depot/third_party/nixpkgs/pkgs/tools/security/kubeclarity/default.nix
Default email f34ce41345 Project import generated by Copybara.
GitOrigin-RevId: b73c2221a46c13557b1b3be9c2070cc42cf01eb3
2024-07-27 08:49:29 +02:00

61 lines
1.4 KiB
Nix

{ lib
, btrfs-progs
, buildGoModule
, fetchFromGitHub
, lvm2
, pkg-config
, stdenv
}:
buildGoModule rec {
pname = "kubeclarity";
version = "2.23.3";
src = fetchFromGitHub {
owner = "openclarity";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-MC9GeJeVG7ROkpmOW2HD/fWMMnHo43q4Du9MzWTk2cg=";
};
vendorHash = "sha256-JY64fqzNBpo9Jwo8sWsWTVVAO5zzwxwXy0A2bgqJHuU=";
proxyVendor = true;
nativeBuildInputs = [
pkg-config
];
buildInputs = lib.optionals stdenv.isLinux [
btrfs-progs
lvm2
];
sourceRoot = "${src.name}/cli";
CGO_ENABLED = "0";
ldflags = [
"-s"
"-w"
];
postInstall = ''
mv $out/bin/cli $out/bin/kubeclarity
'';
meta = with lib; {
description = "Kubernetes runtime scanner";
mainProgram = "kubeclarity";
longDescription = ''
KubeClarity is a vulnerabilities scanning and CIS Docker benchmark tool that
allows users to get an accurate and immediate risk assessment of their
kubernetes clusters. Kubei scans all images that are being used in a
Kubernetes cluster, including images of application pods and system pods.
'';
homepage = "https://github.com/openclarity/kubeclarity";
changelog = "https://github.com/openclarity/kubeclarity/releases/tag/v${version}";
license = with licenses; [ asl20 ];
maintainers = with maintainers; [ fab ];
};
}