forked from fediversity/fediversity
		
	wip: use ssh in test
This commit is contained in:
		
							parent
							
								
									b65a8daa82
								
							
						
					
					
						commit
						ca77181bae
					
				
					 2 changed files with 94 additions and 3 deletions
				
			
		|  | @ -1,8 +1,12 @@ | ||||||
| { | { | ||||||
|   lib, |   lib, | ||||||
|  |   config, | ||||||
|  |   sources, | ||||||
|   ... |   ... | ||||||
| }: | }: | ||||||
| 
 | let | ||||||
|  |   inherit (import ./constants.nix) targetMachines pathToRoot; | ||||||
|  | in | ||||||
| { | { | ||||||
|   _class = "nixosTest"; |   _class = "nixosTest"; | ||||||
| 
 | 
 | ||||||
|  | @ -19,6 +23,10 @@ | ||||||
|     { pkgs, ... }: |     { pkgs, ... }: | ||||||
|     { |     { | ||||||
| 
 | 
 | ||||||
|  |       environment.systemPackages = with pkgs; [ | ||||||
|  |         jq | ||||||
|  |       ]; | ||||||
|  | 
 | ||||||
|       # FIXME: sad times |       # FIXME: sad times | ||||||
|       system.extraDependencies = with pkgs; [ |       system.extraDependencies = with pkgs; [ | ||||||
|         jq |         jq | ||||||
|  | @ -40,8 +48,77 @@ | ||||||
|       hello.fail("hello 1>&2") |       hello.fail("hello 1>&2") | ||||||
|       cowsay.fail("cowsay 1>&2") |       cowsay.fail("cowsay 1>&2") | ||||||
| 
 | 
 | ||||||
|     with subtest("Run the deployment"): |     ${lib.concatStringsSep "\n" ( | ||||||
|       deployer.succeed("nixops4 apply check-deployment-basic --show-trace --no-interactive 1>&2") |       lib.lists.map (nodeName: '' | ||||||
|  |         with subtest("Run the deployment for ${nodeName}"): | ||||||
|  |           deployer.succeed(""" | ||||||
|  |             set -euo pipefail | ||||||
|  | 
 | ||||||
|  |             # INSTANTIATE | ||||||
|  |             command=( | ||||||
|  |               nix-instantiate | ||||||
|  |               --expr | ||||||
|  | 
 | ||||||
|  |               ' | ||||||
|  |               let | ||||||
|  |                 system = builtins.currentSystem; | ||||||
|  |                 configuration = { pkgs, config, ... }: { | ||||||
|  |                   imports = [ | ||||||
|  |                     ${pathToRoot}/deployment/check/common/sharedOptions.nix | ||||||
|  |                     ${pathToRoot}/deployment/check/common/targetNode.nix | ||||||
|  |                   ]; | ||||||
|  | 
 | ||||||
|  |                   _module.args = builtins.fromJSON "${ | ||||||
|  |                     lib.replaceStrings [ "\"" ] [ "\\\\\"" ] ( | ||||||
|  |                       lib.strings.toJSON { | ||||||
|  |                         inherit sources; | ||||||
|  |                       } | ||||||
|  |                     ) | ||||||
|  |                   }"; | ||||||
|  |                   enableAcme = ${lib.strings.toJSON config.enableAcme}; | ||||||
|  |                   acmeNodeIP = if config.enableAcme then config.nodes.acme.networking.primaryIPAddress else null; | ||||||
|  | 
 | ||||||
|  |                   # environment.systemPackages = [ pkgs.hello ]; | ||||||
|  |                 }; | ||||||
|  |                 os = import "${sources.nixpkgs}/nixos" { inherit system configuration; }; | ||||||
|  |               in | ||||||
|  |               # import "${pathToRoot}/deployment/nixos.nix" {} | ||||||
|  |               { | ||||||
|  |                 substituters = builtins.concatStringsSep " " os.config.nix.settings.substituters; | ||||||
|  |                 trusted_public_keys = builtins.concatStringsSep " " os.config.nix.settings.trusted-public-keys; | ||||||
|  |                 drv_path = os.config.system.build.toplevel.drvPath; | ||||||
|  |                 out_path = os.config.system.build.toplevel; | ||||||
|  |               } | ||||||
|  |               ' | ||||||
|  |             ) | ||||||
|  |             # instantiate the config in /nix/store | ||||||
|  |             "''${command[@]}" -A out_path | ||||||
|  |             # get the other info | ||||||
|  |             json="$("''${command[@]}" --eval --strict --json)" | ||||||
|  | 
 | ||||||
|  |             # DEPLOY | ||||||
|  |             declare substituters trusted_public_keys drv_path | ||||||
|  |             # set our variables using the json object | ||||||
|  |             eval "export $(echo $json | jq -r 'to_entries | map("\(.key)=\(.value)") | @sh')" | ||||||
|  |             host="root@${nodeName}" | ||||||
|  |             buildArgs=( | ||||||
|  |               --option extra-binary-caches https://cache.nixos.org/ | ||||||
|  |               --option substituters $substituters | ||||||
|  |               --option trusted-public-keys $trusted_public_keys | ||||||
|  |             ) | ||||||
|  |             sshOpts=( | ||||||
|  |               -o BatchMode=yes | ||||||
|  |               -o StrictHostKeyChecking=no | ||||||
|  |             ) | ||||||
|  |             # get the realized derivation to deploy | ||||||
|  |             outPath=$(nix-store --realize "$drv_path" "''${buildArgs[@]}") | ||||||
|  |             # deploy the config by nix-copy-closure | ||||||
|  |             NIX_SSHOPTS="''${sshOpts[*]}" nix-copy-closure --to "$host" "$outPath" --gzip --use-substitutes | ||||||
|  |             # switch the remote host to the config | ||||||
|  |             ssh "''${sshOpts[@]}" "$host" "nix-env --profile /nix/var/nix/profiles/system --set $outPath; $outPath/bin/switch-to-configuration switch" | ||||||
|  |           """) | ||||||
|  |       '') targetMachines | ||||||
|  |     )} | ||||||
| 
 | 
 | ||||||
|     with subtest("Check the deployment"): |     with subtest("Check the deployment"): | ||||||
|       hello.succeed("hello 1>&2") |       hello.succeed("hello 1>&2") | ||||||
|  |  | ||||||
							
								
								
									
										14
									
								
								deployment/nixos.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								deployment/nixos.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,14 @@ | ||||||
|  | { | ||||||
|  |   configuration, | ||||||
|  |   system ? builtins.currentSystem, | ||||||
|  | }: | ||||||
|  | let | ||||||
|  |   sources = import ../npins; | ||||||
|  |   os = import "${sources.nixpkgs}/nixos" { inherit system configuration; }; | ||||||
|  | in | ||||||
|  | { | ||||||
|  |   substituters = builtins.concatStringsSep " " os.config.nix.settings.substituters; | ||||||
|  |   trusted_public_keys = builtins.concatStringsSep " " os.config.nix.settings.trusted-public-keys; | ||||||
|  |   drv_path = os.config.system.build.toplevel.drvPath; | ||||||
|  |   out_path = os.config.system.build.toplevel; | ||||||
|  | } | ||||||
		Loading…
	
	Add table
		
		Reference in a new issue