diff options
Diffstat (limited to 'pkgs/by-name/ra/ratchet/package.nix')
-rw-r--r-- | pkgs/by-name/ra/ratchet/package.nix | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/pkgs/by-name/ra/ratchet/package.nix b/pkgs/by-name/ra/ratchet/package.nix new file mode 100644 index 0000000000000..627ba522491f7 --- /dev/null +++ b/pkgs/by-name/ra/ratchet/package.nix @@ -0,0 +1,70 @@ +{ + lib, + buildGoModule, + fetchFromGitHub, + callPackage, +}: +buildGoModule rec { + pname = "ratchet"; + version = "0.9.2"; + + # ratchet uses the git sha-1 in the version string, e.g. + # + # $ ./ratchet --version + # ratchet 0.9.2 (d57cc1a53c022d3f87c4820bc6b64384a06c8a07, darwin/arm64) + # + # so we need to either hard-code the sha-1 corresponding to the version tag + # head or retain the git metadata folder and extract it using the git cli. + # We currently hard-code it. + src = fetchFromGitHub { + owner = "sethvargo"; + repo = "ratchet"; + rev = "d57cc1a53c022d3f87c4820bc6b64384a06c8a07"; + hash = "sha256-gQ98uD9oPUsECsduv/lqGdYNmtHetU49ETfWCE8ft8U="; + }; + + proxyVendor = true; + vendorHash = "sha256-J7LijbhpKDIfTcQMgk2x5FVaYG7Kgkba/1aSTmgs5yw="; + + subPackages = [ "." ]; + + ldflags = + let + package_url = "github.com/sethvargo/ratchet"; + in + [ + "-s" + "-w" + "-X ${package_url}/internal/version.name=${pname}" + "-X ${package_url}/internal/version.version=${version}" + "-X ${package_url}/internal/version.commit=${src.rev}" + ]; + + doInstallCheck = true; + installCheckPhase = '' + $out/bin/ratchet --version 2>&1 | grep ${version}; + ''; + + installPhase = '' + runHook preInstall + mkdir -p $out/bin + install -Dm755 "$GOPATH/bin/ratchet" -T $out/bin/ratchet + runHook postInstall + ''; + + passthru.tests = { + execution = callPackage ./tests.nix { }; + }; + + meta = with lib; { + description = "A tool for securing CI/CD workflows with version pinning."; + mainProgram = "ratchet"; + downloadPage = "https://github.com/sethvargo/ratchet"; + homepage = "https://github.com/sethvargo/ratchet"; + license = licenses.asl20; + maintainers = with maintainers; [ + cameronraysmith + ryanccn + ]; + }; +} |