From dab12bc2b84604599ff446efc721207815a0688f Mon Sep 17 00:00:00 2001 From: Taeer Bar-Yam Date: Thu, 18 Jul 2024 06:44:13 -0400 Subject: [PATCH] interactive test is working --- garage.nix | 33 ++++++----- tests/fediversity.png | Bin 5640 -> 0 bytes tests/green.png | Bin 0 -> 692 bytes tests/mastodon-garage.nix | 112 +++++++++++++++++++++++++++++++------- 4 files changed, 110 insertions(+), 35 deletions(-) delete mode 100644 tests/fediversity.png create mode 100644 tests/green.png diff --git a/garage.nix b/garage.nix index 2c47ec98..3de3709a 100644 --- a/garage.nix +++ b/garage.nix @@ -38,7 +38,8 @@ let ${optionalString corsRules.enable '' garage bucket allow --read --write --owner ${bucketArg} --key tmp - aws --endpoint http://s3.garage.localhost:3900 s3api put-bucket-cors --bucket ${bucketArg} --cors-configuration ${corsRulesJSON} + # TODO: endpoin-url should not be hard-coded + aws --region ${cfg.settings.s3_api.s3_region} --endpoint-url http://s3.garage.localhost:3900 s3api put-bucket-cors --bucket ${bucketArg} --cors-configuration ${corsRulesJSON} garage bucket deny --read --write --owner ${bucketArg} --key tmp ''} ''; @@ -124,21 +125,23 @@ in { }; config = { - virtualisation.diskSize = 2048; - virtualisation.forwardPorts = [ - { - from = "host"; - host.port = 3901; - guest.port = 3901; - } - { - from = "host"; - host.port = 3902; - guest.port = 3902; - } - ]; + virtualisation.vmVariant = { config, ... }: { + virtualisation.diskSize = 2048; + virtualisation.forwardPorts = [ + { + from = "host"; + host.port = 3901; + guest.port = 3901; + } + { + from = "host"; + host.port = 3902; + guest.port = 3902; + } + ]; - environment.systemPackages = [ pkgs.minio-client pkgs.awscli ]; + environment.systemPackages = [ pkgs.minio-client pkgs.awscli ]; + }; networking.firewall.allowedTCPPorts = [ 3901 3902 ]; services.garage = { diff --git a/tests/fediversity.png b/tests/fediversity.png deleted file mode 100644 index 24881fb4a0321f00a18d2c85d5859f9a04f6a108..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5640 zcmV+j7We5=Nk&Eh761TOMM6+kP&il$0000G0000#0RUf_Sl!*xy1Tn$?QyTWy9@Oehg~X2 zy;m2?%0zy@B;OyCWHOoT^!SO036R`Kk|Rk+)Y{Wu0V2#*gy&pP;t zD!YShVK?b$;Y}JV!Z8wAK zHbVa|LlfkPwwOfPmWS&&3rC0vviZuqpluy+y{0fV^fKZt+F}xENA`tPuMzGR-Tm2e zJXHO5Z+5&zTTBJx>N`^pjIHy+tayvIm@Fx)Vos*4id6+{B~*$jCAJcC9Uw`sC11&+ zG-^32Oa`?1!S;j=aSK+HANXY^JL>S0CrnH{{?y$-Nq&Cngo%kKoN@psA&fX}{KV+v z4*l5%Jpd@Ggs|}`6DG!vKYdqlO%a#0IUe0)qS2}aA|j!mAwth(Qt=<5;s{Sm#j`C? z9OEuY>US=_=lFgASD-LX68|2B8sLt&rN@qIcbI5Kg+QVMV@zgx%=1f5;x2z$vIqPw zCvlhmRt3NJyPQ~8`y#UJ%KlK5j1AjMPGo7N`E5-R$)>oknHWSFU*a>hKwPaoH@@Ug zPxg>FT6=DMDVR~gAH>#Ld!FaHwrx9(BeHM=R0Vt6B05q;E`n7HG(-ytR~*Ai1PKCT zOtwNv`nwd2B>gCrAP52}cRbG)=P0No0Bw5t9M6<3p1wl?nJz_|84ARBBCHuFynDo$ zk$asd1U`KQUEHN?TvT!{LNHq>=#}T5b zfbBbs=V@;na5DV8Yyom6R!{-!^2ix|8~_W~iKA_q29-Co!~#bi>;9Z`e8cH8`9Vpm z#k5YF@44apo}j#;g}KOE*@tud;4^m))!chXI}I?N6Gt1fCAd2XrpT#yaU|)C7_GG< zk01j#T0K-Or}1IWq*N_Mmx-f2ISeXyXbFZQt)6m9p6P0as@j!EIYRsGAIE+)^X;La zD&bIZv?CY6>K3r)N6sOH9{P1%Z+(N zPmGX3&!k*g)Q@%=1^g{PHU=N51;(U{JM2 zilZI5rW*;`$hbwTv@J9GL8a&UZHqqtEb@~t?yJm|_mOr=M~I_cIkP*74Qk$E%Cs$S z4FIQR%hdj>4vHSq7fEa5dU3QTdqQ<1(G^KvfwtxCfuOWXaxGGhqoh@1dP5xT+v|b5 zlX!6^LYL%)MxxYipaza4rc{u28j7~;G@dIn6e!<-98Y0emus{wCqkumJqk#*1}ywu zY;DUGu#jumCKcF3#*#ebNTM+l<%Exda*hhv)6<^kx334zKa+|eN}6%xwZsiyN9CDe zRve#-VrEu~fl=QFuC`?=7!}-EwlHr@E{{FsC^BXuZ22p=M&3o*F|CMQ{TerPjU%59 zAWFoR`dirovN&HnMIvfcVu$C-7^oVVvw6ZT*P|2`Z?xft8*jDyiFbW1#?wyFwHp{o z8NfYdtpGS*JmF=kn$g;G$u4`-;(&|$)__C5)Pew(=Fw<-f-EO z2M;R(P=pE@+fBatme`vn9|)B8EsG;kRaQ9@GpmNiM$1w$iU7cBELi2t%!Jg*iY_n_=a3n2 zDqK_MRL7P3!G!diicN%Qt9P-njCvKDq8X7ri%m^U1pq`yxaMY?4nZ{aYHDg~DmIig z7MtRG7XUOBdouw5q1e=$^2oGVq=FJ#bnx9!Fj8k+(z@_hqyR9cw$2|0CiHr?WzMXb zGiT2Fcyllad}qt-Su@{#^$()~DkH)PZ!G@D&)FhCgmgM3y5 z5sFJCcIT*fCH6N=1b}gi#BK#9tiDvruK_DOEJ-g!0~P0q>;XmG_fs+3AfMc3xex)i zWt&KQ#*x#g8ic0#{?a}mC>$oi4NxEy7X)8lcJ_Jao_EerP}!@&%4^QK?nUj$1SmjZ zS21l@9(cr+pFRu*2))m>^+&@25caw9(o1e=H;XU7^pY#L2P^CwgwKL4oGIaCF!CWv z?h}=6O^rh}pfFAR17JbnUh#H`S||$%@dSQd+ExK@eh|FOM6hs~gl7XluR$OH3Y&Gv zeNc#PY?C(-O>Dg){upro#ld&0Q(i!cE=z3S*>?Bk4`9aNFJz_#idrl?rMNyio*7t@(8#LAPihCGZYAs zj7KCG)8m`))BZ&HW%}eXOR6l$5EO0_e;+j9E-7sr(;{D=F?PbZNqZ&f2dLY8nFa+A z4O$}M(({G_oCSqprSR!%MJ7QZM<{tf9|fLCE>dSM6`;L^7jFX>iq4E zfA~;j@mjrWxbs6Eug(gcxjql5+eXxHh z7ed9AmMvNG`B(P=5;B(`^wUwb5mG|W?++Be+cB$fkf2< z<7Nq8v6yO)3);*Bu3kx|hLw#lekdY=NuB}5){abRSS+uD5VcTRi-?a{zB+cXJ54E=boGam0;1JLPMcoQGzuI z(?w2!iU5?ddf;#gZiZF1W2Zby=_wo#$kcjZxQ1ZiLiy$|^5Z7p1TBpC81TTQVcP~^ z0K6I^$4Yornd0USc>q=w_RlA_c#B^{j7@FR7Q6&TT)6CzJ@?vk&tLTgmAw|Wt$_lL z6L}np0D9o96L;Qlqr*NovKtrx_OpXmdV%8F!blN(l z>RW4p@i)=+z_GBZMJP58-}7tqLgLxOw}5AOO9F{qmr_cPb*f zVasiro3|OZ24bzPw%v%3kkGez_!^+>S-84dZ1EO9B^`{0s#b;xv5aU%5xK1}Qi5*J z3zzlNYzt(z{x~_aP42*hSVV_p%)}P%FjQU<-m17>9{d4li z*6&;AC4cYNV*p0I&j9fCeP#f}sQ*bZeR`)^DZ)?0&+jw-@Bja50aj2rAVvuQ0I)3p zodGI90c!w0fi{#zqNAY_`QBJN2n6&OrKt9rPS}vIy>65IKjrVX-Ld>1-`;BUKiaSE z{dRwz|7GmU^uPM=a1ZVO()w0;fc=X7s`rooU+QQ47pMpJUZIcNe_;>XUrtZlzl6Ws zuiejSpa1<}9YXwooF{&HNw6PF6w>^CJ%HX9G>Yf&qE`}ZF;k|eo8I@m?|awgf~j>l z!Gj5piy)0>Kall8QW1$wKcsvgl2;Ka1y7dSK}Yqxm5Cjy%=h(zHud>>%(4?ZKNS`= z7ZPn$qaolg9|>^6)K?qKO7w4Ly0jy7+4n7e*$_Y&UxfG*yrF`o4helyn%KQ~8epdr zC#w~4thE17ci3j*cN-O^($l31{XM4EfF#|0wlZ@F*o(!F6A84?Q^4LYpgDhq<{0`1 z_}wfsGG&}1lXWJ#X!)j1r|C4_wACX|IMc;&ux zcJ?+SKe?a){`~k}KZ{ayup`ulq+-#KN|Jr~dT%kW+ew~~N6du;a~@D+`jTL0^_ zZZ=-%HT-u?JPDK<8Hdlo#WyI!j*uyn{P8MnoTJ_B9kJw`^J#m{*CJlvV-&?7D?$6P)UqRc0kI$mLG>tuJj`{a>!yg;olRb39> zZ(7j!8O@_tKC^XO%~2ZsyG`QZ>%gO0TX?&Emk$G}dDforOm}AIt7B;SDx%fFPKZ-Rii)CDT?XlgHGb&xo z0@4dR(@o&H!W&@WEmoQZ1G4L{3ef!eAbd)BKCc*1-7SB3WWIc+Y zKh1aF)rPcJpIAGAjYh=1`aw2rmEVvzHfUDMsBCCLEB70v^fCZ#Zwu3hz zfAw`xUu2u5ZVL~ix*YPB20EErh%PvOhO(>ZDx z4W*iU9xx)eTn9NnGIkBSfTxxYGW1D`pka?Px%!J_gwz1$PaO}sP6kT^KR+i09}(>TN= zw>Cs9Td9^q1TTns@#EOX(`YBFL!Bw!7sQ-rbiQ5rB8hK$w>}`%!$7-|tm-sus@PCi zQR2(Vg^pppuerul#swb_OMM<(Ok`Q}^Md}}SUDoeScZ9%`?MOQK_;f(4aQHDq}{+^ z!ToW1W!%|BSoRr1Fp8StSv8yu#nh__Tzf|!wssjS;P3lt&;dpisIr=X0hie#X)+{y zMrSR`-oQvhuLJ9H5N`uZ4%?5_ej{+qF2(Fn3+-fHoC7g%4;GsOi`~ytKRa#r=aB*S zPkm!yo+<7LOKg&6xiZanv>M{2$a@9&vD@#11ol}-r>&j&b}b*jv2kP8K1#`q3zEFc zqjCp`Vw?;TN^E6!2V;Ct=d`b&3>OgD9z>;ykoxOOx1j!?6Mhq8Aq#4T8@=x2B~i|3 zi2;0!zCr&{e7on>Z6>sMc;Ub|povP#iCQoU(_FwPE9OqW9Pxo`VZK9+-QK^=zh-WP z7uA)5i#(f?k(3e)--Zrr@)5D>VA$>?#em@F;{Ra+KwF1V$SEv}h`X}@u5@B4mPj_{ zVmiZ5$)p_HoIV%3xSse~{^hrBywv-yN`Ox*(2s8&qg$FhLW52AZmrJ#k!AJ7#3$iP zWhNk<=uIrgYZ9XPaw$&bQIQ}QgOqGjTUXXJ?a9awR3vk7abGxHo1=l5f7m%oou!+t#+)ggGYH6*qOoJr4yS z*xAw7)(2Q4NF{F`S9Y3&&9PuV1qA22`zDvoS^ILw7_|1C7zPliaCsyX52LQMpg$^P+Rn!Wp}{FAT~y@OsBjdR zh4&OS!|@So4U?~}m8w&Lfv#$)^@;2O!9*&Ttxlq%tsQ zOst(~>v7mY=4gEI)FyDur-tbz04*HocC+S89@oxckAa4;~y( zx_aWz+zt0pHY`u^sW|G(k&^b<=b zWHa~3d|u(u{N~re{}0Nyhb0yr^5#-+I46Gmrv$6hZimIsEbbrgyKKSObpF89d!NEz z9XO-@a_clPTPC(`joq)OEqlW_-TJ_V$%?Z#X|rZ>wK9FEbGtu$-Mja0uRm|{`!}Q1>7wQtOSe1$Mhj~XOJv$jVN)>&&^HED`9XhN=++J%E?Kp-qUngH$fOokq}0s z4w$jjVH%hbqySU{6w#ajQXIKS/garage-image.webp") + garage_image_hash = server.succeed("identify -quiet -format '%#' /garage-image.webp") + image_hash = server.succeed("identify -quiet -format '%#' $POST_MEDIA") + assert garage_image_hash == image_hash + + with subtest("Content security policy allows garage images"): + headers = server.succeed("xh -h http://masstodon.localhost:55001/public/local") + csp_match = re.match('^Content-Security-Policy: (.*)$', headers, re.M) + assert csp_match is not None + csp = csp_match.group(1) + # the content security policy should include the garage server + garage_csp = re.match(".*web\.garage\.localhost:3902.*", csp) + assert garage_csp is not None + + with subtest("image displays"): + server.succeed("selenium-script") + server.copy_from_vm("/mastodon-screenshot.png", "") + displayed_colors = server.succeed("convert /mastodon-screenshot.png -define histogram:unique-colors=true -format %c histogram:info:") + # check that the green image displayed somewhere + re.match(".*#00FF00.*", displayed_colors, re.S) ''; }