[PATCH] gnu: Add get-trust-anchor.

  • Open
  • quality assurance status badge
Details
2 participants
  • José Sanchez
  • Bruno Victal
Owner
unassigned
Submitted by
Bruno Victal
Severity
normal
B
B
Bruno Victal wrote on 9 Jul 2023 20:15
(address . guix-patches@gnu.org)(name . Bruno Victal)(address . mirai@makinata.eu)
9e371eab576e76ee438c39746ddbe4be103231a7.1688926431.git.mirai@makinata.eu
* gnu/packages/dns.scm (get-trust-anchor): New variable.
* gnu/packages/patches/get-trust-anchor-setuptools.patch: New file.
* gnu/local.mk: Register it.
---

Notes:

gnu/local.mk | 1 +
gnu/packages/dns.scm | 49 +++++++++++++++++++
.../patches/get-trust-anchor-setuptools.patch | 48 ++++++++++++++++++
3 files changed, 98 insertions(+)
create mode 100644 gnu/packages/patches/get-trust-anchor-setuptools.patch

Toggle diff (132 lines)
diff --git a/gnu/local.mk b/gnu/local.mk
index 96f4594835..1f40cf8fa9 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1228,6 +1228,7 @@ dist_patch_DATA = \
%D%/packages/patches/genimage-mke2fs-test.patch \
%D%/packages/patches/geoclue-config.patch \
%D%/packages/patches/gettext-libunicode-update.patch \
+ %D%/packages/patches/get-trust-anchor-setuptools.patch \
%D%/packages/patches/ghc-8.0-fall-back-to-madv_dontneed.patch \
%D%/packages/patches/ghc-9.2-glibc-2.33-link-order.patch \
%D%/packages/patches/ghc-9.2-grep-warnings.patch \
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index a34e4ced89..f375c608a6 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -92,8 +92,57 @@ (define-module (gnu packages dns)
#:use-module (guix build-system glib-or-gtk)
#:use-module (guix build-system gnu)
#:use-module (guix build-system meson)
+ #:use-module (guix build-system python)
#:use-module (guix build-system trivial))
+;; Manually test by running (requires online connectivity):
+;; $ guix shell --container --network --no-cwd \
+;; get-trust-anchor nss-certs -- get-trust-anchor
+(define-public get-trust-anchor
+ (let ((commit "a149f31483a647af09f1b4c99871a07f7614e08f")
+ (revision "0")) ; no releases
+ (package
+ (name "get-trust-anchor")
+ (version (git-version "0.0.0" revision commit))
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/iana-org/get-trust-anchor")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "05dsqykyqfxy90s264a6wk1xxpnv31gzil7fgcccbxi64zpx8zq4"))
+ (patches (search-patches "get-trust-anchor-setuptools.patch"))))
+ (build-system python-build-system)
+ (arguments
+ (list
+ #:tests? #f ; tests require online connectivity
+ #:modules '((guix build python-build-system)
+ (guix build utils)
+ (srfi srfi-1))
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-before 'wrap 'wrap-path
+ (lambda* (#:key inputs #:allow-other-keys)
+ (let ((prog (string-append #$output "/bin/get-trust-anchor"))
+ (path (map (lambda (f)
+ (dirname (search-input-file inputs f)))
+ '("/bin/openssl" "/bin/which"))))
+ (wrap-program prog
+ `("PATH" = ,path))))))))
+ (inputs (list openssl which))
+ (native-search-paths
+ (list $SSL_CERT_DIR $SSL_CERT_FILE))
+ (synopsis "Tool for fetching IANA's DNS Root Trust Anchors")
+ (description "This package provides the @command{get-trust-anchor}
+command, a tool that fetches the current DNSSEC trust anchor from IANA
+and the root @acronym{KSK, Key Signing Key} from Google Public DNS
+via @acronym{DoH, DNS over HTTPS} or by downloading the root zone file.")
+ (home-page "https://www.iana.org/dnssec/files")
+ (license license:bsd-2))))
+
(define-public cloudflare-cli
(let ((commit "2d986d3ec1b0e3158c4bd40e8918947cb74aa392")
(revision "1"))
diff --git a/gnu/packages/patches/get-trust-anchor-setuptools.patch b/gnu/packages/patches/get-trust-anchor-setuptools.patch
new file mode 100644
index 0000000000..f3de9b1ae3
--- /dev/null
+++ b/gnu/packages/patches/get-trust-anchor-setuptools.patch
@@ -0,0 +1,48 @@
+From fcc6daa582400a68d9cbc9e834c018a8c90650c4 Mon Sep 17 00:00:00 2001
+Message-Id: <fcc6daa582400a68d9cbc9e834c018a8c90650c4.1688921926.git.mirai@makinata.eu>
+From: Bruno Victal <mirai@makinata.eu>
+Date: Sun, 9 Jul 2023 17:31:37 +0100
+Subject: [PATCH] setuptools: use entry_points.
+
+---
+ get_trust_anchor.py => get_trust_anchor/__main__.py | 2 +-
+ setup.py | 9 ++++++---
+ 2 files changed, 7 insertions(+), 4 deletions(-)
+ rename get_trust_anchor.py => get_trust_anchor/__main__.py (99%)
+
+diff --git a/get_trust_anchor.py b/get_trust_anchor/__main__.py
+similarity index 99%
+rename from get_trust_anchor.py
+rename to get_trust_anchor/__main__.py
+index 42bd041..369ce54 100644
+--- a/get_trust_anchor.py
++++ b/get_trust_anchor/__main__.py
+@@ -474,4 +474,4 @@ def main():
+ print("Could not delete {}: '{}'. Continuing".format(this_file, this_exception))
+
+ if __name__ == "__main__":
+- main()
++ sys.exit(main())
+diff --git a/setup.py b/setup.py
+index 491c832..7900037 100644
+--- a/setup.py
++++ b/setup.py
+@@ -12,7 +12,10 @@ setup(
+ 'Programming Language :: Python :: 3'
+ ],
+ url='https://github.com/iana-org/get_trust_anchor/',
+- scripts=[
+- 'get_trust_anchor.py'
+- ]
++ packages=['get_trust_anchor'],
++ entry_points={
++ 'console_scripts': [
++ 'get-trust-anchor = get_trust_anchor.__main__:main'
++ ]
++ }
+ )
+
+base-commit: a149f31483a647af09f1b4c99871a07f7614e08f
+--
+2.40.1
+

base-commit: 2ba2e80ee6e19f6ab710035445d8e234f100e25d
--
2.40.1
J
J
José Sanchez wrote on 7 Aug 20:35 +0200
(address . 64545@debbugs.gnu.org)
CAAfPXqFRHzTgsjiqhuQmgVLYvAFL1J3nvyg-x04HYNSCiGhDKQ@mail.gmail.com

Attachment: file
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 64545@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 64545
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch