ff1a94e523
The nixpkgs-unstable channel's programs.sqlite was used to identify packages producing exactly one binary, and these automatically added to their package definitions wherever possible.
36 lines
1.0 KiB
Nix
36 lines
1.0 KiB
Nix
{ lib
|
|
, buildGoModule
|
|
, fetchFromGitHub
|
|
}:
|
|
|
|
buildGoModule rec {
|
|
pname = "terrascan";
|
|
version = "1.19.1";
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "accurics";
|
|
repo = pname;
|
|
rev = "refs/tags/v${version}";
|
|
hash = "sha256-K70jGhutHHJrpgKh8RJTzQDjqYk6rBURM4KAaBX9tOE=";
|
|
};
|
|
|
|
vendorHash = "sha256-Hk7dkhb1GiCY9CkKZ1dMQc+s97VRUli7WAoneJVNK08=";
|
|
|
|
# Tests want to download a vulnerable Terraform project
|
|
doCheck = false;
|
|
|
|
meta = with lib; {
|
|
description = "Detect compliance and security violations across Infrastructure";
|
|
mainProgram = "terrascan";
|
|
longDescription = ''
|
|
Detect compliance and security violations across Infrastructure as Code to
|
|
mitigate risk before provisioning cloud native infrastructure. It contains
|
|
500+ polices and support for Terraform and Kubernetes.
|
|
'';
|
|
homepage = "https://github.com/accurics/terrascan";
|
|
changelog = "https://github.com/tenable/terrascan/blob/v${version}/CHANGELOG.md";
|
|
license = with licenses; [ asl20 ];
|
|
maintainers = with maintainers; [ fab ];
|
|
};
|
|
}
|