forked from tiiuae/sbomnix
-
Notifications
You must be signed in to change notification settings - Fork 0
/
flake.nix
77 lines (68 loc) · 2.37 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
# SPDX-FileCopyrightText: 2023 Technology Innovation Institute (TII)
#
# SPDX-License-Identifier: Apache-2.0
{
description = "Flakes file for sbomnix";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
outputs = { self, nixpkgs }:
let
systems = [ "x86_64-linux" "aarch64-linux" ];
# forEachSystem [ "x86_64-linux" ] { example = true; } -> { x86_64-linux.example = true }
forEachSystem = nixpkgs.lib.genAttrs systems;
# Imports a module expecting a system to be passed in
importExpectingSystem = module: system: import module {
pkgs = import nixpkgs { inherit system; };
};
vulnxscan = importExpectingSystem ./scripts/vulnxscan/vulnxscan.nix;
repology_cli = importExpectingSystem ./scripts/repology/repology_cli.nix;
nixupdate = importExpectingSystem ./scripts/nixupdate/nixupdate.nix;
sbomnix = importExpectingSystem ./default.nix;
sbomnix-shell = importExpectingSystem ./shell.nix;
in
{
# nix package
packages = forEachSystem (system: {
repology_cli = repology_cli system;
nixupdate = nixupdate system;
vulnxscan = vulnxscan system;
sbomnix = sbomnix system;
default = sbomnix system;
});
apps = forEachSystem (system: {
# nix run .#sbomnix
sbomnix = {
type = "app";
program = "${self.packages.${system}.sbomnix}/bin/sbomnix";
};
# nix run .#nixgraph
nixgraph = {
type = "app";
program = "${self.packages.${system}.sbomnix}/bin/nixgraph";
};
# nix run .#vulnxscan
vulnxscan = {
type = "app";
program = "${self.packages.${system}.vulnxscan}/bin/vulnxscan.py";
};
# nix run .#repology_cli
repology_cli = {
type = "app";
program = "${self.packages.${system}.repology_cli}/bin/repology_cli.py";
};
# nix run .#nix_outdated
nix_outdated = {
type = "app";
program = "${self.packages.${system}.nixupdate}/bin/nix_outdated.py";
};
# nix run .#nix_secupdates
nix_secupdates = {
type = "app";
program = "${self.packages.${system}.nixupdate}/bin/nix_secupdates.py";
};
});
# nix develop
devShells = forEachSystem (system: {
default = sbomnix-shell system;
});
};
}