2024-09-17 01:32:56 +00:00
|
|
|
{ stdenv, lib, fetchurl, testers, installShellFiles }:
|
2023-04-08 04:07:07 +00:00
|
|
|
|
2023-10-28 14:45:42 +00:00
|
|
|
# this expression is mostly automated, and you are STRONGLY
|
|
|
|
# RECOMMENDED to use to nix-update for updating this expression when new
|
|
|
|
# releases come out, which runs the sibling `update.sh` script.
|
|
|
|
#
|
|
|
|
# from the root of the nixpkgs git repository, run:
|
|
|
|
#
|
|
|
|
# nix-shell maintainers/scripts/update.nix \
|
|
|
|
# --argstr commit true \
|
|
|
|
# --argstr package infisical
|
|
|
|
|
2023-04-08 04:07:07 +00:00
|
|
|
let
|
2023-10-28 14:24:18 +00:00
|
|
|
# build hashes, which correspond to the hashes of the precompiled binaries procured by GitHub Actions.
|
|
|
|
buildHashes = builtins.fromJSON (builtins.readFile ./hashes.json);
|
|
|
|
|
|
|
|
# the version of infisical
|
2024-10-01 06:11:28 +00:00
|
|
|
version = "0.31.1";
|
2023-10-28 14:24:18 +00:00
|
|
|
|
|
|
|
# the platform-specific, statically linked binary
|
|
|
|
src =
|
|
|
|
let
|
|
|
|
suffix = {
|
|
|
|
# map the platform name to the golang toolchain suffix
|
|
|
|
# NOTE: must be synchronized with update.sh!
|
|
|
|
x86_64-linux = "linux_amd64";
|
|
|
|
x86_64-darwin = "darwin_amd64";
|
|
|
|
aarch64-linux = "linux_arm64";
|
|
|
|
aarch64-darwin = "darwin_arm64";
|
|
|
|
}."${stdenv.hostPlatform.system}" or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
|
|
|
|
|
|
|
|
name = "infisical_${version}_${suffix}.tar.gz";
|
|
|
|
hash = buildHashes."${stdenv.hostPlatform.system}";
|
|
|
|
url = "https://github.com/Infisical/infisical/releases/download/infisical-cli%2Fv${version}/${name}";
|
|
|
|
in
|
|
|
|
fetchurl { inherit name url hash; };
|
|
|
|
|
2023-04-08 04:07:07 +00:00
|
|
|
in
|
2024-09-17 01:32:56 +00:00
|
|
|
stdenv.mkDerivation (finalAttrs: {
|
2023-10-28 14:24:18 +00:00
|
|
|
pname = "infisical";
|
|
|
|
version = version;
|
|
|
|
inherit src;
|
2023-04-08 04:07:07 +00:00
|
|
|
|
2023-10-28 14:24:18 +00:00
|
|
|
nativeBuildInputs = [ installShellFiles ];
|
|
|
|
|
|
|
|
doCheck = true;
|
|
|
|
dontConfigure = true;
|
|
|
|
dontStrip = true;
|
|
|
|
|
|
|
|
sourceRoot = ".";
|
|
|
|
buildPhase = "chmod +x ./infisical";
|
|
|
|
checkPhase = "./infisical --version";
|
|
|
|
installPhase = ''
|
|
|
|
mkdir -p $out/bin/ $out/share/completions/ $out/share/man/
|
|
|
|
cp infisical $out/bin
|
|
|
|
cp completions/* $out/share/completions/
|
|
|
|
cp manpages/* $out/share/man/
|
|
|
|
'';
|
|
|
|
postInstall = ''
|
|
|
|
installManPage share/man/infisical.1.gz
|
|
|
|
installShellCompletion share/completions/infisical.{bash,fish,zsh}
|
|
|
|
'';
|
2023-04-08 04:07:07 +00:00
|
|
|
|
2023-10-28 14:24:18 +00:00
|
|
|
passthru = {
|
|
|
|
updateScript = ./update.sh;
|
2024-09-17 01:32:56 +00:00
|
|
|
tests.version = testers.testVersion { package = finalAttrs.finalPackage; };
|
2023-10-28 14:24:18 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
meta = with lib; {
|
|
|
|
description = "Official Infisical CLI";
|
|
|
|
longDescription = ''
|
|
|
|
Infisical is the open-source secret management platform:
|
|
|
|
Sync secrets across your team/infrastructure and prevent secret leaks.
|
|
|
|
'';
|
|
|
|
homepage = "https://infisical.com";
|
|
|
|
changelog = "https://github.com/infisical/infisical/releases/tag/infisical-cli%2Fv${version}";
|
|
|
|
license = licenses.mit;
|
|
|
|
mainProgram = "infisical";
|
2024-07-09 05:24:59 +00:00
|
|
|
maintainers = teams.infisical.members ++ (with maintainers; [ hausken ]);
|
2023-10-28 14:24:18 +00:00
|
|
|
platforms = [
|
|
|
|
"x86_64-linux"
|
|
|
|
"aarch64-linux"
|
|
|
|
"aarch64-darwin"
|
|
|
|
"x86_64-darwin"
|
|
|
|
];
|
|
|
|
};
|
2024-09-17 01:32:56 +00:00
|
|
|
})
|