yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request 'installation: speed up by installing to localhost' (#3255) from flakiness into main

Browse Source 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3255
This commit is contained in:
Mic92
2025-04-09 09:58:43 +00:00
parent ba1ad5bd43 d03971e583
commit b8e33babec
3 changed files with 114 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

214
checks/installation/flake-module.nix
View File

@@ -3,13 +3,79 @@
lib, lib,
... ...
}: }:
let
installer =
{ modulesPath, pkgs, ... }:
let
dependencies = [
self
self.clanInternals.machines.${pkgs.hostPlatform.system}.test-install-machine-with-system.config.system.build.toplevel
self.clanInternals.machines.${pkgs.hostPlatform.system}.test-install-machine-with-system.config.system.build.diskoScript
self.clanInternals.machines.${pkgs.hostPlatform.system}.test-install-machine-with-system.config.system.clan.deployment.file
pkgs.stdenv.drvPath
pkgs.bash.drvPath
pkgs.nixos-anywhere
pkgs.bubblewrap
] ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs);
closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
# with Nix 2.24 we get:
# vm-test-run-test-installation> installer # error: sized: unexpected end-of-file
# vm-test-run-test-installation> installer # error: unexpected end-of-file
# This seems to be fixed with Nix 2.26
# Remove this line once `pkgs.nix` is 2.26+
nixPackage =
assert
lib.versionOlder pkgs.nix.version "2.26"
&& lib.versionAtLeast pkgs.nixVersions.latest.version "2.26";
pkgs.nixVersions.latest;
in
{
imports = [
(modulesPath + "/../tests/common/auto-format-root-device.nix")
];
networking.useNetworkd = true;
services.openssh.enable = true;
services.openssh.settings.UseDns = false;
services.openssh.settings.PasswordAuthentication = false;
system.nixos.variant_id = "installer";
environment.systemPackages = [
self.packages.${pkgs.system}.clan-cli-full
pkgs.nixos-facter
];
environment.etc."install-closure".source = "${closureInfo}/store-paths";
virtualisation.emptyDiskImages = [ 512 ];
virtualisation.diskSize = 8 * 1024;
virtualisation.rootDevice = "/dev/vdb";
# both installer and target need to use the same diskImage
virtualisation.diskImage = "./target.qcow2";
virtualisation.memorySize = 3048;
nix.package = nixPackage;
nix.settings = {
substituters = lib.mkForce [ ];
hashed-mirrors = null;
connect-timeout = lib.mkForce 3;
flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}'';
experimental-features = [
"nix-command"
"flakes"
];
};
users.users.nonrootuser = {
isNormalUser = true;
openssh.authorizedKeys.keyFiles = [ ../lib/ssh/pubkey ];
extraGroups = [ "wheel" ];
};
security.sudo.wheelNeedsPassword = false;
system.extraDependencies = dependencies;
};
in
{ {
# The purpose of this test is to ensure `clan machines install` works # The purpose of this test is to ensure `clan machines install` works
# for machines that don't have a hardware config yet. # for machines that don't have a hardware config yet.
# If this test starts failing it could be due to the `facter.json` being out of date # If this test starts failing it could be due to the `facter.json` being out of date
# you can get a new one by adding # you can get a new one by adding
# client.fail("cat test-flake/machines/test-install-machine/facter.json >&2") # server.fail("cat test-flake/machines/test-install-machine/facter.json >&2")
# to the installation test. # to the installation test.
clan.machines.test-install-machine = { clan.machines.test-install-machine = {
fileSystems."/".device = lib.mkDefault "/dev/vda"; fileSystems."/".device = lib.mkDefault "/dev/vda";
@@ -34,14 +100,15 @@
fileSystems."/".device = lib.mkDefault "/dev/vda"; fileSystems."/".device = lib.mkDefault "/dev/vda";
boot.loader.grub.device = lib.mkDefault "/dev/vda"; boot.loader.grub.device = lib.mkDefault "/dev/vda";
imports = [ self.nixosModules.test-install-machine ]; imports = [
self.nixosModules.test-install-machine
];
}; };
flake.nixosModules = { flake.nixosModules = {
test-install-machine = test-install-machine =
{ lib, modulesPath, ... }: { lib, modulesPath, ... }:
{ {
imports = [ imports = [
(modulesPath + "/testing/test-instrumentation.nix") # we need these 2 modules always to be able to run the tests
(modulesPath + "/profiles/qemu-guest.nix") (modulesPath + "/profiles/qemu-guest.nix")
../lib/minify.nix ../lib/minify.nix
]; ];
@@ -109,39 +176,15 @@
perSystem = perSystem =
{ {
pkgs, pkgs,
lib,
... ...
}: }:
let
dependencies = [
self
self.clanInternals.machines.${pkgs.hostPlatform.system}.test-install-machine-with-system.config.system.build.toplevel
self.clanInternals.machines.${pkgs.hostPlatform.system}.test-install-machine-with-system.config.system.build.diskoScript
self.clanInternals.machines.${pkgs.hostPlatform.system}.test-install-machine-with-system.config.system.clan.deployment.file
pkgs.stdenv.drvPath
pkgs.bash.drvPath
pkgs.nixos-anywhere
pkgs.bubblewrap
] ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs);
closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
# with Nix 2.24 we get:
# vm-test-run-test-installation> client # error: sized: unexpected end-of-file
# vm-test-run-test-installation> client # error: unexpected end-of-file
# This seems to be fixed with Nix 2.26
# Remove this line once `pkgs.nix` is 2.26+
nixPackage =
assert
lib.versionOlder pkgs.nix.version "2.26"
&& lib.versionAtLeast pkgs.nixVersions.latest.version "2.26";
pkgs.nixVersions.latest;
in
{ {
# On aarch64-linux, hangs on reboot with after installation: # On aarch64-linux, hangs on reboot with after installation:
# vm-test-run-test-installation-> installer # [ 288.002871] reboot: Restarting system # vm-test-run-test-installation-> installer # [ 288.002871] reboot: Restarting system
# vm-test-run-test-installation-> client # [test-install-machine] ### Done! ### # vm-test-run-test-installation-> server # [test-install-machine] ### Done! ###
# vm-test-run-test-installation-> client # [test-install-machine] + step 'Done!' # vm-test-run-test-installation-> server # [test-install-machine] + step 'Done!'
# vm-test-run-test-installation-> client # [test-install-machine] + echo '### Done! ###' # vm-test-run-test-installation-> server # [test-install-machine] + echo '### Done! ###'
# vm-test-run-test-installation-> client # [test-install-machine] + rm -rf /tmp/tmp.qb16EAq7hJ # vm-test-run-test-installation-> server # [test-install-machine] + rm -rf /tmp/tmp.qb16EAq7hJ
# vm-test-run-test-installation-> (finished: must succeed: clan machines install --debug --flake test-flake --yes test-install-machine --target-host root@installer --update-hardware-config nixos-facter >&2, in 154.62 seconds) # vm-test-run-test-installation-> (finished: must succeed: clan machines install --debug --flake test-flake --yes test-install-machine --target-host root@installer --update-hardware-config nixos-facter >&2, in 154.62 seconds)
# vm-test-run-test-installation-> target: starting vm # vm-test-run-test-installation-> target: starting vm
# vm-test-run-test-installation-> target: QEMU running (pid 144) # vm-test-run-test-installation-> target: QEMU running (pid 144)
@@ -150,100 +193,51 @@
# vm-test-run-test-installation-> target: Guest root shell did not produce any data yet... # vm-test-run-test-installation-> target: Guest root shell did not produce any data yet...
# vm-test-run-test-installation-> target: To debug, enter the VM and run 'systemctl status backdoor.service'. # vm-test-run-test-installation-> target: To debug, enter the VM and run 'systemctl status backdoor.service'.
checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux && !pkgs.stdenv.isAarch64) { checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux && !pkgs.stdenv.isAarch64) {
test-installation = (import ../lib/test-base.nix) { installation = (import ../lib/test-base.nix) {
name = "test-installation"; name = "installation";
nodes.target = { nodes.target = {
services.openssh.enable = true; services.openssh.enable = true;
virtualisation.diskImage = "./target.qcow2"; virtualisation.diskImage = "./target.qcow2";
virtualisation.useBootLoader = true; virtualisation.useBootLoader = true;
nix.package = nixPackage;
};
nodes.installer =
{ modulesPath, ... }:
{
imports = [
(modulesPath + "/../tests/common/auto-format-root-device.nix")
];
networking.useNetworkd = true;
services.openssh.enable = true;
system.nixos.variant_id = "installer";
environment.systemPackages = [ pkgs.nixos-facter ];
virtualisation.emptyDiskImages = [ 512 ];
virtualisation.diskSize = 8 * 1024;
virtualisation.rootDevice = "/dev/vdb";
# both installer and target need to use the same diskImage
virtualisation.diskImage = "./target.qcow2";
nix.package = nixPackage;
nix.settings = {
substituters = lib.mkForce [ ];
hashed-mirrors = null;
connect-timeout = lib.mkForce 3;
flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}'';
experimental-features = [
"nix-command"
"flakes"
];
};
users.users.nonrootuser = {
isNormalUser = true;
openssh.authorizedKeys.keyFiles = [ ../lib/ssh/pubkey ];
extraGroups = [ "wheel" ];
};
security.sudo.wheelNeedsPassword = false;
system.extraDependencies = dependencies;
};
nodes.client = {
networking.useNetworkd = true;
environment.systemPackages = [
self.packages.${pkgs.system}.clan-cli
] ++ self.packages.${pkgs.system}.clan-cli.runtimeDependencies;
environment.etc."install-closure".source = "${closureInfo}/store-paths";
virtualisation.memorySize = 3048;
nix.package = nixPackage;
nix.settings = {
substituters = lib.mkForce [ ];
hashed-mirrors = null;
connect-timeout = lib.mkForce 3;
flake-registry = pkgs.writeText "flake-registry" ''{"flakes":[],"version":2}'';
experimental-features = [
"nix-command"
"flakes"
];
};
system.extraDependencies = dependencies;
}; };
nodes.installer = installer;
testScript = '' testScript = ''
client.start()
installer.start() installer.start()
client.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../lib/ssh/privkey} /root/.ssh/id_ed25519") installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../lib/ssh/privkey} /root/.ssh/id_ed25519")
client.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@192.168.1.2 hostname") installer.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@localhost hostname")
client.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake") installer.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake")
client.fail("test -f test-flake/machines/test-install-machine/hardware-configuration.nix")
client.fail("test -f test-flake/machines/test-install-machine/facter.json")
client.succeed("clan machines update-hardware-config --flake test-flake test-install-machine nonrootuser@192.168.1.2 >&2") installer.succeed("clan machines install --no-reboot --debug --flake test-flake --yes test-install-machine --target-host nonrootuser@localhost --update-hardware-config nixos-facter >&2")
client.succeed("test -f test-flake/machines/test-install-machine/facter.json")
client.succeed("rm test-flake/machines/test-install-machine/facter.json")
client.succeed("clan machines update-hardware-config --backend nixos-generate-config --flake test-flake test-install-machine nonrootuser@192.168.1.2>&2") # We are missing the test instrumentation somehow. Test this later.
client.succeed("test -f test-flake/machines/test-install-machine/hardware-configuration.nix") #target.state_dir = installer.state_dir
client.succeed("rm test-flake/machines/test-install-machine/hardware-configuration.nix") #target.start()
#target.wait_for_unit("multi-user.target")
'';
} { inherit pkgs self; };
client.succeed("clan machines install --debug --flake test-flake --yes test-install-machine --target-host nonrootuser@192.168.1.2 --update-hardware-config nixos-facter >&2") update-hardware-configuration = (import ../lib/test-base.nix) {
name = "update-hardware-configuration";
nodes.installer = installer;
try: testScript = ''
installer.shutdown() installer.start()
except BrokenPipeError: installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../lib/ssh/privkey} /root/.ssh/id_ed25519")
# qemu has already exited installer.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@localhost hostname")
pass installer.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake")
installer.fail("test -f test-flake/machines/test-install-machine/hardware-configuration.nix")
installer.fail("test -f test-flake/machines/test-install-machine/facter.json")
target.state_dir = installer.state_dir installer.succeed("clan machines update-hardware-config --debug --flake test-flake test-install-machine nonrootuser@localhost >&2")
target.start() installer.succeed("test -f test-flake/machines/test-install-machine/facter.json")
target.wait_for_unit("multi-user.target") installer.succeed("rm test-flake/machines/test-install-machine/facter.json")
assert(target.succeed("cat /etc/install-successful").strip() == "ok")
installer.succeed("clan machines update-hardware-config --debug --backend nixos-generate-config --flake test-flake test-install-machine nonrootuser@localhost>&2")
installer.succeed("test -f test-flake/machines/test-install-machine/hardware-configuration.nix")
installer.succeed("rm test-flake/machines/test-install-machine/hardware-configuration.nix")
''; '';
} { inherit pkgs self; }; } { inherit pkgs self; };
}; };

9
pkgs/clan-cli/clan_cli/machines/hardware.py
View File

@@ -140,11 +140,12 @@ def generate_machine_hardware_info(opts: HardwareGenerateOptions) -> HardwareCon
if host.user != "root": if host.user != "root":
config_command.insert(0, "sudo") config_command.insert(0, "sudo")
deps = ["nixpkgs#openssh"]
if opts.password:
deps += ["nixpkgs#sshpass"]
cmd = nix_shell( cmd = nix_shell(
[ deps,
"nixpkgs#openssh",
"nixpkgs#sshpass",
],
[ [
*(["sshpass", "-p", opts.password] if opts.password else []), *(["sshpass", "-p", opts.password] if opts.password else []),
"ssh", "ssh",

7
pkgs/clan-cli/default.nix
View File

@@ -126,8 +126,11 @@ pythonRuntime.pkgs.buildPythonApplication {
# Define and expose the tests and checks to run in CI # Define and expose the tests and checks to run in CI
passthru.tests = passthru.tests =
(lib.mapAttrs' (n: lib.nameValuePair "clan-dep-${n}") testRuntimeDependenciesMap) {
// { clan-deps = pkgs.runCommand "clan-deps" { } ''
# ${builtins.toString (builtins.attrValues testRuntimeDependenciesMap)}
touch $out
'';
# disabled on macOS until we fix all remaining issues # disabled on macOS until we fix all remaining issues
clan-pytest-without-core = clan-pytest-without-core =
runCommand "clan-pytest-without-core" runCommand "clan-pytest-without-core"