3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix
Florian Klink 38a4af7d19 gitlab: 13.0.4 -> 13.0.6
CI Token Access Control

An authorization issue discovered in the mirroring logic allowed read access to private repositories. This issue is now mitigated in the latest release and is waiting for a CVE ID to be assigned.

https://about.gitlab.com/releases/2020/06/10/critical-security-release-13-0-6-released/
2020-06-11 00:27:11 +02:00

37 lines
1.1 KiB
Nix

{ stdenv, fetchFromGitLab, git, buildGoPackage }:
buildGoPackage rec {
pname = "gitlab-workhorse";
version = "8.31.2";
src = fetchFromGitLab {
owner = "gitlab-org";
repo = "gitlab-workhorse";
rev = "v${version}";
sha256 = "0wvhhjfb490mjdrmc9xwr3qfh3941xn3b02c757ghrvzwv329wvg";
};
goPackagePath = "gitlab.com/gitlab-org/gitlab-workhorse";
goDeps = ./deps.nix;
buildInputs = [ git ];
buildFlagsArray = "-ldflags=-X main.Version=${version}";
# gitlab-workhorse depends on an older version of labkit which
# contains old, vendored versions of some packages; gitlab-workhorse
# also explicitly depends on newer versions of these libraries,
# but buildGoPackage exposes the vendored versions instead,
# leading to compilation errors. Since the vendored libraries
# aren't used here anyway, we'll just remove them.
postConfigure = ''
rm -r "$NIX_BUILD_TOP/go/src/gitlab.com/gitlab-org/labkit/vendor"
'';
meta = with stdenv.lib; {
homepage = "http://www.gitlab.com/";
platforms = platforms.linux;
maintainers = with maintainers; [ fpletz globin talyz ];
license = licenses.mit;
};
}