diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/security/step-ca/default.nix')
-rw-r--r-- | nixpkgs/pkgs/tools/security/step-ca/default.nix | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/nixpkgs/pkgs/tools/security/step-ca/default.nix b/nixpkgs/pkgs/tools/security/step-ca/default.nix index 7e149ad143bf..5c1463ec117b 100644 --- a/nixpkgs/pkgs/tools/security/step-ca/default.nix +++ b/nixpkgs/pkgs/tools/security/step-ca/default.nix @@ -12,20 +12,24 @@ buildGoModule rec { pname = "step-ca"; - version = "0.25.0"; + version = "0.25.2"; src = fetchFromGitHub { owner = "smallstep"; repo = "certificates"; rev = "refs/tags/v${version}"; - hash = "sha256-CO9Qjx4D6qNGjOdva88KRCJOQq85r5U5nwmXC1G94dY="; + hash = "sha256-cP3QypBNWGbr7R7lJLfaoBh6C37ubGuaxnxWlZ1Z000="; }; - vendorHash = "sha256-Weq8sS+8gsfdoVSBDm8E2DCrngfNsolqQR2/yd9etPo="; + vendorHash = "sha256-AXMMpzXEhdKSGeVg/KK2NEgalxIXP6DUTcoxOQVqow4="; - ldflags = [ "-buildid=" ]; + ldflags = [ + "-buildid=" + ]; - nativeBuildInputs = lib.optionals hsmSupport [ pkg-config ]; + nativeBuildInputs = lib.optionals hsmSupport [ + pkg-config + ]; buildInputs = lib.optionals (hsmSupport && stdenv.isLinux) [ pcsclite ] @@ -43,9 +47,14 @@ buildGoModule rec { install -Dm444 -t $out/lib/systemd/system systemd/step-ca.service ''; + preCheck = '' + export HOME=$(mktemp -d) + ''; + # Tests start http servers which need to bind to local addresses: # panic: httptest: failed to listen on a port: listen tcp6 [::1]:0: bind: operation not permitted __darwinAllowLocalNetworking = true; + # Tests need to run in a reproducible order, otherwise they run unreliably on # (at least) x86_64-linux. checkFlags = [ "-p 1" ]; |