pkgs/by-name/bo/boulder/package.nix at python-updates

tjh.dev / nixpkgs
fork atom
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / by-name / bo / boulder / package.nix
at python-updates 359 lines 11 kB view raw
wrap content
  1{
  2  lib,
  3  fetchFromGitHub,
  4  buildGoModule,
  5  testers,
  6  boulder,
  7  minica,
  8  nix-update-script,
  9}:
 10
 11buildGoModule rec {
 12  pname = "boulder";
 13  version = "0.20251118.0";
 14
 15  src = fetchFromGitHub {
 16    owner = "letsencrypt";
 17    repo = "boulder";
 18    tag = "v${version}";
 19    leaveDotGit = true;
 20    postFetch = ''
 21      pushd $out
 22      git rev-parse --short=8 HEAD 2>/dev/null >$out/COMMIT
 23      find $out -name .git -print0 | xargs -0 rm -rf
 24      popd
 25    '';
 26    hash = "sha256-JVkIu8Fh5F8WQXa45I0hnSedAaIQIOFidtWVpVHbAWA=";
 27  };
 28
 29  vendorHash = null;
 30
 31  postPatch = ''
 32    # We already built the application with custom settings. This fails, so we have to disable it.
 33    substituteInPlace test/certs/generate.sh --replace-fail 'make build' ""
 34  '';
 35
 36  subPackages = [ "cmd/boulder" ];
 37
 38  ldflags = [
 39    "-s"
 40    "-w"
 41    "-X github.com/letsencrypt/boulder/core.BuildHost=nixbld@localhost"
 42  ];
 43
 44  preBuild = ''
 45    ldflags+=" -X \"github.com/letsencrypt/boulder/core.BuildID=${version} +$(cat COMMIT)\""
 46    ldflags+=" -X \"github.com/letsencrypt/boulder/core.BuildTime=$(date -u -d @0)\""
 47  '';
 48
 49  nativeCheckInputs = [ minica ];
 50
 51  preCheck = ''
 52    # Test all targets.
 53    unset subPackages
 54    # Generate integration test certificates, but skip webpki certificates that are hard to make without errors and are currently unneeded.
 55    mkdir test/certs/webpki
 56    bash test/certs/generate.sh
 57  '';
 58
 59  # Tests that fail or require additional services.
 60  disabledTests = [
 61    "TestARI"
 62    "TestAccount"
 63    "TestAddBlockedKeyUnknownSource"
 64    "TestAddCertificate"
 65    "TestAddCertificateDuplicate"
 66    "TestAddCertificateRenewalBit"
 67    "TestAddPreCertificateDuplicate"
 68    "TestAddPrecertificate"
 69    "TestAddPrecertificateIncomplete"
 70    "TestAddPrecertificateKeyHash"
 71    "TestAddPrecertificateNoOCSP"
 72    "TestAddRateLimitOverride"
 73    "TestAddRegistration"
 74    "TestAddReplacementOrder"
 75    "TestAddSerial"
 76    "TestAdministrativelyRevokeCertificate"
 77    "TestAuthorization500"
 78    "TestAuthorizationChallengeNamespace"
 79    "TestAuthzFailedRateLimitingNewOrder"
 80    "TestAutoIncrementSchema"
 81    "TestBadNonce"
 82    "TestBlockedKey"
 83    "TestBlockedKeyRevokedBy"
 84    "TestBuildID"
 85    "TestCTPolicyMeasurements"
 86    "TestCertIsRenewed"
 87    "TestCertificateAbsent"
 88    "TestCertificateKeyNotEqualAccountKey"
 89    "TestCertificatesTableContainsDuplicateSerials"
 90    "TestCertsPerNameRateLimitTable"
 91    "TestChallenge"
 92    "TestCheckCert"
 93    "TestCheckCert"
 94    "TestCheckCertReturnsDNSNames"
 95    "TestCheckCertReturnsDNSNames"
 96    "TestCheckExactCertificateLimit"
 97    "TestCheckFQDNSetRateLimitOverride"
 98    "TestCheckIdentifiersPaused"
 99    "TestCheckWildcardCert"
100    "TestCheckWildcardCert"
101    "TestClientTransportCredentials"
102    "TestContactAuditor"
103    "TestCountCertificatesByNamesParallel"
104    "TestCountCertificatesByNamesTimeRange"
105    "TestCountCertificatesRenewalBit"
106    "TestCountInvalidAuthorizations2"
107    "TestCountNewOrderWithReplaces"
108    "TestCountOrders"
109    "TestCountPendingAuthorizations2"
110    "TestCountRegistrationsByIP"
111    "TestCountRegistrationsByIPRange"
112    "TestDbSettings"
113    "TestDeactivateAccount"
114    "TestDeactivateAuthorization"
115    "TestDeactivateRegistration"
116    "TestDedupOnRegistration"
117    "TestDialerTimeout"
118    "TestDirectory"
119    "TestDontFindRevokedCert"
120    "TestEarlyOrderRateLimiting"
121    "TestEmptyAccount"
122    "TestEnforceJWSAuthType"
123    "TestExactPublicSuffixCertLimit"
124    "TestExtractJWK"
125    "TestExtractRequestTarget"
126    "TestFQDNSetExists"
127    "TestFQDNSetTimestampsForWindow"
128    "TestFQDNSets"
129    "TestFQDNSetsExists"
130    "TestFQDNSetsExists"
131    "TestFailExit"
132    "TestFasterGetOrderForNames"
133    "TestFinalizeAuthorization2"
134    "TestFinalizeOrder"
135    "TestFinalizeOrderWildcard"
136    "TestFinalizeOrderWithMixedSANAndCN"
137    "TestFinalizeSCTError"
138    "TestFinalizeWithMustStaple"
139    "TestFindCertsAtCapacity"
140    "TestFindExpiringCertificates"
141    "TestFindIDs"
142    "TestFindIDsForHostnames"
143    "TestFindIDsWithExampleHostnames"
144    "TestFindUnrevoked"
145    "TestFindUnrevokedNoRows"
146    "TestGETAPIAuthz"
147    "TestGETAPIChallenge"
148    "TestGenerateOCSP"
149    "TestGenerateOCSPLongExpiredSerial"
150    "TestGenerateOCSPUnknownSerial"
151    "TestGetAndProcessCerts"
152    "TestGetAndProcessCerts"
153    "TestGetAuthorization"
154    "TestGetAuthorization2NoRows"
155    "TestGetAuthorizations2"
156    "TestGetCertificate"
157    "TestGetCertificateHEADHasCorrectBodyLength"
158    "TestGetCertificateNew"
159    "TestGetCertificateServerError"
160    "TestGetCertsEmptyResults"
161    "TestGetCertsEmptyResults"
162    "TestGetChallenge"
163    "TestGetChallengeUpRel"
164    "TestGetMaxExpiration"
165    "TestGetOrder"
166    "TestGetOrderExpired"
167    "TestGetOrderForNames"
168    "TestGetPausedIdentifiers"
169    "TestGetPausedIdentifiersOnlyUnpausesOneAccount"
170    "TestGetPendingAuthorization2"
171    "TestGetRevokedCerts"
172    "TestGetSerialMetadata"
173    "TestGetSerialsByAccount"
174    "TestGetSerialsByKey"
175    "TestGetStartingID"
176    "TestGetValidAuthorizations2"
177    "TestGetValidOrderAuthorizations2"
178    "TestHTTPDialTimeout"
179    "TestHTTPMethods"
180    "TestHandleFunc"
181    "TestHeaderBoulderRequester"
182    "TestIgnoredLint"
183    "TestIgnoredLint"
184    "TestIncidentARI"
185    "TestIncidentSerialModel"
186    "TestIncidentsForSerial"
187    "TestIndex"
188    "TestIndexGet404"
189    "TestInvoke"
190    "TestInvokeRevokerHasNoExtantCerts"
191    "TestIssueCertificateAuditLog"
192    "TestIssueCertificateCAACheckLog"
193    "TestIssueCertificateInnerErrs"
194    "TestIssueCertificateInnerWithProfile"
195    "TestIssueCertificateOuter"
196    "TestKeyRollover"
197    "TestKeyRolloverMismatchedJWSURLs"
198    "TestLeaseOldestCRLShard"
199    "TestLeaseSpecificCRLShard"
200    "TestLifetimeOfACert"
201    "TestLimiter_CheckWithLimitOverrides"
202    "TestLimiter_DefaultLimits"
203    "TestLimiter_InitializationViaCheckAndSpend"
204    "TestLimiter_RefundAndReset"
205    "TestLoadFromDB"
206    "TestLookupJWK"
207    "TestMatchJWSURLs"
208    "TestNewAccount"
209    "TestNewAccountNoID"
210    "TestNewAccountWhenAccountHasBeenDeactivated"
211    "TestNewAccountWhenGetRegByKeyFails"
212    "TestNewAccountWhenGetRegByKeyNotFound"
213    "TestNewECDSAAccount"
214    "TestNewLookup"
215    "TestNewLookupWithAllFailingSRV"
216    "TestNewLookupWithOneFailingSRV"
217    "TestNewOrder"
218    "TestNewOrderAuthzReuseSafety"
219    "TestNewOrderCheckFailedAuthorizationsFirst"
220    "TestNewOrderExpiry"
221    "TestNewOrderFailedAuthzRateLimitingExempt"
222    "TestNewOrderMaxNames"
223    "TestNewOrderRateLimiting"
224    "TestNewOrderRateLimitingExempt"
225    "TestNewOrderReplacesSerialCarriesThroughToSA"
226    "TestNewOrderReuse"
227    "TestNewOrderReuseInvalidAuthz"
228    "TestNewOrderWildcard"
229    "TestNewRegistration"
230    "TestNewRegistrationBadKey"
231    "TestNewRegistrationContactsPresent"
232    "TestNewRegistrationNoFieldOverwrite"
233    "TestNewRegistrationRateLimit"
234    "TestNewRegistrationSAFailure"
235    "TestNoContactCertIsNotRenewed"
236    "TestNoContactCertIsRenewed"
237    "TestNoSuchRegistrationErrors"
238    "TestNonceEndpoint"
239    "TestOldTLSInbound"
240    "TestOrderMatchesReplacement"
241    "TestOrderToOrderJSONV2Authorizations"
242    "TestOrderWithOrderModelv1"
243    "TestPOST404"
244    "TestPanicStackTrace"
245    "TestParseJWSRequest"
246    "TestPauseIdentifiers"
247    "TestPendingAuthorizationsUnlimited"
248    "TestPerformValidationAlreadyValid"
249    "TestPerformValidationBadChallengeType"
250    "TestPerformValidationExpired"
251    "TestPerformValidationSuccess"
252    "TestPerformValidationVAError"
253    "TestPerformValidation_FailedThenSuccessfulValidationResetsPauseIdentifiersRatelimit"
254    "TestPerformValidation_FailedValidationsTriggerPauseIdentifiersRatelimit"
255    "TestPrepAuthzForDisplay"
256    "TestPreresolvedDialerTimeout"
257    "TestProcessCerts"
258    "TestProcessCertsConnectError"
259    "TestProcessCertsParallel"
260    "TestRecheckCAADates"
261    "TestRecheckCAAEmpty"
262    "TestRecheckCAAFail"
263    "TestRecheckCAAInternalServerError"
264    "TestRecheckCAASuccess"
265    "TestRecheckInvalidIdentifierType"
266    "TestRecheckSkipIPAddress"
267    "TestRedisSource_BatchSetAndGet"
268    "TestRedisSource_Ping"
269    "TestRegistrationsPerIPOverrideUsage"
270    "TestRehydrateHostPort"
271    "TestRelativeDirectory"
272    "TestReplacementOrderExists"
273    "TestReplicationLagRetries"
274    "TestResolveContacts"
275    "TestRevokeCertByApplicant_Controller"
276    "TestRevokeCertByApplicant_Subscriber"
277    "TestRevokeCertByKey"
278    "TestRevokeCertificate"
279    "TestRevokeCerts"
280    "TestRollback"
281    "TestSPKIHashFromPrivateKey"
282    "TestSPKIHashesFromFile"
283    "TestSelectRegistration"
284    "TestSelectUncheckedRows"
285    "TestSendEarliestCertInfo"
286    "TestSerialsForIncident"
287    "TestSerialsFromFile"
288    "TestSerialsFromPrivateKey"
289    "TestSetAndGet"
290    "TestSetOrderProcessing"
291    "TestSetReplacementOrderFinalized"
292    "TestSingleton"
293    "TestStart"
294    "TestStatusForOrder"
295    "TestStoreResponse"
296    "TestStrictness"
297    "TestTLSALPN01DialTimeout"
298    "TestTLSConfigLoad"
299    "TestTimeouts"
300    "TestUnpauseAccount"
301    "TestUpdateCRLShard"
302    "TestUpdateChallengeFinalizedAuthz"
303    "TestUpdateChallengeRAError"
304    "TestUpdateChallengesDeleteUnused"
305    "TestUpdateMissingAuthorization"
306    "TestUpdateNowWithAllFailingSRV"
307    "TestUpdateNowWithOneFailingSRV"
308    "TestUpdateRegistrationContact"
309    "TestUpdateRegistrationKey"
310    "TestUpdateRegistrationSame"
311    "TestUpdateRevokedCertificate"
312    "TestValidJWSForKey"
313    "TestValidNonce"
314    "TestValidNonce_NoMatchingBackendFound"
315    "TestValidPOSTAsGETForAccount"
316    "TestValidPOSTForAccount"
317    "TestValidPOSTForAccountSwappedKey"
318    "TestValidPOSTRequest"
319    "TestValidPOSTURL"
320    "TestValidSelfAuthenticatedPOST"
321    "TestValidSelfAuthenticatedPOSTGoodKeyErrors"
322    "TestValidateContacts"
323    "TestWrappedMap"
324    "Test_sendError"
325  ];
326
327  checkFlags = [
328    "-skip ${lib.strings.concatStringsSep "|" disabledTests}"
329  ];
330
331  postInstall = ''
332    for i in $($out/bin/boulder --list); do
333      ln -s $out/bin/boulder $out/bin/$i
334    done
335  '';
336
337  passthru = {
338    tests.version = testers.testVersion {
339      package = boulder;
340      inherit version;
341    };
342    updateScript = nix-update-script { };
343  };
344
345  meta = {
346    homepage = "https://github.com/letsencrypt/boulder";
347    description = "ACME-based certificate authority, written in Go";
348    longDescription = ''
349      This is an implementation of an ACME-based CA. The ACME protocol allows
350      the CA to automatically verify that an applicant for a certificate
351      actually controls an identifier, and allows domain holders to issue and
352      revoke certificates for their domains. Boulder is the software that runs
353      Let's Encrypt.
354    '';
355    license = lib.licenses.mpl20;
356    mainProgram = "boulder";
357    maintainers = [ ];
358  };
359}