{ pkgs, nixosLib, clan-core, ... }: nixosLib.runTest ( { ... }: { imports = [ clan-core.modules.nixosTest.clanTest ]; hostPkgs = pkgs; # This tests the compatibility of the inventory # With the test framework # - clan.service modules name = "service-dummy-test"; clan = { directory = ./.; inventory = { machines.peer1 = { }; machines.admin1 = { }; instances."test" = { module.name = "new-service"; module.input = "self"; roles.peer.machines.peer1 = { }; }; }; modules.new-service = { _class = "clan.service"; manifest.name = "new-service"; roles.peer = { }; perMachine = { nixosModule = { # This should be generated by: # nix run .#generate-test-vars -- checks/service-dummy-test service-dummy-test clan.core.vars.generators.new-service = { files.not-a-secret = { secret = false; deploy = true; }; files.a-secret = { secret = true; deploy = true; owner = "nobody"; group = "users"; mode = "0644"; }; script = '' # This is a dummy script that does nothing echo -n "not-a-secret" > $out/not-a-secret echo -n "a-secret" > $out/a-secret ''; }; }; }; }; }; testScript = { nodes, ... }: '' start_all() admin1.wait_for_unit("multi-user.target") peer1.wait_for_unit("multi-user.target") # peer1 should have the 'hello' file peer1.succeed("cat ${nodes.peer1.clan.core.vars.generators.new-service.files.not-a-secret.path}") ls_out = peer1.succeed("ls -la ${nodes.peer1.clan.core.vars.generators.new-service.files.a-secret.path}") # Check that the file is owned by 'nobody' assert "nobody" in ls_out, f"File is not owned by 'nobody': {ls_out}" # Check that the file is in the 'users' group assert "users" in ls_out, f"File is not in the 'users' group: {ls_out}" # Check that the file is in the '0644' mode assert "-rw-r--r--" in ls_out, f"File is not in the '0644' mode: {ls_out}" ''; } )