about summary refs log tree commit diff
path: root/nixpkgs/pkgs/os-specific/linux/sysdig/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/os-specific/linux/sysdig/default.nix')
-rw-r--r--nixpkgs/pkgs/os-specific/linux/sysdig/default.nix74
1 files changed, 54 insertions, 20 deletions
diff --git a/nixpkgs/pkgs/os-specific/linux/sysdig/default.nix b/nixpkgs/pkgs/os-specific/linux/sysdig/default.nix
index 4f5f3b585dad..1a59244f8d4c 100644
--- a/nixpkgs/pkgs/os-specific/linux/sysdig/default.nix
+++ b/nixpkgs/pkgs/os-specific/linux/sysdig/default.nix
@@ -1,13 +1,12 @@
 { lib, stdenv, fetchFromGitHub, fetchpatch, cmake, kernel, installShellFiles, pkg-config
 , luajit, ncurses, perl, jsoncpp, libb64, openssl, curl, jq, gcc, elfutils, tbb, protobuf, grpc
-, libyamlcpp, nlohmann_json
+, yaml-cpp, nlohmann_json, re2, zstd
 }:
 
-with lib;
 let
   # Compare with https://github.com/draios/sysdig/blob/dev/cmake/modules/falcosecurity-libs.cmake
-  libsRev = "e5c53d648f3c4694385bbe488e7d47eaa36c229a";
-  libsSha256 = "sha256-pG10y5PpDqaF/cq8oAvax5B/ls2UTRQd7tCfBjWVf0U=";
+  libsRev = "0.11.0";
+  libsSha256 = "sha256-QvRTz3yMS6i+qdiSG51wvho9D7w/dMQhY72OYd3qOgU=";
 
   # Compare with https://github.com/falcosecurity/libs/blob/master/cmake/modules/valijson.cmake#L17
   valijson = fetchFromGitHub {
@@ -17,18 +16,34 @@ let
     sha256 = "sha256-ZD19Q2MxMQd3yEKbY90GFCrerie5/jzgO8do4JQDoKM=";
   };
 
+  # https://github.com/draios/sysdig/blob/0.31.5/cmake/modules/driver.cmake
+  driver = fetchFromGitHub {
+    owner = "falcosecurity";
+    repo = "libs";
+    rev = "5.0.1+driver";
+    sha256 = "sha256-CQ6QTcyTnThpJHDXgOM1Zdp5SG7rngp9XtEM+2mS8ro=";
+  };
+
 in
 stdenv.mkDerivation rec {
   pname = "sysdig";
-  version = "0.29.3";
+  version = "0.31.5";
 
   src = fetchFromGitHub {
     owner = "draios";
     repo = "sysdig";
     rev = version;
-    sha256 = "sha256-dMLeroOd9CgvmgQdPfX8oBxQSyksZi/hP4vO03JhlF0=";
+    sha256 = "sha256-RuoPqVulATtn7jSga/8fECs7weNfjt/YFh7iHmfCKjw=";
   };
 
+  # to fix the build against the latest kernel
+  patches = [
+    (fetchpatch {
+      url = "https://github.com/draios/sysdig/compare/35ded9aab87801281e22898242e24e0bc63873b2...954e6fc6238f21d4870a491395d68a7dd3062aa9.patch";
+      sha256 = "sha256-gnLURnv8FW5LvqjbreCf9DPGdBcn7rfizGeznFqJ+Fk=";
+    })
+  ];
+
   nativeBuildInputs = [ cmake perl installShellFiles pkg-config ];
   buildInputs = [
     luajit
@@ -40,12 +55,15 @@ stdenv.mkDerivation rec {
     gcc
     elfutils
     tbb
+    libb64
+    re2
     protobuf
     grpc
-    libyamlcpp
+    yaml-cpp
     jsoncpp
     nlohmann_json
-  ] ++ optionals (kernel != null) kernel.moduleBuildDependencies;
+    zstd
+  ] ++ lib.optionals (kernel != null) kernel.moduleBuildDependencies;
 
   hardeningDisable = [ "pic" ];
 
@@ -57,25 +75,37 @@ stdenv.mkDerivation rec {
       sha256 = libsSha256;
     }} libs
     chmod -R +w libs
-    cmakeFlagsArray+=("-DFALCOSECURITY_LIBS_SOURCE_DIR=$(pwd)/libs" "-DVALIJSON_INCLUDE=${valijson}/include")
+    cp -r ${driver} driver-src
+    chmod -R +w driver-src
+    cmakeFlagsArray+=(
+      "-DFALCOSECURITY_LIBS_SOURCE_DIR=$(pwd)/libs"
+      "-DVALIJSON_INCLUDE=${valijson}/include"
+      "-DDRIVER_SOURCE_DIR=$(pwd)/driver-src/driver"
+    )
   '';
 
   cmakeFlags = [
     "-DUSE_BUNDLED_DEPS=OFF"
     "-DSYSDIG_VERSION=${version}"
+    "-DUSE_BUNDLED_B64=OFF"
+    "-DUSE_BUNDLED_TBB=OFF"
+    "-DUSE_BUNDLED_RE2=OFF"
     "-DCREATE_TEST_TARGETS=OFF"
-  ] ++ optional (kernel == null) "-DBUILD_DRIVER=OFF";
+  ] ++ lib.optional (kernel == null) "-DBUILD_DRIVER=OFF";
 
-  # needed since luajit-2.1.0-beta3
-  NIX_CFLAGS_COMPILE = "-DluaL_reg=luaL_Reg -DluaL_getn(L,i)=((int)lua_objlen(L,i))";
+  env.NIX_CFLAGS_COMPILE =
+   # needed since luajit-2.1.0-beta3
+   "-DluaL_reg=luaL_Reg -DluaL_getn(L,i)=((int)lua_objlen(L,i)) " +
+   # fix compiler warnings been treated as errors
+   "-Wno-error";
 
   preConfigure = ''
     if ! grep -q "${libsRev}" cmake/modules/falcosecurity-libs.cmake; then
       echo "falcosecurity-libs checksum needs to be updated!"
       exit 1
     fi
-    cmakeFlagsArray+=(-DCMAKE_EXE_LINKER_FLAGS="-ltbb -lcurl -labsl_synchronization")
-  '' + optionalString (kernel != null) ''
+    cmakeFlagsArray+=(-DCMAKE_EXE_LINKER_FLAGS="-ltbb -lcurl -lzstd -labsl_synchronization")
+  '' + lib.optionalString (kernel != null) ''
     export INSTALL_MOD_PATH="$out"
     export KERNELDIR="${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
   '';
@@ -88,22 +118,26 @@ stdenv.mkDerivation rec {
       rmdir $out/etc/bash_completion.d
       rmdir $out/etc
     ''
-    + optionalString (kernel != null) ''
+    + lib.optionalString (kernel != null) ''
       make install_driver
       kernel_dev=${kernel.dev}
-      kernel_dev=''${kernel_dev#/nix/store/}
+      kernel_dev=''${kernel_dev#${builtins.storeDir}/}
       kernel_dev=''${kernel_dev%%-linux*dev*}
       if test -f "$out/lib/modules/${kernel.modDirVersion}/extra/scap.ko"; then
           sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
       else
-          xz -d $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko.xz
-          sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
-          xz $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
+          for i in $out/lib/modules/${kernel.modDirVersion}/{extra,updates}/scap.ko.xz; do
+            if test -f "$i"; then
+              xz -d $i
+              sed -i "s#$kernel_dev#................................#g" ''${i%.xz}
+              xz -9 ''${i%.xz}
+            fi
+          done
       fi
     '';
 
 
-  meta = {
+  meta = with lib; {
     description = "A tracepoint-based system tracing tool for Linux (with clients for other OSes)";
     license = with licenses; [ asl20 gpl2 mit ];
     maintainers = [maintainers.raskin];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-02 10:31:00 +0000