%{?!python3_pkgversion:%global python3_pkgversion 3} %global srcname detect-secrets %bcond check 1 %bcond gibberish 0 Name: python-%{srcname} Version: 1.5.0 Release: 1%{?dist} Summary: Detect secrets within a code base License: Apache-2.0 URL: https://github.com/Yelp/detect-secrets Source: https://github.com/Yelp/detect-secrets/archive/v%{version}/%{name}-%{version}.tar.gz BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel %if %{with check} BuildRequires: python3-pytest BuildRequires: python3-pytest-xdist %if %{with gibberish} BuildRequires: python3dist(gibberish-detector) %endif BuildRequires: python3dist(pyahocorasick) BuildRequires: python3dist(pyyaml) BuildRequires: python3dist(requests) BuildRequires: python3dist(responses) BuildRequires: python3dist(unidiff) %endif %global _description %{expand: detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base. However, unlike other similar packages that solely focus on finding secrets, this package is designed with the enterprise client in mind: providing a backwards compatible, systematic means of: * Preventing new secrets from entering the code base, * Detecting if such preventions are explicitly bypassed, and * Providing a checklist of secrets to roll, and migrate off to a more secure storage.} %description %_description %package -n python%{python3_pkgversion}-%{srcname} Summary: %{summary} %description -n python%{python3_pkgversion}-%{srcname} %_description %pyproject_extras_subpkg -n python%{python3_pkgversion}-%{srcname} word_list %if %{with gibberish} %pyproject_extras_subpkg -n python%{python3_pkgversion}-%{srcname} gibberish %endif %prep %autosetup -p1 -n %{srcname}-%{version} %generate_buildrequires %pyproject_buildrequires -x word_list %build %pyproject_wheel %install %pyproject_install %pyproject_save_files -l detect_secrets %check %pyproject_check_import %if %{with check} %pytest -k "not test_outputs_baseline_if_none_supplied \ and not test_saves_to_baseline \ and not test_works_from_different_directory \ and not test_basic \ and not test_quit_if_baseline_is_changed_but_not_staged \ and not test_baseline_filters_out_known_secrets \ and not test_success \ and not test_maintains_labelled_data \ and not test_maintains_slim_mode \ and not test_modifies_baseline \ and not test_does_not_modify_slim_baseline \ and not test_basic_usage \ and not test_no_files_in_git_repo \ and not test_scan_all_files \ and not test_load_and_output \ and not test_make_decisions \ and not test_start_halfway \ and not test_should_scan_specific_non_tracked_file \ and not test_should_scan_tracked_files_in_directory \ and not test_should_scan_all_files_in_directory_if_flag_is_provided \ and not test_handles_each_path_separately \ and not test_handles_multiple_directories \ and not test_load_from_baseline \ and not test_ignores_hex_strings \ and not test_does_not_affect_private_keys \ " %endif %files -n python%{python3_pkgversion}-%{srcname} -f %{pyproject_files} %license LICENSE %doc CHANGELOG.md CONTRIBUTING.md CONTRIBUTORS.md README.md %{_bindir}/detect-secrets %{_bindir}/detect-secrets-hook %changelog * Thu May 23 2024 Dominik Mierzejewski 1.5.0-1 - initial build - disable gibberish extra due to unpackaged dependency - disable tests requiring gibberish, git and git repo