pkgs/development/python-modules/sigstore/default.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / development / python-modules / sigstore / default.nix
at 25.11-pre 2.2 kB view raw
  1{
  2  lib,
  3  appdirs,
  4  buildPythonPackage,
  5  cryptography,
  6  fetchFromGitHub,
  7  flit-core,
  8  id,
  9  importlib-resources,
 10  pretend,
 11  pydantic,
 12  pyjwt,
 13  pyopenssl,
 14  pytestCheckHook,
 15  pythonOlder,
 16  requests,
 17  rich,
 18  nix-update-script,
 19  securesystemslib,
 20  sigstore-protobuf-specs,
 21  sigstore-rekor-types,
 22  rfc3161-client,
 23  tuf,
 24  rfc8785,
 25  pyasn1,
 26  platformdirs,
 27}:
 28
 29buildPythonPackage rec {
 30  pname = "sigstore-python";
 31  version = "3.6.2";
 32  pyproject = true;
 33
 34  disabled = pythonOlder "3.8";
 35
 36  src = fetchFromGitHub {
 37    owner = "sigstore";
 38    repo = "sigstore-python";
 39    tag = "v${version}";
 40    hash = "sha256-fghieYu5TDYwJCwesXbqRiuYCaTTDZhmHWvCwSbIO6w=";
 41  };
 42
 43  pythonRelaxDeps = [
 44    "sigstore-rekor-types"
 45    "rfc3161-client"
 46  ];
 47
 48  build-system = [ flit-core ];
 49
 50  dependencies = [
 51    appdirs
 52    cryptography
 53    id
 54    importlib-resources
 55    pydantic
 56    pyjwt
 57    pyopenssl
 58    pyasn1
 59    rfc8785
 60    rfc3161-client
 61    platformdirs
 62    requests
 63    rich
 64    securesystemslib
 65    sigstore-protobuf-specs
 66    sigstore-rekor-types
 67    tuf
 68  ];
 69
 70  nativeCheckInputs = [
 71    pretend
 72    pytestCheckHook
 73  ];
 74
 75  preCheck = ''
 76    export HOME=$(mktemp -d)
 77  '';
 78
 79  pythonImportsCheck = [ "sigstore" ];
 80
 81  disabledTests = [
 82    # Tests require network access
 83    "test_fail_init_url"
 84    "test_get_identity_token_bad_code"
 85    "test_identity_proof_claim_lookup"
 86    "test_init_url"
 87    "test_production"
 88    "test_sct_verify_keyring"
 89    "test_sign_rekor_entry_consistent"
 90    "test_verification_materials_retrieves_rekor_entry"
 91    "test_verifier"
 92    "test_fix_bundle_fixes_missing_checkpoint"
 93    "test_trust_root_bundled_get"
 94    "test_fix_bundle_upgrades_bundle"
 95    "test_trust_root_tuf_caches_and_requests"
 96    "test_regression_verify_legacy_bundle"
 97  ];
 98
 99  passthru.updateScript = nix-update-script { };
100
101  meta = {
102    description = "Codesigning tool for Python packages";
103    homepage = "https://github.com/sigstore/sigstore-python";
104    changelog = "https://github.com/sigstore/sigstore-python/blob/${version}/CHANGELOG.md";
105    license = lib.licenses.asl20;
106    maintainers = with lib.maintainers; [ bot-wxt1221 ];
107    mainProgram = "sigstore";
108  };
109}