yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Refactor: move checks/lib into lib/ to avoid duplicate lib

Browse Source 
Lets avoid the mistake of nixpkgs having multiple
libs
This commit is contained in:
Johannes Kirschbauer
2025-04-23 16:11:40 +02:00
parent a2645f2176
commit abd9519412
17 changed files with 43 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
checks/lib/ssh/privkey → checks/assets/ssh/privkey
View File

0
checks/lib/ssh/pubkey → checks/assets/ssh/pubkey
View File

14
checks/backups/flake-module.nix
View File

@@ -36,7 +36,7 @@
# Borgbackup overrides # Borgbackup overrides
services.borgbackup.repos.test-backups = { services.borgbackup.repos.test-backups = {
path = "/var/lib/borgbackup/test-backups"; path = "/var/lib/borgbackup/test-backups";
authorizedKeys = [ (builtins.readFile ../lib/ssh/pubkey) ]; authorizedKeys = [ (builtins.readFile ../assets/ssh/pubkey) ];
}; };
clan.borgbackup.destinations.test-backup.repo = lib.mkForce "borg@machine:."; clan.borgbackup.destinations.test-backup.repo = lib.mkForce "borg@machine:.";
@@ -45,7 +45,7 @@
programs.ssh.knownHosts = { programs.ssh.knownHosts = {
machine.hostNames = [ "machine" ]; machine.hostNames = [ "machine" ];
machine.publicKey = builtins.readFile ../lib/ssh/pubkey; machine.publicKey = builtins.readFile ../assets/ssh/pubkey;
}; };
services.openssh = { services.openssh = {
@@ -60,7 +60,7 @@
]; ];
}; };
users.users.root.openssh.authorizedKeys.keyFiles = [ ../lib/ssh/pubkey ]; users.users.root.openssh.authorizedKeys.keyFiles = [ ../assets/ssh/pubkey ];
# This is needed to unlock the user for sshd # This is needed to unlock the user for sshd
# Because we use sshd without setuid binaries # Because we use sshd without setuid binaries
@@ -68,21 +68,21 @@
systemd.tmpfiles.settings."vmsecrets" = { systemd.tmpfiles.settings."vmsecrets" = {
"/root/.ssh/id_ed25519" = { "/root/.ssh/id_ed25519" = {
C.argument = "${../lib/ssh/privkey}"; C.argument = "${../assets/ssh/privkey}";
z = { z = {
mode = "0400"; mode = "0400";
user = "root"; user = "root";
}; };
}; };
"/etc/secrets/ssh.id_ed25519" = { "/etc/secrets/ssh.id_ed25519" = {
C.argument = "${../lib/ssh/privkey}"; C.argument = "${../assets/ssh/privkey}";
z = { z = {
mode = "0400"; mode = "0400";
user = "root"; user = "root";
}; };
}; };
"/etc/secrets/borgbackup/borgbackup.ssh" = { "/etc/secrets/borgbackup/borgbackup.ssh" = {
C.argument = "${../lib/ssh/privkey}"; C.argument = "${../assets/ssh/privkey}";
z = { z = {
mode = "0400"; mode = "0400";
user = "root"; user = "root";
@@ -169,7 +169,7 @@
in in
{ {
checks = pkgs.lib.mkIf pkgs.stdenv.isLinux { checks = pkgs.lib.mkIf pkgs.stdenv.isLinux {
backups = (import ../lib/container-test.nix) { backups = self.clanLib.test.containerTest {
name = "backups"; name = "backups";
nodes.machine = { nodes.machine = {
imports = imports =

6
checks/borgbackup/default.nix
View File

@@ -1,4 +1,4 @@
(import ../lib/test-base.nix) ( (
{ ... }: { ... }:
{ {
name = "borgbackup"; name = "borgbackup";
@@ -12,7 +12,7 @@
{ {
services.openssh.enable = true; services.openssh.enable = true;
services.borgbackup.repos.testrepo = { services.borgbackup.repos.testrepo = {
authorizedKeys = [ (builtins.readFile ../lib/ssh/pubkey) ]; authorizedKeys = [ (builtins.readFile ../assets/ssh/pubkey) ];
}; };
} }
{ {
@@ -21,7 +21,7 @@
environment.etc.state.text = "hello world"; environment.etc.state.text = "hello world";
systemd.tmpfiles.settings."vmsecrets" = { systemd.tmpfiles.settings."vmsecrets" = {
"/etc/secrets/borgbackup/borgbackup.ssh" = { "/etc/secrets/borgbackup/borgbackup.ssh" = {
C.argument = "${../lib/ssh/privkey}"; C.argument = "${../assets/ssh/privkey}";
z = { z = {
mode = "0400"; mode = "0400";
user = "root"; user = "root";

2
checks/container/default.nix
View File

@@ -1,4 +1,4 @@
(import ../lib/container-test.nix) ( (
{ ... }: { ... }:
{ {
name = "container"; name = "container";

21
checks/flake-module.nix
View File

@@ -33,20 +33,25 @@ in
inherit (self) clanLib; inherit (self) clanLib;
}; };
nixosTests = lib.optionalAttrs (pkgs.stdenv.isLinux) { nixosTests = lib.optionalAttrs (pkgs.stdenv.isLinux) {
# import our test
secrets = import ./secrets nixosTestArgs;
container = import ./container nixosTestArgs;
# Deltachat is currently marked as broken # Deltachat is currently marked as broken
# deltachat = import ./deltachat nixosTestArgs; # deltachat = import ./deltachat nixosTestArgs;
borgbackup = import ./borgbackup nixosTestArgs;
matrix-synapse = import ./matrix-synapse nixosTestArgs; # Base Tests
secrets = self.clanLib.test.baseTest ./secrets nixosTestArgs;
borgbackup = self.clanLib.test.baseTest ./borgbackup nixosTestArgs;
wayland-proxy-virtwl = self.clanLib.test.baseTest ./wayland-proxy-virtwl nixosTestArgs;
# Container Tests
container = self.clanLib.test.containerTest ./container nixosTestArgs;
zt-tcp-relay = self.clanLib.test.containerTest ./zt-tcp-relay nixosTestArgs;
matrix-synapse = self.clanLib.test.containerTest ./matrix-synapse nixosTestArgs;
postgresql = self.clanLib.test.containerTest ./postgresql nixosTestArgs;
# Clan Tests
mumble = import ./mumble nixosTestArgs; mumble = import ./mumble nixosTestArgs;
dummy-inventory-test = import ./dummy-inventory-test nixosTestArgs; dummy-inventory-test = import ./dummy-inventory-test nixosTestArgs;
data-mesher = import ./data-mesher nixosTestArgs; data-mesher = import ./data-mesher nixosTestArgs;
syncthing = import ./syncthing nixosTestArgs; syncthing = import ./syncthing nixosTestArgs;
zt-tcp-relay = import ./zt-tcp-relay nixosTestArgs;
postgresql = import ./postgresql nixosTestArgs;
wayland-proxy-virtwl = import ./wayland-proxy-virtwl nixosTestArgs;
}; };
flakeOutputs = flakeOutputs =

2
checks/flash/flake-module.nix
View File

@@ -56,7 +56,7 @@
in in
{ {
checks = pkgs.lib.mkIf pkgs.stdenv.isLinux { checks = pkgs.lib.mkIf pkgs.stdenv.isLinux {
flash = (import ../lib/test-base.nix) { flash = self.clanLib.test.baseTest {
name = "flash"; name = "flash";
nodes.target = { nodes.target = {
virtualisation.emptyDiskImages = [ 4096 ]; virtualisation.emptyDiskImages = [ 4096 ];

10
checks/installation/flake-module.nix
View File

@@ -51,7 +51,7 @@ let
}; };
users.users.nonrootuser = { users.users.nonrootuser = {
isNormalUser = true; isNormalUser = true;
openssh.authorizedKeys.keyFiles = [ ../lib/ssh/pubkey ]; openssh.authorizedKeys.keyFiles = [ ../assets/ssh/pubkey ];
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" ];
}; };
security.sudo.wheelNeedsPassword = false; security.sudo.wheelNeedsPassword = false;
@@ -183,7 +183,7 @@ in
# vm-test-run-test-installation-> target: Guest root shell did not produce any data yet... # vm-test-run-test-installation-> target: Guest root shell did not produce any data yet...
# vm-test-run-test-installation-> target: To debug, enter the VM and run 'systemctl status backdoor.service'. # vm-test-run-test-installation-> target: To debug, enter the VM and run 'systemctl status backdoor.service'.
checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux && !pkgs.stdenv.isAarch64) { checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux && !pkgs.stdenv.isAarch64) {
installation = (import ../lib/test-base.nix) { installation = self.clanLib.test.baseTest {
name = "installation"; name = "installation";
nodes.target = { nodes.target = {
services.openssh.enable = true; services.openssh.enable = true;
@@ -195,7 +195,7 @@ in
testScript = '' testScript = ''
installer.start() installer.start()
installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../lib/ssh/privkey} /root/.ssh/id_ed25519") installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../assets/ssh/privkey} /root/.ssh/id_ed25519")
installer.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@localhost hostname") installer.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@localhost hostname")
installer.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake") installer.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake")
@@ -210,13 +210,13 @@ in
''; '';
} { inherit pkgs self; }; } { inherit pkgs self; };
update-hardware-configuration = (import ../lib/test-base.nix) { update-hardware-configuration = self.clanLib.test.baseTest {
name = "update-hardware-configuration"; name = "update-hardware-configuration";
nodes.installer = installer; nodes.installer = installer;
testScript = '' testScript = ''
installer.start() installer.start()
installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../lib/ssh/privkey} /root/.ssh/id_ed25519") installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../assets/ssh/privkey} /root/.ssh/id_ed25519")
installer.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@localhost hostname") installer.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@localhost hostname")
installer.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake") installer.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake")
installer.fail("test -f test-flake/machines/test-install-machine/hardware-configuration.nix") installer.fail("test -f test-flake/machines/test-install-machine/hardware-configuration.nix")

2
checks/matrix-synapse/default.nix
View File

@@ -1,4 +1,4 @@
(import ../lib/container-test.nix) ( (
{ pkgs, ... }: { pkgs, ... }:
{ {
name = "matrix-synapse"; name = "matrix-synapse";

2
checks/morph/flake-module.nix
View File

@@ -24,7 +24,7 @@
}: }:
{ {
checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux && !pkgs.stdenv.isAarch64) { checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux && !pkgs.stdenv.isAarch64) {
morph = (import ../lib/test-base.nix) { morph = self.clanLib.test.baseTest {
name = "morph"; name = "morph";
nodes = { nodes = {

2
checks/postgresql/default.nix
View File

@@ -1,4 +1,4 @@
(import ../lib/container-test.nix) ({ ({
name = "postgresql"; name = "postgresql";
nodes.machine = nodes.machine =

2
checks/secrets/default.nix
View File

@@ -1,4 +1,4 @@
(import ../lib/test-base.nix) { {
name = "secrets"; name = "secrets";
nodes.machine = nodes.machine =

2
checks/wayland-proxy-virtwl/default.nix
View File

@@ -1,4 +1,4 @@
import ../lib/test-base.nix ( (
{ {
config, config,
pkgs, pkgs,

2
checks/zt-tcp-relay/default.nix
View File

@@ -1,4 +1,4 @@
(import ../lib/container-test.nix) ( (
{ pkgs, ... }: { pkgs, ... }:
{ {
name = "zt-tcp-relay"; name = "zt-tcp-relay";

3
checks/lib/container-test.nix → lib/test/container-test.nix
View File

@@ -17,9 +17,12 @@ in
clan.core.settings.machine.name = config.networking.hostName; clan.core.settings.machine.name = config.networking.hostName;
}; };
}; };
# TODO: Remove this. We should not pass special args in the test framework
# Instead each test can forward the special args it needs
# to accept external dependencies such as disko # to accept external dependencies such as disko
node.specialArgs.self = self; node.specialArgs.self = self;
_module.args = { inherit self; }; _module.args = { inherit self; };
imports = [ imports = [
test test
../../lib/test/container-test-driver/driver-module.nix ../../lib/test/container-test-driver/driver-module.nix

5
lib/test/default.nix
View File

@@ -7,9 +7,12 @@ let
in in
{ {
#
containerTest = import ./container-test.nix;
baseTest = import ./test-base.nix;
#
flakeModules = clanLib.callLib ./flakeModules.nix { }; flakeModules = clanLib.callLib ./flakeModules.nix { };
#
minifyModule = ./minify.nix; minifyModule = ./minify.nix;
sopsModule = ./sops.nix; sopsModule = ./sops.nix;
# A function that returns an extension to runTest # A function that returns an extension to runTest

0
checks/lib/test-base.nix → lib/test/test-base.nix
View File