diff --git a/clanServices/hello-world/default.nix b/clanServices/hello-world/default.nix index 01837d828..7a835bede 100644 --- a/clanServices/hello-world/default.nix +++ b/clanServices/hello-world/default.nix @@ -5,4 +5,19 @@ manifest.name = "clan-core/hello-word"; roles.peer = { }; + + perMachine = + { machine, ... }: + { + nixosModule = { + clan.core.vars.generators.hello = { + files.hello = { + secret = false; + }; + script = '' + echo "Hello world from ${machine.name}" > $out/hello + ''; + }; + }; + }; } diff --git a/clanServices/hello-world/flake-module.nix b/clanServices/hello-world/flake-module.nix index 1dd50bc3f..1d9f446fd 100644 --- a/clanServices/hello-world/flake-module.nix +++ b/clanServices/hello-world/flake-module.nix @@ -14,7 +14,7 @@ in hello-world = module; }; perSystem = - { ... }: + { pkgs, ... }: let # Module that contains the tests # This module adds: @@ -33,5 +33,18 @@ in in { imports = [ unit-test-module ]; + + /** + 1. Prepare the test vars + nix run .#generate-test-vars -- clanServices/hello-world/tests/vm hello-service + + 2. To run the test + nix build .#checks.x86_64-linux.hello-service + */ + checks.hello-service = import ./tests/vm/default.nix { + inherit module; + inherit self inputs pkgs; + clanLib = self.clanLib; + }; }; } diff --git a/clanServices/hello-world/tests/vm/default.nix b/clanServices/hello-world/tests/vm/default.nix new file mode 100644 index 000000000..e5063c871 --- /dev/null +++ b/clanServices/hello-world/tests/vm/default.nix @@ -0,0 +1,42 @@ +{ + pkgs, + self, + clanLib, + module, + ... +}: +clanLib.test.makeTestClan { + inherit pkgs self; + nixosTest = ( + { ... }: + { + name = "service-hello-test"; + + clan = { + directory = ./.; + inventory = { + machines.peer1 = { }; + + instances."test" = { + module.name = "hello-service"; + roles.peer.machines.peer1 = { }; + }; + + modules = { + hello-service = module; + }; + }; + }; + + testScript = + { nodes, ... }: + '' + start_all() + + # peer1 should have the 'hello' file + value = peer1.succeed("cat ${nodes.peer1.clan.core.vars.generators.hello.files.hello.path}") + assert value.strip() == "Hello world from peer1", value + ''; + } + ); +} diff --git a/clanServices/hello-world/tests/vm/sops/users/admin/key.json b/clanServices/hello-world/tests/vm/sops/users/admin/key.json new file mode 100644 index 000000000..e408aa96b --- /dev/null +++ b/clanServices/hello-world/tests/vm/sops/users/admin/key.json @@ -0,0 +1,4 @@ +{ + "publickey": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg", + "type": "age" +} diff --git a/clanServices/hello-world/tests/vm/vars/per-machine/peer1/hello/hello/value b/clanServices/hello-world/tests/vm/vars/per-machine/peer1/hello/hello/value new file mode 100644 index 000000000..a8636d701 --- /dev/null +++ b/clanServices/hello-world/tests/vm/vars/per-machine/peer1/hello/hello/value @@ -0,0 +1 @@ +Hello world from peer1 diff --git a/lib/test/sops.nix b/lib/test/sops.nix index 9ddd4b960..5890836e0 100644 --- a/lib/test/sops.nix +++ b/lib/test/sops.nix @@ -4,13 +4,17 @@ # configures a static age-key to skip the age-key generation sops.age.keyFile = "/run/age-key.txt"; system.activationScripts = + let + # https://github.com/Mic92/sops-nix/blob/61154300d945f0b147b30d24ddcafa159148026a/modules/sops/default.nix#L27 + hasRegularSecrets = lib.filterAttrs (_: v: v.neededForUsers) config.sops.secrets != { }; + in { - setupSecrets.deps = [ "age-key" ]; age-key.text = '' echo AGE-SECRET-KEY-1PL0M9CWRCG3PZ9DXRTTLMCVD57U6JDFE8K7DNVQ35F4JENZ6G3MQ0RQLRV > /run/age-key.txt ''; } - // lib.optionalAttrs (lib.filterAttrs (_: v: v.neededForUsers) config.sops.secrets != { }) { + // lib.optionalAttrs (hasRegularSecrets) { + setupSecrets.deps = [ "age-key" ]; setupSecretsForUsers.deps = [ "age-key" ]; }; }