diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security/kubesec/default.nix')
-rw-r--r-- | nixpkgs/pkgs/tools/security/kubesec/default.nix | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/kubesec/default.nix b/nixpkgs/pkgs/tools/security/kubesec/default.nix new file mode 100644 index 000000000000..a2b7078896ac --- /dev/null +++ b/nixpkgs/pkgs/tools/security/kubesec/default.nix @@ -0,0 +1,54 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +}: + +buildGoModule rec { + pname = "kubesec"; + version = "2.13.0"; + + src = fetchFromGitHub { + owner = "controlplaneio"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-9WhY1mJawMkSgqM50DO0y9bxGYW89N14gLirO5zVuzc="; + }; + vendorHash = "sha256-xcIFveR0MwpYGYhHKXwQPHF08620yilEtb+BdKZWrdw="; + + nativeBuildInputs = [ installShellFiles ]; + + ldflags = [ + "-s" + "-w" + "-X github.com/controlplaneio/kubesec/v${lib.versions.major version}/cmd.version=v${version}" + ]; + + # Tests wants to download the kubernetes schema for use with kubeval + doCheck = false; + + postInstall = '' + installShellCompletion --cmd kubesec \ + --bash <($out/bin/kubesec completion bash) \ + --fish <($out/bin/kubesec completion fish) \ + --zsh <($out/bin/kubesec completion zsh) + ''; + + doInstallCheck = true; + installCheckPhase = '' + runHook preInstallCheck + + $out/bin/kubesec --help + $out/bin/kubesec version | grep "${version}" + + runHook postInstallCheck + ''; + + meta = with lib; { + description = "Security risk analysis tool for Kubernetes resources"; + homepage = "https://github.com/controlplaneio/kubesec"; + changelog = "https://github.com/controlplaneio/kubesec/blob/v${version}/CHANGELOG.md"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab jk ]; + }; +} |