blob: 1abd3f4ed20373dac54dbb94e0b9d1d3732f5805 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
{ stdenv, buildPythonPackage, fetchPypi, cryptography, boto3, pyyaml, docutils, nose
, fetchpatch
}:
buildPythonPackage rec {
pname = "credstash";
version = "1.17.1";
src = fetchPypi {
inherit pname version;
sha256 = "6c04e8734ef556ab459018da142dd0b244093ef176b3be5583e582e9a797a120";
};
patches = [
(fetchpatch {
url = "https://github.com/fugue/credstash/commit/9c02ee43ed6e37596cafbca2fe80c532ec19d2d8.patch";
sha256 = "dlybrpfLK+PqwWWhH9iXgXHYysZGmcZAFGWNOwsG0xA=";
})
];
# The install phase puts an executable and a copy of the library it imports in
# bin/credstash and bin/credstash.py, despite the fact that the library is also
# installed to lib/python<version>/site-packages/credstash.py.
# If we apply wrapPythonPrograms to bin/credstash.py then the executable will try
# to import the credstash module from the resulting shell script. Removing this
# file ensures that Python imports the module from site-packages library.
postInstall = "rm $out/bin/credstash.py";
nativeBuildInputs = [ nose ];
propagatedBuildInputs = [ cryptography boto3 pyyaml docutils ];
# No tests in archive
doCheck = false;
meta = with stdenv.lib; {
description = "A utility for managing secrets in the cloud using AWS KMS and DynamoDB";
homepage = "https://github.com/LuminalOSS/credstash";
license = licenses.asl20;
};
}
|