yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request 'zerotier: allow to persist zerotier identities/ips/meshnames for non-controller' (#482) from zerotier into main

Browse Source
This commit is contained in:
clan-bot
2023-11-10 10:59:48 +00:00
parent 078c211292 c28089d4b2
commit b518d92678
9 changed files with 149 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkgs/clan-cli/tests/fixtures_flakes.py
View File

@@ -55,7 +55,7 @@ def create_flake(
template = Path(__file__).parent / flake_name
# copy the template to a new temporary location
flake = temporary_home / ".local/state/clan/flake" / flake_name
flake = temporary_home / ".local/share/clan/flake" / flake_name
shutil.copytree(template, flake)
# lookup the requested machines in ./test_machines and include them

1
pkgs/clan-cli/tests/temporary_dir.py
View File

@@ -21,6 +21,7 @@ def temporary_home(monkeypatch: pytest.MonkeyPatch) -> Iterator[Path]:
else:
with tempfile.TemporaryDirectory(prefix="pytest-") as dirpath:
monkeypatch.setenv("HOME", str(dirpath))
monkeypatch.setenv("XDG_DATA_HOME", str(Path(dirpath) / ".local/share"))
monkeypatch.chdir(str(dirpath))
log.debug("Temp HOME directory: %s", str(dirpath))
yield Path(dirpath)

2
pkgs/clan-cli/tests/test_flake_api.py
View File

@@ -27,7 +27,7 @@ def test_inspect_ok(api: TestClient, test_flake_with_core: FlakeForTest) -> None
assert response.status_code == 200, "Failed to inspect vm"
data = response.json()
print("Data: ", data)
assert data.get("flake_attrs") == ["vm1"]
assert data.get("flake_attrs") == ["vm1", "vm2"]
@pytest.mark.impure

7
pkgs/clan-cli/tests/test_flake_with_core/flake.nix
View File

@@ -31,6 +31,13 @@
'';
};
};
vm2 = { lib, ... }: {
clan.networking.deploymentAddress = "__CLAN_DEPLOYMENT_ADDRESS__";
system.stateVersion = lib.version;
sops.age.keyFile = "__CLAN_SOPS_KEY_PATH__";
clanCore.secretsUploadDirectory = "__CLAN_SOPS_KEY_DIR__";
clan.networking.zerotier.networkId = "82b44b162ec6c013";
};
};
};
in

32
pkgs/clan-cli/tests/test_secrets_generate.py
View File

@@ -1,3 +1,4 @@
import ipaddress
from typing import TYPE_CHECKING
import pytest
@@ -39,16 +40,9 @@ def test_generate_secret(
test_flake_with_core.name, "vm1", "zerotier-network-id"
)
assert len(network_id) == 16
age_key = (
sops_secrets_folder(test_flake_with_core.path)
.joinpath("vm1-age.key")
.joinpath("secret")
)
identity_secret = (
sops_secrets_folder(test_flake_with_core.path)
.joinpath("vm1-zerotier-identity-secret")
.joinpath("secret")
)
secrets_folder = sops_secrets_folder(test_flake_with_core.path)
age_key = secrets_folder / "vm1-age.key" / "secret"
identity_secret = secrets_folder / "vm1-zerotier-identity-secret" / "secret"
age_key_mtime = age_key.lstat().st_mtime_ns
secret1_mtime = identity_secret.lstat().st_mtime_ns
@@ -57,10 +51,14 @@ def test_generate_secret(
assert age_key.lstat().st_mtime_ns == age_key_mtime
assert identity_secret.lstat().st_mtime_ns == secret1_mtime
machine_path = (
sops_secrets_folder(test_flake_with_core.path)
.joinpath("vm1-zerotier-identity-secret")
.joinpath("machines")
.joinpath("vm1")
)
assert machine_path.exists()
assert (
secrets_folder / "vm1-zerotier-identity-secret" / "machines" / "vm1"
).exists()
cli.run(["secrets", "generate", "vm2"])
assert has_secret(test_flake_with_core.path, "vm2-age.key")
assert has_secret(test_flake_with_core.path, "vm2-zerotier-identity-secret")
ip = machine_get_fact(test_flake_with_core.name, "vm1", "zerotier-ip")
assert ipaddress.IPv6Address(ip).is_private
meshname = machine_get_fact(test_flake_with_core.name, "vm1", "zerotier-meshname")
assert len(meshname) == 26