Merge pull request 'checks: add backup test' (#650) from lassulus-backups_test into main

checks/backups/flake-module.nix

@@ -0,0 +1,127 @@
+{ self, ... }:
+let
+  clan = self.lib.buildClan {
+    clanName = "testclan";
+    directory = ../..;
+    machines = {
+      test_backup_client = {
+        imports = [ self.nixosModules.test_backup_client ];
+        fileSystems."/".device = "/dev/null";
+        boot.loader.grub.device = "/dev/null";
+      };
+    };
+  };
+in
+{
+  flake.nixosConfigurations = { inherit (clan.nixosConfigurations) test_backup_client; };
+  flake.clanInternals = clan.clanInternals;
+  flake.nixosModules = {
+    test_backup_server = { ... }: {
+      imports = [
+        self.clanModules.borgbackup
+      ];
+      services.sshd.enable = true;
+      services.borgbackup.repos.testrepo = {
+        authorizedKeys = [
+          (builtins.readFile ../borgbackup/borg_test.pub)
+        ];
+      };
+    };
+    test_backup_client = { pkgs, lib, ... }:
+      let
+        dependencies = [
+          self
+          pkgs.stdenv.drvPath
+        ] ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs);
+        closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
+      in
+      {
+        imports = [
+          self.clanModules.borgbackup
+        ];
+        networking.hostName = "client";
+        services.sshd.enable = true;
+        users.users.root.openssh.authorizedKeys.keyFiles = [
+          ../borgbackup/borg_test.pub
+        ];
+        environment.systemPackages = [ self.packages.${pkgs.system}.clan-cli ];
+        environment.etc."install-closure".source = "${closureInfo}/store-paths";
+        nix.settings = {
+          substituters = lib.mkForce [ ];
+          hashed-mirrors = null;
+          connect-timeout = lib.mkForce 3;
+          flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}'';
+        };
+        system.extraDependencies = dependencies;
+        clanCore.state.test-backups.folders = [ "/var/test-backups" ];
+        clan.borgbackup = {
+          enable = true;
+          destinations.test_backup_server = {
+            repo = "borg@server:.";
+            rsh = "ssh -i /root/.ssh/id_ed25519 -o StrictHostKeyChecking=no";
+          };
+        };
+      };
+  };
+  perSystem = { nodes, pkgs, ... }: {
+    checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux) {
+      test-backups =
+        (import ../lib/test-base.nix)
+          {
+            name = "test-backups";
+            nodes.server = {
+              imports = [
+                self.nixosModules.test_backup_server
+                self.nixosModules.clanCore
+                {
+                  clanCore.machineName = "server";
+                  clanCore.clanDir = ../..;
+                }
+              ];
+            };
+            nodes.client = {
+              imports = [
+                self.nixosModules.test_backup_client
+                self.nixosModules.clanCore
+                {
+                  clanCore.machineName = "client";
+                  clanCore.clanDir = ../..;
+                }
+              ];
+            };
+
+            testScript = ''
+              import json
+              start_all()
+
+              # setup
+              client.succeed("mkdir -m 700 /root/.ssh")
+              client.succeed(
+                  "cat ${../borgbackup/borg_test} > /root/.ssh/id_ed25519"
+              )
+              client.succeed("chmod 600 /root/.ssh/id_ed25519")
+              client.wait_for_unit("sshd", timeout=30)
+              print(client.succeed("ssh -o StrictHostKeyChecking=accept-new -v root@client hostname"))
+
+              # dummy data
+              client.succeed("mkdir /var/test-backups")
+              client.succeed("echo testing > /var/test-backups/somefile")
+
+              # create
+              client.succeed("clan --flake ${../..} backups create test_backup_client")
+              client.wait_until_succeeds("! systemctl is-active borgbackup-job-test_backup_server")
+
+              # list
+              backup_id = json.loads(client.succeed("borg-job-test_backup_server list --json"))["archives"][0]["archive"]
+              assert(backup_id in client.succeed("clan --flake ${../..} backups list test_backup_client"))
+
+              # restore
+              client.succeed("rm -f /var/test-backups/somefile")
+              client.succeed(f"clan --flake ${../..} backups restore test_backup_client borgbackup {backup_id}")
+              assert(client.succeed("cat /var/test-backups/somefile").strip() == "testing")
+            '';
+          }
+          { inherit pkgs self; };
+    };
+  };
+}

checks/flake-module.nix

@@ -1,6 +1,7 @@
 { self, ... }: {
   imports = [
     ./impure/flake-module.nix
+    ./backups/flake-module.nix
   ];
   perSystem = { pkgs, lib, self', ... }: {
     checks =

clanModules/borgbackup.nix

@@ -83,7 +83,7 @@ in
         set -efu
         cd /
         IFS=';' read -ra FOLDER <<< "$FOLDERS"
-        yes y | borg-job-"$JOB" extract --list --dry-run "$LOCATION"::"$ARCHIVE_ID" "''${FOLDER[@]}"
+        yes y | borg-job-"$JOB" extract --list "$LOCATION"::"$ARCHIVE_ID" "''${FOLDER[@]}"
       '';
     };
   };

pkgs/clan-cli/clan_cli/__init__.py

@@ -8,7 +8,7 @@ from typing import Any
 
 from . import backups, config, flakes, history, machines, secrets, vms
 from .custom_logger import setup_logging
-from .dirs import get_clan_flake_toplevel, is_clan_flake
+from .dirs import get_clan_flake_toplevel
 from .ssh import cli as ssh_cli
 
 log = logging.getLogger(__name__)
@@ -66,10 +66,6 @@ def create_parser(prog: str | None = None) -> argparse.ArgumentParser:
             raise argparse.ArgumentTypeError(
                 f"flake directory {flake_dir} is not a directory"
             )
-        if not is_clan_flake(flake_dir):
-            raise argparse.ArgumentTypeError(
-                f"flake directory {flake_dir} is not a clan flake"
-            )
         return flake_dir
 
     parser.add_argument(

pkgs/clan-cli/clan_cli/dirs.py

@@ -10,10 +10,6 @@ def get_clan_flake_toplevel() -> Path | None:
     return find_toplevel([".clan-flake", ".git", ".hg", ".svn", "flake.nix"])
 
 
-def is_clan_flake(path: Path) -> bool:
-    return (path / ".clan-flake").exists()
-
-
 def find_git_repo_root() -> Path | None:
     return find_toplevel([".git"])
 

pkgs/clan-cli/clan_cli/machines/machines.py

@@ -4,6 +4,7 @@ import subprocess
 import sys
 from pathlib import Path
 
+from ..errors import ClanError
 from ..nix import nix_build, nix_config, nix_eval
 from ..ssh import Host, parse_deployment_address
 
@@ -12,17 +13,22 @@ def build_machine_data(machine_name: str, clan_dir: Path) -> dict:
     config = nix_config()
     system = config["system"]
 
-    outpath = subprocess.run(
+    proc = subprocess.run(
         nix_build(
             [
-                f'path:{clan_dir}#clanInternals.machines."{system}"."{machine_name}".config.system.clan.deployment.file'
+                f'{clan_dir}#clanInternals.machines."{system}"."{machine_name}".config.system.clan.deployment.file'
             ]
         ),
         stdout=subprocess.PIPE,
         check=True,
         text=True,
-    ).stdout.strip()
+    )
-    return json.loads(Path(outpath).read_text())
+
+    if proc.returncode != 0:
+        ClanError("failed to build machine data")
+        exit(1)
+
+    return json.loads(Path(proc.stdout.strip()).read_text())
 
 
 class Machine: