nixpkgs/pkgs/tools/security/step-kms-plugin/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

54 lines
1.0 KiB
Nix
Raw Normal View History

2023-03-06 15:07:37 +00:00
{ stdenv
, lib
, buildGoModule
, fetchFromGitHub
, pkg-config
, pcsclite
, softhsm
, opensc
, yubihsm-shell
, writeScriptBin }:
buildGoModule rec {
pname = "step-kms-plugin";
2023-03-18 01:48:14 +00:00
version = "0.8.0";
2023-03-06 15:07:37 +00:00
src = fetchFromGitHub {
owner = "smallstep";
repo = pname;
rev = "v${version}";
2023-03-18 01:48:14 +00:00
hash = "sha256-VHQuNJzOYr5aLQqlzx6mDPBOKw6OSPSXBiEopKLuUo0=";
2023-03-06 15:07:37 +00:00
};
2023-03-18 01:48:14 +00:00
vendorHash = "sha256-o6mylylpfQyswXA0kCADjqYFE0XDW9ZYglwDMpFRiu8=";
2023-03-06 15:07:37 +00:00
proxyVendor = true;
nativeBuildInputs = [
pkg-config
];
buildInputs = [
opensc
pcsclite
softhsm
yubihsm-shell
];
ldflags = [
"-w"
"-s"
"-X github.com/smallstep/step-kms-plugin/cmd.Version=${version}"
];
meta = with lib; {
description = "step plugin to manage keys and certificates on cloud KMSs and HSMs";
homepage = "https://smallstep.com/cli/";
license = licenses.asl20;
maintainers = with maintainers; [ qbit ];
mainProgram = "step-kms-plugin";
# can't find pcsclite header files
broken = stdenv.isDarwin;
};
}