aboutsummaryrefslogtreecommitdiff
path: root/nixpkgs/nixos/tests/google-oslogin/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/nixos/tests/google-oslogin/default.nix')
-rw-r--r--nixpkgs/nixos/tests/google-oslogin/default.nix18
1 files changed, 11 insertions, 7 deletions
diff --git a/nixpkgs/nixos/tests/google-oslogin/default.nix b/nixpkgs/nixos/tests/google-oslogin/default.nix
index 1977e92e987..97783c81f39 100644
--- a/nixpkgs/nixos/tests/google-oslogin/default.nix
+++ b/nixpkgs/nixos/tests/google-oslogin/default.nix
@@ -22,6 +22,8 @@ in {
client = { ... }: {};
};
testScript = ''
+ MOCKUSER = "mockuser_nixos_org"
+ MOCKADMIN = "mockadmin_nixos_org"
start_all()
server.wait_for_unit("mock-google-metadata.service")
@@ -29,10 +31,10 @@ in {
# mockserver should return a non-expired ssh key for both mockuser and mockadmin
server.succeed(
- '${pkgs.google-compute-engine-oslogin}/bin/google_authorized_keys mockuser | grep -q "${snakeOilPublicKey}"'
+ f'${pkgs.google-compute-engine-oslogin}/bin/google_authorized_keys {MOCKUSER} | grep -q "${snakeOilPublicKey}"'
)
server.succeed(
- '${pkgs.google-compute-engine-oslogin}/bin/google_authorized_keys mockadmin | grep -q "${snakeOilPublicKey}"'
+ f'${pkgs.google-compute-engine-oslogin}/bin/google_authorized_keys {MOCKADMIN} | grep -q "${snakeOilPublicKey}"'
)
# install snakeoil ssh key on the client, and provision .ssh/config file
@@ -50,20 +52,22 @@ in {
client.fail("ssh ghost@server 'true'")
# we should be able to connect as mockuser
- client.succeed("ssh mockuser@server 'true'")
+ client.succeed(f"ssh {MOCKUSER}@server 'true'")
# but we shouldn't be able to sudo
client.fail(
- "ssh mockuser@server '/run/wrappers/bin/sudo /run/current-system/sw/bin/id' | grep -q 'root'"
+ f"ssh {MOCKUSER}@server '/run/wrappers/bin/sudo /run/current-system/sw/bin/id' | grep -q 'root'"
)
# we should also be able to log in as mockadmin
- client.succeed("ssh mockadmin@server 'true'")
+ client.succeed(f"ssh {MOCKADMIN}@server 'true'")
# pam_oslogin_admin.so should now have generated a sudoers file
- server.succeed("find /run/google-sudoers.d | grep -q '/run/google-sudoers.d/mockadmin'")
+ server.succeed(
+ f"find /run/google-sudoers.d | grep -q '/run/google-sudoers.d/{MOCKADMIN}'"
+ )
# and we should be able to sudo
client.succeed(
- "ssh mockadmin@server '/run/wrappers/bin/sudo /run/current-system/sw/bin/id' | grep -q 'root'"
+ f"ssh {MOCKADMIN}@server '/run/wrappers/bin/sudo /run/current-system/sw/bin/id' | grep -q 'root'"
)
'';
})
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 23:44:13 +0000