about summary refs log tree commit diff
path: root/pkgs/applications/virtualization
diff options
context:
space:
mode:
authorFabián Heredia Montiel <303897+fabianhjr@users.noreply.github.com>2023-09-12 11:18:15 -0500
committerGitHub <noreply@github.com>2023-09-12 11:18:15 -0500
commit831e3d73a572b69f213ff2d5c921dd8dc46a2f52 (patch)
tree767890083025e554f435adb9276bcaa93c9b281d /pkgs/applications/virtualization
parentf5ab741f1d8e48cb513acfca736de196cdd7894c (diff)
parent13e3f24e7d89a344c9c7741ab1dd51c1822c1756 (diff)
Merge pull request #254760 from raboof/docker-sbom-cli-plugin
docker-sbom: init at 0.6.1
Diffstat (limited to 'pkgs/applications/virtualization')
-rw-r--r--pkgs/applications/virtualization/docker/default.nix8
-rw-r--r--pkgs/applications/virtualization/docker/sbom-disable-tests.patch28
-rw-r--r--pkgs/applications/virtualization/docker/sbom.nix43
3 files changed, 76 insertions, 3 deletions
diff --git a/pkgs/applications/virtualization/docker/default.nix b/pkgs/applications/virtualization/docker/default.nix
index 540812ab35d08..392bb4dacc505 100644
--- a/pkgs/applications/virtualization/docker/default.nix
+++ b/pkgs/applications/virtualization/docker/default.nix
@@ -7,12 +7,13 @@ rec {
       , mobyRev, mobyHash
       , runcRev, runcHash
       , containerdRev, containerdHash
-      , tiniRev, tiniHash, buildxSupport ? true, composeSupport ? true
+      , tiniRev, tiniHash
+      , buildxSupport ? true, composeSupport ? true, sbomSupport ? false
       # package dependencies
       , stdenv, fetchFromGitHub, fetchpatch, buildGoPackage
       , makeWrapper, installShellFiles, pkg-config, glibc
       , go-md2man, go, containerd, runc, docker-proxy, tini, libtool
-      , sqlite, iproute2, docker-buildx, docker-compose
+      , sqlite, iproute2, docker-buildx, docker-compose, docker-sbom
       , iptables, e2fsprogs, xz, util-linux, xfsprogs, git
       , procps, rootlesskit, slirp4netns, fuse-overlayfs, nixosTests
       , clientOnly ? !stdenv.isLinux, symlinkJoin
@@ -159,7 +160,8 @@ rec {
     });
 
     plugins = lib.optional buildxSupport docker-buildx
-      ++ lib.optional composeSupport docker-compose;
+      ++ lib.optional composeSupport docker-compose
+      ++ lib.optional sbomSupport docker-sbom;
     pluginsRef = symlinkJoin { name = "docker-plugins"; paths = plugins; };
   in
   buildGoPackage (lib.optionalAttrs (!clientOnly) {
diff --git a/pkgs/applications/virtualization/docker/sbom-disable-tests.patch b/pkgs/applications/virtualization/docker/sbom-disable-tests.patch
new file mode 100644
index 0000000000000..2bf3116da8140
--- /dev/null
+++ b/pkgs/applications/virtualization/docker/sbom-disable-tests.patch
@@ -0,0 +1,28 @@
+diff --git a/test/cli/all_formats_expressible_test.go b/test/cli/all_formats_expressible_test.go
+index 3f40a46..5ba04e8 100644
+--- a/test/cli/all_formats_expressible_test.go
++++ b/test/cli/all_formats_expressible_test.go
+@@ -8,7 +8,8 @@ import (
+ 	"github.com/anchore/syft/syft"
+ )
+ 
+-func TestAllFormatsExpressible(t *testing.T) {
++// Disabled because it needs a running docker daemon
++func disabledTestAllFormatsExpressible(t *testing.T) {
+ 	commonAssertions := []traitAssertion{
+ 		func(tb testing.TB, stdout, _ string, _ int) {
+ 			tb.Helper()
+diff --git a/test/cli/sbom_cmd_test.go b/test/cli/sbom_cmd_test.go
+index 0a0771c..a086c3b 100644
+--- a/test/cli/sbom_cmd_test.go
++++ b/test/cli/sbom_cmd_test.go
+@@ -8,7 +8,8 @@ import (
+ 	"github.com/docker/sbom-cli-plugin/internal"
+ )
+ 
+-func TestSBOMCmdFlags(t *testing.T) {
++// Disabled because it needs a running docker daemon
++func disabledTestSBOMCmdFlags(t *testing.T) {
+ 	hiddenPackagesImage := getFixtureImage(t, "image-hidden-packages")
+ 	coverageImage := getFixtureImage(t, "image-pkg-coverage")
+ 	tmp := t.TempDir() + "/"
diff --git a/pkgs/applications/virtualization/docker/sbom.nix b/pkgs/applications/virtualization/docker/sbom.nix
new file mode 100644
index 0000000000000..7314eb2029fde
--- /dev/null
+++ b/pkgs/applications/virtualization/docker/sbom.nix
@@ -0,0 +1,43 @@
+{ buildGoModule
+, fetchFromGitHub
+, docker
+, lib
+}:
+
+buildGoModule rec {
+  pname = "docker-sbom";
+  version = "0.6.1";
+
+  src = fetchFromGitHub {
+    owner = "docker";
+    repo = "sbom-cli-plugin";
+    rev = "tags/v${version}";
+    hash = "sha256-i3gIogHb0oW/VDuZUo6LGBmvqs/XfMXjpvTTYeGCK7Q=";
+  };
+
+  patches = [
+    # Disable tests that require a docker daemon to be running
+    # in the sandbox
+    ./sbom-disable-tests.patch
+  ];
+
+  vendorHash = "sha256-XPPVAdY2NaasZ9bkf24VWWk3X5pjnryvsErYIWkeekc=";
+
+  nativeBuildInputs = [ docker ];
+
+  installPhase = ''
+    runHook preInstall
+    install -D $GOPATH/bin/sbom-cli-plugin $out/libexec/docker/cli-plugins/docker-sbom
+
+    mkdir -p $out/bin
+    ln -s $out/libexec/docker/cli-plugins/docker-sbom $out/bin/docker-sbom
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "Plugin for Docker CLI to support SBOM creation using Syft";
+    homepage = "https://github.com/docker/sbom-cli-plugin";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ raboof ];
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-11 10:24:12 +0000