Merge pull request #336445 from adamcstephens/kanidm/1.3.3

kanidm: 1.3.2 -> 1.3.3
This commit is contained in:
Martin Weinelt 2024-08-22 18:41:30 +02:00 committed by GitHub
commit d9cf6ea6f8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 29 additions and 8 deletions

View File

@ -4,6 +4,13 @@ import ./make-test-python.nix (
certs = import ./common/acme/server/snakeoil-certs.nix;
serverDomain = certs.domain;
# copy certs to store to work around mount namespacing
certsPath = pkgs.runCommandNoCC "snakeoil-certs" { } ''
mkdir $out
cp ${certs."${serverDomain}".cert} $out/snakeoil.crt
cp ${certs."${serverDomain}".key} $out/snakeoil.key
'';
provisionAdminPassword = "very-strong-password-for-admin";
provisionIdmAdminPassword = "very-strong-password-for-idm-admin";
provisionIdmAdminPassword2 = "very-strong-alternative-password-for-idm-admin";
@ -23,8 +30,8 @@ import ./make-test-python.nix (
domain = serverDomain;
bindaddress = "[::]:443";
ldapbindaddress = "[::1]:636";
tls_chain = certs."${serverDomain}".cert;
tls_key = certs."${serverDomain}".key;
tls_chain = "${certsPath}/snakeoil.crt";
tls_key = "${certsPath}/snakeoil.key";
};
# So we can check whether provisioning did what we wanted
enableClient = true;

View File

@ -6,6 +6,13 @@ import ./make-test-python.nix ({ pkgs, ... }:
testCredentials = {
password = "Password1_cZPEwpCWvrReripJmAZdmVIZd8HHoHcl";
};
# copy certs to store to work around mount namespacing
certsPath = pkgs.runCommandNoCC "snakeoil-certs" { } ''
mkdir $out
cp ${certs."${serverDomain}".cert} $out/snakeoil.crt
cp ${certs."${serverDomain}".key} $out/snakeoil.key
'';
in
{
name = "kanidm";
@ -19,8 +26,8 @@ import ./make-test-python.nix ({ pkgs, ... }:
domain = serverDomain;
bindaddress = "[::]:443";
ldapbindaddress = "[::1]:636";
tls_chain = certs."${serverDomain}".cert;
tls_key = certs."${serverDomain}".key;
tls_chain = "${certsPath}/snakeoil.crt";
tls_key = "${certsPath}/snakeoil.key";
};
};

View File

@ -28,16 +28,16 @@ let
in
rustPlatform.buildRustPackage rec {
pname = "kanidm";
version = "1.3.2";
version = "1.3.3";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-YFmWZlDcsSk+7EGkoK0SkAhNsrIQa55IRIVqisX3zqE=";
hash = "sha256-W5G7osV4du6w/BfyY9YrDzorcLNizRsoz70RMfO2AbY=";
};
cargoHash = "sha256-8ZENe576gqm+FkQPCgz6mScqdacHilARFWmfe+kDL2A=";
cargoHash = "sha256-gJrzOK6vPPBgsQFkKrbMql00XSfKGjgpZhYJLTURxoI=";
KANIDM_BUILD_PROFILE = "release_nixos_${arch}";
@ -110,7 +110,14 @@ rustPlatform.buildRustPackage rec {
inherit (nixosTests) kanidm kanidm-provisioning;
};
updateScript = nix-update-script { };
updateScript = nix-update-script {
# avoid spurious releases and tags such as "debs"
extraArgs = [
"-vr"
"v(.*)"
];
};
inherit enableSecretProvisioning;
withSecretProvisioning = kanidm.override { enableSecretProvisioning = true; };
};