On Mon, Sep 05, 2022 at 05:49:55AM +0000, guix-patches--- via wrote:
> Nothing I do seems to work at all.
> 
> Last night I thought of a fundamental question:
> Are `inputs` accessible in the guix store at runtime?
> 
> If they are, that means I am too dumb to correctly parse the documentation. My initial patch proves, that `gnupg` has to be available at runtime. At this point I am incapable of doing anything more. I got physically sick of trying to understand and use all the procedures.

After some poking around on IRC and in trezor-agent and
python-trezor-agent, it seems that there are a number of calls to the
gpgconf binary and the actual path to gpg is probably set in
python-trezor-agent in libagent/gpg/keyring.py. With all of this it's
probably best to just wrap the files in the bin output of trezor agent
so that we don't miss any files.

(ins)efraim@3900XT /tmp$ tree /gnu/store/46br8illcfv93ryh28s2haz1s59n584v-trezor-agent-0.14.4
/gnu/store/46br8illcfv93ryh28s2haz1s59n584v-trezor-agent-0.14.4
├── bin
│   ├── __pycache__
│   │   └── trezor_agent.cpython-39.pyc
│   ├── trezor-agent
│   ├── trezor_agent.py
│   ├── trezor-gpg
│   ├── trezor-gpg-agent
│   └── trezor-signify
└── lib
    └── python3.9
        └── site-packages
            └── trezor_agent-0.11.0-py3.9.egg-info
                ├── dependency_links.txt
                ├── entry_points.txt
                ├── PKG-INFO
                ├── requires.txt
                ├── SOURCES.txt
                └── top_level.txt

trezor_agent.py is an actual python script, so I'd use wrap-script, but
the other extensionless files I'd use wrap-program, which IIRC will Do
The Right Thing™ and not double-wrap those files, which are already
wrappers.

I haven't tested the code out, but something like this should work
inside trezor-agent.

(add-before 'check 'wrap-more
  ;; We want to make sure we're before 'check but after 'wrap
  (lambda* (#:key inputs outputs #:allow-other-keys)
    (wrap-script (string-append #$output "/bin/trezor_agent.py")
      `(("PATH" ":" prefix (,(dirname (search-input-file inputs
      "gpg"))))))
    (for-each
      (lambda (file)
        (wrap-program file
          `(("PATH" ":" prefix (,(dirname (search-input-file inputs
          "gpg")))))))
      (find-files (string-append #$output "/bin") "^trezor-"))))

-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted