kookie
/
nomicon
1
0
Fork 0
Code Issues Projects Releases 1 Activity

open-policy-agent: 0.32.1 -> 0.33.1

Browse Source 
Added tests and a feature toggle for enableWasmEval

enableWasmEval is not enabled as it breaks reproducability and isn't in
most workloads.

Added shell completions
main
06kellyjac 3 years ago
parent 549044ea1c
commit cd8b4d3ba9
1 changed files with 44 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 47
      pkgs/development/tools/open-policy-agent/default.nix

47
pkgs/development/tools/open-policy-agent/default.nix
Unescape View File

@ -1,26 +1,67 @@
{ lib, buildGoModule, fetchFromGitHub }:
{ lib
, buildGoModule
, fetchFromGitHub
, installShellFiles
, enableWasmEval ? false
}:
buildGoModule rec {
pname = "open-policy-agent";
version = "0.32.1";
version = "0.33.1";
src = fetchFromGitHub {
owner = "open-policy-agent";
repo = "opa";
rev = "v${version}";
sha256 = "sha256-pd0bOE0cSi+93B0U46KpeC7AHgsV3oBJcT/wg8XED5Y=";
sha256 = "sha256-n0VuzYlgn9IGiaxzDeuVjMqFbDwTe3UjExk7BT2DNZc=";
};
vendorSha256 = null;
nativeBuildInputs = [ installShellFiles ];
subPackages = [ "." ];
ldflags = [ "-s" "-w" "-X github.com/open-policy-agent/opa/version.Version=${version}" ];
tags = lib.optional enableWasmEval (
builtins.trace
("Warning: enableWasmEval breaks reproducability, "
+ "ensure you need wasm evaluation. "
+ "`opa build` does not need this feature.")
"opa_wasm");
preCheck = ''
# Feed in all but the e2e tests for testing
# This is because subPackages above limits what is built to just what we
# want but also limits the tests
getGoDirs() {
go list ./... | grep -v e2e
}
# Remove test case that fails on < go1.17
rm test/cases/testdata/cryptox509parsecertificates/test-cryptox509parsecertificates-0123.yaml
'';
postInstall = ''
installShellCompletion --cmd opa \
--bash <($out/bin/opa completion bash) \
--fish <($out/bin/opa completion fish) \
--zsh <($out/bin/opa completion zsh)
'';
doInstallCheck = true;
installCheckPhase = ''
runHook preInstallCheck
$out/bin/opa --help
$out/bin/opa version | grep "Version: ${version}"
${lib.optionalString enableWasmEval ''
# If wasm is enabled verify it works
$out/bin/opa eval -t wasm 'trace("hello from wasm")'
''}
runHook postInstallCheck
'';

Write Preview
Loading…
Cancel
Save