commit 0d3bacac45c8647f53c08c301c30086bd81a356f

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #130208 from LeSuisse/cosign-enable-piv-key-support

cosign: enable PIV key support

authored by

Sandro and committed by

GitHub 4 years ago 0d3bacac ae04cbf6

+6 -3

1 changed file

expand all

unified split

pkgs

tools

security

cosign

default.nix

+6 -3

pkgs/tools/security/cosign/default.nix

··· 1 - { stdenv, lib, buildGoModule, fetchFromGitHub, pcsclite, pkg-config, PCSC }: 1 + { stdenv, lib, buildGoModule, fetchFromGitHub, pcsclite, pkg-config, PCSC, pivKeySupport ? true }: 2 2 3 3 buildGoModule rec { 4 4 pname = "cosign"; ··· 12 12 }; 13 13 14 14 buildInputs = 15 - lib.optional stdenv.isLinux (lib.getDev pcsclite) 16 - ++ lib.optionals stdenv.isDarwin [ PCSC ]; 15 + lib.optional (stdenv.isLinux && pivKeySupport) (lib.getDev pcsclite) 16 + ++ lib.optionals (stdenv.isDarwin && pivKeySupport) [ PCSC ]; 17 17 18 18 nativeBuildInputs = [ pkg-config ]; 19 19 ··· 21 21 22 22 subPackages = [ "cmd/cosign" ]; 23 23 24 + preBuild = '' 25 + buildFlagsArray+=(${lib.optionalString pivKeySupport "-tags=pivkey"}) 26 + ''; 24 27 ldflags = [ "-s" "-w" "-X github.com/sigstore/cosign/cmd/cosign/cli.gitVersion=v${version}"]; 25 28 26 29 meta = with lib; {