pkgs/development/python-modules/sigstore/default.nix at gcc-offload · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / development / python-modules / sigstore / default.nix

at gcc-offload 103 lines 2.1 kB view raw

  1{
  2  lib,
  3  appdirs,
  4  buildPythonPackage,
  5  cryptography,
  6  fetchFromGitHub,
  7  flit-core,
  8  id,
  9  importlib-resources,
 10  pretend,
 11  pydantic,
 12  pyjwt,
 13  pyopenssl,
 14  pytestCheckHook,
 15  pythonOlder,
 16  requests,
 17  rich,
 18  nix-update-script,
 19  securesystemslib,
 20  sigstore-protobuf-specs,
 21  sigstore-rekor-types,
 22  tuf,
 23  rfc8785,
 24  pyasn1,
 25  platformdirs,
 26}:
 27
 28buildPythonPackage rec {
 29  pname = "sigstore-python";
 30  version = "3.5.3";
 31  pyproject = true;
 32
 33  disabled = pythonOlder "3.8";
 34
 35  src = fetchFromGitHub {
 36    owner = "sigstore";
 37    repo = "sigstore-python";
 38    rev = "refs/tags/v${version}";
 39    hash = "sha256-pAzS/LU5me3qoJo6EmuSFPDO/lqRDKIl5hjFiysWTdM=";
 40  };
 41
 42  pythonRelaxDeps = [ "sigstore-rekor-types" ];
 43
 44  build-system = [ flit-core ];
 45
 46  dependencies = [
 47    appdirs
 48    cryptography
 49    id
 50    importlib-resources
 51    pydantic
 52    pyjwt
 53    pyopenssl
 54    pyasn1
 55    rfc8785
 56    platformdirs
 57    requests
 58    rich
 59    securesystemslib
 60    sigstore-protobuf-specs
 61    sigstore-rekor-types
 62    tuf
 63  ];
 64
 65  nativeCheckInputs = [
 66    pretend
 67    pytestCheckHook
 68  ];
 69
 70  preCheck = ''
 71    export HOME=$(mktemp -d)
 72  '';
 73
 74  pythonImportsCheck = [ "sigstore" ];
 75
 76  disabledTests = [
 77    # Tests require network access
 78    "test_fail_init_url"
 79    "test_get_identity_token_bad_code"
 80    "test_identity_proof_claim_lookup"
 81    "test_init_url"
 82    "test_production"
 83    "test_sct_verify_keyring"
 84    "test_sign_rekor_entry_consistent"
 85    "test_verification_materials_retrieves_rekor_entry"
 86    "test_verifier"
 87    "test_fix_bundle_fixes_missing_checkpoint"
 88    "test_trust_root_bundled_get"
 89    "test_fix_bundle_upgrades_bundle"
 90    "test_trust_root_tuf_caches_and_requests"
 91  ];
 92
 93  passthru.updateScript = nix-update-script { };
 94
 95  meta = {
 96    description = "Codesigning tool for Python packages";
 97    homepage = "https://github.com/sigstore/sigstore-python";
 98    changelog = "https://github.com/sigstore/sigstore-python/blob/${version}/CHANGELOG.md";
 99    license = lib.licenses.asl20;
100    maintainers = with lib.maintainers; [ bot-wxt1221 ];
101    mainProgram = "sigstore";
102  };
103}