tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / development / python-modules / credstash / default.nix
at 20.09 1.4 kB view raw
1{ stdenv, buildPythonPackage, fetchPypi, cryptography, boto3, pyyaml, docutils, nose 2, fetchpatch 3}: 4 5buildPythonPackage rec { 6 pname = "credstash"; 7 version = "1.17.1"; 8 9 src = fetchPypi { 10 inherit pname version; 11 sha256 = "6c04e8734ef556ab459018da142dd0b244093ef176b3be5583e582e9a797a120"; 12 }; 13 14 patches = [ 15 (fetchpatch { 16 url = "https://github.com/fugue/credstash/commit/9c02ee43ed6e37596cafbca2fe80c532ec19d2d8.patch"; 17 sha256 = "dlybrpfLK+PqwWWhH9iXgXHYysZGmcZAFGWNOwsG0xA="; 18 }) 19 ]; 20 # The install phase puts an executable and a copy of the library it imports in 21 # bin/credstash and bin/credstash.py, despite the fact that the library is also 22 # installed to lib/python<version>/site-packages/credstash.py. 23 # If we apply wrapPythonPrograms to bin/credstash.py then the executable will try 24 # to import the credstash module from the resulting shell script. Removing this 25 # file ensures that Python imports the module from site-packages library. 26 postInstall = "rm $out/bin/credstash.py"; 27 28 nativeBuildInputs = [ nose ]; 29 30 propagatedBuildInputs = [ cryptography boto3 pyyaml docutils ]; 31 32 # No tests in archive 33 doCheck = false; 34 35 meta = with stdenv.lib; { 36 description = "A utility for managing secrets in the cloud using AWS KMS and DynamoDB"; 37 homepage = "https://github.com/LuminalOSS/credstash"; 38 license = licenses.asl20; 39 }; 40}