kiara/Fediversity
1
0
Fork 0
forked from Fediversity/Fediversity
Code Pull requests Activity
927 commits 107 branches 0 tags 49 MiB
Commit graph

41 commits

Author SHA1 Message Date
Kiara Grouwstra
6e873c33d0
restore path-based behavior for non-data-model tests 2025-09-01 14:46:53 +02:00
Kiara Grouwstra
6862fd17a1
factor out ssh deployment to make for reusable invocation 2025-08-31 19:16:25 +02:00
Kiara Grouwstra
cc66348444
split tests to allow running the faster ssh test separately 2025-08-28 14:10:54 +02:00
Kiara Grouwstra
80e2a9b909
factor out data model 2025-08-27 21:23:18 +02:00
Kiara Grouwstra
b5a96a70b8
add nixops4 data model test 2025-08-27 20:40:49 +02:00
Kiara Grouwstra
d51943af42
simplify inputDerivations 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
989d04a418
dedupe inputDerivations 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
a6d91b6c02
rm users 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
45ef1609fc
simplify grub 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
8304b892d7
rm users 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
6a56954e82
reenable ipv6 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
0eb14ba64f
reenable firewall 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
f65c82503c
rm getty 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
6cdf038d54
mv attempts 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
af4b04cf05
download-attempts: settle for just targetNode 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
35841f172c
restore imports 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
f24347c7d0
dedupe nixosTest.nix 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
6016007143
grub 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
133b0a0bb0
auto login 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
75716ed6c3
networking 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
81eef54982
users 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
7d1f0c61af
nix in tests: download-attempts = 1 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
b5d42bb64c
move stuff not needed in test out 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
fb29c3d07e
ensure availability of needed inputs 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
de505fb430
reduce download attempts in test 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
5c0735d545
move imports from paste to targetNode to increase parity between paste and nixosTest 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
dea95b63c8
add keys 2025-08-27 13:18:09 +02:00
Kiara Grouwstra
3e7c0c577c
un-nixops 2025-08-27 13:18:09 +02:00
Nicolas “Niols” Jeannerod
be72b82875 Link to upstreaming PR for lib.types.fileset (#487) 
Reviewed-on: Fediversity/Fediversity#487
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2025-07-30 13:25:22 +02:00
Nicolas “Niols” Jeannerod
b4e1c5b5b3 Restrict fileset necessary for deployment tests (#450) 
Now that we won't depend on the flake.nix anymore, we won't depend on all the flake-part.nix files (necessary to evaluate flake.nix) and all the files they depend on etc., so the Nix dependencies of the tests will be drastically reduced, and I will be able to leverage that by introducing a more subtle src. This will make the test not need to re-run if only things outside that reduced src changed (and the previous run is in the Nix store).

Reviewed-on: Fediversity/Fediversity#450
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2025-07-09 22:57:52 +02:00
Nicolas “Niols” Jeannerod
de38611572 Unflakify deployment tests (#449) 
This PR builds on top of #447 and #448. Since these might be rejected, there will be some changes needed for this PR as well. Let's see how the discussions go in #447.

In the meantime, @fricklerhandwerk, would you mind (in)validating the core idea of this PR? You only need to look at 7cf43c4041, really.

Reviewed-on: Fediversity/Fediversity#449
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2025-07-09 15:07:02 +02:00
Nicolas “Niols” Jeannerod
1d40dcfc0e Grab git-hooks from npins (#448) 
This PR builds on top of #447 and will be subject to the same discussion. Let's discuss there whether it makes sense to get rid of the `flake-parts` and `git-hooks` flake inputs.

Reviewed-on: Fediversity/Fediversity#448
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2025-07-09 13:21:48 +02:00
Nicolas “Niols” Jeannerod
48c6a1f22b Extract mkFlake to own file - get flake-parts from npins (#447) 
The goal is to contain the “`mkFlake` hack” to a file that we can heavily document but otherwise ignore. This also will allow me to reuse it in the “flake under test” of the deployment tests.

Reviewed-on: Fediversity/Fediversity#447
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2025-07-09 10:12:47 +02:00
Kiara Grouwstra
05572ff69e remove string interpolation from imports (#429) 
Reviewed-on: Fediversity/Fediversity#429
Reviewed-by: Nicolas Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-07-03 15:55:39 +02:00
Kiara Grouwstra
a791ad41ec Inject sources, secrets and keys via module system - avoid import ../ (#421) 
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Reviewed-on: Fediversity/Fediversity#421
Reviewed-by: Nicolas Jeannerod <nicolas.jeannerod@moduscreate.com>
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-07-01 21:08:15 +02:00
Kiara Grouwstra
9a25a04bfa specify _class module attributes to explicitly declare module types (#398) 
closes #93.

note that this includes classes:

- `nixos`
- `nixosTest`
- `nixops4Resource`
- `nixops4Deployment`

.. and my (made-up, as per the [docs](https://ryantm.github.io/nixpkgs/module-system/module-system/#module-system-lib-evalModules-param-class)):

- `nix-unit`
- `package`

.. while i did not manage to cover:

- service tests, given `pkgs.nixosTest` seemed to not actually like `_class = "nixosTest"` (?!)

... nor #93's mentioned destructured arguments for that matter, as per Fediversity/Fediversity#93 (comment) - let me know if that is still desired as well.

Reviewed-on: Fediversity/Fediversity#398
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Kiara Grouwstra <kiara@procolix.eu>
Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
 2025-06-23 17:24:54 +02:00
Nicolas “Niols” Jeannerod
4801433ae0 Get rid of the need for deployer.pub (#385) 
The tests still work because we manually write the deployer's public key in `/root/.ssh/authorized_keys` on the target machines. In itself, however, the configuration that we push does not allow the deployer to push anything on the target machines.

Context: Fediversity/Fediversity#361 (comment)
Reviewed-on: Fediversity/Fediversity#385
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2025-06-17 16:34:29 +02:00
Valentin Gagarin
1b832c1f5b bypass native flake input for Nixpkgs (#374) 
@Niols the sheer amount of hassle and noise indicates that it may be better to first split out a `flake.nix` just for the tests. And all this clutter doesn't even explain yet *why* we thought it needs to be there.

closes #279.

Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Reviewed-on: Fediversity/Fediversity#374
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-committed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
 2025-06-12 13:05:11 +02:00
Nicolas “Niols” Jeannerod
2fae356d0a Deployment tests: also make acmeNodeIP available in NixOS test 2025-06-06 10:52:49 +02:00
Nicolas “Niols” Jeannerod
046f7c5998 Deployment tests: comment on Pebble's certificate 2025-06-06 10:52:18 +02:00
Nicolas “Niols” Jeannerod
ee5c2b90b7 Introduce test for deploying all services with nixops4 apply (#329) 
Closes Fediversity/Fediversity#276

This PR adds a CLI deployment test. It builds on top of Fediversity/Fediversity#323. This test features a deployer node and four target nodes. The deployer node runs `nixops4 apply` on a deployment built with our actual code in `deployment/default.nix`, which pushes onto the four target machines combinations of Garage/Mastodon/Peertube/Pixelfed depending on a JSON payload. We check that the expected services are indeed deployed on the machines. Getting there involved reworking the existing basic test to extract common patterns, and adding support for ACME certificates negotiation inside the NixOS test.

What works:
- deployer successfully runs `nixops4 apply` with various payloads
- target machines indeed get the right services pushed onto them and removed
- services on target machines successfully negotiate ACME certificates

What does not work: the services themselves depend a lot on DNS and that is not taken care of at all, so they are probably very broken. Still, this is a good milestone.

Test it yourself by running `nix build .#checks.x86_64-linux.deployment-basic -vL` and `nix build .#checks.x86_64-linux.deployment-cli -vL`. On the very beefy machine that I am using, the basic test runs in ~4 minutes and the CLI test in ~17 minutes. We know from Fediversity/Fediversity#323 that the basic test runs in ~12 minutes on the CI runner, so maybe about an hour for the CLI test?

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Reviewed-on: Fediversity/Fediversity#329
Reviewed-by: kiara Grouwstra <kiara@procolix.eu>
Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io>
Co-authored-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
Co-committed-by: Nicolas “Niols” Jeannerod <nicolas.jeannerod@moduscreate.com>
 2025-05-19 02:18:54 +02:00