movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 21:50:33 +03:00
Code Activity

Sops + age plugin wrapper (#395189)

Browse source
This commit is contained in:
Jörg Thalheim 2025-04-02 12:35:48 +02:00 committed by GitHub
commit c509a0d7a8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 64 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

48
pkgs/by-name/ag/age/package.nix
View file

@ -3,16 +3,22 @@
buildGoModule, buildGoModule,
fetchFromGitHub, fetchFromGitHub,
installShellFiles, installShellFiles,
age-plugin-tpm,
age-plugin-ledger,
age-plugin-yubikey,
age-plugin-fido2-hmac,
makeWrapper,
runCommand,
}: }:
buildGoModule rec { buildGoModule (final: {
pname = "age"; pname = "age";
version = "1.2.1"; version = "1.2.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "FiloSottile"; owner = "FiloSottile";
repo = "age"; repo = "age";
rev = "v${version}"; rev = "v${final.version}";
hash = "sha256-9ZJdrmqBj43zSvStt0r25wjSfnvitdx3GYtM3urHcaA="; hash = "sha256-9ZJdrmqBj43zSvStt0r25wjSfnvitdx3GYtM3urHcaA=";
}; };
@ -21,10 +27,12 @@ buildGoModule rec {
ldflags = [ ldflags = [
"-s" "-s"
"-w" "-w"
"-X main.Version=${version}" "-X main.Version=${final.version}"
]; ];
nativeBuildInputs = [ installShellFiles ]; nativeBuildInputs = [
installShellFiles
];
preInstall = '' preInstall = ''
installManPage doc/*.1 installManPage doc/*.1
@ -32,10 +40,10 @@ buildGoModule rec {
doInstallCheck = true; doInstallCheck = true;
installCheckPhase = '' installCheckPhase = ''
if [[ "$("$out/bin/${pname}" --version)" == "${version}" ]]; then if [[ "$("$out/bin/${final.pname}" --version)" == "${final.version}" ]]; then
echo '${pname} smoke check passed' echo '${final.pname} smoke check passed'
else else
echo '${pname} smoke check failed' echo '${final.pname} smoke check failed'
return 1 return 1
fi fi
''; '';
@ -46,12 +54,34 @@ buildGoModule rec {
"TestScript/plugin" "TestScript/plugin"
]; ];
# group age plugins together
passthru.plugins = {
inherit
age-plugin-tpm
age-plugin-ledger
age-plugin-yubikey
age-plugin-fido2-hmac
;
};
# convenience function for wrapping sops with plugins
passthru.withPlugins =
filter:
runCommand "age-${final.version}-with-plugins"
{
nativeBuildInputs = [ makeWrapper ];
}
''
makeWrapper ${lib.getBin final.finalPackage}/bin/age $out/bin/age \
--prefix PATH : "${lib.makeBinPath (filter final.passthru.plugins)}"
'';
meta = with lib; { meta = with lib; {
changelog = "https://github.com/FiloSottile/age/releases/tag/v${version}"; changelog = "https://github.com/FiloSottile/age/releases/tag/v${final.version}";
homepage = "https://age-encryption.org/"; homepage = "https://age-encryption.org/";
description = "Modern encryption tool with small explicit keys"; description = "Modern encryption tool with small explicit keys";
license = licenses.bsd3; license = licenses.bsd3;
mainProgram = "age"; mainProgram = "age";
maintainers = with maintainers; [ tazjin ]; maintainers = with maintainers; [ tazjin ];
}; };
} })

32
pkgs/by-name/so/sops/package.nix
View file

@ -5,16 +5,19 @@
installShellFiles, installShellFiles,
versionCheckHook, versionCheckHook,
nix-update-script, nix-update-script,
makeWrapper,
runCommand,
age,
}: }:
buildGoModule rec { buildGoModule (final: {
pname = "sops"; pname = "sops";
version = "3.10.1"; version = "3.10.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "getsops"; owner = "getsops";
repo = pname; repo = final.pname;
tag = "v${version}"; tag = "v${final.version}";
hash = "sha256-LdsuN243oQ/L6LYgynb7Kw60alXn5IfUfhY0WaZFVCU="; hash = "sha256-LdsuN243oQ/L6LYgynb7Kw60alXn5IfUfhY0WaZFVCU=";
}; };
@ -25,10 +28,13 @@ buildGoModule rec {
ldflags = [ ldflags = [
"-s" "-s"
"-w" "-w"
"-X github.com/getsops/sops/v3/version.Version=${version}" "-X github.com/getsops/sops/v3/version.Version=${final.version}"
]; ];
nativeBuildInputs = [ installShellFiles ]; nativeBuildInputs = [
installShellFiles
makeWrapper
];
postInstall = '' postInstall = ''
installShellCompletion --cmd sops --bash ${./bash_autocomplete} installShellCompletion --cmd sops --bash ${./bash_autocomplete}
@ -41,10 +47,22 @@ buildGoModule rec {
passthru.updateScript = nix-update-script { }; passthru.updateScript = nix-update-script { };
# wrap sops with age plugins
passthru.withAgePlugins =
filter:
runCommand "sops-${final.version}-with-age-plugins"
{
nativeBuildInputs = [ makeWrapper ];
}
''
makeWrapper ${lib.getBin final.finalPackage}/bin/sops $out/bin/sops \
--prefix PATH : "${lib.makeBinPath (filter age.passthru.plugins)}"
'';
meta = { meta = {
homepage = "https://getsops.io/"; homepage = "https://getsops.io/";
description = "Simple and flexible tool for managing secrets"; description = "Simple and flexible tool for managing secrets";
changelog = "https://github.com/getsops/sops/blob/v${version}/CHANGELOG.rst"; changelog = "https://github.com/getsops/sops/blob/v${final.version}/CHANGELOG.rst";
mainProgram = "sops"; mainProgram = "sops";
maintainers = with lib.maintainers; [ maintainers = with lib.maintainers; [
Scrumplex Scrumplex
@ -52,4 +70,4 @@ buildGoModule rec {
]; ];
license = lib.licenses.mpl20; license = lib.licenses.mpl20;
}; };
} })