forked from fediversity/fediversity
		
	WIP: test data model thru VM #11
					 10 changed files with 48 additions and 197 deletions
				
			
		|  | @ -5,4 +5,5 @@ | ||||||
|   ]; |   ]; | ||||||
|   pathToRoot = ../../..; |   pathToRoot = ../../..; | ||||||
|   pathFromRoot = ./.; |   pathFromRoot = ./.; | ||||||
|  |   useFlake = true; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -1,4 +1,9 @@ | ||||||
| { inputs, lib, ... }: | { | ||||||
|  |   inputs, | ||||||
|  |   lib, | ||||||
|  |   config, | ||||||
|  |   ... | ||||||
|  | }: | ||||||
| 
 | 
 | ||||||
| { | { | ||||||
|   _class = "nixosTest"; |   _class = "nixosTest"; | ||||||
|  | @ -8,6 +13,7 @@ | ||||||
|   sourceFileset = lib.fileset.unions [ |   sourceFileset = lib.fileset.unions [ | ||||||
|     ./constants.nix |     ./constants.nix | ||||||
|     ./deployment.nix |     ./deployment.nix | ||||||
|  |     (config.pathToCwd + "/flake-under-test.nix") | ||||||
|   ]; |   ]; | ||||||
| 
 | 
 | ||||||
|   nodes.deployer = |   nodes.deployer = | ||||||
|  |  | ||||||
|  | @ -8,4 +8,5 @@ | ||||||
|   pathToRoot = ../../..; |   pathToRoot = ../../..; | ||||||
|   pathFromRoot = ./.; |   pathFromRoot = ./.; | ||||||
|   enableAcme = true; |   enableAcme = true; | ||||||
|  |   useFlake = true; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -1,6 +1,7 @@ | ||||||
| { | { | ||||||
|   inputs, |   inputs, | ||||||
|   hostPkgs, |   hostPkgs, | ||||||
|  |   config, | ||||||
|   lib, |   lib, | ||||||
|   ... |   ... | ||||||
| }: | }: | ||||||
|  | @ -19,6 +20,7 @@ in | ||||||
|   sourceFileset = lib.fileset.unions [ |   sourceFileset = lib.fileset.unions [ | ||||||
|     ./constants.nix |     ./constants.nix | ||||||
|     ./deployments.nix |     ./deployments.nix | ||||||
|  |     (config.pathToCwd + "/flake-under-test.nix") | ||||||
| 
 | 
 | ||||||
|     # REVIEW: I would like to be able to grab all of `/deployment` minus |     # REVIEW: I would like to be able to grab all of `/deployment` minus | ||||||
|     # `/deployment/check`, but I can't because there is a bunch of other files |     # `/deployment/check`, but I can't because there is a bunch of other files | ||||||
|  |  | ||||||
|  | @ -76,8 +76,6 @@ in | ||||||
|       ./sharedOptions.nix |       ./sharedOptions.nix | ||||||
|       ./targetNode.nix |       ./targetNode.nix | ||||||
|       ./targetResource.nix |       ./targetResource.nix | ||||||
| 
 |  | ||||||
|       (config.pathToCwd + "/flake-under-test.nix") |  | ||||||
|     ]; |     ]; | ||||||
| 
 | 
 | ||||||
|     acmeNodeIP = config.nodes.acme.networking.primaryIPAddress; |     acmeNodeIP = config.nodes.acme.networking.primaryIPAddress; | ||||||
|  | @ -164,6 +162,9 @@ in | ||||||
|           deployer.succeed(f"echo '{host_key}' > ${config.pathFromRoot}/${tm}_host_key.pub") |           deployer.succeed(f"echo '{host_key}' > ${config.pathFromRoot}/${tm}_host_key.pub") | ||||||
|         '')} |         '')} | ||||||
| 
 | 
 | ||||||
|  |       ${ | ||||||
|  |         if config.useFlake then | ||||||
|  |           '' | ||||||
|             ## NOTE: This is super slow. It could probably be optimised in Nix, for |             ## NOTE: This is super slow. It could probably be optimised in Nix, for | ||||||
|             ## instance by allowing to grab things directly from the host's store. |             ## instance by allowing to grab things directly from the host's store. | ||||||
|             ## |             ## | ||||||
|  | @ -189,6 +190,10 @@ in | ||||||
|                   --override-input nixops4-nixos/git-hooks-nix ${emptyFlake} \ |                   --override-input nixops4-nixos/git-hooks-nix ${emptyFlake} \ | ||||||
|                   ; |                   ; | ||||||
|               """) |               """) | ||||||
|  |           '' | ||||||
|  |         else | ||||||
|  |           "" | ||||||
|  |       } | ||||||
| 
 | 
 | ||||||
|       ${optionalString config.enableAcme '' |       ${optionalString config.enableAcme '' | ||||||
|         with subtest("Set up handmade DNS"): |         with subtest("Set up handmade DNS"): | ||||||
|  |  | ||||||
|  | @ -64,5 +64,7 @@ in | ||||||
|         during the test to the correct value. |         during the test to the correct value. | ||||||
|       ''; |       ''; | ||||||
|     }; |     }; | ||||||
|  | 
 | ||||||
|  |     useFlake = lib.mkEnableOption "Use a flake in the test."; | ||||||
|   }; |   }; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -1,168 +0,0 @@ | ||||||
| { |  | ||||||
|   inputs, |  | ||||||
|   lib, |  | ||||||
|   config, |  | ||||||
|   hostPkgs, |  | ||||||
|   sources, |  | ||||||
|   ... |  | ||||||
| }: |  | ||||||
| 
 |  | ||||||
| let |  | ||||||
|   inherit (builtins) |  | ||||||
|     concatStringsSep |  | ||||||
|     toJSON |  | ||||||
|     ; |  | ||||||
|   inherit (lib) |  | ||||||
|     types |  | ||||||
|     fileset |  | ||||||
|     mkOption |  | ||||||
|     genAttrs |  | ||||||
|     attrNames |  | ||||||
|     optionalString |  | ||||||
|     ; |  | ||||||
|   inherit (hostPkgs) |  | ||||||
|     writeText |  | ||||||
|     ; |  | ||||||
| 
 |  | ||||||
|   forConcat = xs: f: concatStringsSep "\n" (map f xs); |  | ||||||
| 
 |  | ||||||
| in |  | ||||||
| { |  | ||||||
|   _class = "nixosTest"; |  | ||||||
| 
 |  | ||||||
|   imports = [ |  | ||||||
|     ../common/sharedOptions.nix |  | ||||||
|   ]; |  | ||||||
| 
 |  | ||||||
|   options = { |  | ||||||
|     ## FIXME: I wish I could just use `testScript` but with something like |  | ||||||
|     ## `mkOrder` to put this module's string before something else. |  | ||||||
|     extraTestScript = mkOption { }; |  | ||||||
| 
 |  | ||||||
|     sourceFileset = mkOption { |  | ||||||
|       ## REVIEW: Upstream to nixpkgs? |  | ||||||
|       type = types.mkOptionType { |  | ||||||
|         name = "fileset"; |  | ||||||
|         description = "fileset"; |  | ||||||
|         descriptionClass = "noun"; |  | ||||||
|         check = (x: (builtins.tryEval (fileset.unions [ x ])).success); |  | ||||||
|         merge = (_: defs: fileset.unions (map (x: x.value) defs)); |  | ||||||
|       }; |  | ||||||
|       description = '' |  | ||||||
|         A fileset that will be copied to the deployer node in the current |  | ||||||
|         working directory. This should contain all the files that are |  | ||||||
|         necessary to run that particular test, such as the NixOS |  | ||||||
|         modules necessary to evaluate a deployment. |  | ||||||
|       ''; |  | ||||||
|     }; |  | ||||||
|   }; |  | ||||||
| 
 |  | ||||||
|   config = { |  | ||||||
|     sourceFileset = fileset.unions [ |  | ||||||
|       ../../../mkFlake.nix |  | ||||||
|       ../../../flake.lock |  | ||||||
|       ../../../npins |  | ||||||
|       ../../data-model.nix |  | ||||||
|       ../../function.nix |  | ||||||
| 
 |  | ||||||
|       ../common/sharedOptions.nix |  | ||||||
|       ../common/targetNode.nix |  | ||||||
|       ../common/targetResource.nix |  | ||||||
|     ]; |  | ||||||
| 
 |  | ||||||
|     acmeNodeIP = config.nodes.acme.networking.primaryIPAddress; |  | ||||||
| 
 |  | ||||||
|     nodes = |  | ||||||
|       { |  | ||||||
|         deployer = { |  | ||||||
|           imports = [ ../common/deployerNode.nix ]; |  | ||||||
|           _module.args = { inherit inputs sources; }; |  | ||||||
|           enableAcme = config.enableAcme; |  | ||||||
|           acmeNodeIP = config.nodes.acme.networking.primaryIPAddress; |  | ||||||
|         }; |  | ||||||
|       } |  | ||||||
| 
 |  | ||||||
|       // |  | ||||||
| 
 |  | ||||||
|         ( |  | ||||||
|           if config.enableAcme then |  | ||||||
|             { |  | ||||||
|               acme = { |  | ||||||
|                 ## FIXME: This makes `nodes.acme` into a local resolver. Maybe this will |  | ||||||
|                 ## break things once we play with DNS? |  | ||||||
|                 imports = [ "${inputs.nixpkgs}/nixos/tests/common/acme/server" ]; |  | ||||||
|                 ## We aren't testing ACME - we just want certificates. |  | ||||||
|                 systemd.services.pebble.environment.PEBBLE_VA_ALWAYS_VALID = "1"; |  | ||||||
|               }; |  | ||||||
|             } |  | ||||||
|           else |  | ||||||
|             { } |  | ||||||
|         ) |  | ||||||
| 
 |  | ||||||
|       // |  | ||||||
| 
 |  | ||||||
|         genAttrs config.targetMachines (_: { |  | ||||||
|           imports = [ ../common/targetNode.nix ]; |  | ||||||
|           _module.args = { inherit inputs sources; }; |  | ||||||
|           enableAcme = config.enableAcme; |  | ||||||
|           acmeNodeIP = if config.enableAcme then config.nodes.acme.networking.primaryIPAddress else null; |  | ||||||
|         }); |  | ||||||
| 
 |  | ||||||
|     testScript = '' |  | ||||||
|       ${forConcat (attrNames config.nodes) (n: '' |  | ||||||
|         ${n}.start() |  | ||||||
|       '')} |  | ||||||
| 
 |  | ||||||
|       ${forConcat (attrNames config.nodes) (n: '' |  | ||||||
|         ${n}.wait_for_unit("multi-user.target") |  | ||||||
|       '')} |  | ||||||
| 
 |  | ||||||
|       ## A subset of the repository that is necessary for this test. It will be |  | ||||||
|       ## copied inside the test. The smaller this set, the faster our CI, because we |  | ||||||
|       ## won't need to re-run when things change outside of it. |  | ||||||
|       with subtest("Unpacking"): |  | ||||||
|         deployer.succeed("cp -r --no-preserve=mode ${ |  | ||||||
|           fileset.toSource { |  | ||||||
|             root = ../../..; |  | ||||||
|             fileset = config.sourceFileset; |  | ||||||
|           } |  | ||||||
|         }/* .") |  | ||||||
| 
 |  | ||||||
|       with subtest("Configure the network"): |  | ||||||
|         ${forConcat config.targetMachines ( |  | ||||||
|           tm: |  | ||||||
|           let |  | ||||||
|             targetNetworkJSON = writeText "target-network.json" ( |  | ||||||
|               toJSON config.nodes.${tm}.system.build.networkConfig |  | ||||||
|             ); |  | ||||||
|           in |  | ||||||
|           '' |  | ||||||
|             deployer.copy_from_host("${targetNetworkJSON}", "${config.pathFromRoot}/${tm}-network.json") |  | ||||||
|           '' |  | ||||||
|         )} |  | ||||||
| 
 |  | ||||||
|       with subtest("Configure the deployer key"): |  | ||||||
|         deployer.succeed("""mkdir -p ~/.ssh && ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa""") |  | ||||||
|         deployer_key = deployer.succeed("cat ~/.ssh/id_rsa.pub").strip() |  | ||||||
|         ${forConcat config.targetMachines (tm: '' |  | ||||||
|           ${tm}.succeed(f"mkdir -p /root/.ssh && echo '{deployer_key}' >> /root/.ssh/authorized_keys") |  | ||||||
|         '')} |  | ||||||
| 
 |  | ||||||
|       with subtest("Configure the target host key"): |  | ||||||
|         ${forConcat config.targetMachines (tm: '' |  | ||||||
|           host_key = ${tm}.succeed("ssh-keyscan ${tm} | grep -v '^#' | cut -f 2- -d ' ' | head -n 1") |  | ||||||
|           deployer.succeed(f"echo '{host_key}' > ${config.pathFromRoot}/${tm}_host_key.pub") |  | ||||||
|         '')} |  | ||||||
| 
 |  | ||||||
|       # with subtest("Override the flake and its lock"): |  | ||||||
|       #   deployer.succeed("cp ${config.pathFromRoot}/flake-under-test.nix flake.nix") |  | ||||||
| 
 |  | ||||||
|       ${optionalString config.enableAcme '' |  | ||||||
|         with subtest("Set up handmade DNS"): |  | ||||||
|           deployer.succeed("echo '${config.nodes.acme.networking.primaryIPAddress}' > ${config.pathFromRoot}/acme_server_ip") |  | ||||||
|       ''} |  | ||||||
| 
 |  | ||||||
|       ${config.extraTestScript} |  | ||||||
|     ''; |  | ||||||
|   }; |  | ||||||
| } |  | ||||||
|  | @ -8,7 +8,7 @@ runNixOSTest { | ||||||
|   imports = [ |   imports = [ | ||||||
|     ../../data-model.nix |     ../../data-model.nix | ||||||
|     ../../function.nix |     ../../function.nix | ||||||
|     ./common-nixosTest.nix |     ../common/nixosTest.nix | ||||||
|     ./nixosTest.nix |     ./nixosTest.nix | ||||||
|   ]; |   ]; | ||||||
|   _module.args = { inherit inputs sources; }; |   _module.args = { inherit inputs sources; }; | ||||||
|  |  | ||||||
|  | @ -8,4 +8,5 @@ | ||||||
|   pathToRoot = ../../..; |   pathToRoot = ../../..; | ||||||
|   pathFromRoot = ./.; |   pathFromRoot = ./.; | ||||||
|   enableAcme = true; |   enableAcme = true; | ||||||
|  |   useFlake = true; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -128,6 +128,7 @@ in | ||||||
|   sourceFileset = lib.fileset.unions [ |   sourceFileset = lib.fileset.unions [ | ||||||
|     ./constants.nix |     ./constants.nix | ||||||
|     ./deployment.nix |     ./deployment.nix | ||||||
|  |     (config.pathToCwd + "/flake-under-test.nix") | ||||||
| 
 | 
 | ||||||
|     # REVIEW: I would like to be able to grab all of `/deployment` minus |     # REVIEW: I would like to be able to grab all of `/deployment` minus | ||||||
|     # `/deployment/check`, but I can't because there is a bunch of other files |     # `/deployment/check`, but I can't because there is a bunch of other files | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		
		Reference in a new issue