ff1a94e523
The nixpkgs-unstable channel's programs.sqlite was used to identify packages producing exactly one binary, and these automatically added to their package definitions wherever possible.
52 lines
1.3 KiB
Nix
52 lines
1.3 KiB
Nix
{ lib, buildGoModule, fetchFromGitHub, pkg-config, btrfs-progs, lvm2 }:
|
|
|
|
buildGoModule rec {
|
|
pname = "dockle";
|
|
version = "0.4.14";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "goodwithtech";
|
|
repo = pname;
|
|
rev = "v${version}";
|
|
hash = "sha256-ZAk51juPFSaDQYfzsf7HXigL4aIk8V+tGA9lZqHBOsY=";
|
|
};
|
|
|
|
vendorHash = "sha256-+AtvnplvPWkUwmxfB7rjYcLTQibQsObFT1QRR0FXAe0=";
|
|
|
|
nativeBuildInputs = [ pkg-config ];
|
|
buildInputs = [ btrfs-progs lvm2 ];
|
|
|
|
ldflags = [
|
|
"-s"
|
|
"-w"
|
|
"-X github.com/goodwithtech/dockle/pkg.version=${version}"
|
|
];
|
|
|
|
preCheck = ''
|
|
# Remove tests that use networking
|
|
rm pkg/scanner/scan_test.go
|
|
'';
|
|
|
|
doInstallCheck = true;
|
|
installCheckPhase = ''
|
|
runHook preInstallCheck
|
|
$out/bin/dockle --help
|
|
$out/bin/dockle --version | grep "dockle version ${version}"
|
|
runHook postInstallCheck
|
|
'';
|
|
|
|
meta = with lib; {
|
|
homepage = "https://containers.goodwith.tech";
|
|
changelog = "https://github.com/goodwithtech/dockle/releases/tag/v${version}";
|
|
description = "Container Image Linter for Security";
|
|
mainProgram = "dockle";
|
|
longDescription = ''
|
|
Container Image Linter for Security.
|
|
Helping build the Best-Practice Docker Image.
|
|
Easy to start.
|
|
'';
|
|
license = licenses.asl20;
|
|
maintainers = with maintainers; [ jk ];
|
|
};
|
|
}
|