diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security/snowcat')
-rw-r--r-- | nixpkgs/pkgs/tools/security/snowcat/default.nix | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/snowcat/default.nix b/nixpkgs/pkgs/tools/security/snowcat/default.nix new file mode 100644 index 000000000000..e6211caec556 --- /dev/null +++ b/nixpkgs/pkgs/tools/security/snowcat/default.nix @@ -0,0 +1,33 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "snowcat"; + version = "0.1.3"; + + src = fetchFromGitHub { + owner = "praetorian-inc"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-EulQYGOMIh952e4Xp13hT/HMW3qP1QXYtt5PEej1VTY="; + }; + vendorSha256 = "sha256-D6ipwGMxT0B3uYUzg6Oo2TYnsOVBY0mYO5lC7vtVPc0="; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + homepage = "https://github.com/praetorian-inc/snowcat"; + changelog = "https://github.com/praetorian-inc/snowcat/releases/tag/v${version}"; + description = "A tool to audit the istio service mesh"; + longDescription = '' + Snowcat gathers and analyzes the configuration of an Istio cluster and + audits it for potential violations of security best practices. + + There are two main modes of operation for Snowcat. With no positional + argument, Snowcat will assume it is running inside of a cluster enabled + with Istio, and begin to enumerate the required data. Optionally, you can + point snowcat at a directory containing Kubernets YAML files. + ''; + license = licenses.asl20; + maintainers = with maintainers; [ jk ]; + }; +} |