From 5970407d19b5f836fe74b9ff427309f63d27e0f1 Mon Sep 17 00:00:00 2001 From: "Berk D. Demir" Date: Mon, 6 Jun 2022 16:58:27 -0700 Subject: [PATCH] certigo: patch tests and enable checks on Darwin Worked with the upstream project to get the test updated for modern macOS and emulated/virtualized hardware. Bring in unit test fixes in two patches from upstream trunk and re-enable tests on Darwin. --- pkgs/tools/admin/certigo/default.nix | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/pkgs/tools/admin/certigo/default.nix b/pkgs/tools/admin/certigo/default.nix index 541f23058ef..d2914dbf95a 100644 --- a/pkgs/tools/admin/certigo/default.nix +++ b/pkgs/tools/admin/certigo/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, buildGoModule, fetchFromGitHub }: +{ lib, stdenv, buildGoModule, fetchFromGitHub, fetchpatch }: buildGoModule rec { pname = "certigo"; @@ -11,12 +11,21 @@ buildGoModule rec { sha256 = "sha256-XGR6xIXdFLnJTFd+mJneRb/WkLmi0Jscta9Bj3paM1M="; }; - vendorSha256 = "sha256-qS/tIi6umSuQcl43SI4LyL0k5eWfRWs7kVybRPGKcbs="; + patches = [ + (fetchpatch { + name = "backport_TestConnect-Apple-Fixes.patch"; + url = "https://github.com/square/certigo/commit/5332ac7ca20bdea63657cc8319e8b8fda4326938.patch"; + sha256 = "sha256-mSNuiui2dxkXnCrXJ/asIzC8F1mtPecOVOIu6mE5jq4="; + }) - # Go running under Hydra Darwin x86_64 picks CHAPOLY instead of AES-GCM as - # the default TLS ciphersuite, and breaks the arguably flakey `TestConnect` - # test. - doCheck = !(stdenv.isDarwin && stdenv.isx86_64); + (fetchpatch { + name = "backport_TestConnect-Expected-CipherSuite-Fixes.patch"; + url = "https://github.com/square/certigo/commit/7ef0417bde4aafc69cbb72f0dd6d3577a56054a1.patch"; + sha256 = "sha256-TUQ8B23HKheaPUjj4NkvjmZBAAhDNTyo2c8jf4qukds="; + }) + ]; + + vendorSha256 = "sha256-qS/tIi6umSuQcl43SI4LyL0k5eWfRWs7kVybRPGKcbs="; meta = with lib; { description = "A utility to examine and validate certificates in a variety of formats";