ratchet: init at 0.9.2
Signed-off-by: Cameron Smith <cameron.ray.smith@gmail.com>
This commit is contained in:
Cameron Smith
parent
d66286f688
commit
59921e79a2
70
pkgs/by-name/ra/ratchet/package.nix
Normal file
70
pkgs/by-name/ra/ratchet/package.nix
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
{
|
||||||
|
lib,
|
||||||
|
buildGoModule,
|
||||||
|
fetchFromGitHub,
|
||||||
|
callPackage,
|
||||||
|
}:
|
||||||
|
buildGoModule rec {
|
||||||
|
pname = "ratchet";
|
||||||
|
version = "0.9.2";
|
||||||
|
|
||||||
|
# ratchet uses the git sha-1 in the version string, e.g.
|
||||||
|
#
|
||||||
|
# $ ./ratchet --version
|
||||||
|
# ratchet 0.9.2 (d57cc1a53c022d3f87c4820bc6b64384a06c8a07, darwin/arm64)
|
||||||
|
#
|
||||||
|
# so we need to either hard-code the sha-1 corresponding to the version tag
|
||||||
|
# head or retain the git metadata folder and extract it using the git cli.
|
||||||
|
# We currently hard-code it.
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "sethvargo";
|
||||||
|
repo = "ratchet";
|
||||||
|
rev = "d57cc1a53c022d3f87c4820bc6b64384a06c8a07";
|
||||||
|
hash = "sha256-gQ98uD9oPUsECsduv/lqGdYNmtHetU49ETfWCE8ft8U=";
|
||||||
|
};
|
||||||
|
|
||||||
|
proxyVendor = true;
|
||||||
|
vendorHash = "sha256-J7LijbhpKDIfTcQMgk2x5FVaYG7Kgkba/1aSTmgs5yw=";
|
||||||
|
|
||||||
|
subPackages = [ "." ];
|
||||||
|
|
||||||
|
ldflags =
|
||||||
|
let
|
||||||
|
package_url = "github.com/sethvargo/ratchet";
|
||||||
|
in
|
||||||
|
[
|
||||||
|
"-s"
|
||||||
|
"-w"
|
||||||
|
"-X ${package_url}/internal/version.name=${pname}"
|
||||||
|
"-X ${package_url}/internal/version.version=${version}"
|
||||||
|
"-X ${package_url}/internal/version.commit=${src.rev}"
|
||||||
|
];
|
||||||
|
|
||||||
|
doInstallCheck = true;
|
||||||
|
installCheckPhase = ''
|
||||||
|
$out/bin/ratchet --version 2>&1 | grep ${version};
|
||||||
|
'';
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
runHook preInstall
|
||||||
|
mkdir -p $out/bin
|
||||||
|
install -Dm755 "$GOPATH/bin/ratchet" -T $out/bin/ratchet
|
||||||
|
runHook postInstall
|
||||||
|
'';
|
||||||
|
|
||||||
|
passthru.tests = {
|
||||||
|
execution = callPackage ./tests.nix { };
|
||||||
|
};
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "A tool for securing CI/CD workflows with version pinning.";
|
||||||
|
mainProgram = "ratchet";
|
||||||
|
downloadPage = "https://github.com/sethvargo/ratchet";
|
||||||
|
homepage = "https://github.com/sethvargo/ratchet";
|
||||||
|
license = licenses.asl20;
|
||||||
|
maintainers = with maintainers; [
|
||||||
|
cameronraysmith
|
||||||
|
ryanccn
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
17
pkgs/by-name/ra/ratchet/tests.nix
Normal file
17
pkgs/by-name/ra/ratchet/tests.nix
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
{
|
||||||
|
lib,
|
||||||
|
runCommand,
|
||||||
|
ratchet,
|
||||||
|
}: let
|
||||||
|
inherit (ratchet) pname version;
|
||||||
|
in
|
||||||
|
runCommand "${pname}-tests" {meta.timeout = 60;}
|
||||||
|
''
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
# Ensure ratchet is executable
|
||||||
|
${ratchet}/bin/ratchet --version
|
||||||
|
${ratchet}/bin/ratchet --help
|
||||||
|
|
||||||
|
touch $out
|
||||||
|
''
|
||||||
Loading…
Reference in New Issue
Block a user