From 933c7f0902dfa64a3a727c975c7c53ab73d17d80 Mon Sep 17 00:00:00 2001
From: Jonathan Ringer <jonringer117@gmail.com>
Date: Wed, 22 Dec 2021 11:29:55 -0800
Subject: [PATCH] spire: init at 1.1.2

---
 pkgs/tools/security/spire/default.nix | 36 +++++++++++++++++++++++++++
 pkgs/top-level/all-packages.nix       |  5 ++++
 2 files changed, 41 insertions(+)
 create mode 100644 pkgs/tools/security/spire/default.nix

diff --git a/pkgs/tools/security/spire/default.nix b/pkgs/tools/security/spire/default.nix
new file mode 100644
index 00000000000..c5d33645f11
--- /dev/null
+++ b/pkgs/tools/security/spire/default.nix
@@ -0,0 +1,36 @@
+{ lib, buildGoModule, fetchFromGitHub }:
+
+buildGoModule rec {
+  pname = "spire";
+  version = "1.1.2";
+
+  outputs = [ "out" "agent" "server" ];
+
+  src = fetchFromGitHub {
+    owner = "spiffe";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "sha256-MX2kbdLj72S2WBceUW/3ps34Bcsf/VArK8RN4r13wQY=";
+  };
+
+  vendorSha256 = "sha256-ZRcXMNKhNY3W5fV9q/V7xsnODoG6KWHrzpWte9hx/Ms=";
+
+  subPackages = [ "cmd/spire-agent" "cmd/spire-server" ];
+
+  # Usually either the agent or server is needed for a given use case, but not both
+  postInstall = ''
+    mkdir -vp $agent/bin $server/bin
+    mv -v $out/bin/spire-agent $agent/bin/
+    mv -v $out/bin/spire-server $server/bin/
+
+    ln -vs $agent/bin/spire-agent $out/bin/spire-agent
+    ln -vs $server/bin/spire-server $out/bin/spire-server
+  '';
+
+  meta = with lib; {
+    description = "The SPIFFE Runtime Environment";
+    homepage = "github.com/spiffe/spire";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ jonringer ];
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index b9471a61f9b..ddbdd248b2b 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -9678,6 +9678,11 @@ with pkgs;
 
   spicy = callPackage ../development/tools/spicy { };
 
+  spire = callPackage ../tools/security/spire { };
+  # to match naming of other package repositories
+  spire-agent = spire.agent;
+  spire-server = spire.server;
+
   spoof-mac = python3Packages.callPackage ../tools/networking/spoof-mac { };
 
   ssh-askpass-fullscreen = callPackage ../tools/networking/ssh-askpass-fullscreen { };