Unverified Commit 8db82f81 authored by Sandro Jäckel's avatar Sandro Jäckel Committed by GitHub
Browse files

witness: 0.9.2 -> 0.10.1 (#452678)

parents 3e4edac3 fab9ed88

pkgs/by-name/wi/witness/package.nix

+32 −22
Original line number Diff line number Diff line
@@ -3,24 +3,24 @@ 
  stdenv,

  buildGoModule,

  fetchFromGitHub,



  buildPackages,

  installShellFiles,



  # testing

  testers,

  witness,

  versionCheckHook,

}:



buildGoModule rec {

buildGoModule (finalAttrs: {

  pname = "witness";

  version = "0.9.2";

  version = "0.10.1";



  src = fetchFromGitHub {

    owner = "in-toto";

    repo = "witness";

    rev = "v${version}";

    sha256 = "sha256-0Q+6nG5N3Xp5asmRMPZccLxw6dWiZVX6fuIUf1rT+mI=";

    tag = "v${finalAttrs.version}";

    sha256 = "sha256-MKiPIZFeCWOT4zTbG7SjwdNUHFuqsL4pGu4VvVwyn3s=";

  };

  vendorHash = "sha256-oH/aWt8Hl/BIN+IYLcuVYWDpQZaYABAOGxXyLssjQg0=";

  vendorHash = "sha256-V3SuhBbhXyA0SFOGfBrV/qH+cROr2obHOBcivkgRO6U=";



  nativeBuildInputs = [ installShellFiles ];
@@ -30,7 +30,7 @@ buildGoModule rec { 
  ldflags = [

    "-s"

    "-w"

    "-X github.com/in-toto/witness/cmd.Version=v${version}"

    "-X github.com/in-toto/witness/cmd.Version=${finalAttrs.src.tag}"

  ];



  # Feed in all tests for testing
@@ -38,20 +38,30 @@ buildGoModule rec { 
  # want but also limits the tests

  preCheck = ''

    unset subPackages

    # tests expect no version set

    unset ldflags

  '';



  postInstall = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) ''

  postInstall =

    let

      exe =

        if stdenv.buildPlatform.canExecute stdenv.hostPlatform then

          "$out/bin/witness"

        else

          lib.getExe buildPackages.witness;

    in

    ''

      installShellCompletion --cmd witness \

      --bash <($out/bin/witness completion bash) \

      --fish <($out/bin/witness completion fish) \

      --zsh <($out/bin/witness completion zsh)

        --bash <(${exe} completion bash) \

        --fish <(${exe} completion fish) \

        --zsh <(${exe} completion zsh)

    '';



  passthru.tests.version = testers.testVersion {

    package = witness;

    command = "witness version";

    version = "v${version}";

  };

  doInstallCheck = true;

  nativeInstallCheckInputs = [

    versionCheckHook

  ];

  versionCheckProgramArg = "version";



  meta = {

    description = "Pluggable framework for software supply chain security. Witness prevents tampering of build materials and verifies the integrity of the build process from source to target";
@@ -66,11 +76,11 @@ buildGoModule rec { 
    '';

    mainProgram = "witness";

    homepage = "https://github.com/testifysec/witness";

    changelog = "https://github.com/testifysec/witness/releases/tag/v${version}";

    changelog = "https://github.com/testifysec/witness/releases/tag/${finalAttrs.src.tag}";

    license = lib.licenses.asl20;

    maintainers = with lib.maintainers; [

      fkautz

      jk

    ];

  };

}
 
})