depot/third_party/nixpkgs/pkgs/development/python-modules/securesystemslib/default.nix

102 lines
1.9 KiB
Nix
Raw Normal View History

{ lib
, asn1crypto
, azure-identity
, azure-keyvault-keys
, boto3
, botocore
, buildPythonPackage
, cryptography
, ed25519
, fetchFromGitHub
, google-cloud-kms
, hatchling
, pynacl
, pyspx
, pytestCheckHook
, pythonOlder
}:
buildPythonPackage rec {
pname = "securesystemslib";
version = "0.31.0";
pyproject = true;
disabled = pythonOlder "3.8";
src = fetchFromGitHub {
owner = "secure-systems-lab";
repo = "securesystemslib";
rev = "refs/tags/v${version}";
hash = "sha256-REi38rIVZmWawFGcrPl9QzSthW4jHZDr/0ug7kJRz3Y=";
};
postPatch = ''
substituteInPlace pyproject.toml \
--replace "hatchling==1.18.0" "hatchling"
'';
nativeBuildInputs = [
hatchling
];
passthru.optional-dependencies = {
PySPX = [
pyspx
];
awskms = [
boto3
botocore
cryptography
];
azurekms = [
azure-identity
azure-keyvault-keys
cryptography
];
crypto = [
cryptography
];
gcpkms = [
cryptography
google-cloud-kms
];
hsm = [
asn1crypto
cryptography
# pykcs11
];
pynacl = [
pynacl
];
# Circular dependency
# sigstore = [
# sigstore
# ];
};
nativeCheckInputs = [
ed25519
pytestCheckHook
] ++ lib.flatten (builtins.attrValues passthru.optional-dependencies);
pythonImportsCheck = [
"securesystemslib"
];
disabledTestPaths = [
# pykcs11 is not available
"tests/test_hsm_signer.py"
# Ignore vendorized tests
"securesystemslib/_vendor/"
];
meta = with lib; {
description = "Cryptographic and general-purpose routines";
homepage = "https://github.com/secure-systems-lab/securesystemslib";
changelog = "https://github.com/secure-systems-lab/securesystemslib/blob/v${version}/CHANGELOG.md";
license = licenses.mit;
maintainers = with maintainers; [ fab ];
};
}