depot/third_party/nixpkgs/pkgs/tools/security/kubeclarity/default.nix
Default email 7e47f3658e Project import generated by Copybara.
GitOrigin-RevId: 1925c603f17fc89f4c8f6bf6f631a802ad85d784
2024-09-26 11:04:55 +00:00

61 lines
1.4 KiB
Nix

{ lib
, btrfs-progs
, buildGoModule
, fetchFromGitHub
, lvm2
, pkg-config
, stdenv
}:
buildGoModule rec {
pname = "kubeclarity";
version = "2.23.3";
src = fetchFromGitHub {
owner = "openclarity";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-MC9GeJeVG7ROkpmOW2HD/fWMMnHo43q4Du9MzWTk2cg=";
};
vendorHash = "sha256-JY64fqzNBpo9Jwo8sWsWTVVAO5zzwxwXy0A2bgqJHuU=";
proxyVendor = true;
nativeBuildInputs = [
pkg-config
];
buildInputs = lib.optionals stdenv.hostPlatform.isLinux [
btrfs-progs
lvm2
];
sourceRoot = "${src.name}/cli";
CGO_ENABLED = "0";
ldflags = [
"-s"
"-w"
];
postInstall = ''
mv $out/bin/cli $out/bin/kubeclarity
'';
meta = with lib; {
description = "Kubernetes runtime scanner";
mainProgram = "kubeclarity";
longDescription = ''
KubeClarity is a vulnerabilities scanning and CIS Docker benchmark tool that
allows users to get an accurate and immediate risk assessment of their
kubernetes clusters. Kubei scans all images that are being used in a
Kubernetes cluster, including images of application pods and system pods.
'';
homepage = "https://github.com/openclarity/kubeclarity";
changelog = "https://github.com/openclarity/kubeclarity/releases/tag/v${version}";
license = with licenses; [ asl20 ];
maintainers = with maintainers; [ fab ];
};
}