diff options
Diffstat (limited to 'pkgs/tools/security/cosign/default.nix')
-rw-r--r-- | pkgs/tools/security/cosign/default.nix | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/pkgs/tools/security/cosign/default.nix b/pkgs/tools/security/cosign/default.nix index 0c934e3c6953c..54beab643a80f 100644 --- a/pkgs/tools/security/cosign/default.nix +++ b/pkgs/tools/security/cosign/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "cosign"; - version = "1.4.1"; + version = "1.5.1"; src = fetchFromGitHub { owner = "sigstore"; repo = pname; rev = "v${version}"; - sha256 = "sha256-WjYW9Fo27wE1pg/BqYsdHd8jwd8jG5bk37HmU1DqnyE="; + sha256 = "sha256-hQFkbHOmtk0SqFSPw1+5nCvjq9cKsGzFPtK4jXDrubQ="; }; buildInputs = lib.optional (stdenv.isLinux && pivKeySupport) (lib.getDev pcsclite) @@ -16,7 +16,7 @@ buildGoModule rec { nativeBuildInputs = [ pkg-config installShellFiles ]; - vendorSha256 = "sha256-6T98zu55BQ26e43a1i68rhebaLwY/iFM8CRqRcv2QwI="; + vendorSha256 = "sha256-d3aOX4iMlhlxgYbqCHCIFKXunVha0Fw4ZBmy4OA6EhI="; excludedPackages = "\\(sample\\|webhook\\|help\\)"; @@ -24,6 +24,13 @@ buildGoModule rec { ldflags = [ "-s" "-w" "-X github.com/sigstore/cosign/pkg/version.GitVersion=v${version}" ]; + postPatch = '' + rm pkg/cosign/tuf/client_test.go # Require network access + rm internal/pkg/cosign/fulcio/signer_test.go # Require network access + rm internal/pkg/cosign/rekor/signer_test.go # Require network access + rm pkg/cosign/kubernetes/webhook/validator_test.go # Require network access + ''; + postInstall = '' installShellCompletion --cmd cosign \ --bash <($out/bin/cosign completion bash) \ |