| blob | b77ac247639810a618fb78c4a5a0420accb1e9d7 |
1 { pkgs, ... }:
2 let
3 inherit (pkgs) lib;
5 tests = {
6 # TODO: uncomment stable
7 # - Blocked on https://github.com/NixOS/nixpkgs/issues/138584 which has a
8 # PR in staging: https://github.com/NixOS/nixpkgs/pull/139986
9 # - Alternatively, blocked on a NixOps 2 release
10 # https://github.com/NixOS/nixops/issues/1242
11 # stable = testsLegacyNetwork { nixopsPkg = pkgs.nixops; };
12 unstable = testsForPackage { nixopsPkg = pkgs.nixops_unstable; };
14 # inherit testsForPackage;
15 };
17 testsForPackage = lib.makeOverridable (args: lib.recurseIntoAttrs {
18 legacyNetwork = testLegacyNetwork args;
19 });
21 testLegacyNetwork = { nixopsPkg }: pkgs.nixosTest ({
22 name = "nixops-legacy-network";
23 nodes = {
24 deployer = { config, lib, nodes, pkgs, ... }: {
25 imports = [ ../../modules/installer/cd-dvd/channel.nix ];
26 environment.systemPackages = [ nixopsPkg ];
27 nix.settings.substituters = lib.mkForce [ ];
28 users.users.person.isNormalUser = true;
29 virtualisation.writableStore = true;
30 virtualisation.additionalPaths = [
31 pkgs.hello
32 pkgs.figlet
34 # This includes build dependencies all the way down. Not efficient,
35 # but we do need build deps to an *arbitrary* depth, which is hard to
36 # determine.
37 (allDrvOutputs nodes.server.config.system.build.toplevel)
38 ];
39 };
40 server = { lib, ... }: {
41 imports = [ ./legacy/base-configuration.nix ];
42 };
43 };
45 testScript = { nodes }:
46 let
47 deployerSetup = pkgs.writeScript "deployerSetup" ''
48 #!${pkgs.runtimeShell}
49 set -eux -o pipefail
50 cp --no-preserve=mode -r ${./legacy} unicorn
51 cp --no-preserve=mode ${../ssh-keys.nix} unicorn/ssh-keys.nix
52 mkdir -p ~/.ssh
53 cp ${snakeOilPrivateKey} ~/.ssh/id_ed25519
54 chmod 0400 ~/.ssh/id_ed25519
55 '';
56 serverNetworkJSON = pkgs.writeText "server-network.json"
57 (builtins.toJSON nodes.server.config.system.build.networkConfig);
58 in
59 ''
60 import shlex
62 def deployer_do(cmd):
63 cmd = shlex.quote(cmd)
64 return deployer.succeed(f"su person -l -c {cmd} &>/dev/console")
66 start_all()
68 deployer_do("cat /etc/hosts")
70 deployer_do("${deployerSetup}")
71 deployer_do("cp ${serverNetworkJSON} unicorn/server-network.json")
73 # Establish that ssh works, regardless of nixops
74 # Easy way to accept the server host key too.
75 server.wait_for_open_port(22)
76 deployer.wait_for_unit("network.target")
78 # Put newlines on console, to flush the console reader's line buffer
79 # in case nixops' last output did not end in a newline, as is the case
80 # with a status line (if implemented?)
81 deployer.succeed("while sleep 60s; do echo [60s passed]; done >&2 &")
83 deployer_do("cd ~/unicorn; ssh -oStrictHostKeyChecking=accept-new root@server echo hi")
85 # Create and deploy
86 deployer_do("cd ~/unicorn; nixops create")
88 deployer_do("cd ~/unicorn; nixops deploy --confirm")
90 deployer_do("cd ~/unicorn; nixops ssh server 'hello | figlet'")
91 '';
92 });
94 inherit (import ../ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey;
96 /*
97 Return a store path with a closure containing everything including
98 derivations and all build dependency outputs, all the way down.
99 */
100 allDrvOutputs = pkg:
101 let name = "allDrvOutputs-${pkg.pname or pkg.name or "unknown"}";
102 in
103 pkgs.runCommand name { refs = pkgs.writeReferencesToFile pkg.drvPath; } ''
104 touch $out
105 while read ref; do
106 case $ref in
107 *.drv)
108 cat $ref >>$out
109 ;;
110 esac
111 done <$refs
112 '';
114 in
115 tests