movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 13:40:28 +03:00
Code Activity

Sops + age plugin wrapper (#395189)

Browse source
This commit is contained in:
Jörg Thalheim 2025-04-02 12:35:48 +02:00 committed by GitHub
commit c509a0d7a8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 64 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

48
pkgs/by-name/ag/age/package.nix
View file

@ -3,16 +3,22 @@
buildGoModule,
fetchFromGitHub,
installShellFiles,
age-plugin-tpm,
age-plugin-ledger,
age-plugin-yubikey,
age-plugin-fido2-hmac,
makeWrapper,
runCommand,
}:
buildGoModule rec {
buildGoModule (final: {
pname = "age";
version = "1.2.1";
src = fetchFromGitHub {
owner = "FiloSottile";
repo = "age";
rev = "v${version}";
rev = "v${final.version}";
hash = "sha256-9ZJdrmqBj43zSvStt0r25wjSfnvitdx3GYtM3urHcaA=";
};
@ -21,10 +27,12 @@ buildGoModule rec {
ldflags = [
"-s"
"-w"
"-X main.Version=${version}"
"-X main.Version=${final.version}"
];
nativeBuildInputs = [ installShellFiles ];
nativeBuildInputs = [
installShellFiles
];
preInstall = ''
installManPage doc/*.1
@ -32,10 +40,10 @@ buildGoModule rec {
doInstallCheck = true;
installCheckPhase = ''
if [[ "$("$out/bin/${pname}" --version)" == "${version}" ]]; then
echo '${pname} smoke check passed'
if [[ "$("$out/bin/${final.pname}" --version)" == "${final.version}" ]]; then
echo '${final.pname} smoke check passed'
else
echo '${pname} smoke check failed'
echo '${final.pname} smoke check failed'
return 1
fi
'';
@ -46,12 +54,34 @@ buildGoModule rec {
"TestScript/plugin"
];
# group age plugins together
passthru.plugins = {
inherit
age-plugin-tpm
age-plugin-ledger
age-plugin-yubikey
age-plugin-fido2-hmac
;
};
# convenience function for wrapping sops with plugins
passthru.withPlugins =
filter:
runCommand "age-${final.version}-with-plugins"
{
nativeBuildInputs = [ makeWrapper ];
}
''
makeWrapper ${lib.getBin final.finalPackage}/bin/age $out/bin/age \
--prefix PATH : "${lib.makeBinPath (filter final.passthru.plugins)}"
'';
meta = with lib; {
changelog = "https://github.com/FiloSottile/age/releases/tag/v${version}";
changelog = "https://github.com/FiloSottile/age/releases/tag/v${final.version}";
homepage = "https://age-encryption.org/";
description = "Modern encryption tool with small explicit keys";
license = licenses.bsd3;
mainProgram = "age";
maintainers = with maintainers; [ tazjin ];
};
}
})

32
pkgs/by-name/so/sops/package.nix
View file

@ -5,16 +5,19 @@
installShellFiles,
versionCheckHook,
nix-update-script,
makeWrapper,
runCommand,
age,
}:
buildGoModule rec {
buildGoModule (final: {
pname = "sops";
version = "3.10.1";
src = fetchFromGitHub {
owner = "getsops";
repo = pname;
tag = "v${version}";
repo = final.pname;
tag = "v${final.version}";
hash = "sha256-LdsuN243oQ/L6LYgynb7Kw60alXn5IfUfhY0WaZFVCU=";
};
@ -25,10 +28,13 @@ buildGoModule rec {
ldflags = [
"-s"
"-w"
"-X github.com/getsops/sops/v3/version.Version=${version}"
"-X github.com/getsops/sops/v3/version.Version=${final.version}"
];
nativeBuildInputs = [ installShellFiles ];
nativeBuildInputs = [
installShellFiles
makeWrapper
];
postInstall = ''
installShellCompletion --cmd sops --bash ${./bash_autocomplete}
@ -41,10 +47,22 @@ buildGoModule rec {
passthru.updateScript = nix-update-script { };
# wrap sops with age plugins
passthru.withAgePlugins =
filter:
runCommand "sops-${final.version}-with-age-plugins"
{
nativeBuildInputs = [ makeWrapper ];
}
''
makeWrapper ${lib.getBin final.finalPackage}/bin/sops $out/bin/sops \
--prefix PATH : "${lib.makeBinPath (filter age.passthru.plugins)}"
'';
meta = {
homepage = "https://getsops.io/";
description = "Simple and flexible tool for managing secrets";
changelog = "https://github.com/getsops/sops/blob/v${version}/CHANGELOG.rst";
changelog = "https://github.com/getsops/sops/blob/v${final.version}/CHANGELOG.rst";
mainProgram = "sops";
maintainers = with lib.maintainers; [
Scrumplex
@ -52,4 +70,4 @@ buildGoModule rec {
];
license = lib.licenses.mpl20;
};
}
})