@ -1,26 +1,67 @@
{ lib , buildGoModule , fetchFromGitHub }:
{ lib
, buildGoModule
, fetchFromGitHub
, installShellFiles
, enableWasmEval ? false
} :
buildGoModule rec {
pname = " o p e n - p o l i c y - a g e n t " ;
version = " 0 . 3 2 . 1 " ;
version = " 0 . 3 3 . 1 " ;
src = fetchFromGitHub {
owner = " o p e n - p o l i c y - a g e n t " ;
repo = " o p a " ;
rev = " v ${ version } " ;
sha256 = " s h a 2 5 6 - p d 0 b O E 0 c S i + 9 3 B 0 U 4 6 K p e C 7 A H g s V 3 o B J c T / w g 8 X E D 5 Y = " ;
sha256 = " s h a 2 5 6 - n 0 V u z Y l g n 9 I G i a x z D e u V j M q F b D w T e 3 U j E x k 7 B T 2 D N Z c = " ;
} ;
vendorSha256 = null ;
nativeBuildInputs = [ installShellFiles ] ;
subPackages = [ " . " ] ;
ldflags = [ " - s " " - w " " - X g i t h u b . c o m / o p e n - p o l i c y - a g e n t / o p a / v e r s i o n . V e r s i o n = ${ version } " ] ;
tags = lib . optional enableWasmEval (
builtins . trace
( " W a r n i n g : e n a b l e W a s m E v a l b r e a k s r e p r o d u c a b i l i t y , "
+ " e n s u r e y o u n e e d w a s m e v a l u a t i o n . "
+ " ` o p a b u i l d ` d o e s n o t n e e d t h i s f e a t u r e . " )
" o p a _ w a s m " ) ;
preCheck = ''
# Feed in all but the e2e tests for testing
# This is because subPackages above limits what is built to just what we
# want but also limits the tests
getGoDirs ( ) {
go list ./... | grep - v e2e
}
# Remove test case that fails on < go1.17
rm test/cases/testdata/cryptox509parsecertificates/test-cryptox509parsecertificates-0123.yaml
'' ;
postInstall = ''
installShellCompletion - - cmd opa \
- - bash < ( $ out/bin/opa completion bash ) \
- - fish < ( $ out/bin/opa completion fish ) \
- - zsh < ( $ out/bin/opa completion zsh )
'' ;
doInstallCheck = true ;
installCheckPhase = ''
runHook preInstallCheck
$ out/bin/opa - - help
$ out/bin/opa version | grep " V e r s i o n : ${ version } "
$ { lib . optionalString enableWasmEval ''
# If wasm is enabled verify it works
$ out/bin/opa eval - t wasm ' trace ( " h e l l o f r o m w a s m " ) '
'' }
runHook postInstallCheck
'' ;