forked from obsidiansystems/obelisk
-
Notifications
You must be signed in to change notification settings - Fork 0
/
all-tests.nix
145 lines (131 loc) · 5.59 KB
/
all-tests.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
{
supportedSystems ? [ builtins.currentSystem ]
}:
let
nginxRoot = "/run/nginx";
obelisk = import ./default.nix {};
# Get NixOS a pre-release 20.03 that contains the python based tests and recursive nix
pkgs = import (builtins.fetchTarball https://github.com/nixos/nixpkgs/archive/3de5266.tar.gz) {};
sshKeys = import (pkgs.path + /nixos/tests/ssh-keys.nix) pkgs;
make-test = import (pkgs.path + /nixos/tests/make-test-python.nix);
obelisk-everywhere = (import ./all-builds.nix { inherit supportedSystems; }).x86_64-linux.cache;
snakeOilPrivateKey = sshKeys.snakeOilPrivateKey.text;
snakeOilPublicKey = sshKeys.snakeOilPublicKey;
in
make-test ({...}: {
name = "obelisk";
nodes = {
githost = {
networking.firewall.allowedTCPPorts = [ 22 80 ];
services.openssh = {
enable = true;
};
environment.systemPackages = [
pkgs.git
];
users.users.root.openssh.authorizedKeys.keys = [
snakeOilPublicKey
];
};
client = {
imports = [
(pkgs.path + /nixos/modules/installer/cd-dvd/channel.nix)
];
nix.useSandbox = false;
nix.binaryCaches = [];
environment.systemPackages = [
obelisk.command
obelisk.shell
obelisk-everywhere
pkgs.git
];
};
};
testScript =
let
privateKeyFile = pkgs.writeText "id_rsa" ''${snakeOilPrivateKey}'';
thunkableSample = pkgs.writeText "default.nix" ''
let pkgs = import <nixpkgs> {}; in pkgs.git
'';
invalidThunkableSample = pkgs.writeText "default.nix" ''
let pkgs = import <nixpkgs> {}; in pkgtypo.git
'';
sshConfigFile = pkgs.writeText "ssh_config" ''
Host *
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null
ConnectionAttempts=1
ConnectTimeout=1
IdentityFile=~/.ssh/id_rsa
User=root
'';
in ''
start_all()
with subtest("obelisk is installed and git is configured"):
client.succeed("ob --help")
client.succeed('git config --global user.email "[email protected]"')
client.succeed('git config --global user.name "Your Name"')
githost.wait_for_open_port("22")
with subtest("the client can access the server via ssh"):
client.succeed("mkdir -p ~/.ssh/")
client.succeed(
"cp ${privateKeyFile} ~/.ssh/id_rsa"
)
client.succeed("chmod 600 ~/.ssh/id_rsa")
client.wait_until_succeeds(
"ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa githost true"
)
client.succeed(
"cp ${sshConfigFile} ~/.ssh/config"
)
client.wait_until_succeeds("ssh githost true")
with subtest("a remote bare repo can be started"):
githost.succeed("mkdir -p ~/myorg/myapp.git")
githost.succeed("cd ~/myorg/myapp.git && git init --bare")
with subtest("a git project can be configured with a remote using ssh"):
client.succeed("mkdir -p ~/code/myapp")
client.succeed("cd ~/code/myapp && git init")
client.succeed(
"cp ${thunkableSample} ~/code/myapp/default.nix"
)
client.succeed("cd ~/code/myapp && git add .")
client.succeed('cd ~/code/myapp && git commit -m "Initial"')
client.succeed(
"cd ~/code/myapp && git remote add origin root@githost:/root/myorg/myapp.git"
)
with subtest("pushing code to the remote"):
client.succeed("cd ~/code/myapp && git push -u origin master")
client.succeed("cd ~/code/myapp && git status")
with subtest("obelisk can pack"):
client.succeed("ob -v thunk pack ~/code/myapp")
client.succeed("grep -qF 'git.json' ~/code/myapp/thunk.nix")
client.succeed("grep -qF 'myorg' ~/code/myapp/git.json")
client.succeed("ob -v thunk unpack ~/code/myapp")
with subtest("obelisk can set the public / private flag"):
client.succeed("ob -v thunk pack ~/code/myapp --private")
client.fail("""grep -qF '"private": practice' ~/code/myapp/git.json""")
client.succeed("""grep -qF '"private": true' ~/code/myapp/git.json""")
client.succeed("nix-build ~/code/myapp")
client.succeed("ob -v thunk unpack ~/code/myapp")
client.succeed("ob -v thunk pack ~/code/myapp --public")
client.succeed("""grep -qF '"private": false' ~/code/myapp/git.json""")
client.succeed("nix-build ~/code/myapp")
client.succeed("ob -v thunk unpack ~/code/myapp")
with subtest("building an invalid thunk fails"):
client.succeed("cd ~/code/myapp && git checkout -b bad")
client.succeed(
"cp ${invalidThunkableSample} ~/code/myapp/default.nix"
)
client.succeed("cd ~/code/myapp && git add .")
client.succeed('cd ~/code/myapp && git commit -m "Bad commit"')
client.succeed("cd ~/code/myapp && git push -u origin bad")
client.succeed("ob -v thunk pack ~/code/myapp --public")
client.fail("nix-build ~/code/myapp")
client.succeed("ob -v thunk unpack ~/code/myapp")
client.succeed("cd ~/code/myapp && git checkout master")
with subtest("obelisk can detect private repos"):
client.succeed("ob -v thunk pack ~/code/myapp")
client.succeed("""grep -qF '"private": true' ~/code/myapp/git.json""")
client.succeed("ob -v thunk unpack ~/code/myapp")
'';
}) {}