kookie
/
nomicon
1
0
Fork 0
Code Issues Projects Releases 1 Activity

scorecard: 4.1.0 -> 4.2.0

Browse Source
main
06kellyjac 2 years ago
parent 8a22e5f840
commit 2381aa28fd
1 changed files with 15 additions and 15 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 30
      pkgs/tools/security/scorecard/default.nix

30
pkgs/tools/security/scorecard/default.nix
Unescape View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "scorecard";
version = "4.1.0";
version = "4.2.0";
src = fetchFromGitHub {
owner = "ossf";
repo = pname;
rev = "v${version}";
sha256 = "sha256-QOWQhuEEnwtHmQwl5WCCHcKMjwhgxn9xerR0Bxi3660=";
sha256 = "sha256-MTqXQCPmm2NoueVd3bbQlRz4pi2dOZ9l2EUfb60LwsM=";
# populate values otherwise taken care of by goreleaser,
# unfortunately these require us to use git. By doing
# this in postFetch we can delete .git afterwards and
@ -16,20 +16,14 @@ buildGoModule rec {
leaveDotGit = true;
postFetch = ''
cd "$out"
commit="$(git rev-parse HEAD)"
source_date_epoch=$(git log --date=iso8601-strict -1 --pretty=%ct)
substituteInPlace "$out/pkg/scorecard_version.go" \
--replace 'gitCommit = "unknown"' "gitCommit = \"$commit\"" \
--replace 'buildDate = "unknown"' "buildDate = \"$source_date_epoch\""
git rev-parse HEAD > $out/COMMIT
# 0000-00-00T00:00:00Z
date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%m-%dT%H:%M:%SZ" > $out/SOURCE_DATE_EPOCH
find "$out" -name .git -print0 | xargs -0 rm -rf
'';
};
vendorSha256 = "sha256-AFadBzkRj0D1MXLHzexvomJ0cqirhW82tnNRGx/gChI=";
vendorSha256 = "sha256-JT1hoEm3eBjR5mlNJ+/tBpHIw6FSvFXC/nEVPkbIfq8=";
# Install completions post-install
nativeBuildInputs = [ installShellFiles ];
subPackages = [ "." ];
@ -37,10 +31,16 @@ buildGoModule rec {
ldflags = [
"-s"
"-w"
"-X github.com/ossf/scorecard/v${lib.versions.major version}/pkg.gitVersion=v${version}"
"-X github.com/ossf/scorecard/v${lib.versions.major version}/pkg.gitTreeState=clean"
"-X sigs.k8s.io/release-utils/version.gitVersion=v${version}"
"-X sigs.k8s.io/release-utils/version.gitTreeState=clean"
];
# ldflags based on metadata from git and source
preBuild = ''
ldflags+=" -X sigs.k8s.io/release-utils/version.gitCommit=$(cat COMMIT)"
ldflags+=" -X sigs.k8s.io/release-utils/version.buildDate=$(cat SOURCE_DATE_EPOCH)"
'';
preCheck = ''
# Feed in all but the e2e tests for testing
# This is because subPackages above limits what is built to just what we
@ -63,7 +63,7 @@ buildGoModule rec {
installCheckPhase = ''
runHook preInstallCheck
$out/bin/scorecard --help
$out/bin/scorecard version | grep "v${version}"
# $out/bin/scorecard version 2>&1 | grep "v${version}"
runHook postInstallCheck
'';

Write Preview
Loading…
Cancel
Save