File kubeaudit.spec of Package kubeaudit
#
# spec file for package kubeaudit
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
Name: kubeaudit
Version: 0.22.2
Release: 0
Summary: Audit your Kubernetes clusters against common security controls
License: MIT
URL: https://github.com/Shopify/kubeaudit
Source: kubeaudit-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: go >= 1.17
%description
kubeaudit is a command line tool and a Go package to audit Kubernetes clusters for various different security concerns, such as:
- run as non-root
- use a read-only root filesystem
- drop scary capabilities, don't add new ones
- don't run privileged
- and more!
kubeaudit makes sure you deploy secure containers!
%package -n %{name}-bash-completion
Summary: Bash Completion for %{name}
Group: System/Shells
Requires: %{name} = %{version}
Requires: bash-completion
Supplements: (%{name} and bash-completion)
BuildArch: noarch
%description -n %{name}-bash-completion
Bash command line completion support for %{name}.
%package -n %{name}-fish-completion
Summary: Fish Completion for %{name}
Group: System/Shells
Requires: %{name} = %{version}
Supplements: (%{name} and fish)
BuildArch: noarch
%description -n %{name}-fish-completion
Fish command line completion support for %{name}.
%package -n %{name}-zsh-completion
Summary: Zsh Completion for %{name}
Group: System/Shells
Requires: %{name} = %{version}
Supplements: (%{name} and zsh)
BuildArch: noarch
%description -n %{name}-zsh-completion
zsh command line completion support for %{name}.
%prep
%setup -q
%setup -q -T -D -a 1
%build
DATE_FMT="+%%Y-%%m-%%dT%%H:%%M:%%SZ"
BUILD_DATE=$(date -u -d "@${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u -r "${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u "${DATE_FMT}")
go build \
-mod=vendor \
-buildmode=pie \
-ldflags="-X github.com/Shopify/kubeaudit/cmd.Version=%{version} \
-X github.com/Shopify/kubeaudit/cmd.Commit=v%{version} \
-X github.com/Shopify/kubeaudit/cmd.BuildDate=$BUILD_DATE" \
-o bin/kubeaudit cmd/main.go
%install
# Install the binary.
install -D -m 0755 bin/%{name} "%{buildroot}/%{_bindir}/%{name}"
# create the bash completion file
mkdir -p %{buildroot}%{_datarootdir}/bash-completion/completions/
%{buildroot}/%{_bindir}/%{name} completion bash > %{buildroot}%{_datarootdir}/bash-completion/completions/%{name}
# create the fish completion file
mkdir -p %{buildroot}%{_datarootdir}/fish/vendor_completions.d/
%{buildroot}/%{_bindir}/%{name} completion fish > %{buildroot}%{_datarootdir}/fish/vendor_completions.d/%{name}.fish
# create the zsh completion file
mkdir -p %{buildroot}%{_datarootdir}/zsh_completion.d/
%{buildroot}/%{_bindir}/%{name} completion zsh > %{buildroot}%{_datarootdir}/zsh_completion.d/_%{name}
%files
%doc README.md
%license LICENSE
%{_bindir}/%{name}
%files -n %{name}-bash-completion
%dir %{_datarootdir}/bash-completion/completions/
%{_datarootdir}/bash-completion/completions/%{name}
%files -n %{name}-fish-completion
%dir %{_datarootdir}/fish
%dir %{_datarootdir}/fish/vendor_completions.d
%{_datarootdir}/fish/vendor_completions.d/%{name}.fish
%files -n %{name}-zsh-completion
%defattr(-,root,root)
%dir %{_datarootdir}/zsh_completion.d/
%{_datarootdir}/zsh_completion.d/_%{name}
%changelog
