mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-27 09:23:01 +00:00
Merge pull request #321770 from NixOS/sysdig_0380
sysdig: 0.37.1 -> 0.38.0
This commit is contained in:
Jörg Thalheim
GitHub
commit
71874ef16a
@ -1,13 +1,39 @@
|
||||
{ lib, stdenv, fetchFromGitHub, cmake, kernel, installShellFiles, pkg-config
|
||||
, luajit, ncurses, perl, jsoncpp, openssl, curl, jq, gcc, elfutils, tbb
|
||||
, protobuf, grpc, yaml-cpp, nlohmann_json, re2, zstd, uthash }:
|
||||
{
|
||||
lib,
|
||||
stdenv,
|
||||
fetchFromGitHub,
|
||||
cmake,
|
||||
kernel,
|
||||
installShellFiles,
|
||||
pkg-config,
|
||||
luajit,
|
||||
ncurses,
|
||||
perl,
|
||||
jsoncpp,
|
||||
openssl,
|
||||
curl,
|
||||
jq,
|
||||
gcc,
|
||||
elfutils,
|
||||
tbb,
|
||||
protobuf,
|
||||
grpc,
|
||||
yaml-cpp,
|
||||
nlohmann_json,
|
||||
re2,
|
||||
zstd,
|
||||
uthash,
|
||||
clang,
|
||||
libbpf,
|
||||
bpftools,
|
||||
}:
|
||||
|
||||
let
|
||||
# Compare with https://github.com/draios/sysdig/blob/0.37.1/cmake/modules/falcosecurity-libs.cmake
|
||||
libsRev = "0.16.0";
|
||||
libsHash = "sha256-aduO2pLj91tRdZ1dW1F1JFEg//SopialXWPd6Oav/u8=";
|
||||
# Compare with https://github.com/draios/sysdig/blob/0.38.0/cmake/modules/falcosecurity-libs.cmake
|
||||
libsRev = "0.17.2";
|
||||
libsHash = "sha256-BTLXtdU7GjOJReaycHvXkSd2vtybnCn0rTR7OEsvaMQ=";
|
||||
|
||||
# Compare with https://github.com/falcosecurity/libs/blob/0.16.0/cmake/modules/valijson.cmake
|
||||
# Compare with https://github.com/falcosecurity/libs/blob/0.17.2/cmake/modules/valijson.cmake
|
||||
valijson = fetchFromGitHub {
|
||||
owner = "tristanpenman";
|
||||
repo = "valijson";
|
||||
@ -15,16 +41,17 @@ let
|
||||
hash = "sha256-wvFdjsDtKH7CpbEpQjzWtLC4RVOU9+D2rSK0Xo1cJqo=";
|
||||
};
|
||||
|
||||
# https://github.com/draios/sysdig/blob/0.37.1/cmake/modules/driver.cmake
|
||||
# https://github.com/draios/sysdig/blob/0.38.0/cmake/modules/driver.cmake
|
||||
driver = fetchFromGitHub {
|
||||
owner = "falcosecurity";
|
||||
repo = "libs";
|
||||
rev = "7.1.0+driver";
|
||||
rev = "7.2.0+driver";
|
||||
hash = "sha256-FIlnJsNgofGo4HETEEpW28wpC3U9z5AZprwFR5AgFfA=";
|
||||
};
|
||||
|
||||
version = "0.37.1";
|
||||
in stdenv.mkDerivation {
|
||||
version = "0.38.0";
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
pname = "sysdig";
|
||||
inherit version;
|
||||
|
||||
@ -32,10 +59,15 @@ in stdenv.mkDerivation {
|
||||
owner = "draios";
|
||||
repo = "sysdig";
|
||||
rev = version;
|
||||
hash = "sha256-V1rvQ6ZznL9UiUFW2lyW6gvdoGttOd5kgT2KPQCjmvQ=";
|
||||
hash = "sha256-y6WArSz57w8vb3A3nHT37G6D8++6en2jQfeIS4YCD9U=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake perl installShellFiles pkg-config ];
|
||||
nativeBuildInputs = [
|
||||
cmake
|
||||
perl
|
||||
installShellFiles
|
||||
pkg-config
|
||||
];
|
||||
buildInputs = [
|
||||
luajit
|
||||
ncurses
|
||||
@ -53,6 +85,9 @@ in stdenv.mkDerivation {
|
||||
nlohmann_json
|
||||
zstd
|
||||
uthash
|
||||
clang
|
||||
libbpf
|
||||
bpftools
|
||||
] ++ lib.optionals (kernel != null) kernel.moduleBuildDependencies;
|
||||
|
||||
hardeningDisable = [ "pic" ];
|
||||
@ -97,48 +132,56 @@ in stdenv.mkDerivation {
|
||||
# fix compiler warnings been treated as errors
|
||||
"-Wno-error";
|
||||
|
||||
preConfigure = ''
|
||||
if ! grep -q "${libsRev}" cmake/modules/falcosecurity-libs.cmake; then
|
||||
echo "falcosecurity-libs checksum needs to be updated!"
|
||||
exit 1
|
||||
fi
|
||||
cmakeFlagsArray+=(-DCMAKE_EXE_LINKER_FLAGS="-ltbb -lcurl -lzstd -labsl_synchronization")
|
||||
'' + lib.optionalString (kernel != null) ''
|
||||
export INSTALL_MOD_PATH="$out"
|
||||
export KERNELDIR="${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
|
||||
'';
|
||||
preConfigure =
|
||||
''
|
||||
if ! grep -q "${libsRev}" cmake/modules/falcosecurity-libs.cmake; then
|
||||
echo "falcosecurity-libs checksum needs to be updated!"
|
||||
exit 1
|
||||
fi
|
||||
cmakeFlagsArray+=(-DCMAKE_EXE_LINKER_FLAGS="-ltbb -lcurl -lzstd -labsl_synchronization")
|
||||
''
|
||||
+ lib.optionalString (kernel != null) ''
|
||||
export INSTALL_MOD_PATH="$out"
|
||||
export KERNELDIR="${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
# Fix the bash completion location
|
||||
installShellCompletion --bash $out/etc/bash_completion.d/sysdig
|
||||
rm $out/etc/bash_completion.d/sysdig
|
||||
rmdir $out/etc/bash_completion.d
|
||||
rmdir $out/etc
|
||||
'' + lib.optionalString (kernel != null) ''
|
||||
make install_driver
|
||||
kernel_dev=${kernel.dev}
|
||||
kernel_dev=''${kernel_dev#${builtins.storeDir}/}
|
||||
kernel_dev=''${kernel_dev%%-linux*dev*}
|
||||
if test -f "$out/lib/modules/${kernel.modDirVersion}/extra/scap.ko"; then
|
||||
sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
|
||||
else
|
||||
for i in $out/lib/modules/${kernel.modDirVersion}/{extra,updates}/scap.ko.xz; do
|
||||
if test -f "$i"; then
|
||||
xz -d $i
|
||||
sed -i "s#$kernel_dev#................................#g" ''${i%.xz}
|
||||
xz -9 ''${i%.xz}
|
||||
fi
|
||||
done
|
||||
fi
|
||||
'';
|
||||
postInstall =
|
||||
''
|
||||
# Fix the bash completion location
|
||||
installShellCompletion --bash $out/etc/bash_completion.d/sysdig
|
||||
rm $out/etc/bash_completion.d/sysdig
|
||||
rmdir $out/etc/bash_completion.d
|
||||
rmdir $out/etc
|
||||
''
|
||||
+ lib.optionalString (kernel != null) ''
|
||||
make install_driver
|
||||
kernel_dev=${kernel.dev}
|
||||
kernel_dev=''${kernel_dev#${builtins.storeDir}/}
|
||||
kernel_dev=''${kernel_dev%%-linux*dev*}
|
||||
if test -f "$out/lib/modules/${kernel.modDirVersion}/extra/scap.ko"; then
|
||||
sed -i "s#$kernel_dev#................................#g" $out/lib/modules/${kernel.modDirVersion}/extra/scap.ko
|
||||
else
|
||||
for i in $out/lib/modules/${kernel.modDirVersion}/{extra,updates}/scap.ko.xz; do
|
||||
if test -f "$i"; then
|
||||
xz -d $i
|
||||
sed -i "s#$kernel_dev#................................#g" ''${i%.xz}
|
||||
xz -9 ''${i%.xz}
|
||||
fi
|
||||
done
|
||||
fi
|
||||
'';
|
||||
|
||||
meta = {
|
||||
description =
|
||||
"A tracepoint-based system tracing tool for Linux (with clients for other OSes)";
|
||||
license = with lib.licenses; [ asl20 gpl2Only mit ];
|
||||
description = "A tracepoint-based system tracing tool for Linux (with clients for other OSes)";
|
||||
license = with lib.licenses; [
|
||||
asl20
|
||||
gpl2Only
|
||||
mit
|
||||
];
|
||||
maintainers = with lib.maintainers; [ raskin ];
|
||||
platforms = [ "x86_64-linux" ] ++ lib.platforms.darwin;
|
||||
broken = kernel != null && ((lib.versionOlder kernel.version "4.14") || kernel.isHardened || kernel.isZen);
|
||||
broken =
|
||||
kernel != null && ((lib.versionOlder kernel.version "4.14") || kernel.isHardened || kernel.isZen);
|
||||
homepage = "https://sysdig.com/opensource/";
|
||||
downloadPage = "https://github.com/draios/sysdig/releases";
|
||||
};
|
||||
|
||||
Loading…
Reference in New Issue
Block a user