mirror of
https://github.com/NixOS/nixpkgs.git
synced 2026-07-06 17:13:24 -05:00
oathkeeper: run upstream test suite
* add `subPackages` attr which will find and build all targets, including tests * app/tests require `version` or `VERSION` env var to match a specific pattern otherwise will throw a configuration error * add versionCheckPhase and prepend version w/ `v` in ldflags * add __darwinAllowLocalNetworking * remove `commit` variable, general clean up of module * add `postInstall` phase to install shell completions * update meta attr
This commit is contained in:
parent
f4d3f22c84
commit
b1a966691d
1 changed files with 59 additions and 14 deletions
|
|
@ -1,44 +1,89 @@
|
|||
{
|
||||
lib,
|
||||
stdenv,
|
||||
fetchFromGitHub,
|
||||
buildGoModule,
|
||||
lib,
|
||||
installShellFiles,
|
||||
versionCheckHook,
|
||||
}:
|
||||
let
|
||||
buildGoModule (finalAttrs: {
|
||||
pname = "oathkeeper";
|
||||
version = "26.2.0";
|
||||
commit = "c84dbe07ecbf6f10154f04ec49b137a115155289";
|
||||
in
|
||||
buildGoModule {
|
||||
inherit pname version commit;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ory";
|
||||
repo = "oathkeeper";
|
||||
rev = "v${version}";
|
||||
tag = "v${finalAttrs.version}";
|
||||
hash = "sha256-Dux9g5AWnbj9kXoIogVneOYywgg9TnyXqP41YT/1C8k=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-/Qgdes8EAxP9FDKbahQdCpAD7PSe4iCkUvL1+poqaWc=";
|
||||
|
||||
__structuredAttrs = true;
|
||||
tags = [
|
||||
"sqlite"
|
||||
"json1"
|
||||
"hsm"
|
||||
];
|
||||
|
||||
subPackages = [ "." ];
|
||||
subPackages = [ "..." ];
|
||||
|
||||
# Pass versioning information via ldflags
|
||||
ldflags = [
|
||||
"-s"
|
||||
"-w"
|
||||
"-X github.com/ory/oathkeeper/x.Version=${version}"
|
||||
"-X github.com/ory/oathkeeper/x.Commit=${commit}"
|
||||
"-X github.com/ory/oathkeeper/x.Version=${finalAttrs.src.tag}"
|
||||
"-X github.com/ory/oathkeeper/x.Commit=${finalAttrs.src.rev}"
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
# upstream tests use dynamic port assignment
|
||||
__darwinAllowLocalNetworking = true;
|
||||
|
||||
# The configuration contains values or keys which are invalid:
|
||||
# version:
|
||||
# ^-- does not match pattern "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$"
|
||||
preCheck = ''
|
||||
export version="${finalAttrs.src.tag}"
|
||||
'';
|
||||
checkFlags =
|
||||
let
|
||||
skippedTests = [
|
||||
# flaky test, if system under high load the underlying server may be unavailable
|
||||
"TestAuthenticatorOAuth2Introspection"
|
||||
# flaky test(s): likely due to race condition within parallel test run, revisit at later date
|
||||
# Error: Expected nil, but got: &oauth2.Token{AccessToken:"some-token", TokenType:"Bearer", RefreshToken:"", Expiry:time.Date(2026, time.June, 24, 22, 41, 47, 887223251, time.UTC), ExpiresIn:0, raw:interface {}(nil), expiryDelta:0}
|
||||
"TestClientCredentialsCache"
|
||||
# Error: Not equal:
|
||||
# expected: rule.Rule{ID:"foo2", Version:"", Description:"Get users rule", Match:(*rule.Match)(0x64e4fd34c30), Authenticators>
|
||||
# actual : rule.Rule{ID:"foo2", Version:"v26.2.0", Description:"Get users rule", Match:(*rule.Match)(0x64e4ff56ed0), Authent>
|
||||
"TestHandler"
|
||||
];
|
||||
in
|
||||
[ "-skip=^${builtins.concatStringsSep "$|^" skippedTests}$" ];
|
||||
doInstallCheck = true;
|
||||
nativeInstallCheckInputs = [ versionCheckHook ];
|
||||
versionCheckProgramArg = [ "version" ];
|
||||
postInstall = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) ''
|
||||
installShellCompletion --cmd oathkeeper \
|
||||
--bash <($out/bin/oathkeeper completion bash) \
|
||||
--fish <($out/bin/oathkeeper completion fish) \
|
||||
--zsh <($out/bin/oathkeeper completion zsh)
|
||||
'';
|
||||
meta = {
|
||||
description = "Open-source identity and access proxy that authorizes HTTP requests based on sets of rules";
|
||||
homepage = "https://www.ory.sh/oathkeeper/";
|
||||
description = "Identity and access proxy that authorizes HTTP requests based on sets of rules";
|
||||
longDescription = ''
|
||||
It follows
|
||||
[cloud architecture best practices](https://www.ory.com/docs/ecosystem/software-architecture-philosophy) and focuses on:
|
||||
|
||||
- Authenticating and authorizing HTTP requests
|
||||
- Acting as a reverse proxy or decision API
|
||||
- Mutating requests with identity information
|
||||
- Integrating with existing API gateways and proxies
|
||||
- Supporting multiple authentication and authorization strategies
|
||||
- Working in Zero-Trust network architectures
|
||||
'';
|
||||
homepage = "https://github.com/ory/oathkeeper";
|
||||
changelog = "https://github.com/ory/oathkeeper/releases/tag/${finalAttrs.src.tag}";
|
||||
license = lib.licenses.asl20;
|
||||
maintainers = with lib.maintainers; [
|
||||
camcalaquian
|
||||
|
|
@ -46,4 +91,4 @@ buildGoModule {
|
|||
];
|
||||
mainProgram = "oathkeeper";
|
||||
};
|
||||
}
|
||||
})
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue