dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #298660 from fabaff/kubescape-bump

Browse Source 
kubescape: 2.9.1 -> 3.0.7
This commit is contained in:
Fabian Affolter 2024-04-01 23:17:24 +02:00 committed by GitHub
commit 127c068036
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 27 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
pkgs/tools/security/kubescape/default.nix
View File

@ -1,6 +1,8 @@
{ lib { lib
, stdenv
, buildGoModule , buildGoModule
, fetchFromGitHub , fetchFromGitHub
, git
, installShellFiles , installShellFiles
, kubescape , kubescape
, testers , testers
@ -8,52 +10,55 @@
buildGoModule rec { buildGoModule rec {
pname = "kubescape"; pname = "kubescape";
version = "2.9.1"; version = "3.0.8";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "kubescape"; owner = "kubescape";
repo = pname; repo = "kubescape";
rev = "refs/tags/v${version}"; rev = "refs/tags/v${version}";
hash = "sha256-FKWR3pxFtJBEa14Mn3RKsLvrliHaj6TuF4F2JLtw2qA="; hash = "sha256-ZGDE9go8BmaXE1YFT/z5Nob90MhsKZ6oKrodDMu2npY=";
fetchSubmodules = true; fetchSubmodules = true;
}; };
vendorHash = "sha256-zcv8oYm6srwkwT3pUECtTewyqVVpCIcs3i0VRTRft68="; vendorHash = "sha256-qFJVoWzU9rqpYbb8gzdK33rq///zizxVkWhsNV8OXOM=";
subPackages = [
"."
];
nativeBuildInputs = [ nativeBuildInputs = [
installShellFiles installShellFiles
]; ];
nativeCheckInputs = [
git
];
ldflags = [ ldflags = [
"-s" "-s"
"-w" "-w"
"-X=github.com/kubescape/kubescape/v2/core/cautils.BuildNumber=v${version}" "-X=github.com/kubescape/kubescape/v3/core/cautils.BuildNumber=v${version}"
]; ];
subPackages = [ "." ];
preCheck = '' preCheck = ''
# Feed in all but the integration tests for testing export HOME=$(mktemp -d)
# This is because subPackages above limits what is built to just what we
# want but also limits the tests
# Skip httphandler tests - the checkPhase doesn't care about excludedPackages
getGoDirs() {
go list ./... | grep -v httphandler
}
# remove tests that use networking # Remove tests that use networking
rm core/pkg/resourcehandler/urlloader_test.go rm core/pkg/resourcehandler/urlloader_test.go
rm core/pkg/opaprocessor/*_test.go rm core/pkg/opaprocessor/*_test.go
rm core/cautils/getter/downloadreleasedpolicy_test.go rm core/cautils/getter/downloadreleasedpolicy_test.go
rm core/core/initutils_test.go
rm core/core/list_test.go
rm core/pkg/resourcehandler/remotegitutils_test.go
# remove tests that use networking # Remove tests that use networking
substituteInPlace core/pkg/resourcehandler/repositoryscanner_test.go \ substituteInPlace core/pkg/resourcehandler/repositoryscanner_test.go \
--replace "TestScanRepository" "SkipScanRepository" \ --replace-fail "TestScanRepository" "SkipScanRepository" \
--replace "TestGit" "SkipGit" --replace-fail "TestGit" "SkipGit"
# remove test that requires networking # Remove test that requires networking
substituteInPlace core/cautils/scaninfo_test.go \ substituteInPlace core/cautils/scaninfo_test.go \
--replace "TestSetContextMetadata" "SkipSetContextMetadata" --replace-fail "TestSetContextMetadata" "SkipSetContextMetadata"
''; '';
postInstall = '' postInstall = ''
@ -71,7 +76,6 @@ buildGoModule rec {
meta = with lib; { meta = with lib; {
description = "Tool for testing if Kubernetes is deployed securely"; description = "Tool for testing if Kubernetes is deployed securely";
mainProgram = "kubescape";
homepage = "https://github.com/kubescape/kubescape"; homepage = "https://github.com/kubescape/kubescape";
changelog = "https://github.com/kubescape/kubescape/releases/tag/v${version}"; changelog = "https://github.com/kubescape/kubescape/releases/tag/v${version}";
longDescription = '' longDescription = ''
@ -87,5 +91,7 @@ buildGoModule rec {
''; '';
license = licenses.asl20; license = licenses.asl20;
maintainers = with maintainers; [ fab jk ]; maintainers = with maintainers; [ fab jk ];
mainProgram = "kubescape";
broken = stdenv.isDarwin;
}; };
} }