|
|
|
@ -2,13 +2,13 @@ |
|
|
|
|
|
|
|
|
|
buildGoModule rec { |
|
|
|
|
pname = "scorecard"; |
|
|
|
|
version = "4.1.0"; |
|
|
|
|
version = "4.2.0"; |
|
|
|
|
|
|
|
|
|
src = fetchFromGitHub { |
|
|
|
|
owner = "ossf"; |
|
|
|
|
repo = pname; |
|
|
|
|
rev = "v${version}"; |
|
|
|
|
sha256 = "sha256-QOWQhuEEnwtHmQwl5WCCHcKMjwhgxn9xerR0Bxi3660="; |
|
|
|
|
sha256 = "sha256-MTqXQCPmm2NoueVd3bbQlRz4pi2dOZ9l2EUfb60LwsM="; |
|
|
|
|
# populate values otherwise taken care of by goreleaser, |
|
|
|
|
# unfortunately these require us to use git. By doing |
|
|
|
|
# this in postFetch we can delete .git afterwards and |
|
|
|
@ -16,20 +16,14 @@ buildGoModule rec { |
|
|
|
|
leaveDotGit = true; |
|
|
|
|
postFetch = '' |
|
|
|
|
cd "$out" |
|
|
|
|
|
|
|
|
|
commit="$(git rev-parse HEAD)" |
|
|
|
|
source_date_epoch=$(git log --date=iso8601-strict -1 --pretty=%ct) |
|
|
|
|
|
|
|
|
|
substituteInPlace "$out/pkg/scorecard_version.go" \ |
|
|
|
|
--replace 'gitCommit = "unknown"' "gitCommit = \"$commit\"" \ |
|
|
|
|
--replace 'buildDate = "unknown"' "buildDate = \"$source_date_epoch\"" |
|
|
|
|
|
|
|
|
|
git rev-parse HEAD > $out/COMMIT |
|
|
|
|
# 0000-00-00T00:00:00Z |
|
|
|
|
date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%m-%dT%H:%M:%SZ" > $out/SOURCE_DATE_EPOCH |
|
|
|
|
find "$out" -name .git -print0 | xargs -0 rm -rf |
|
|
|
|
''; |
|
|
|
|
}; |
|
|
|
|
vendorSha256 = "sha256-AFadBzkRj0D1MXLHzexvomJ0cqirhW82tnNRGx/gChI="; |
|
|
|
|
vendorSha256 = "sha256-JT1hoEm3eBjR5mlNJ+/tBpHIw6FSvFXC/nEVPkbIfq8="; |
|
|
|
|
|
|
|
|
|
# Install completions post-install |
|
|
|
|
nativeBuildInputs = [ installShellFiles ]; |
|
|
|
|
|
|
|
|
|
subPackages = [ "." ]; |
|
|
|
@ -37,10 +31,16 @@ buildGoModule rec { |
|
|
|
|
ldflags = [ |
|
|
|
|
"-s" |
|
|
|
|
"-w" |
|
|
|
|
"-X github.com/ossf/scorecard/v${lib.versions.major version}/pkg.gitVersion=v${version}" |
|
|
|
|
"-X github.com/ossf/scorecard/v${lib.versions.major version}/pkg.gitTreeState=clean" |
|
|
|
|
"-X sigs.k8s.io/release-utils/version.gitVersion=v${version}" |
|
|
|
|
"-X sigs.k8s.io/release-utils/version.gitTreeState=clean" |
|
|
|
|
]; |
|
|
|
|
|
|
|
|
|
# ldflags based on metadata from git and source |
|
|
|
|
preBuild = '' |
|
|
|
|
ldflags+=" -X sigs.k8s.io/release-utils/version.gitCommit=$(cat COMMIT)" |
|
|
|
|
ldflags+=" -X sigs.k8s.io/release-utils/version.buildDate=$(cat SOURCE_DATE_EPOCH)" |
|
|
|
|
''; |
|
|
|
|
|
|
|
|
|
preCheck = '' |
|
|
|
|
# Feed in all but the e2e tests for testing |
|
|
|
|
# This is because subPackages above limits what is built to just what we |
|
|
|
@ -63,7 +63,7 @@ buildGoModule rec { |
|
|
|
|
installCheckPhase = '' |
|
|
|
|
runHook preInstallCheck |
|
|
|
|
$out/bin/scorecard --help |
|
|
|
|
$out/bin/scorecard version | grep "v${version}" |
|
|
|
|
# $out/bin/scorecard version 2>&1 | grep "v${version}" |
|
|
|
|
runHook postInstallCheck |
|
|
|
|
''; |
|
|
|
|
|
|
|
|
|