED = 0;
 
diff --git a/nixpkgs/pkgs/applications/virtualization/conmon-rs/Cargo.lock.patch b/nixpkgs/pkgs/applications/virtualization/conmon-rs/Cargo.lock.patch
deleted file mode 100644
index 480b76445a61..000000000000
--- a/nixpkgs/pkgs/applications/virtualization/conmon-rs/Cargo.lock.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-diff --git a/Cargo.lock b/Cargo.lock
-index 4cd154b..fee3267 100644
---- a/Cargo.lock
-+++ b/Cargo.lock
-@@ -323,7 +323,7 @@ dependencies = [
- 
- [[package]]
- name = "conmon-common"
--version = "0.5.1"
-+version = "0.6.0"
- dependencies = [
-  "capnp",
-  "capnpc",
-@@ -331,7 +331,7 @@ dependencies = [
- 
- [[package]]
- name = "conmonrs"
--version = "0.5.1"
-+version = "0.6.0"
- dependencies = [
-  "anyhow",
-  "capnp",
-@@ -376,7 +376,7 @@ dependencies = [
- 
- [[package]]
- name = "conmonrs-cli"
--version = "0.5.1"
-+version = "0.6.0"
- dependencies = [
-  "capnp",
-  "capnp-rpc",
diff --git a/nixpkgs/pkgs/applications/virtualization/conmon-rs/default.nix b/nixpkgs/pkgs/applications/virtualization/conmon-rs/default.nix
index 84c0e3613851..7599c5eb6652 100644
--- a/nixpkgs/pkgs/applications/virtualization/conmon-rs/default.nix
+++ b/nixpkgs/pkgs/applications/virtualization/conmon-rs/default.nix
@@ -7,22 +7,19 @@
 
 rustPlatform.buildRustPackage rec {
   pname = "conmon-rs";
-  version = "0.6.0";
+  version = "0.6.1";
 
   src = fetchFromGitHub {
     owner = "containers";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-RQ3cVM7aEuCCmOCr4UWkxBMr66tdYFl0nNO7tXY05vE=";
+    sha256 = "sha256-B8uloch+ucOLIIR64GE5Z8ahe2NLqPmDGcugQVSqpl4=";
   };
 
-  # Cargo.lock is out of date for this release.
-  cargoPatches = [ ./Cargo.lock.patch ];
-
   nativeBuildInputs = [ capnproto protobuf ];
   doCheck = false;
 
-  cargoHash = "sha256-BNowZkD+y1jh25EvfhQzvT5BZzrq46KBd69AJ//9enE=";
+  cargoHash = "sha256-hEhAnNppiyY6EcdHfri534ih8VUfpT7lO9L4mFJ6Caw=";
 
   meta = with lib; {
     description = "An OCI container runtime monitor written in Rust";
diff --git a/nixpkgs/pkgs/applications/virtualization/cri-o/default.nix b/nixpkgs/pkgs/applications/virtualization/cri-o/default.nix
index 4cbc7b20d562..c6ee442d02fe 100644
--- a/nixpkgs/pkgs/applications/virtualization/cri-o/default.nix
+++ b/nixpkgs/pkgs/applications/virtualization/cri-o/default.nix
@@ -15,13 +15,13 @@
 
 buildGoModule rec {
   pname = "cri-o";
-  version = "1.28.0";
+  version = "1.28.1";
 
   src = fetchFromGitHub {
     owner = "cri-o";
     repo = "cri-o";
     rev = "v${version}";
-    sha256 = "sha256-vVw3mVliu9JiCgTpwBfubaOkEkNJD4Tb1M7HARg5VjA=";
+    sha256 = "sha256-4RwR4aM+h0cqogJ9sxoODlPGaXH2PALFoBU3jv/6Agg=";
   };
   vendorHash = null;
 
diff --git a/nixpkgs/pkgs/applications/virtualization/docker/default.nix b/nixpkgs/pkgs/applications/virtualization/docker/default.nix
index 4b8fc566bff0..392bb4dacc50 100644
--- a/nixpkgs/pkgs/applications/virtualization/docker/default.nix
+++ b/nixpkgs/pkgs/applications/virtualization/docker/default.nix
@@ -7,12 +7,13 @@ rec {
       , mobyRev, mobyHash
       , runcRev, runcHash
       , containerdRev, containerdHash
-      , tiniRev, tiniHash, buildxSupport ? true, composeSupport ? true
+      , tiniRev, tiniHash
+      , buildxSupport ? true, composeSupport ? true, sbomSupport ? false
       # package dependencies
       , stdenv, fetchFromGitHub, fetchpatch, buildGoPackage
       , makeWrapper, installShellFiles, pkg-config, glibc
       , go-md2man, go, containerd, runc, docker-proxy, tini, libtool
-      , sqlite, iproute2, docker-buildx, docker-compose
+      , sqlite, iproute2, docker-buildx, docker-compose, docker-sbom
       , iptables, e2fsprogs, xz, util-linux, xfsprogs, git
       , procps, rootlesskit, slirp4netns, fuse-overlayfs, nixosTests
       , clientOnly ? !stdenv.isLinux, symlinkJoin
@@ -159,7 +160,8 @@ rec {
     });
 
     plugins = lib.optional buildxSupport docker-buildx
-      ++ lib.optional composeSupport docker-compose;
+      ++ lib.optional composeSupport docker-compose
+      ++ lib.optional sbomSupport docker-sbom;
     pluginsRef = symlinkJoin { name = "docker-plugins"; paths = plugins; };
   in
   buildGoPackage (lib.optionalAttrs (!clientOnly) {
@@ -273,7 +275,7 @@ rec {
         To enable the docker daemon on NixOS, set the `virtualisation.docker.enable` option to `true`.
       '';
       license = licenses.asl20;
-      maintainers = with maintainers; [ offline vdemeester periklis maxeaubrey ];
+      maintainers = with maintainers; [ offline vdemeester periklis amaxine ];
       mainProgram = "docker";
     };
   });
diff --git a/nixpkgs/pkgs/applications/virtualization/docker/sbom-disable-tests.patch b/nixpkgs/pkgs/applications/virtualization/docker/sbom-disable-tests.patch
new file mode 100644
index 000000000000..2bf3116da814
--- /dev/null
+++ b/nixpkgs/pkgs/applications/virtualization/docker/sbom-disable-tests.patch
@@ -0,0 +1,28 @@
+diff --git a/test/cli/all_formats_expressible_test.go b/test/cli/all_formats_expressible_test.go
+index 3f40a46..5ba04e8 100644
+--- a/test/cli/all_formats_expressible_test.go
++++ b/test/cli/all_formats_expressible_test.go
+@@ -8,7 +8,8 @@ import (
+ 	"github.com/anchore/syft/syft"
+ )
+ 
+-func TestAllFormatsExpressible(t *testing.T) {
++// Disabled because it needs a running docker daemon
++func disabledTestAllFormatsExpressible(t *testing.T) {
+ 	commonAssertions := []traitAssertion{
+ 		func(tb testing.TB, stdout, _ string, _ int) {
+ 			tb.Helper()
+diff --git a/test/cli/sbom_cmd_test.go b/test/cli/sbom_cmd_test.go
+index 0a0771c..a086c3b 100644
+--- a/test/cli/sbom_cmd_test.go
++++ b/test/cli/sbom_cmd_test.go
+@@ -8,7 +8,8 @@ import (
+ 	"github.com/docker/sbom-cli-plugin/internal"
+ )
+ 
+-func TestSBOMCmdFlags(t *testing.T) {
++// Disabled because it needs a running docker daemon
++func disabledTestSBOMCmdFlags(t *testing.T) {
+ 	hiddenPackagesImage := getFixtureImage(t, "image-hidden-packages")
+ 	coverageImage := getFixtureImage(t, "image-pkg-coverage")
+ 	tmp := t.TempDir() + "/"
diff --git a/nixpkgs/pkgs/applications/virtualization/docker/sbom.nix b/nixpkgs/pkgs/applications/virtualization/docker/sbom.nix
new file mode 100644
index 000000000000..7314eb2029fd
--- /dev/null
+++ b/nixpkgs/pkgs/applications/virtualization/docker/sbom.nix
@@ -0,0 +1,43 @@
+{ buildGoModule
+, fetchFromGitHub
+, docker
+, lib
+}:
+
+buildGoModule rec {
+  pname = "docker-sbom";
+  version = "0.6.1";
+
+  src = fetchFromGitHub {
+    owner = "docker";
+    repo = "sbom-cli-plugin";
+    rev = "tags/v${version}";
+    hash = "sha256-i3gIogHb0oW/VDuZUo6LGBmvqs/XfMXjpvTTYeGCK7Q=";
+  };
+
+  patches = [
+    # Disable tests that require a docker daemon to be running
+    # in the sandbox
+    ./sbom-disable-tests.patch
+  ];
+
+  vendorHash = "sha256-XPPVAdY2NaasZ9bkf24VWWk3X5pjnryvsErYIWkeekc=";
+
+  nativeBuildInputs = [ docker ];
+
+  installPhase = ''
+    runHook preInstall
+    install -D $GOPATH/bin/sbom-cli-plugin $out/libexec/docker/cli-plugins/docker-sbom
+
+    mkdir -p $out/bin
+    ln -s $out/libexec/docker/cli-plugins/docker-sbom $out/bin/docker-sbom
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "Plugin for Docker CLI to support SBOM creation using Syft";
+    homepage = "https://github.com/docker/sbom-cli-plugin";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ raboof ];
+  };
+}
diff --git a/nixpkgs/pkgs/applications/virtualization/gvisor/default.nix b/nixpkgs/pkgs/applications/virtualization/gvisor/default.nix
index a07c98be49f5..3e0349b5109e 100644
--- a/nixpkgs/pkgs/applications/virtualization/gvisor/default.nix
+++ b/nixpkgs/pkgs/applications/virtualization/gvisor/default.nix
@@ -22,7 +22,7 @@ buildGoModule rec {
     sha256 = "sha256-rADQsJ+AnBVlfQURGJl1xR6Ad5NyRWSrBSpOFMRld+o=";
   };
 
-  vendorSha256 = "sha256-iGLWxx/Kn1QaJTNOZcc+mwoF3ecEDOkaqmA0DH4pdgU=";
+  vendorHash = "sha256-iGLWxx/Kn1QaJTNOZcc+mwoF3ecEDOkaqmA0DH4pdgU=";
 
   nativeBuildInputs = [ makeWrapper ];
 
diff --git a/nixpkgs/pkgs/applications/virtualization/nixpacks/default.nix b/nixpkgs/pkgs/applications/virtualization/nixpacks/default.nix
index 513da2279614..ca097adac773 100644
--- a/nixpkgs/pkgs/applications/virtualization/nixpacks/default.nix
+++ b/nixpkgs/pkgs/applications/virtualization/nixpacks/default.nix
@@ -2,16 +2,16 @@
 
 rustPlatform.buildRustPackage rec {
   pname = "nixpacks";
-  version = "1.13.0";
+  version = "1.14.0";
 
   src = fetchFromGitHub {
     owner = "railwayapp";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-xUQpo9KqKXKz1nT+eqmIX1domBHGsFO1DQoR/lDdncM=";
+    sha256 = "sha256-Rt65BXrDFne7bT26yQLVMNwwgN8JAmXLrGx/BLlInkI=";
   };
 
-  cargoHash = "sha256-6OuDZzX7mCc8LiC808eu1fa1OspA5+Yk5h3VxusgFDU=";
+  cargoHash = "sha256-dZbLLxvkJzApl9+MwbZRJQXFzMHOfbikwEZs9wFKZHQ=";
 
   # skip test due FHS dependency
   doCheck = false;
diff --git a/nixpkgs/pkgs/applications/virtualization/ops/default.nix b/nixpkgs/pkgs/applications/virtualization/ops/default.nix
index 484eeeb41c11..56829737ead9 100644
--- a/nixpkgs/pkgs/applications/virtualization/ops/default.nix
+++ b/nixpkgs/pkgs/applications/virtualization/ops/default.nix
@@ -15,7 +15,7 @@ buildGoModule rec {
 
   proxyVendor = true; # Doesn't build otherwise
 
-  vendorSha256 = "sha256-65VvUy4vGTfZgsXGJVSc/yU5R5MhSKJyMMsvPOCThks=";
+  vendorHash = "sha256-65VvUy4vGTfZgsXGJVSc/yU5R5MhSKJyMMsvPOCThks=";
 
   # Some tests fail
   doCheck = false;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-17 07:36:27 +0000