cleanup: remove legacy flake fixture test_flake_minimal and test_flake_with_core_and_pass

2024-11-14 14:03:29 +07:00
parent 2061f38442
commit 05ff6cfd89
2 changed files with 53 additions and 57 deletions
--- a/pkgs/clan-cli/tests/fixtures_flakes.py
+++ b/pkgs/clan-cli/tests/fixtures_flakes.py
@@ -86,6 +86,7 @@ def generate_flake(
    # define the machines directly including their config
    machine_configs: dict[str, dict] | None = None,
    inventory: dict[str, dict] | None = None,
+    clan_modules: list[str] | None = None,
 ) -> FlakeForTest:
    """
    Creates a clan flake with the given name.
@@ -104,13 +105,13 @@ def generate_flake(
            )
        )
    """
-    # copy the template to a new temporary location
-    if inventory is None:
-        inventory = {}
    if machine_configs is None:
        machine_configs = {}
+    if inventory is None:
+        inventory = {}
+    if clan_modules is None:
+        clan_modules = []
    substitutions = {
-        "__CHANGE_ME__": "_test_vm_persistence",
        "git+https://git.clan.lol/clan/clan-core": "path://" + str(CLAN_CORE),
        "https://git.clan.lol/clan/clan-core/archive/main.tar.gz": "path://"
        + str(CLAN_CORE),
@@ -141,8 +142,17 @@ def generate_flake(
    for machine_name, machine_config in machine_configs.items():
        configuration_nix = flake / "machines" / machine_name / "configuration.nix"
        configuration_nix.parent.mkdir(parents=True, exist_ok=True)
-        configuration_nix.write_text("""
-           { imports = [ (builtins.fromJSON (builtins.readFile ./configuration.json)) ]; }
+        imports = "\n".join(
+            [f"clan-core.clanModules.{module}" for module in clan_modules]
+        )
+        configuration_nix.write_text(f"""
+            {{clan-core, ...}}:
+            {{
+                imports = [
+                    (builtins.fromJSON (builtins.readFile ./configuration.json))
+                    {imports}
+                ];
+            }}
        """)
        set_machine_settings(flake, machine_name, machine_config)

@@ -282,33 +292,3 @@ def test_local_democlan(
        raise FixtureError(msg)

    return FlakeForTest(democlan_p)
-
-
-@pytest.fixture
-def test_flake_with_core_and_pass(
-    monkeypatch: pytest.MonkeyPatch, temporary_home: Path
-) -> Iterator[FlakeForTest]:
-    if not (CLAN_CORE / "flake.nix").exists():
-        msg = "clan-core flake not found. This test requires the clan-core flake to be present"
-        raise FixtureError(msg)
-    yield from create_flake(
-        temporary_home=temporary_home,
-        flake_template="test_flake_with_core_and_pass",
-        clan_core_flake=CLAN_CORE,
-        monkeypatch=monkeypatch,
-    )
-
-
-@pytest.fixture
-def test_flake_minimal(
-    monkeypatch: pytest.MonkeyPatch, temporary_home: Path
-) -> Iterator[FlakeForTest]:
-    if not (CLAN_CORE / "flake.nix").exists():
-        msg = "clan-core flake not found. This test requires the clan-core flake to be present"
-        raise FixtureError(msg)
-    yield from create_flake(
-        temporary_home=temporary_home,
-        flake_template=CLAN_CORE / "templates" / "minimal",
-        monkeypatch=monkeypatch,
-        clan_core_flake=CLAN_CORE,
-    )
--- a/pkgs/clan-cli/tests/test_secrets_password_store.py
+++ b/pkgs/clan-cli/tests/test_secrets_password_store.py
@@ -8,19 +8,48 @@ from clan_cli.machines.facts import machine_get_fact
 from clan_cli.machines.machines import Machine
 from clan_cli.nix import nix_shell
 from clan_cli.ssh import HostGroup
-from fixtures_flakes import FlakeForTest
+from fixtures_flakes import generate_flake
 from helpers import cli
+from helpers.nixos_config import nested_dict
 from helpers.validator import is_valid_ssh_key
+from root import CLAN_CORE


@pytest.mark.impure
 def test_upload_secret(
    monkeypatch: pytest.MonkeyPatch,
-    test_flake_with_core_and_pass: FlakeForTest,
    temporary_home: Path,
    host_group: HostGroup,
 ) -> None:
-    monkeypatch.chdir(test_flake_with_core_and_pass.path)
+    config = nested_dict()
+    config["nixpkgs"]["hostPlatform"] = "x86_64-linux"
+    # clan.core.networking.zerotier.controller.enable = true;
+    config["clan"]["core"]["networking"]["zerotier"]["controller"]["enable"] = True
+    host = host_group.hosts[0]
+    addr = f"{host.user}@{host.host}:{host.port}?StrictHostKeyChecking=no&UserKnownHostsFile=/dev/null&IdentityFile={host.key}"
+    config["clan"]["core"]["networking"]["targetHost"] = addr
+    config["clan"]["user-password"]["user"] = "alice"
+    config["clan"]["user-password"]["prompt"] = False
+    facts = config["clan"]["core"]["facts"]
+    facts["secretStore"] = "password-store"
+    facts["secretUploadDirectory"]["_type"] = "override"
+    facts["secretUploadDirectory"]["content"] = str(
+        temporary_home / "flake" / "secrets"
+    )
+    facts["secretUploadDirectory"]["priority"] = 50
+
+    flake = generate_flake(
+        temporary_home,
+        flake_template=CLAN_CORE / "templates" / "minimal",
+        monkeypatch=monkeypatch,
+        machine_configs={"vm1": config},
+        clan_modules=[
+            "root-password",
+            "user-password",
+            "sshd",
+        ],
+    )
+    monkeypatch.chdir(flake.path)
    gnupghome = temporary_home / "gpg"
    gnupghome.mkdir(mode=0o700)
    monkeypatch.setenv("GNUPGHOME", str(gnupghome))
@@ -45,15 +74,11 @@ def test_upload_secret(
    subprocess.run(
        nix_shell(["nixpkgs#pass"], ["pass", "init", "test@local"]), check=True
    )
-    cli.run(["facts", "generate", "vm1"])
+    cli.run(["facts", "generate", "vm1", "--flake", str(flake.path)])

-    store = SecretStore(
-        Machine(name="vm1", flake=FlakeId(str(test_flake_with_core_and_pass.path)))
-    )
+    store = SecretStore(Machine(name="vm1", flake=FlakeId(str(flake.path))))

-    network_id = machine_get_fact(
-        test_flake_with_core_and_pass.path, "vm1", "zerotier-network-id"
-    )
+    network_id = machine_get_fact(flake.path, "vm1", "zerotier-network-id")
    assert len(network_id) == 16
    identity_secret = (
        temporary_home / "pass" / "machines" / "vm1" / "zerotier-identity-secret.gpg"
@@ -63,15 +88,8 @@ def test_upload_secret(
    # test idempotency
    cli.run(["facts", "generate", "vm1"])
    assert identity_secret.lstat().st_mtime_ns == secret1_mtime
-    flake = test_flake_with_core_and_pass.path.joinpath("flake.nix")
-    host = host_group.hosts[0]
-    addr = f"{host.user}@{host.host}:{host.port}?StrictHostKeyChecking=no&UserKnownHostsFile=/dev/null&IdentityFile={host.key}"
-    new_text = flake.read_text().replace("__CLAN_TARGET_ADDRESS__", addr)
-    flake.write_text(new_text)
    cli.run(["facts", "upload", "vm1"])
-    zerotier_identity_secret = (
-        test_flake_with_core_and_pass.path / "secrets" / "zerotier-identity-secret"
-    )
+    zerotier_identity_secret = flake.path / "secrets" / "zerotier-identity-secret"
    assert zerotier_identity_secret.exists()
    assert store.exists("", "zerotier-identity-secret")

@@ -84,9 +102,7 @@ def test_upload_secret(

    # Assert that the ssh key is valid
    ssh_secret = store.get("", "ssh.id_ed25519").decode()
-    ssh_pub = machine_get_fact(
-        test_flake_with_core_and_pass.path, "vm1", "ssh.id_ed25519.pub"
-    )
+    ssh_pub = machine_get_fact(flake.path, "vm1", "ssh.id_ed25519.pub")
    assert is_valid_ssh_key(ssh_secret, ssh_pub)

    # Assert that root-password is valid