diff options
Diffstat (limited to 'pkgs/tools/security/witness/default.nix')
-rw-r--r-- | pkgs/tools/security/witness/default.nix | 36 |
1 files changed, 21 insertions, 15 deletions
diff --git a/pkgs/tools/security/witness/default.nix b/pkgs/tools/security/witness/default.nix index d16f74940d3b0..42e6455ae7dd7 100644 --- a/pkgs/tools/security/witness/default.nix +++ b/pkgs/tools/security/witness/default.nix @@ -1,17 +1,24 @@ -{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles + +# testing +, testers +, witness +}: buildGoModule rec { pname = "witness"; - version = "0.1.14"; + version = "0.2.0"; src = fetchFromGitHub { - owner = "testifysec"; - repo = pname; + owner = "in-toto"; + repo = "witness"; rev = "v${version}"; - sha256 = "sha256-TUEbFkrS0OztTiY0OXiZsqraq3TINtC/DQEyCGPNXpE="; + sha256 = "sha256-U+dcaPi9Drg4I2SZlZPaR3Ryb+Dz27nyPI2XJPG/LWc="; }; - proxyVendor = true; - vendorHash = "sha256-L2NaEt64mgFZVta/F8/uUQ4djlra59JPcHJLGbFCQJs="; + vendorHash = "sha256-pjcyAGdR8TsU9YBy5zd6u575vDKPwy8s85TXUsuxZiU="; nativeBuildInputs = [ installShellFiles ]; @@ -21,7 +28,7 @@ buildGoModule rec { ldflags = [ "-s" "-w" - "-X github.com/testifysec/witness/cmd.Version=v${version}" + "-X github.com/in-toto/witness/cmd.Version=v${version}" ]; # Feed in all tests for testing @@ -38,13 +45,11 @@ buildGoModule rec { --zsh <($out/bin/witness completion zsh) ''; - doInstallCheck = true; - installCheckPhase = '' - runHook preInstallCheck - $out/bin/witness --help - $out/bin/witness version | grep "v${version}" - runHook postInstallCheck - ''; + passthru.tests.version = testers.testVersion { + package = witness; + command = "witness version"; + version = "v${version}"; + }; meta = with lib; { description = "A pluggable framework for software supply chain security. Witness prevents tampering of build materials and verifies the integrity of the build process from source to target"; @@ -57,6 +62,7 @@ buildGoModule rec { PKI distribution system will mitigate against many software supply chain attack vectors and can be used as a framework for automated governance. ''; + mainProgram = "witness"; homepage = "https://github.com/testifysec/witness"; changelog = "https://github.com/testifysec/witness/releases/tag/v${version}"; license = licenses.asl20; |