From f6e514ec6fc2b5558cda2b5e628aadf193ca3af4 Mon Sep 17 00:00:00 2001 From: Johannes Kirschbauer Date: Wed, 23 Apr 2025 16:11:40 +0200 Subject: [PATCH] Refactor: move checks/lib into lib/ to avoid duplicate lib Lets avoid the mistake of nixpkgs having multiple libs --- checks/{lib => assets}/ssh/privkey | 0 checks/{lib => assets}/ssh/pubkey | 0 checks/backups/flake-module.nix | 14 +++++++------- checks/borgbackup/default.nix | 6 +++--- checks/container/default.nix | 2 +- checks/flake-module.nix | 21 +++++++++++++-------- checks/flash/flake-module.nix | 2 +- checks/installation/flake-module.nix | 10 +++++----- checks/matrix-synapse/default.nix | 2 +- checks/morph/flake-module.nix | 2 +- checks/postgresql/default.nix | 2 +- checks/secrets/default.nix | 2 +- checks/wayland-proxy-virtwl/default.nix | 2 +- checks/zt-tcp-relay/default.nix | 2 +- {checks/lib => lib/test}/container-test.nix | 3 +++ lib/test/default.nix | 5 ++++- {checks/lib => lib/test}/test-base.nix | 0 17 files changed, 43 insertions(+), 32 deletions(-) rename checks/{lib => assets}/ssh/privkey (100%) rename checks/{lib => assets}/ssh/pubkey (100%) rename {checks/lib => lib/test}/container-test.nix (82%) rename {checks/lib => lib/test}/test-base.nix (100%) diff --git a/checks/lib/ssh/privkey b/checks/assets/ssh/privkey similarity index 100% rename from checks/lib/ssh/privkey rename to checks/assets/ssh/privkey diff --git a/checks/lib/ssh/pubkey b/checks/assets/ssh/pubkey similarity index 100% rename from checks/lib/ssh/pubkey rename to checks/assets/ssh/pubkey diff --git a/checks/backups/flake-module.nix b/checks/backups/flake-module.nix index 7c997abf4..bd3e8530d 100644 --- a/checks/backups/flake-module.nix +++ b/checks/backups/flake-module.nix @@ -36,7 +36,7 @@ # Borgbackup overrides services.borgbackup.repos.test-backups = { path = "/var/lib/borgbackup/test-backups"; - authorizedKeys = [ (builtins.readFile ../lib/ssh/pubkey) ]; + authorizedKeys = [ (builtins.readFile ../assets/ssh/pubkey) ]; }; clan.borgbackup.destinations.test-backup.repo = lib.mkForce "borg@machine:."; @@ -45,7 +45,7 @@ programs.ssh.knownHosts = { machine.hostNames = [ "machine" ]; - machine.publicKey = builtins.readFile ../lib/ssh/pubkey; + machine.publicKey = builtins.readFile ../assets/ssh/pubkey; }; services.openssh = { @@ -60,7 +60,7 @@ ]; }; - users.users.root.openssh.authorizedKeys.keyFiles = [ ../lib/ssh/pubkey ]; + users.users.root.openssh.authorizedKeys.keyFiles = [ ../assets/ssh/pubkey ]; # This is needed to unlock the user for sshd # Because we use sshd without setuid binaries @@ -68,21 +68,21 @@ systemd.tmpfiles.settings."vmsecrets" = { "/root/.ssh/id_ed25519" = { - C.argument = "${../lib/ssh/privkey}"; + C.argument = "${../assets/ssh/privkey}"; z = { mode = "0400"; user = "root"; }; }; "/etc/secrets/ssh.id_ed25519" = { - C.argument = "${../lib/ssh/privkey}"; + C.argument = "${../assets/ssh/privkey}"; z = { mode = "0400"; user = "root"; }; }; "/etc/secrets/borgbackup/borgbackup.ssh" = { - C.argument = "${../lib/ssh/privkey}"; + C.argument = "${../assets/ssh/privkey}"; z = { mode = "0400"; user = "root"; @@ -169,7 +169,7 @@ in { checks = pkgs.lib.mkIf pkgs.stdenv.isLinux { - backups = (import ../lib/container-test.nix) { + backups = self.clanLib.test.containerTest { name = "backups"; nodes.machine = { imports = diff --git a/checks/borgbackup/default.nix b/checks/borgbackup/default.nix index 5c3c8988f..85a6dba46 100644 --- a/checks/borgbackup/default.nix +++ b/checks/borgbackup/default.nix @@ -1,4 +1,4 @@ -(import ../lib/test-base.nix) ( +( { ... }: { name = "borgbackup"; @@ -12,7 +12,7 @@ { services.openssh.enable = true; services.borgbackup.repos.testrepo = { - authorizedKeys = [ (builtins.readFile ../lib/ssh/pubkey) ]; + authorizedKeys = [ (builtins.readFile ../assets/ssh/pubkey) ]; }; } { @@ -21,7 +21,7 @@ environment.etc.state.text = "hello world"; systemd.tmpfiles.settings."vmsecrets" = { "/etc/secrets/borgbackup/borgbackup.ssh" = { - C.argument = "${../lib/ssh/privkey}"; + C.argument = "${../assets/ssh/privkey}"; z = { mode = "0400"; user = "root"; diff --git a/checks/container/default.nix b/checks/container/default.nix index 1e491fc26..9f10f289d 100644 --- a/checks/container/default.nix +++ b/checks/container/default.nix @@ -1,4 +1,4 @@ -(import ../lib/container-test.nix) ( +( { ... }: { name = "container"; diff --git a/checks/flake-module.nix b/checks/flake-module.nix index 2e7526864..17f0022ef 100644 --- a/checks/flake-module.nix +++ b/checks/flake-module.nix @@ -33,20 +33,25 @@ in inherit (self) clanLib; }; nixosTests = lib.optionalAttrs (pkgs.stdenv.isLinux) { - # import our test - secrets = import ./secrets nixosTestArgs; - container = import ./container nixosTestArgs; # Deltachat is currently marked as broken # deltachat = import ./deltachat nixosTestArgs; - borgbackup = import ./borgbackup nixosTestArgs; - matrix-synapse = import ./matrix-synapse nixosTestArgs; + + # Base Tests + secrets = self.clanLib.test.baseTest ./secrets nixosTestArgs; + borgbackup = self.clanLib.test.baseTest ./borgbackup nixosTestArgs; + wayland-proxy-virtwl = self.clanLib.test.baseTest ./wayland-proxy-virtwl nixosTestArgs; + + # Container Tests + container = self.clanLib.test.containerTest ./container nixosTestArgs; + zt-tcp-relay = self.clanLib.test.containerTest ./zt-tcp-relay nixosTestArgs; + matrix-synapse = self.clanLib.test.containerTest ./matrix-synapse nixosTestArgs; + postgresql = self.clanLib.test.containerTest ./postgresql nixosTestArgs; + + # Clan Tests mumble = import ./mumble nixosTestArgs; dummy-inventory-test = import ./dummy-inventory-test nixosTestArgs; data-mesher = import ./data-mesher nixosTestArgs; syncthing = import ./syncthing nixosTestArgs; - zt-tcp-relay = import ./zt-tcp-relay nixosTestArgs; - postgresql = import ./postgresql nixosTestArgs; - wayland-proxy-virtwl = import ./wayland-proxy-virtwl nixosTestArgs; }; flakeOutputs = diff --git a/checks/flash/flake-module.nix b/checks/flash/flake-module.nix index f11e15a57..7d1e911e6 100644 --- a/checks/flash/flake-module.nix +++ b/checks/flash/flake-module.nix @@ -56,7 +56,7 @@ in { checks = pkgs.lib.mkIf pkgs.stdenv.isLinux { - flash = (import ../lib/test-base.nix) { + flash = self.clanLib.test.baseTest { name = "flash"; nodes.target = { virtualisation.emptyDiskImages = [ 4096 ]; diff --git a/checks/installation/flake-module.nix b/checks/installation/flake-module.nix index 30c909769..0132f708e 100644 --- a/checks/installation/flake-module.nix +++ b/checks/installation/flake-module.nix @@ -51,7 +51,7 @@ let }; users.users.nonrootuser = { isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ ../lib/ssh/pubkey ]; + openssh.authorizedKeys.keyFiles = [ ../assets/ssh/pubkey ]; extraGroups = [ "wheel" ]; }; security.sudo.wheelNeedsPassword = false; @@ -183,7 +183,7 @@ in # vm-test-run-test-installation-> target: Guest root shell did not produce any data yet... # vm-test-run-test-installation-> target: To debug, enter the VM and run 'systemctl status backdoor.service'. checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux && !pkgs.stdenv.isAarch64) { - installation = (import ../lib/test-base.nix) { + installation = self.clanLib.test.baseTest { name = "installation"; nodes.target = { services.openssh.enable = true; @@ -195,7 +195,7 @@ in testScript = '' installer.start() - installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../lib/ssh/privkey} /root/.ssh/id_ed25519") + installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../assets/ssh/privkey} /root/.ssh/id_ed25519") installer.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@localhost hostname") installer.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake") @@ -210,13 +210,13 @@ in ''; } { inherit pkgs self; }; - update-hardware-configuration = (import ../lib/test-base.nix) { + update-hardware-configuration = self.clanLib.test.baseTest { name = "update-hardware-configuration"; nodes.installer = installer; testScript = '' installer.start() - installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../lib/ssh/privkey} /root/.ssh/id_ed25519") + installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../assets/ssh/privkey} /root/.ssh/id_ed25519") installer.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@localhost hostname") installer.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake") installer.fail("test -f test-flake/machines/test-install-machine/hardware-configuration.nix") diff --git a/checks/matrix-synapse/default.nix b/checks/matrix-synapse/default.nix index e2379fff6..df6243220 100644 --- a/checks/matrix-synapse/default.nix +++ b/checks/matrix-synapse/default.nix @@ -1,4 +1,4 @@ -(import ../lib/container-test.nix) ( +( { pkgs, ... }: { name = "matrix-synapse"; diff --git a/checks/morph/flake-module.nix b/checks/morph/flake-module.nix index ad12428dd..8d591a9f0 100644 --- a/checks/morph/flake-module.nix +++ b/checks/morph/flake-module.nix @@ -24,7 +24,7 @@ }: { checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux && !pkgs.stdenv.isAarch64) { - morph = (import ../lib/test-base.nix) { + morph = self.clanLib.test.baseTest { name = "morph"; nodes = { diff --git a/checks/postgresql/default.nix b/checks/postgresql/default.nix index aba573c28..ac45ef5a9 100644 --- a/checks/postgresql/default.nix +++ b/checks/postgresql/default.nix @@ -1,4 +1,4 @@ -(import ../lib/container-test.nix) ({ +({ name = "postgresql"; nodes.machine = diff --git a/checks/secrets/default.nix b/checks/secrets/default.nix index 5665fb3ae..e471f581a 100644 --- a/checks/secrets/default.nix +++ b/checks/secrets/default.nix @@ -1,4 +1,4 @@ -(import ../lib/test-base.nix) { +{ name = "secrets"; nodes.machine = diff --git a/checks/wayland-proxy-virtwl/default.nix b/checks/wayland-proxy-virtwl/default.nix index a3e6ddc2d..d2bafbec3 100644 --- a/checks/wayland-proxy-virtwl/default.nix +++ b/checks/wayland-proxy-virtwl/default.nix @@ -1,4 +1,4 @@ -import ../lib/test-base.nix ( +( { config, pkgs, diff --git a/checks/zt-tcp-relay/default.nix b/checks/zt-tcp-relay/default.nix index ae1991ea9..ed8283c72 100644 --- a/checks/zt-tcp-relay/default.nix +++ b/checks/zt-tcp-relay/default.nix @@ -1,4 +1,4 @@ -(import ../lib/container-test.nix) ( +( { pkgs, ... }: { name = "zt-tcp-relay"; diff --git a/checks/lib/container-test.nix b/lib/test/container-test.nix similarity index 82% rename from checks/lib/container-test.nix rename to lib/test/container-test.nix index 452197172..c0ffc406a 100644 --- a/checks/lib/container-test.nix +++ b/lib/test/container-test.nix @@ -17,9 +17,12 @@ in clan.core.settings.machine.name = config.networking.hostName; }; }; + # TODO: Remove this. We should not pass special args in the test framework + # Instead each test can forward the special args it needs # to accept external dependencies such as disko node.specialArgs.self = self; _module.args = { inherit self; }; + imports = [ test ../../lib/test/container-test-driver/driver-module.nix diff --git a/lib/test/default.nix b/lib/test/default.nix index 7ea6f703d..05d4e5ffe 100644 --- a/lib/test/default.nix +++ b/lib/test/default.nix @@ -7,9 +7,12 @@ let in { + # + containerTest = import ./container-test.nix; + baseTest = import ./test-base.nix; + # flakeModules = clanLib.callLib ./flakeModules.nix { }; - # minifyModule = ./minify.nix; sopsModule = ./sops.nix; # A function that returns an extension to runTest diff --git a/checks/lib/test-base.nix b/lib/test/test-base.nix similarity index 100% rename from checks/lib/test-base.nix rename to lib/test/test-base.nix