From 6ec6f1677d1109e747dd5cab32bdabf8d51f26b7 Mon Sep 17 00:00:00 2001
From: Kiara Grouwstra <kiara@procolix.eu>
Date: Mon, 25 Aug 2025 19:45:04 +0200
Subject: [PATCH] update test

---
 deployment/check/data-model/nixosTest.nix | 113 +++++++++++++---------
 1 file changed, 67 insertions(+), 46 deletions(-)

diff --git a/deployment/check/data-model/nixosTest.nix b/deployment/check/data-model/nixosTest.nix
index 3b6991eb..ead89210 100644
--- a/deployment/check/data-model/nixosTest.nix
+++ b/deployment/check/data-model/nixosTest.nix
@@ -9,6 +9,10 @@ let
 in
 {
   _class = "nixosTest";
+  imports = [
+    ./options.nix
+  ];
+
   name = "deployment-model";
   sourceFileset = lib.fileset.unions [
     ../../data-model.nix
@@ -34,53 +38,70 @@ in
 
   extraTestScript = ''
     ${lib.concatStringsSep "\n" (
-      lib.lists.map (nodeName: ''
-        with subtest("Check the status before deployment"):
-          ${nodeName}.fail("${nodeName} 1>&2")
-
-        with subtest("Run the deployment for ${nodeName}"):
-          deployer.succeed("""
-            set -euo pipefail
-
-            # INSTANTIATE
-            command=(nix-instantiate --expr '
-              import ${pathToRoot}/deployment/nixos.nix {
-                configuration = import ${pathToRoot}/deployment/check/data-model/deployment.nix {
-                  config = builtins.fromJSON "${
-                    escapedJson {
-                      inherit (config) enableAcme;
-                      acmeNodeIP = if config.enableAcme then config.nodes.acme.networking.primaryIPAddress else null;
-                    }
-                  }";
-                };
-              }
-            ')
-            # DEPLOY
-            host="root@${nodeName}"
-            sshOpts=(
-              -o StrictHostKeyChecking=no
-              -o "ConnectTimeout=1"
-              -o "ServerAliveInterval=1"
+      lib.lists.map (
+        nodeName:
+        let
+          deployment-config = {
+            inherit (config) enableAcme;
+            acmeNodeIP = if config.enableAcme then config.nodes.acme.networking.primaryIPAddress else null;
+            host = nodeName;
+          };
+          inherit
+            ((import ./deployment.nix {
+              config = deployment-config;
+            }).ssh-host.ssh
             )
-            # instantiate the config in /nix/store
-            "''${command[@]}" -A out_path
-            # get the realized derivation to deploy
-            outPath=$(nix-store --realize "$("''${command[@]}" --eval --strict --json | jq -r '.drv_path')")
-            # deploy the config by nix-copy-closure
-            NIX_SSHOPTS="''${sshOpts[*]}" nix-copy-closure --to "$host" "$outPath" --gzip --use-substitutes
-            # switch the remote host to the config
-            output=$(ssh "''${sshOpts[@]}" "$host" "nix-env --profile /nix/var/nix/profiles/system --set $outPath; nohup $outPath/bin/switch-to-configuration switch &" 2>&1) || echo "status code: $?"
-            echo "output: $output"
-            if [[ $output != *"Timeout, server ${nodeName} not responding"* ]]; then
-              echo "non-timeout error: $output"
-              exit 1
-            else
-              exit 0
-            fi
-          """)
-          ${nodeName}.wait_for_unit("multi-user.target")
-          ${nodeName}.succeed("${nodeName} 1>&2")
-      '') targetMachines
+            host
+            username
+            key-file
+            ;
+        in
+        ''
+          with subtest("Check the status before deployment"):
+            ${nodeName}.fail("${nodeName} 1>&2")
+
+          with subtest("Run the deployment for ${nodeName}"):
+            deployer.succeed("""
+              set -euo pipefail
+
+              # INSTANTIATE
+              command=(nix-instantiate --show-trace --expr '
+                import ${pathToRoot}/deployment/nixos.nix {
+                  configuration = (
+                    import ${pathToRoot}/deployment/check/data-model/deployment.nix {
+                      config = builtins.fromJSON "${escapedJson deployment-config}";
+                    }
+                  ).ssh-host.nixos-configuration;
+                }
+              ')
+              # DEPLOY
+              host="${lib.defaultTo "root" username}@${host}"
+              sshOpts=(
+                ${if key-file == null then "" else "-i ${key-file}"}
+                -o StrictHostKeyChecking=no
+                -o "ConnectTimeout=1"
+                -o "ServerAliveInterval=1"
+              )
+              # instantiate the config in /nix/store
+              "''${command[@]}" --show-trace -A out_path
+              # get the realized derivation to deploy
+              outPath=$(nix-store --realize "$("''${command[@]}" --show-trace --eval --strict --json | jq -r '.drv_path')")
+              # deploy the config by nix-copy-closure
+              NIX_SSHOPTS="''${sshOpts[*]}" nix-copy-closure --to "$host" "$outPath" --gzip --use-substitutes
+              # switch the remote host to the config
+              output=$(ssh "''${sshOpts[@]}" "$host" "nix-env --profile /nix/var/nix/profiles/system --set $outPath; nohup $outPath/bin/switch-to-configuration switch &" 2>&1) || echo "status code: $?"
+              echo "output: $output"
+              if [[ $output != *"Timeout, server ${nodeName} not responding"* ]]; then
+                echo "non-timeout error: $output"
+                exit 1
+              else
+                exit 0
+              fi
+            """)
+            ${nodeName}.wait_for_unit("multi-user.target")
+            ${nodeName}.succeed("${nodeName} 1>&2")
+        ''
+      ) targetMachines
     )}
   '';
 }