diff options
Diffstat (limited to 'nixpkgs/nixos/tests')
216 files changed, 4367 insertions, 3906 deletions
diff --git a/nixpkgs/nixos/tests/acme.nix b/nixpkgs/nixos/tests/acme.nix index 8cfdea4a16e..6bd315ff1ea 100644 --- a/nixpkgs/nixos/tests/acme.nix +++ b/nixpkgs/nixos/tests/acme.nix @@ -1,6 +1,6 @@ let commonConfig = ./common/letsencrypt/common.nix; -in import ./make-test.nix { +in import ./make-test-python.nix { name = "acme"; nodes = rec { @@ -12,8 +12,11 @@ in import ./make-test.nix { networking.extraHosts = '' ${config.networking.primaryIPAddress} standalone.com ''; - security.acme.certs."standalone.com" = { - webroot = "/var/lib/acme/acme-challenges"; + security.acme = { + server = "https://acme-v02.api.letsencrypt.org/dir"; + certs."standalone.com" = { + webroot = "/var/lib/acme/acme-challenges"; + }; }; systemd.targets."acme-finished-standalone.com" = {}; systemd.services."acme-standalone.com" = { @@ -54,6 +57,8 @@ in import ./make-test.nix { ''; }; + security.acme.server = "https://acme-v02.api.letsencrypt.org/dir"; + nesting.clone = [ ({pkgs, ...}: { @@ -80,36 +85,49 @@ in import ./make-test.nix { client = commonConfig; }; - testScript = {nodes, ...}: + testScript = {nodes, ...}: let newServerSystem = nodes.webserver2.config.system.build.toplevel; switchToNewServer = "${newServerSystem}/bin/switch-to-configuration test"; in - # Note, waitForUnit does not work for oneshot services that do not have RemainAfterExit=true, + # Note, wait_for_unit does not work for oneshot services that do not have RemainAfterExit=true, # this is because a oneshot goes from inactive => activating => inactive, and never # reaches the active state. To work around this, we create some mock target units which # get pulled in by the oneshot units. The target units linger after activation, and hence we # can use them to probe that a oneshot fired. It is a bit ugly, but it is the best we can do '' - $client->waitForUnit("default.target"); - $letsencrypt->waitForUnit("default.target"); - $letsencrypt->waitForUnit("boulder.service"); - - subtest "can request certificate with HTTPS-01 challenge", sub { - $acmeStandalone->waitForUnit("default.target"); - $acmeStandalone->succeed("systemctl start acme-standalone.com.service"); - $acmeStandalone->waitForUnit("acme-finished-standalone.com.target"); - }; + client.start() + letsencrypt.start() + acmeStandalone.start() - subtest "Can request certificate for nginx service", sub { - $webserver->waitForUnit("acme-finished-a.example.com.target"); - $client->succeed('curl https://a.example.com/ | grep -qF "hello world"'); - }; + letsencrypt.wait_for_unit("default.target") + letsencrypt.wait_for_unit("pebble.service") - subtest "Can add another certificate for nginx service", sub { - $webserver->succeed("/run/current-system/fine-tune/child-1/bin/switch-to-configuration test"); - $webserver->waitForUnit("acme-finished-b.example.com.target"); - $client->succeed('curl https://b.example.com/ | grep -qF "hello world"'); - }; + with subtest("can request certificate with HTTPS-01 challenge"): + acmeStandalone.wait_for_unit("default.target") + acmeStandalone.succeed("systemctl start acme-standalone.com.service") + acmeStandalone.wait_for_unit("acme-finished-standalone.com.target") + + client.wait_for_unit("default.target") + + client.succeed("curl https://acme-v02.api.letsencrypt.org:15000/roots/0 > /tmp/ca.crt") + client.succeed( + "curl https://acme-v02.api.letsencrypt.org:15000/intermediate-keys/0 >> /tmp/ca.crt" + ) + + with subtest("Can request certificate for nginx service"): + webserver.wait_for_unit("acme-finished-a.example.com.target") + client.succeed( + "curl --cacert /tmp/ca.crt https://a.example.com/ | grep -qF 'hello world'" + ) + + with subtest("Can add another certificate for nginx service"): + webserver.succeed( + "/run/current-system/fine-tune/child-1/bin/switch-to-configuration test" + ) + webserver.wait_for_unit("acme-finished-b.example.com.target") + client.succeed( + "curl --cacert /tmp/ca.crt https://b.example.com/ | grep -qF 'hello world'" + ) ''; } diff --git a/nixpkgs/nixos/tests/all-tests.nix b/nixpkgs/nixos/tests/all-tests.nix index e94c9712cbf..df65ef249e8 100644 --- a/nixpkgs/nixos/tests/all-tests.nix +++ b/nixpkgs/nixos/tests/all-tests.nix @@ -28,7 +28,7 @@ in babeld = handleTest ./babeld.nix {}; bcachefs = handleTestOn ["x86_64-linux"] ./bcachefs.nix {}; # linux-4.18.2018.10.12 is unsupported on aarch64 beanstalkd = handleTest ./beanstalkd.nix {}; - beegfs = handleTestOn ["x86_64-linux"] ./beegfs.nix {}; # beegfs is unsupported on aarch64 + bees = handleTest ./bees.nix {}; bind = handleTest ./bind.nix {}; bittorrent = handleTest ./bittorrent.nix {}; #blivet = handleTest ./blivet.nix {}; # broken since 2017-07024 @@ -39,7 +39,8 @@ in caddy = handleTest ./caddy.nix {}; cadvisor = handleTestOn ["x86_64-linux"] ./cadvisor.nix {}; cassandra = handleTest ./cassandra.nix {}; - ceph = handleTestOn ["x86_64-linux"] ./ceph.nix {}; + ceph-single-node = handleTestOn ["x86_64-linux"] ./ceph-single-node.nix {}; + ceph-multi-node = handleTestOn ["x86_64-linux"] ./ceph-multi-node.nix {}; certmgr = handleTest ./certmgr.nix {}; cfssl = handleTestOn ["x86_64-linux"] ./cfssl.nix {}; chromium = (handleTestOn ["x86_64-linux"] ./chromium.nix {}).stable or {}; @@ -47,14 +48,12 @@ in clickhouse = handleTest ./clickhouse.nix {}; cloud-init = handleTest ./cloud-init.nix {}; codimd = handleTest ./codimd.nix {}; - colord = handleTest ./colord.nix {}; containers-bridge = handleTest ./containers-bridge.nix {}; containers-ephemeral = handleTest ./containers-ephemeral.nix {}; containers-extra_veth = handleTest ./containers-extra_veth.nix {}; containers-hosts = handleTest ./containers-hosts.nix {}; containers-imperative = handleTest ./containers-imperative.nix {}; - containers-ipv4 = handleTest ./containers-ipv4.nix {}; - containers-ipv6 = handleTest ./containers-ipv6.nix {}; + containers-ip = handleTest ./containers-ip.nix {}; containers-macvlans = handleTest ./containers-macvlans.nix {}; containers-physical_interfaces = handleTest ./containers-physical_interfaces.nix {}; containers-restart_networking = handleTest ./containers-restart_networking.nix {}; @@ -81,31 +80,26 @@ in env = handleTest ./env.nix {}; etcd = handleTestOn ["x86_64-linux"] ./etcd.nix {}; etcd-cluster = handleTestOn ["x86_64-linux"] ./etcd-cluster.nix {}; + fancontrol = handleTest ./fancontrol.nix {}; ferm = handleTest ./ferm.nix {}; firefox = handleTest ./firefox.nix {}; firewall = handleTest ./firewall.nix {}; fish = handleTest ./fish.nix {}; flannel = handleTestOn ["x86_64-linux"] ./flannel.nix {}; - flatpak = handleTest ./flatpak.nix {}; - flatpak-builder = handleTest ./flatpak-builder.nix {}; fluentd = handleTest ./fluentd.nix {}; fontconfig-default-fonts = handleTest ./fontconfig-default-fonts.nix {}; fsck = handleTest ./fsck.nix {}; - fwupd = handleTestOn ["x86_64-linux"] ./fwupd.nix {}; # libsmbios is unsupported on aarch64 - gdk-pixbuf = handleTest ./gdk-pixbuf.nix {}; + gotify-server = handleTest ./gotify-server.nix {}; gitea = handleTest ./gitea.nix {}; gitlab = handleTest ./gitlab.nix {}; gitolite = handleTest ./gitolite.nix {}; - gjs = handleTest ./gjs.nix {}; - glib-networking = handleTest ./glib-networking.nix {}; glusterfs = handleTest ./glusterfs.nix {}; gnome3-xorg = handleTest ./gnome3-xorg.nix {}; gnome3 = handleTest ./gnome3.nix {}; - gnome-photos = handleTest ./gnome-photos.nix {}; + installed-tests = pkgs.recurseIntoAttrs (handleTest ./installed-tests {}); gocd-agent = handleTest ./gocd-agent.nix {}; gocd-server = handleTest ./gocd-server.nix {}; google-oslogin = handleTest ./google-oslogin {}; - graphene = handleTest ./graphene.nix {}; grafana = handleTest ./grafana.nix {}; graphite = handleTest ./graphite.nix {}; graylog = handleTest ./graylog.nix {}; @@ -132,7 +126,6 @@ in jackett = handleTest ./jackett.nix {}; jellyfin = handleTest ./jellyfin.nix {}; jenkins = handleTest ./jenkins.nix {}; - jormungandr = handleTest ./jormungandr.nix {}; kafka = handleTest ./kafka.nix {}; kerberos = handleTest ./kerberos/default.nix {}; kernel-latest = handleTest ./kernel-latest.nix {}; @@ -147,16 +140,17 @@ in latestKernel.login = handleTest ./login.nix { latestKernel = true; }; ldap = handleTest ./ldap.nix {}; leaps = handleTest ./leaps.nix {}; - libgdata = handleTest ./libgdata.nix {}; - libxmlb = handleTest ./libxmlb.nix {}; lidarr = handleTest ./lidarr.nix {}; lightdm = handleTest ./lightdm.nix {}; limesurvey = handleTest ./limesurvey.nix {}; login = handleTest ./login.nix {}; loki = handleTest ./loki.nix {}; #logstash = handleTest ./logstash.nix {}; + lorri = handleTest ./lorri/default.nix {}; + magnetico = handleTest ./magnetico.nix {}; mailcatcher = handleTest ./mailcatcher.nix {}; mathics = handleTest ./mathics.nix {}; + matomo = handleTest ./matomo.nix {}; matrix-synapse = handleTest ./matrix-synapse.nix {}; mediawiki = handleTest ./mediawiki.nix {}; memcached = handleTest ./memcached.nix {}; @@ -166,6 +160,7 @@ in minio = handleTest ./minio.nix {}; minidlna = handleTest ./minidlna.nix {}; misc = handleTest ./misc.nix {}; + moinmoin = handleTest ./moinmoin.nix {}; mongodb = handleTest ./mongodb.nix {}; moodle = handleTest ./moodle.nix {}; morty = handleTest ./morty.nix {}; @@ -201,16 +196,16 @@ in novacomd = handleTestOn ["x86_64-linux"] ./novacomd.nix {}; nsd = handleTest ./nsd.nix {}; nzbget = handleTest ./nzbget.nix {}; + openarena = handleTest ./openarena.nix {}; openldap = handleTest ./openldap.nix {}; opensmtpd = handleTest ./opensmtpd.nix {}; openssh = handleTest ./openssh.nix {}; # openstack-image-userdata doesn't work in a sandbox as the simulated openstack instance needs network access #openstack-image-userdata = (handleTestOn ["x86_64-linux"] ./openstack-image.nix {}).userdata or {}; openstack-image-metadata = (handleTestOn ["x86_64-linux"] ./openstack-image.nix {}).metadata or {}; + orangefs = handleTest ./orangefs.nix {}; os-prober = handleTestOn ["x86_64-linux"] ./os-prober.nix {}; - osquery = handleTest ./osquery.nix {}; osrm-backend = handleTest ./osrm-backend.nix {}; - ostree = handleTest ./ostree.nix {}; overlayfs = handleTest ./overlayfs.nix {}; packagekit = handleTest ./packagekit.nix {}; pam-oath-login = handleTest ./pam-oath-login.nix {}; @@ -236,7 +231,6 @@ in prosodyMysql = handleTest ./xmpp/prosody-mysql.nix {}; proxy = handleTest ./proxy.nix {}; quagga = handleTest ./quagga.nix {}; - quake3 = handleTest ./quake3.nix {}; rabbitmq = handleTest ./rabbitmq.nix {}; radarr = handleTest ./radarr.nix {}; radicale = handleTest ./radicale.nix {}; @@ -250,9 +244,9 @@ in rxe = handleTest ./rxe.nix {}; samba = handleTest ./samba.nix {}; sddm = handleTest ./sddm.nix {}; + shiori = handleTest ./shiori.nix {}; signal-desktop = handleTest ./signal-desktop.nix {}; simple = handleTest ./simple.nix {}; - slim = handleTest ./slim.nix {}; slurm = handleTest ./slurm.nix {}; smokeping = handleTest ./smokeping.nix {}; snapper = handleTest ./snapper.nix {}; @@ -267,6 +261,7 @@ in systemd-confinement = handleTest ./systemd-confinement.nix {}; systemd-timesyncd = handleTest ./systemd-timesyncd.nix {}; systemd-networkd-wireguard = handleTest ./systemd-networkd-wireguard.nix {}; + systemd-nspawn = handleTest ./systemd-nspawn.nix {}; pdns-recursor = handleTest ./pdns-recursor.nix {}; taskserver = handleTest ./taskserver.nix {}; telegraf = handleTest ./telegraf.nix {}; @@ -274,7 +269,9 @@ in tinydns = handleTest ./tinydns.nix {}; tor = handleTest ./tor.nix {}; transmission = handleTest ./transmission.nix {}; + trac = handleTest ./trac.nix {}; trezord = handleTest ./trezord.nix {}; + trickster = handleTest ./trickster.nix {}; udisks2 = handleTest ./udisks2.nix {}; upnp = handleTest ./upnp.nix {}; uwsgi = handleTest ./uwsgi.nix {}; @@ -282,14 +279,14 @@ in virtualbox = handleTestOn ["x86_64-linux"] ./virtualbox.nix {}; wireguard = handleTest ./wireguard {}; wireguard-generated = handleTest ./wireguard/generated.nix {}; + wireguard-namespaces = handleTest ./wireguard/namespaces.nix {}; wordpress = handleTest ./wordpress.nix {}; xautolock = handleTest ./xautolock.nix {}; - xdg-desktop-portal = handleTest ./xdg-desktop-portal.nix {}; xfce = handleTest ./xfce.nix {}; - xfce4-14 = handleTest ./xfce4-14.nix {}; xmonad = handleTest ./xmonad.nix {}; xrdp = handleTest ./xrdp.nix {}; xss-lock = handleTest ./xss-lock.nix {}; yabar = handleTest ./yabar.nix {}; + yggdrasil = handleTest ./yggdrasil.nix {}; zookeeper = handleTest ./zookeeper.nix {}; } diff --git a/nixpkgs/nixos/tests/ammonite.nix b/nixpkgs/nixos/tests/ammonite.nix index fedfde233e8..1955e42be5f 100644 --- a/nixpkgs/nixos/tests/ammonite.nix +++ b/nixpkgs/nixos/tests/ammonite.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "ammonite"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ nequissimus ]; @@ -13,8 +13,8 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all() - $amm->succeed("amm -c 'val foo = 21; println(foo * 2)' | grep 42") + amm.succeed("amm -c 'val foo = 21; println(foo * 2)' | grep 42") ''; }) diff --git a/nixpkgs/nixos/tests/atd.nix b/nixpkgs/nixos/tests/atd.nix index 25db7279924..c3abe5c253d 100644 --- a/nixpkgs/nixos/tests/atd.nix +++ b/nixpkgs/nixos/tests/atd.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: { name = "atd"; @@ -14,18 +14,18 @@ import ./make-test.nix ({ pkgs, ... }: # "at" has a resolution of 1 minute testScript = '' - startAll; + start_all() - $machine->waitForUnit('atd.service'); # wait for atd to start - $machine->fail("test -f ~root/at-1"); - $machine->fail("test -f ~alice/at-1"); + machine.wait_for_unit("atd.service") # wait for atd to start + machine.fail("test -f ~root/at-1") + machine.fail("test -f ~alice/at-1") - $machine->succeed("echo 'touch ~root/at-1' | at now+1min"); - $machine->succeed("su - alice -c \"echo 'touch at-1' | at now+1min\""); + machine.succeed("echo 'touch ~root/at-1' | at now+1min") + machine.succeed("su - alice -c \"echo 'touch at-1' | at now+1min\"") - $machine->succeed("sleep 1.5m"); + machine.succeed("sleep 1.5m") - $machine->succeed("test -f ~root/at-1"); - $machine->succeed("test -f ~alice/at-1"); + machine.succeed("test -f ~root/at-1") + machine.succeed("test -f ~alice/at-1") ''; }) diff --git a/nixpkgs/nixos/tests/automysqlbackup.nix b/nixpkgs/nixos/tests/automysqlbackup.nix index ada104a34de..224b93862fb 100644 --- a/nixpkgs/nixos/tests/automysqlbackup.nix +++ b/nixpkgs/nixos/tests/automysqlbackup.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "automysqlbackup"; @@ -15,20 +15,24 @@ import ./make-test.nix ({ pkgs, lib, ... }: }; testScript = '' - startAll; + start_all() # Need to have mysql started so that it can be populated with data. - $machine->waitForUnit("mysql.service"); - - # Wait for testdb to be fully populated (5 rows). - $machine->waitUntilSucceeds("mysql -u root -D testdb -N -B -e 'select count(id) from tests' | grep -q 5"); - - # Do a backup and wait for it to start - $machine->startJob("automysqlbackup.service"); - $machine->waitForJob("automysqlbackup.service"); - - # wait for backup file and check that data appears in backup - $machine->waitForFile("/var/backup/mysql/daily/testdb"); - $machine->succeed("${pkgs.gzip}/bin/zcat /var/backup/mysql/daily/testdb/daily_testdb_*.sql.gz | grep hello"); + machine.wait_for_unit("mysql.service") + + with subtest("Wait for testdb to be fully populated (5 rows)."): + machine.wait_until_succeeds( + "mysql -u root -D testdb -N -B -e 'select count(id) from tests' | grep -q 5" + ) + + with subtest("Do a backup and wait for it to start"): + machine.start_job("automysqlbackup.service") + machine.wait_for_job("automysqlbackup.service") + + with subtest("wait for backup file and check that data appears in backup"): + machine.wait_for_file("/var/backup/mysql/daily/testdb") + machine.succeed( + "${pkgs.gzip}/bin/zcat /var/backup/mysql/daily/testdb/daily_testdb_*.sql.gz | grep hello" + ) ''; }) diff --git a/nixpkgs/nixos/tests/avahi.nix b/nixpkgs/nixos/tests/avahi.nix index ae4f54d5266..fe027c14d5a 100644 --- a/nixpkgs/nixos/tests/avahi.nix +++ b/nixpkgs/nixos/tests/avahi.nix @@ -1,5 +1,5 @@ # Test whether `avahi-daemon' and `libnss-mdns' work as expected. -import ./make-test.nix ({ pkgs, ... } : { +import ./make-test-python.nix ({ pkgs, ... } : { name = "avahi"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ eelco ]; @@ -23,45 +23,45 @@ import ./make-test.nix ({ pkgs, ... } : { two = cfg; }; - testScript = - '' startAll; + testScript = '' + start_all() - # mDNS. - $one->waitForUnit("network.target"); - $two->waitForUnit("network.target"); + # mDNS. + one.wait_for_unit("network.target") + two.wait_for_unit("network.target") - $one->succeed("avahi-resolve-host-name one.local | tee out >&2"); - $one->succeed("test \"`cut -f1 < out`\" = one.local"); - $one->succeed("avahi-resolve-host-name two.local | tee out >&2"); - $one->succeed("test \"`cut -f1 < out`\" = two.local"); + one.succeed("avahi-resolve-host-name one.local | tee out >&2") + one.succeed('test "`cut -f1 < out`" = one.local') + one.succeed("avahi-resolve-host-name two.local | tee out >&2") + one.succeed('test "`cut -f1 < out`" = two.local') - $two->succeed("avahi-resolve-host-name one.local | tee out >&2"); - $two->succeed("test \"`cut -f1 < out`\" = one.local"); - $two->succeed("avahi-resolve-host-name two.local | tee out >&2"); - $two->succeed("test \"`cut -f1 < out`\" = two.local"); + two.succeed("avahi-resolve-host-name one.local | tee out >&2") + two.succeed('test "`cut -f1 < out`" = one.local') + two.succeed("avahi-resolve-host-name two.local | tee out >&2") + two.succeed('test "`cut -f1 < out`" = two.local') - # Basic DNS-SD. - $one->succeed("avahi-browse -r -t _workstation._tcp | tee out >&2"); - $one->succeed("test `wc -l < out` -gt 0"); - $two->succeed("avahi-browse -r -t _workstation._tcp | tee out >&2"); - $two->succeed("test `wc -l < out` -gt 0"); + # Basic DNS-SD. + one.succeed("avahi-browse -r -t _workstation._tcp | tee out >&2") + one.succeed("test `wc -l < out` -gt 0") + two.succeed("avahi-browse -r -t _workstation._tcp | tee out >&2") + two.succeed("test `wc -l < out` -gt 0") - # More DNS-SD. - $one->execute("avahi-publish -s \"This is a test\" _test._tcp 123 one=1 &"); - $one->sleep(5); - $two->succeed("avahi-browse -r -t _test._tcp | tee out >&2"); - $two->succeed("test `wc -l < out` -gt 0"); + # More DNS-SD. + one.execute('avahi-publish -s "This is a test" _test._tcp 123 one=1 &') + one.sleep(5) + two.succeed("avahi-browse -r -t _test._tcp | tee out >&2") + two.succeed("test `wc -l < out` -gt 0") - # NSS-mDNS. - $one->succeed("getent hosts one.local >&2"); - $one->succeed("getent hosts two.local >&2"); - $two->succeed("getent hosts one.local >&2"); - $two->succeed("getent hosts two.local >&2"); + # NSS-mDNS. + one.succeed("getent hosts one.local >&2") + one.succeed("getent hosts two.local >&2") + two.succeed("getent hosts one.local >&2") + two.succeed("getent hosts two.local >&2") - # extra service definitions - $one->succeed("avahi-browse -r -t _ssh._tcp | tee out >&2"); - $one->succeed("test `wc -l < out` -gt 0"); - $two->succeed("avahi-browse -r -t _ssh._tcp | tee out >&2"); - $two->succeed("test `wc -l < out` -gt 0"); - ''; + # extra service definitions + one.succeed("avahi-browse -r -t _ssh._tcp | tee out >&2") + one.succeed("test `wc -l < out` -gt 0") + two.succeed("avahi-browse -r -t _ssh._tcp | tee out >&2") + two.succeed("test `wc -l < out` -gt 0") + ''; }) diff --git a/nixpkgs/nixos/tests/babeld.nix b/nixpkgs/nixos/tests/babeld.nix index 5242cf395d7..fafa788ba57 100644 --- a/nixpkgs/nixos/tests/babeld.nix +++ b/nixpkgs/nixos/tests/babeld.nix @@ -1,5 +1,5 @@ -import ./make-test.nix ({ pkgs, lib, ...} : { +import ./make-test-python.nix ({ pkgs, lib, ...} : { name = "babeld"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ hexa ]; @@ -21,7 +21,7 @@ import ./make-test.nix ({ pkgs, lib, ...} : { }; }; - localRouter = { pkgs, lib, ... }: + local_router = { pkgs, lib, ... }: { virtualisation.vlans = [ 10 20 ]; @@ -70,7 +70,7 @@ import ./make-test.nix ({ pkgs, lib, ...} : { ''; }; }; - remoteRouter = { pkgs, lib, ... }: + remote_router = { pkgs, lib, ... }: { virtualisation.vlans = [ 20 30 ]; @@ -124,25 +124,25 @@ import ./make-test.nix ({ pkgs, lib, ...} : { testScript = '' - startAll; + start_all() - $client->waitForUnit("network-online.target"); - $localRouter->waitForUnit("network-online.target"); - $remoteRouter->waitForUnit("network-online.target"); + client.wait_for_unit("network-online.target") + local_router.wait_for_unit("network-online.target") + remote_router.wait_for_unit("network-online.target") - $localRouter->waitForUnit("babeld.service"); - $remoteRouter->waitForUnit("babeld.service"); + local_router.wait_for_unit("babeld.service") + remote_router.wait_for_unit("babeld.service") - $localRouter->waitUntilSucceeds("ip route get 192.168.30.1"); - $localRouter->waitUntilSucceeds("ip route get 2001:db8:30::1"); + local_router.wait_until_succeeds("ip route get 192.168.30.1") + local_router.wait_until_succeeds("ip route get 2001:db8:30::1") - $remoteRouter->waitUntilSucceeds("ip route get 192.168.10.1"); - $remoteRouter->waitUntilSucceeds("ip route get 2001:db8:10::1"); + remote_router.wait_until_succeeds("ip route get 192.168.10.1") + remote_router.wait_until_succeeds("ip route get 2001:db8:10::1") - $client->succeed("ping -c1 192.168.30.1"); - $client->succeed("ping -c1 2001:db8:30::1"); + client.succeed("ping -c1 192.168.30.1") + client.succeed("ping -c1 2001:db8:30::1") - $remoteRouter->succeed("ping -c1 192.168.10.2"); - $remoteRouter->succeed("ping -c1 2001:db8:10::2"); + remote_router.succeed("ping -c1 192.168.10.2") + remote_router.succeed("ping -c1 2001:db8:10::2") ''; }) diff --git a/nixpkgs/nixos/tests/bcachefs.nix b/nixpkgs/nixos/tests/bcachefs.nix index 658676ef0ab..0541e580322 100644 --- a/nixpkgs/nixos/tests/bcachefs.nix +++ b/nixpkgs/nixos/tests/bcachefs.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "bcachefs"; meta.maintainers = with pkgs.stdenv.lib.maintainers; [ chiiruno ]; @@ -10,29 +10,25 @@ import ./make-test.nix ({ pkgs, ... }: { }; testScript = '' - $machine->succeed("modprobe bcachefs"); - $machine->succeed("bcachefs version"); - $machine->succeed("ls /dev"); + machine.succeed("modprobe bcachefs") + machine.succeed("bcachefs version") + machine.succeed("ls /dev") - $machine->succeed( - "mkdir /tmp/mnt", - - "udevadm settle", - "parted --script /dev/vdb mklabel msdos", - "parted --script /dev/vdb -- mkpart primary 1024M -1s", - "udevadm settle", - - # Due to #32279, we cannot use encryption for this test yet - # "echo password | bcachefs format --encrypted /dev/vdb1", - # "echo password | bcachefs unlock /dev/vdb1", - "bcachefs format /dev/vdb1", - "mount -t bcachefs /dev/vdb1 /tmp/mnt", - "udevadm settle", - - "bcachefs fs usage /tmp/mnt", - - "umount /tmp/mnt", - "udevadm settle" - ); + machine.succeed( + "mkdir /tmp/mnt", + "udevadm settle", + "parted --script /dev/vdb mklabel msdos", + "parted --script /dev/vdb -- mkpart primary 1024M -1s", + "udevadm settle", + # Due to #32279, we cannot use encryption for this test yet + # "echo password | bcachefs format --encrypted /dev/vdb1", + # "echo password | bcachefs unlock /dev/vdb1", + "bcachefs format /dev/vdb1", + "mount -t bcachefs /dev/vdb1 /tmp/mnt", + "udevadm settle", + "bcachefs fs usage /tmp/mnt", + "umount /tmp/mnt", + "udevadm settle", + ) ''; }) diff --git a/nixpkgs/nixos/tests/beanstalkd.nix b/nixpkgs/nixos/tests/beanstalkd.nix index fa2fbc2c92a..4f4a454fb47 100644 --- a/nixpkgs/nixos/tests/beanstalkd.nix +++ b/nixpkgs/nixos/tests/beanstalkd.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: let pythonEnv = pkgs.python3.withPackages (p: [p.beanstalkc]); @@ -34,12 +34,16 @@ in }; testScript = '' - startAll; + start_all() - $machine->waitForUnit('beanstalkd.service'); + machine.wait_for_unit("beanstalkd.service") - $machine->succeed("${produce}"); - $machine->succeed("${consume}") eq "this is a job\n" or die; - $machine->succeed("${consume}") eq "this is another job\n" or die; + machine.succeed("${produce}") + assert "this is a job\n" == machine.succeed( + "${consume}" + ) + assert "this is another job\n" == machine.succeed( + "${consume}" + ) ''; }) diff --git a/nixpkgs/nixos/tests/beegfs.nix b/nixpkgs/nixos/tests/beegfs.nix deleted file mode 100644 index 3465272f559..00000000000 --- a/nixpkgs/nixos/tests/beegfs.nix +++ /dev/null @@ -1,115 +0,0 @@ -import ./make-test.nix ({ ... } : - -let - connAuthFile="beegfs/auth-def.key"; - - client = { pkgs, ... } : { - networking.firewall.enable = false; - services.beegfsEnable = true; - services.beegfs.default = { - mgmtdHost = "mgmt"; - connAuthFile = "/etc/${connAuthFile}"; - client = { - mount = false; - enable = true; - }; - }; - - fileSystems = pkgs.lib.mkVMOverride # FIXME: this should be creatd by the module - [ { mountPoint = "/beegfs"; - device = "default"; - fsType = "beegfs"; - options = [ "cfgFile=/etc/beegfs/client-default.conf" "_netdev" ]; - } - ]; - - environment.etc.${connAuthFile} = { - enable = true; - text = "ThisIsALousySecret"; - mode = "0600"; - }; - }; - - - server = service : { pkgs, ... } : { - networking.firewall.enable = false; - boot.initrd.postDeviceCommands = '' - ${pkgs.e2fsprogs}/bin/mkfs.ext4 -L data /dev/vdb - ''; - - virtualisation.emptyDiskImages = [ 4096 ]; - - fileSystems = pkgs.lib.mkVMOverride - [ { mountPoint = "/data"; - device = "/dev/disk/by-label/data"; - fsType = "ext4"; - } - ]; - - environment.systemPackages = with pkgs; [ beegfs ]; - environment.etc.${connAuthFile} = { - enable = true; - text = "ThisIsALousySecret"; - mode = "0600"; - }; - - services.beegfsEnable = true; - services.beegfs.default = { - mgmtdHost = "mgmt"; - connAuthFile = "/etc/${connAuthFile}"; - ${service} = { - enable = true; - storeDir = "/data"; - }; - }; - }; - -in -{ - name = "beegfs"; - - nodes = { - meta = server "meta"; - mgmt = server "mgmtd"; - storage1 = server "storage"; - storage2 = server "storage"; - client1 = client; - client2 = client; - }; - - testScript = '' - # Initalize the data directories - $mgmt->waitForUnit("default.target"); - $mgmt->succeed("beegfs-setup-mgmtd -C -f -p /data"); - $mgmt->succeed("systemctl start beegfs-mgmtd-default"); - - $meta->waitForUnit("default.target"); - $meta->succeed("beegfs-setup-meta -C -f -s 1 -p /data"); - $meta->succeed("systemctl start beegfs-meta-default"); - - $storage1->waitForUnit("default.target"); - $storage1->succeed("beegfs-setup-storage -C -f -s 1 -i 1 -p /data"); - $storage1->succeed("systemctl start beegfs-storage-default"); - - $storage2->waitForUnit("default.target"); - $storage2->succeed("beegfs-setup-storage -C -f -s 2 -i 2 -p /data"); - $storage2->succeed("systemctl start beegfs-storage-default"); - - # - - # Basic test - $client1->waitForUnit("beegfs.mount"); - $client1->succeed("beegfs-check-servers-default"); - $client1->succeed("echo test > /beegfs/test"); - $client2->waitForUnit("beegfs.mount"); - $client2->succeed("test -e /beegfs/test"); - $client2->succeed("cat /beegfs/test | grep test"); - - # test raid0/stripping - $client1->succeed("dd if=/dev/urandom bs=1M count=10 of=/beegfs/striped"); - $client2->succeed("cat /beegfs/striped > /dev/null"); - - # check if fs is still healthy - $client1->succeed("beegfs-fsck-default --checkfs"); - ''; -}) diff --git a/nixpkgs/nixos/tests/bees.nix b/nixpkgs/nixos/tests/bees.nix index 6f68c2f834f..6e6a9c3446b 100644 --- a/nixpkgs/nixos/tests/bees.nix +++ b/nixpkgs/nixos/tests/bees.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, ... }: +import ./make-test-python.nix ({ lib, pkgs, ... }: { name = "bees"; @@ -29,27 +29,34 @@ import ./make-test.nix ({ lib, ... }: testScript = let - withRetry = content: maxTests: sleepTime: '' - max_tests=${lib.escapeShellArg maxTests}; sleep_time=${lib.escapeShellArg sleepTime}; for ((i=0; i<max_tests; i++)); do ${content} && exit 0; sleep "$sleep_time"; done; exit 1; + someContentIsShared = loc: pkgs.writeShellScript "some-content-is-shared" '' + [[ $(btrfs fi du -s --raw ${lib.escapeShellArg loc}/dedup-me-{1,2} | awk 'BEGIN { count=0; } NR>1 && $3 == 0 { count++ } END { print count }') -eq 0 ]] ''; - someContentIsShared = loc: ''[[ $(btrfs fi du -s --raw ${lib.escapeShellArg loc}/dedup-me-{1,2} | awk 'BEGIN { count=0; } NR>1 && $3 == 0 { count++ } END { print count }') -eq 0 ]]''; in '' # shut down the instance started by systemd at boot, so we can test our test procedure - $machine->succeed("systemctl stop beesd\@aux1.service"); + machine.succeed("systemctl stop beesd@aux1.service") - $machine->succeed("dd if=/dev/urandom of=/aux1/dedup-me-1 bs=1M count=8"); - $machine->succeed("cp --reflink=never /aux1/dedup-me-1 /aux1/dedup-me-2"); - $machine->succeed("cp --reflink=never /aux1/* /aux2/"); - $machine->succeed("sync"); - $machine->fail(q(${someContentIsShared "/aux1"})); - $machine->fail(q(${someContentIsShared "/aux2"})); - $machine->succeed("systemctl start beesd\@aux1.service"); + machine.succeed( + "dd if=/dev/urandom of=/aux1/dedup-me-1 bs=1M count=8", + "cp --reflink=never /aux1/dedup-me-1 /aux1/dedup-me-2", + "cp --reflink=never /aux1/* /aux2/", + "sync", + ) + machine.fail( + "${someContentIsShared "/aux1"}", + "${someContentIsShared "/aux2"}", + ) + machine.succeed("systemctl start beesd@aux1.service") # assert that "Set Shared" column is nonzero - $machine->succeed(q(${withRetry (someContentIsShared "/aux1") 20 2})); - $machine->fail(q(${someContentIsShared "/aux2"})); + machine.wait_until_succeeds( + "${someContentIsShared "/aux1"}", + ) + machine.fail("${someContentIsShared "/aux2"}") # assert that 16MB hash table size requested was honored - $machine->succeed(q([[ $(stat -c %s /aux1/.beeshome/beeshash.dat) = $(( 16 * 1024 * 1024)) ]])) + machine.succeed( + "[[ $(stat -c %s /aux1/.beeshome/beeshash.dat) = $(( 16 * 1024 * 1024)) ]]" + ) ''; }) diff --git a/nixpkgs/nixos/tests/bind.nix b/nixpkgs/nixos/tests/bind.nix index 1f8c1dc7be4..09917b15a8e 100644 --- a/nixpkgs/nixos/tests/bind.nix +++ b/nixpkgs/nixos/tests/bind.nix @@ -1,4 +1,4 @@ -import ./make-test.nix { +import ./make-test-python.nix { name = "bind"; machine = { pkgs, lib, ... }: { @@ -20,8 +20,8 @@ import ./make-test.nix { }; testScript = '' - $machine->waitForUnit('bind.service'); - $machine->waitForOpenPort(53); - $machine->succeed('host 192.168.0.1 127.0.0.1 | grep -qF ns.example.org'); + machine.wait_for_unit("bind.service") + machine.wait_for_open_port(53) + machine.succeed("host 192.168.0.1 127.0.0.1 | grep -qF ns.example.org") ''; } diff --git a/nixpkgs/nixos/tests/bittorrent.nix b/nixpkgs/nixos/tests/bittorrent.nix index 3b1169a1b7f..e5be652c711 100644 --- a/nixpkgs/nixos/tests/bittorrent.nix +++ b/nixpkgs/nixos/tests/bittorrent.nix @@ -6,7 +6,7 @@ # which only works if the first client successfully uses the UPnP-IGD # protocol to poke a hole in the NAT. -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: let @@ -108,42 +108,56 @@ in testScript = { nodes, ... }: '' - startAll; + start_all() # Wait for network and miniupnpd. - $router->waitForUnit("network-online.target"); - $router->waitForUnit("miniupnpd"); + router.wait_for_unit("network-online.target") + router.wait_for_unit("miniupnpd") # Create the torrent. - $tracker->succeed("mkdir /tmp/data"); - $tracker->succeed("cp ${file} /tmp/data/test.tar.bz2"); - $tracker->succeed("transmission-create /tmp/data/test.tar.bz2 --private --tracker http://${externalTrackerAddress}:6969/announce --outfile /tmp/test.torrent"); - $tracker->succeed("chmod 644 /tmp/test.torrent"); + tracker.succeed("mkdir /tmp/data") + tracker.succeed( + "cp ${file} /tmp/data/test.tar.bz2" + ) + tracker.succeed( + "transmission-create /tmp/data/test.tar.bz2 --private --tracker http://${externalTrackerAddress}:6969/announce --outfile /tmp/test.torrent" + ) + tracker.succeed("chmod 644 /tmp/test.torrent") # Start the tracker. !!! use a less crappy tracker - $tracker->waitForUnit("network-online.target"); - $tracker->waitForUnit("opentracker.service"); - $tracker->waitForOpenPort(6969); + tracker.wait_for_unit("network-online.target") + tracker.wait_for_unit("opentracker.service") + tracker.wait_for_open_port(6969) # Start the initial seeder. - $tracker->succeed("transmission-remote --add /tmp/test.torrent --no-portmap --no-dht --download-dir /tmp/data"); + tracker.succeed( + "transmission-remote --add /tmp/test.torrent --no-portmap --no-dht --download-dir /tmp/data" + ) # Now we should be able to download from the client behind the NAT. - $tracker->waitForUnit("httpd"); - $client1->waitForUnit("network-online.target"); - $client1->succeed("transmission-remote --add http://${externalTrackerAddress}/test.torrent --download-dir /tmp >&2 &"); - $client1->waitForFile("/tmp/test.tar.bz2"); - $client1->succeed("cmp /tmp/test.tar.bz2 ${file}"); + tracker.wait_for_unit("httpd") + client1.wait_for_unit("network-online.target") + client1.succeed( + "transmission-remote --add http://${externalTrackerAddress}/test.torrent --download-dir /tmp >&2 &" + ) + client1.wait_for_file("/tmp/test.tar.bz2") + client1.succeed( + "cmp /tmp/test.tar.bz2 ${file}" + ) # Bring down the initial seeder. - # $tracker->stopJob("transmission"); + # tracker.stop_job("transmission") # Now download from the second client. This can only succeed if # the first client created a NAT hole in the router. - $client2->waitForUnit("network-online.target"); - $client2->succeed("transmission-remote --add http://${externalTrackerAddress}/test.torrent --no-portmap --no-dht --download-dir /tmp >&2 &"); - $client2->waitForFile("/tmp/test.tar.bz2"); - $client2->succeed("cmp /tmp/test.tar.bz2 ${file}"); + client2.wait_for_unit("network-online.target") + client2.succeed( + "transmission-remote --add http://${externalTrackerAddress}/test.torrent --no-portmap --no-dht --download-dir /tmp >&2 &" + ) + client2.wait_for_file("/tmp/test.tar.bz2") + client2.succeed( + "cmp /tmp/test.tar.bz2 ${file}" + ) ''; }) diff --git a/nixpkgs/nixos/tests/boot-stage1.nix b/nixpkgs/nixos/tests/boot-stage1.nix index b2e74bff6fc..cfb2ccb8285 100644 --- a/nixpkgs/nixos/tests/boot-stage1.nix +++ b/nixpkgs/nixos/tests/boot-stage1.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "boot-stage1"; machine = { config, pkgs, lib, ... }: { @@ -150,12 +150,12 @@ import ./make-test.nix ({ pkgs, ... }: { }; testScript = '' - $machine->waitForUnit("multi-user.target"); - $machine->succeed('test -s /run/canary2.pid'); - $machine->fail('pgrep -a canary1'); - $machine->fail('kill -0 $(< /run/canary2.pid)'); - $machine->succeed('pgrep -a -f \'^@canary3$\'''); - $machine->succeed('pgrep -a -f \'^kcanary$\'''); + machine.wait_for_unit("multi-user.target") + machine.succeed("test -s /run/canary2.pid") + machine.fail("pgrep -a canary1") + machine.fail("kill -0 $(< /run/canary2.pid)") + machine.succeed('pgrep -a -f "^@canary3$"') + machine.succeed('pgrep -a -f "^kcanary$"') ''; meta.maintainers = with pkgs.stdenv.lib.maintainers; [ aszlig ]; diff --git a/nixpkgs/nixos/tests/boot.nix b/nixpkgs/nixos/tests/boot.nix index 57d8006d7ac..c5040f3b31f 100644 --- a/nixpkgs/nixos/tests/boot.nix +++ b/nixpkgs/nixos/tests/boot.nix @@ -3,7 +3,7 @@ pkgs ? import ../.. { inherit system config; } }: -with import ../lib/testing.nix { inherit system pkgs; }; +with import ../lib/testing-python.nix { inherit system pkgs; }; with pkgs.lib; let @@ -17,11 +17,11 @@ let ]; }).config.system.build.isoImage; - perlAttrs = params: "{ ${concatStringsSep ", " (mapAttrsToList (name: param: "${name} => ${builtins.toJSON param}") params)} }"; + pythonDict = params: "\n {\n ${concatStringsSep ",\n " (mapAttrsToList (name: param: "\"${name}\": \"${param}\"") params)},\n }\n"; makeBootTest = name: extraConfig: let - machineConfig = perlAttrs ({ qemuFlags = "-m 768"; } // extraConfig); + machineConfig = pythonDict ({ qemuFlags = "-m 768"; } // extraConfig); in makeTest { inherit iso; @@ -29,16 +29,16 @@ let nodes = { }; testScript = '' - my $machine = createMachine(${machineConfig}); - $machine->start; - $machine->waitForUnit("multi-user.target"); - $machine->succeed("nix verify -r --no-trust /run/current-system"); + machine = create_machine(${machineConfig}) + machine.start() + machine.wait_for_unit("multi-user.target") + machine.succeed("nix verify -r --no-trust /run/current-system") - # Test whether the channel got installed correctly. - $machine->succeed("nix-instantiate --dry-run '<nixpkgs>' -A hello"); - $machine->succeed("nix-env --dry-run -iA nixos.procps"); + with subtest("Check whether the channel got installed correctly"): + machine.succeed("nix-instantiate --dry-run '<nixpkgs>' -A hello") + machine.succeed("nix-env --dry-run -iA nixos.procps") - $machine->shutdown; + machine.shutdown() ''; }; @@ -60,7 +60,7 @@ let config.system.build.netbootIpxeScript ]; }; - machineConfig = perlAttrs ({ + machineConfig = pythonDict ({ qemuFlags = "-boot order=n -m 2000"; netBackendArgs = "tftp=${ipxeBootDir},bootfile=netboot.ipxe"; } // extraConfig); @@ -68,12 +68,11 @@ let makeTest { name = "boot-netboot-" + name; nodes = { }; - testScript = - '' - my $machine = createMachine(${machineConfig}); - $machine->start; - $machine->waitForUnit("multi-user.target"); - $machine->shutdown; + testScript = '' + machine = create_machine(${machineConfig}) + machine.start() + machine.wait_for_unit("multi-user.target") + machine.shutdown() ''; }; in { diff --git a/nixpkgs/nixos/tests/borgbackup.nix b/nixpkgs/nixos/tests/borgbackup.nix index 165f64b0d6d..d97471e293e 100644 --- a/nixpkgs/nixos/tests/borgbackup.nix +++ b/nixpkgs/nixos/tests/borgbackup.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: let passphrase = "supersecret"; @@ -106,60 +106,70 @@ in { }; testScript = '' - startAll; - - $client->fail('test -d "${remoteRepo}"'); - - $client->succeed("cp ${privateKey} /root/id_ed25519"); - $client->succeed("chmod 0600 /root/id_ed25519"); - $client->succeed("cp ${privateKeyAppendOnly} /root/id_ed25519.appendOnly"); - $client->succeed("chmod 0600 /root/id_ed25519.appendOnly"); - - $client->succeed("mkdir -p ${dataDir}"); - $client->succeed("touch ${dataDir}/${excludeFile}"); - $client->succeed("echo '${keepFileData}' > ${dataDir}/${keepFile}"); - - subtest "local", sub { - my $borg = "BORG_PASSPHRASE='${passphrase}' borg"; - $client->systemctl("start --wait borgbackup-job-local"); - $client->fail("systemctl is-failed borgbackup-job-local"); - # Make sure exactly one archive has been created - $client->succeed("c=\$($borg list '${localRepo}' | wc -l) && [[ \$c == '1' ]]"); - # Make sure excludeFile has been excluded - $client->fail("$borg list '${localRepo}::${archiveName}' | grep -qF '${excludeFile}'"); - # Make sure keepFile has the correct content - $client->succeed("$borg extract '${localRepo}::${archiveName}'"); - $client->succeed('c=$(cat ${dataDir}/${keepFile}) && [[ "$c" == "${keepFileData}" ]]'); - # Make sure the same is true when using `borg mount` - $client->succeed("mkdir -p /mnt/borg && $borg mount '${localRepo}::${archiveName}' /mnt/borg"); - $client->succeed('c=$(cat /mnt/borg/${dataDir}/${keepFile}) && [[ "$c" == "${keepFileData}" ]]'); - }; - - subtest "remote", sub { - my $borg = "BORG_RSH='ssh -oStrictHostKeyChecking=no -i /root/id_ed25519' borg"; - $server->waitForUnit("sshd.service"); - $client->waitForUnit("network.target"); - $client->systemctl("start --wait borgbackup-job-remote"); - $client->fail("systemctl is-failed borgbackup-job-remote"); - - # Make sure we can't access repos other than the specified one - $client->fail("$borg list borg\@server:wrong"); - - #TODO: Make sure that data is actually deleted - }; - - subtest "remoteAppendOnly", sub { - my $borg = "BORG_RSH='ssh -oStrictHostKeyChecking=no -i /root/id_ed25519.appendOnly' borg"; - $server->waitForUnit("sshd.service"); - $client->waitForUnit("network.target"); - $client->systemctl("start --wait borgbackup-job-remoteAppendOnly"); - $client->fail("systemctl is-failed borgbackup-job-remoteAppendOnly"); - - # Make sure we can't access repos other than the specified one - $client->fail("$borg list borg\@server:wrong"); - - #TODO: Make sure that data is not actually deleted - }; - + start_all() + + client.fail('test -d "${remoteRepo}"') + + client.succeed( + "cp ${privateKey} /root/id_ed25519" + ) + client.succeed("chmod 0600 /root/id_ed25519") + client.succeed( + "cp ${privateKeyAppendOnly} /root/id_ed25519.appendOnly" + ) + client.succeed("chmod 0600 /root/id_ed25519.appendOnly") + + client.succeed("mkdir -p ${dataDir}") + client.succeed("touch ${dataDir}/${excludeFile}") + client.succeed("echo '${keepFileData}' > ${dataDir}/${keepFile}") + + with subtest("local"): + borg = "BORG_PASSPHRASE='${passphrase}' borg" + client.systemctl("start --wait borgbackup-job-local") + client.fail("systemctl is-failed borgbackup-job-local") + # Make sure exactly one archive has been created + assert int(client.succeed("{} list '${localRepo}' | wc -l".format(borg))) > 0 + # Make sure excludeFile has been excluded + client.fail( + "{} list '${localRepo}::${archiveName}' | grep -qF '${excludeFile}'".format(borg) + ) + # Make sure keepFile has the correct content + client.succeed("{} extract '${localRepo}::${archiveName}'".format(borg)) + assert "${keepFileData}" in client.succeed("cat ${dataDir}/${keepFile}") + # Make sure the same is true when using `borg mount` + client.succeed( + "mkdir -p /mnt/borg && {} mount '${localRepo}::${archiveName}' /mnt/borg".format( + borg + ) + ) + assert "${keepFileData}" in client.succeed( + "cat /mnt/borg/${dataDir}/${keepFile}" + ) + + with subtest("remote"): + borg = "BORG_RSH='ssh -oStrictHostKeyChecking=no -i /root/id_ed25519' borg" + server.wait_for_unit("sshd.service") + client.wait_for_unit("network.target") + client.systemctl("start --wait borgbackup-job-remote") + client.fail("systemctl is-failed borgbackup-job-remote") + + # Make sure we can't access repos other than the specified one + client.fail("{} list borg\@server:wrong".format(borg)) + + # TODO: Make sure that data is actually deleted + + with subtest("remoteAppendOnly"): + borg = ( + "BORG_RSH='ssh -oStrictHostKeyChecking=no -i /root/id_ed25519.appendOnly' borg" + ) + server.wait_for_unit("sshd.service") + client.wait_for_unit("network.target") + client.systemctl("start --wait borgbackup-job-remoteAppendOnly") + client.fail("systemctl is-failed borgbackup-job-remoteAppendOnly") + + # Make sure we can't access repos other than the specified one + client.fail("{} list borg\@server:wrong".format(borg)) + + # TODO: Make sure that data is not actually deleted ''; }) diff --git a/nixpkgs/nixos/tests/caddy.nix b/nixpkgs/nixos/tests/caddy.nix index ab9d2fbf4d1..fc10df0c79b 100644 --- a/nixpkgs/nixos/tests/caddy.nix +++ b/nixpkgs/nixos/tests/caddy.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "caddy"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ xfix ]; @@ -50,33 +50,38 @@ import ./make-test.nix ({ pkgs, ... }: { etagSystem = "${nodes.webserver.config.system.build.toplevel}/fine-tune/child-1"; justReloadSystem = "${nodes.webserver.config.system.build.toplevel}/fine-tune/child-2"; in '' - my $url = 'http://localhost/example.html'; - $webserver->waitForUnit("caddy"); - $webserver->waitForOpenPort("80"); + url = "http://localhost/example.html" + webserver.wait_for_unit("caddy") + webserver.wait_for_open_port("80") - sub checkEtag { - my $etag = $webserver->succeed( - 'curl -v '.$url.' 2>&1 | sed -n -e "s/^< [Ee][Tt][Aa][Gg]: *//p"' - ); - $etag =~ s/\r?\n$//; - my $httpCode = $webserver->succeed( - 'curl -w "%{http_code}" -X HEAD -H \'If-None-Match: '.$etag.'\' '.$url - ); - die "HTTP code is not 304" unless $httpCode == 304; - return $etag; - } - subtest "check ETag if serving Nix store paths", sub { - my $oldEtag = checkEtag; - $webserver->succeed("${etagSystem}/bin/switch-to-configuration test >&2"); - $webserver->sleep(1); # race condition - my $newEtag = checkEtag; - die "Old ETag $oldEtag is the same as $newEtag" if $oldEtag eq $newEtag; - }; + def check_etag(url): + etag = webserver.succeed( + "curl -v '{}' 2>&1 | sed -n -e \"s/^< [Ee][Tt][Aa][Gg]: *//p\"".format(url) + ) + etag = etag.replace("\r\n", " ") + http_code = webserver.succeed( + "curl -w \"%{{http_code}}\" -X HEAD -H 'If-None-Match: {}' {}".format(etag, url) + ) + assert int(http_code) == 304, "HTTP code is not 304" + return etag - subtest "config is reloaded on nixos-rebuild switch", sub { - $webserver->succeed("${justReloadSystem}/bin/switch-to-configuration test >&2"); - $webserver->waitForOpenPort("8080"); - }; + + with subtest("check ETag if serving Nix store paths"): + old_etag = check_etag(url) + webserver.succeed( + "${etagSystem}/bin/switch-to-configuration test >&2" + ) + webserver.sleep(1) + new_etag = check_etag(url) + assert old_etag != new_etag, "Old ETag {} is the same as {}".format( + old_etag, new_etag + ) + + with subtest("config is reloaded on nixos-rebuild switch"): + webserver.succeed( + "${justReloadSystem}/bin/switch-to-configuration test >&2" + ) + webserver.wait_for_open_port("8080") ''; }) diff --git a/nixpkgs/nixos/tests/cadvisor.nix b/nixpkgs/nixos/tests/cadvisor.nix index e60bae4b700..60c04f14780 100644 --- a/nixpkgs/nixos/tests/cadvisor.nix +++ b/nixpkgs/nixos/tests/cadvisor.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... } : { +import ./make-test-python.nix ({ pkgs, ... } : { name = "cadvisor"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ offline ]; @@ -16,20 +16,19 @@ import ./make-test.nix ({ pkgs, ... } : { }; }; - testScript = - '' - startAll; - $machine->waitForUnit("cadvisor.service"); - $machine->succeed("curl http://localhost:8080/containers/"); + testScript = '' + start_all() + machine.wait_for_unit("cadvisor.service") + machine.succeed("curl http://localhost:8080/containers/") - $influxdb->waitForUnit("influxdb.service"); + influxdb.wait_for_unit("influxdb.service") # create influxdb database - $influxdb->succeed(q~ - curl -XPOST http://localhost:8086/query --data-urlencode "q=CREATE DATABASE root" - ~); + influxdb.succeed( + 'curl -XPOST http://localhost:8086/query --data-urlencode "q=CREATE DATABASE root"' + ) - $influxdb->waitForUnit("cadvisor.service"); - $influxdb->succeed("curl http://localhost:8080/containers/"); + influxdb.wait_for_unit("cadvisor.service") + influxdb.succeed("curl http://localhost:8080/containers/") ''; }) diff --git a/nixpkgs/nixos/tests/cassandra.nix b/nixpkgs/nixos/tests/cassandra.nix index c55733c9be7..05607956a9d 100644 --- a/nixpkgs/nixos/tests/cassandra.nix +++ b/nixpkgs/nixos/tests/cassandra.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: let # Change this to test a different version of Cassandra: testPackage = pkgs.cassandra; @@ -9,13 +9,16 @@ let jmxRolesFile = ./cassandra-jmx-roles; jmxAuthArgs = "-u ${(builtins.elemAt jmxRoles 0).username} -pw ${(builtins.elemAt jmxRoles 0).password}"; jmxPort = 7200; # Non-standard port so it doesn't accidentally work + jmxPortStr = toString jmxPort; - # Would usually be assigned to 512M + # Would usually be assigned to 512M. + # Set it to a different value, so that we can check whether our config + # actually changes it. numMaxHeapSize = "400"; getHeapLimitCommand = '' - nodetool info -p ${toString jmxPort} | grep "^Heap Memory" | awk \'{print $NF}\' + nodetool info -p ${jmxPortStr} | grep "^Heap Memory" | awk '{print $NF}' ''; - checkHeapLimitCommand = '' + checkHeapLimitCommand = pkgs.writeShellScript "check-heap-limit.sh" '' [ 1 -eq "$(echo "$(${getHeapLimitCommand}) < ${numMaxHeapSize}" | ${pkgs.bc}/bin/bc)" ] ''; @@ -44,7 +47,10 @@ let }; in { - name = "cassandra-ci"; + name = "cassandra"; + meta = { + maintainers = with lib.maintainers; [ johnazoidberg ]; + }; nodes = { cass0 = nodeCfg "192.168.1.1" {}; @@ -52,66 +58,74 @@ in cass2 = nodeCfg "192.168.1.3" { jvmOpts = [ "-Dcassandra.replace_address=cass1" ]; }; }; - testScript = let - jmxPortS = toString jmxPort; - in '' + testScript = '' # Check configuration - subtest "Timers exist", sub { - $cass0->succeed("systemctl list-timers | grep cassandra-full-repair.timer"); - $cass0->succeed("systemctl list-timers | grep cassandra-incremental-repair.timer"); - }; - subtest "Can connect via cqlsh", sub { - $cass0->waitForUnit("cassandra.service"); - $cass0->waitUntilSucceeds("nc -z cass0 9042"); - $cass0->succeed("echo 'show version;' | cqlsh cass0"); - }; - subtest "Nodetool is operational", sub { - $cass0->waitForUnit("cassandra.service"); - $cass0->waitUntilSucceeds("nc -z localhost ${jmxPortS}"); - $cass0->succeed("nodetool status -p ${jmxPortS} --resolve-ip | egrep '^UN[[:space:]]+cass0'"); - }; - subtest "Cluster name was set", sub { - $cass0->waitForUnit("cassandra.service"); - $cass0->waitUntilSucceeds("nc -z localhost ${jmxPortS}"); - $cass0->waitUntilSucceeds("nodetool describecluster -p ${jmxPortS} | grep 'Name: ${clusterName}'"); - }; - subtest "Heap limit set correctly", sub { - # Nodetool takes a while until it can display info - $cass0->waitUntilSucceeds('nodetool info -p ${jmxPortS}'); - $cass0->succeed('${checkHeapLimitCommand}'); - }; + with subtest("Timers exist"): + cass0.succeed("systemctl list-timers | grep cassandra-full-repair.timer") + cass0.succeed("systemctl list-timers | grep cassandra-incremental-repair.timer") + + with subtest("Can connect via cqlsh"): + cass0.wait_for_unit("cassandra.service") + cass0.wait_until_succeeds("nc -z cass0 9042") + cass0.succeed("echo 'show version;' | cqlsh cass0") + + with subtest("Nodetool is operational"): + cass0.wait_for_unit("cassandra.service") + cass0.wait_until_succeeds("nc -z localhost ${jmxPortStr}") + cass0.succeed("nodetool status -p ${jmxPortStr} --resolve-ip | egrep '^UN[[:space:]]+cass0'") + + with subtest("Cluster name was set"): + cass0.wait_for_unit("cassandra.service") + cass0.wait_until_succeeds("nc -z localhost ${jmxPortStr}") + cass0.wait_until_succeeds( + "nodetool describecluster -p ${jmxPortStr} | grep 'Name: ${clusterName}'" + ) + + with subtest("Heap limit set correctly"): + # Nodetool takes a while until it can display info + cass0.wait_until_succeeds("nodetool info -p ${jmxPortStr}") + cass0.succeed("${checkHeapLimitCommand}") # Check cluster interaction - subtest "Bring up cluster", sub { - $cass1->waitForUnit("cassandra.service"); - $cass1->waitUntilSucceeds("nodetool -p ${jmxPortS} ${jmxAuthArgs} status | egrep -c '^UN' | grep 2"); - $cass0->succeed("nodetool status -p ${jmxPortS} --resolve-ip | egrep '^UN[[:space:]]+cass1'"); - }; + with subtest("Bring up cluster"): + cass1.wait_for_unit("cassandra.service") + cass1.wait_until_succeeds( + "nodetool -p ${jmxPortStr} ${jmxAuthArgs} status | egrep -c '^UN' | grep 2" + ) + cass0.succeed("nodetool status -p ${jmxPortStr} --resolve-ip | egrep '^UN[[:space:]]+cass1'") '' + lib.optionalString testRemoteAuth '' - subtest "Remote authenticated jmx", sub { - # Doesn't work if not enabled - $cass0->waitUntilSucceeds("nc -z localhost ${jmxPortS}"); - $cass1->fail("nc -z 192.168.1.1 ${toString jmxPort}"); - $cass1->fail("nodetool -p ${jmxPortS} -h 192.168.1.1 status"); + with subtest("Remote authenticated jmx"): + # Doesn't work if not enabled + cass0.wait_until_succeeds("nc -z localhost ${jmxPortStr}") + cass1.fail("nc -z 192.168.1.1 ${jmxPortStr}") + cass1.fail("nodetool -p ${jmxPortStr} -h 192.168.1.1 status") - # Works if enabled - $cass1->waitUntilSucceeds("nc -z localhost ${toString jmxPort}"); - $cass0->succeed("nodetool -p ${jmxPortS} -h 192.168.1.2 ${jmxAuthArgs} status"); - }; + # Works if enabled + cass1.wait_until_succeeds("nc -z localhost ${jmxPortStr}") + cass0.succeed("nodetool -p ${jmxPortStr} -h 192.168.1.2 ${jmxAuthArgs} status") '' + '' - subtest "Break and fix node", sub { - $cass1->block; - $cass0->waitUntilSucceeds("nodetool status -p ${jmxPortS} --resolve-ip | egrep -c '^DN[[:space:]]+cass1'"); - $cass0->succeed("nodetool status -p ${jmxPortS} | egrep -c '^UN' | grep 1"); - $cass1->unblock; - $cass1->waitUntilSucceeds("nodetool -p ${jmxPortS} ${jmxAuthArgs} status | egrep -c '^UN' | grep 2"); - $cass0->succeed("nodetool status -p ${jmxPortS} | egrep -c '^UN' | grep 2"); - }; - subtest "Replace crashed node", sub { - $cass1->crash; - $cass2->waitForUnit("cassandra.service"); - $cass0->waitUntilFails("nodetool status -p ${jmxPortS} --resolve-ip | egrep '^UN[[:space:]]+cass1'"); - $cass0->waitUntilSucceeds("nodetool status -p ${jmxPortS} --resolve-ip | egrep '^UN[[:space:]]+cass2'"); - }; + with subtest("Break and fix node"): + cass1.block() + cass0.wait_until_succeeds( + "nodetool status -p ${jmxPortStr} --resolve-ip | egrep -c '^DN[[:space:]]+cass1'" + ) + cass0.succeed("nodetool status -p ${jmxPortStr} | egrep -c '^UN' | grep 1") + cass1.unblock() + cass1.wait_until_succeeds( + "nodetool -p ${jmxPortStr} ${jmxAuthArgs} status | egrep -c '^UN' | grep 2" + ) + cass0.succeed("nodetool status -p ${jmxPortStr} | egrep -c '^UN' | grep 2") + + with subtest("Replace crashed node"): + cass1.block() # .crash() waits until it's fully shutdown + cass2.start() + cass0.wait_until_fails( + "nodetool status -p ${jmxPortStr} --resolve-ip | egrep '^UN[[:space:]]+cass1'" + ) + + cass2.wait_for_unit("cassandra.service") + cass0.wait_until_succeeds( + "nodetool status -p ${jmxPortStr} --resolve-ip | egrep '^UN[[:space:]]+cass2'" + ) ''; }) diff --git a/nixpkgs/nixos/tests/ceph-multi-node.nix b/nixpkgs/nixos/tests/ceph-multi-node.nix new file mode 100644 index 00000000000..52a0b5caf23 --- /dev/null +++ b/nixpkgs/nixos/tests/ceph-multi-node.nix @@ -0,0 +1,225 @@ +import ./make-test-python.nix ({pkgs, lib, ...}: + +let + cfg = { + clusterId = "066ae264-2a5d-4729-8001-6ad265f50b03"; + monA = { + name = "a"; + ip = "192.168.1.1"; + }; + osd0 = { + name = "0"; + ip = "192.168.1.2"; + key = "AQBCEJNa3s8nHRAANvdsr93KqzBznuIWm2gOGg=="; + uuid = "55ba2294-3e24-478f-bee0-9dca4c231dd9"; + }; + osd1 = { + name = "1"; + ip = "192.168.1.3"; + key = "AQBEEJNac00kExAAXEgy943BGyOpVH1LLlHafQ=="; + uuid = "5e97a838-85b6-43b0-8950-cb56d554d1e5"; + }; + }; + generateCephConfig = { daemonConfig }: { + enable = true; + global = { + fsid = cfg.clusterId; + monHost = cfg.monA.ip; + monInitialMembers = cfg.monA.name; + }; + } // daemonConfig; + + generateHost = { pkgs, cephConfig, networkConfig, ... }: { + virtualisation = { + memorySize = 512; + emptyDiskImages = [ 20480 ]; + vlans = [ 1 ]; + }; + + networking = networkConfig; + + environment.systemPackages = with pkgs; [ + bash + sudo + ceph + xfsprogs + netcat-openbsd + ]; + + boot.kernelModules = [ "xfs" ]; + + services.ceph = cephConfig; + }; + + networkMonA = { + dhcpcd.enable = false; + interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ + { address = cfg.monA.ip; prefixLength = 24; } + ]; + firewall = { + allowedTCPPorts = [ 6789 3300 ]; + allowedTCPPortRanges = [ { from = 6800; to = 7300; } ]; + }; + }; + cephConfigMonA = generateCephConfig { daemonConfig = { + mon = { + enable = true; + daemons = [ cfg.monA.name ]; + }; + mgr = { + enable = true; + daemons = [ cfg.monA.name ]; + }; + }; }; + + networkOsd0 = { + dhcpcd.enable = false; + interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ + { address = cfg.osd0.ip; prefixLength = 24; } + ]; + firewall = { + allowedTCPPortRanges = [ { from = 6800; to = 7300; } ]; + }; + }; + cephConfigOsd0 = generateCephConfig { daemonConfig = { + osd = { + enable = true; + daemons = [ cfg.osd0.name ]; + }; + }; }; + + networkOsd1 = { + dhcpcd.enable = false; + interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ + { address = cfg.osd1.ip; prefixLength = 24; } + ]; + firewall = { + allowedTCPPortRanges = [ { from = 6800; to = 7300; } ]; + }; + }; + cephConfigOsd1 = generateCephConfig { daemonConfig = { + osd = { + enable = true; + daemons = [ cfg.osd1.name ]; + }; + }; }; + + # Following deployment is based on the manual deployment described here: + # https://docs.ceph.com/docs/master/install/manual-deployment/ + # For other ways to deploy a ceph cluster, look at the documentation at + # https://docs.ceph.com/docs/master/ + testscript = { ... }: '' + start_all() + + monA.wait_for_unit("network.target") + osd0.wait_for_unit("network.target") + osd1.wait_for_unit("network.target") + + # Bootstrap ceph-mon daemon + monA.succeed( + "sudo -u ceph ceph-authtool --create-keyring /tmp/ceph.mon.keyring --gen-key -n mon. --cap mon 'allow *'", + "sudo -u ceph ceph-authtool --create-keyring /etc/ceph/ceph.client.admin.keyring --gen-key -n client.admin --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *' --cap mgr 'allow *'", + "sudo -u ceph ceph-authtool /tmp/ceph.mon.keyring --import-keyring /etc/ceph/ceph.client.admin.keyring", + "monmaptool --create --add ${cfg.monA.name} ${cfg.monA.ip} --fsid ${cfg.clusterId} /tmp/monmap", + "sudo -u ceph ceph-mon --mkfs -i ${cfg.monA.name} --monmap /tmp/monmap --keyring /tmp/ceph.mon.keyring", + "sudo -u ceph mkdir -p /var/lib/ceph/mgr/ceph-${cfg.monA.name}/", + "sudo -u ceph touch /var/lib/ceph/mon/ceph-${cfg.monA.name}/done", + "systemctl start ceph-mon-${cfg.monA.name}", + ) + monA.wait_for_unit("ceph-mon-${cfg.monA.name}") + monA.succeed("ceph mon enable-msgr2") + + # Can't check ceph status until a mon is up + monA.succeed("ceph -s | grep 'mon: 1 daemons'") + + # Start the ceph-mgr daemon, it has no deps and hardly any setup + monA.succeed( + "ceph auth get-or-create mgr.${cfg.monA.name} mon 'allow profile mgr' osd 'allow *' mds 'allow *' > /var/lib/ceph/mgr/ceph-${cfg.monA.name}/keyring", + "systemctl start ceph-mgr-${cfg.monA.name}", + ) + monA.wait_for_unit("ceph-mgr-a") + monA.wait_until_succeeds("ceph -s | grep 'quorum ${cfg.monA.name}'") + monA.wait_until_succeeds("ceph -s | grep 'mgr: ${cfg.monA.name}(active,'") + + # Send the admin keyring to the OSD machines + monA.succeed("cp /etc/ceph/ceph.client.admin.keyring /tmp/shared") + osd0.succeed("cp /tmp/shared/ceph.client.admin.keyring /etc/ceph") + osd1.succeed("cp /tmp/shared/ceph.client.admin.keyring /etc/ceph") + + # Bootstrap both OSDs + osd0.succeed( + "mkfs.xfs /dev/vdb", + "mkdir -p /var/lib/ceph/osd/ceph-${cfg.osd0.name}", + "mount /dev/vdb /var/lib/ceph/osd/ceph-${cfg.osd0.name}", + "ceph-authtool --create-keyring /var/lib/ceph/osd/ceph-${cfg.osd0.name}/keyring --name osd.${cfg.osd0.name} --add-key ${cfg.osd0.key}", + 'echo \'{"cephx_secret": "${cfg.osd0.key}"}\' | ceph osd new ${cfg.osd0.uuid} -i -', + ) + osd1.succeed( + "mkfs.xfs /dev/vdb", + "mkdir -p /var/lib/ceph/osd/ceph-${cfg.osd1.name}", + "mount /dev/vdb /var/lib/ceph/osd/ceph-${cfg.osd1.name}", + "ceph-authtool --create-keyring /var/lib/ceph/osd/ceph-${cfg.osd1.name}/keyring --name osd.${cfg.osd1.name} --add-key ${cfg.osd1.key}", + 'echo \'{"cephx_secret": "${cfg.osd1.key}"}\' | ceph osd new ${cfg.osd1.uuid} -i -', + ) + + # Initialize the OSDs with regular filestore + osd0.succeed( + "ceph-osd -i ${cfg.osd0.name} --mkfs --osd-uuid ${cfg.osd0.uuid}", + "chown -R ceph:ceph /var/lib/ceph/osd", + "systemctl start ceph-osd-${cfg.osd0.name}", + ) + osd1.succeed( + "ceph-osd -i ${cfg.osd1.name} --mkfs --osd-uuid ${cfg.osd1.uuid}", + "chown -R ceph:ceph /var/lib/ceph/osd", + "systemctl start ceph-osd-${cfg.osd1.name}", + ) + monA.wait_until_succeeds("ceph osd stat | grep -e '2 osds: 2 up[^,]*, 2 in'") + monA.wait_until_succeeds("ceph -s | grep 'mgr: ${cfg.monA.name}(active,'") + monA.wait_until_succeeds("ceph -s | grep 'HEALTH_OK'") + + monA.succeed( + "ceph osd pool create multi-node-test 100 100", + "ceph osd pool ls | grep 'multi-node-test'", + "ceph osd pool rename multi-node-test multi-node-other-test", + "ceph osd pool ls | grep 'multi-node-other-test'", + ) + monA.wait_until_succeeds("ceph -s | grep '1 pools, 100 pgs'") + monA.succeed("ceph osd pool set multi-node-other-test size 2") + monA.wait_until_succeeds("ceph -s | grep 'HEALTH_OK'") + monA.wait_until_succeeds("ceph -s | grep '100 active+clean'") + monA.fail( + "ceph osd pool ls | grep 'multi-node-test'", + "ceph osd pool delete multi-node-other-test multi-node-other-test --yes-i-really-really-mean-it", + ) + + # Shut down ceph on all machines in a very unpolite way + monA.crash() + osd0.crash() + osd1.crash() + + # Start it up + osd0.start() + osd1.start() + monA.start() + + # Ensure the cluster comes back up again + monA.succeed("ceph -s | grep 'mon: 1 daemons'") + monA.wait_until_succeeds("ceph -s | grep 'quorum ${cfg.monA.name}'") + monA.wait_until_succeeds("ceph osd stat | grep -e '2 osds: 2 up[^,]*, 2 in'") + monA.wait_until_succeeds("ceph -s | grep 'mgr: ${cfg.monA.name}(active,'") + monA.wait_until_succeeds("ceph -s | grep 'HEALTH_OK'") + ''; +in { + name = "basic-multi-node-ceph-cluster"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ lejonet ]; + }; + + nodes = { + monA = generateHost { pkgs = pkgs; cephConfig = cephConfigMonA; networkConfig = networkMonA; }; + osd0 = generateHost { pkgs = pkgs; cephConfig = cephConfigOsd0; networkConfig = networkOsd0; }; + osd1 = generateHost { pkgs = pkgs; cephConfig = cephConfigOsd1; networkConfig = networkOsd1; }; + }; + + testScript = testscript; +}) diff --git a/nixpkgs/nixos/tests/ceph-single-node.nix b/nixpkgs/nixos/tests/ceph-single-node.nix new file mode 100644 index 00000000000..da92a73e14d --- /dev/null +++ b/nixpkgs/nixos/tests/ceph-single-node.nix @@ -0,0 +1,183 @@ +import ./make-test-python.nix ({pkgs, lib, ...}: + +let + cfg = { + clusterId = "066ae264-2a5d-4729-8001-6ad265f50b03"; + monA = { + name = "a"; + ip = "192.168.1.1"; + }; + osd0 = { + name = "0"; + key = "AQBCEJNa3s8nHRAANvdsr93KqzBznuIWm2gOGg=="; + uuid = "55ba2294-3e24-478f-bee0-9dca4c231dd9"; + }; + osd1 = { + name = "1"; + key = "AQBEEJNac00kExAAXEgy943BGyOpVH1LLlHafQ=="; + uuid = "5e97a838-85b6-43b0-8950-cb56d554d1e5"; + }; + }; + generateCephConfig = { daemonConfig }: { + enable = true; + global = { + fsid = cfg.clusterId; + monHost = cfg.monA.ip; + monInitialMembers = cfg.monA.name; + }; + } // daemonConfig; + + generateHost = { pkgs, cephConfig, networkConfig, ... }: { + virtualisation = { + memorySize = 512; + emptyDiskImages = [ 20480 20480 ]; + vlans = [ 1 ]; + }; + + networking = networkConfig; + + environment.systemPackages = with pkgs; [ + bash + sudo + ceph + xfsprogs + ]; + + boot.kernelModules = [ "xfs" ]; + + services.ceph = cephConfig; + }; + + networkMonA = { + dhcpcd.enable = false; + interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ + { address = cfg.monA.ip; prefixLength = 24; } + ]; + }; + cephConfigMonA = generateCephConfig { daemonConfig = { + mon = { + enable = true; + daemons = [ cfg.monA.name ]; + }; + mgr = { + enable = true; + daemons = [ cfg.monA.name ]; + }; + osd = { + enable = true; + daemons = [ cfg.osd0.name cfg.osd1.name ]; + }; + }; }; + + # Following deployment is based on the manual deployment described here: + # https://docs.ceph.com/docs/master/install/manual-deployment/ + # For other ways to deploy a ceph cluster, look at the documentation at + # https://docs.ceph.com/docs/master/ + testscript = { ... }: '' + start_all() + + monA.wait_for_unit("network.target") + + # Bootstrap ceph-mon daemon + monA.succeed( + "sudo -u ceph ceph-authtool --create-keyring /tmp/ceph.mon.keyring --gen-key -n mon. --cap mon 'allow *'", + "sudo -u ceph ceph-authtool --create-keyring /etc/ceph/ceph.client.admin.keyring --gen-key -n client.admin --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *' --cap mgr 'allow *'", + "sudo -u ceph ceph-authtool /tmp/ceph.mon.keyring --import-keyring /etc/ceph/ceph.client.admin.keyring", + "monmaptool --create --add ${cfg.monA.name} ${cfg.monA.ip} --fsid ${cfg.clusterId} /tmp/monmap", + "sudo -u ceph ceph-mon --mkfs -i ${cfg.monA.name} --monmap /tmp/monmap --keyring /tmp/ceph.mon.keyring", + "sudo -u ceph touch /var/lib/ceph/mon/ceph-${cfg.monA.name}/done", + "systemctl start ceph-mon-${cfg.monA.name}", + ) + monA.wait_for_unit("ceph-mon-${cfg.monA.name}") + monA.succeed("ceph mon enable-msgr2") + + # Can't check ceph status until a mon is up + monA.succeed("ceph -s | grep 'mon: 1 daemons'") + + # Start the ceph-mgr daemon, after copying in the keyring + monA.succeed( + "sudo -u ceph mkdir -p /var/lib/ceph/mgr/ceph-${cfg.monA.name}/", + "ceph auth get-or-create mgr.${cfg.monA.name} mon 'allow profile mgr' osd 'allow *' mds 'allow *' > /var/lib/ceph/mgr/ceph-${cfg.monA.name}/keyring", + "systemctl start ceph-mgr-${cfg.monA.name}", + ) + monA.wait_for_unit("ceph-mgr-a") + monA.wait_until_succeeds("ceph -s | grep 'quorum ${cfg.monA.name}'") + monA.wait_until_succeeds("ceph -s | grep 'mgr: ${cfg.monA.name}(active,'") + + # Bootstrap both OSDs + monA.succeed( + "mkfs.xfs /dev/vdb", + "mkfs.xfs /dev/vdc", + "mkdir -p /var/lib/ceph/osd/ceph-${cfg.osd0.name}", + "mount /dev/vdb /var/lib/ceph/osd/ceph-${cfg.osd0.name}", + "mkdir -p /var/lib/ceph/osd/ceph-${cfg.osd1.name}", + "mount /dev/vdc /var/lib/ceph/osd/ceph-${cfg.osd1.name}", + "ceph-authtool --create-keyring /var/lib/ceph/osd/ceph-${cfg.osd0.name}/keyring --name osd.${cfg.osd0.name} --add-key ${cfg.osd0.key}", + "ceph-authtool --create-keyring /var/lib/ceph/osd/ceph-${cfg.osd1.name}/keyring --name osd.${cfg.osd1.name} --add-key ${cfg.osd1.key}", + 'echo \'{"cephx_secret": "${cfg.osd0.key}"}\' | ceph osd new ${cfg.osd0.uuid} -i -', + 'echo \'{"cephx_secret": "${cfg.osd1.key}"}\' | ceph osd new ${cfg.osd1.uuid} -i -', + ) + + # Initialize the OSDs with regular filestore + monA.succeed( + "ceph-osd -i ${cfg.osd0.name} --mkfs --osd-uuid ${cfg.osd0.uuid}", + "ceph-osd -i ${cfg.osd1.name} --mkfs --osd-uuid ${cfg.osd1.uuid}", + "chown -R ceph:ceph /var/lib/ceph/osd", + "systemctl start ceph-osd-${cfg.osd0.name}", + "systemctl start ceph-osd-${cfg.osd1.name}", + ) + monA.wait_until_succeeds("ceph osd stat | grep -e '2 osds: 2 up[^,]*, 2 in'") + monA.wait_until_succeeds("ceph -s | grep 'mgr: ${cfg.monA.name}(active,'") + monA.wait_until_succeeds("ceph -s | grep 'HEALTH_OK'") + + monA.succeed( + "ceph osd pool create single-node-test 100 100", + "ceph osd pool ls | grep 'single-node-test'", + "ceph osd pool rename single-node-test single-node-other-test", + "ceph osd pool ls | grep 'single-node-other-test'", + ) + monA.wait_until_succeeds("ceph -s | grep '1 pools, 100 pgs'") + monA.succeed( + "ceph osd getcrushmap -o crush", + "crushtool -d crush -o decrushed", + "sed 's/step chooseleaf firstn 0 type host/step chooseleaf firstn 0 type osd/' decrushed > modcrush", + "crushtool -c modcrush -o recrushed", + "ceph osd setcrushmap -i recrushed", + "ceph osd pool set single-node-other-test size 2", + ) + monA.wait_until_succeeds("ceph -s | grep 'HEALTH_OK'") + monA.wait_until_succeeds("ceph -s | grep '100 active+clean'") + monA.fail( + "ceph osd pool ls | grep 'multi-node-test'", + "ceph osd pool delete single-node-other-test single-node-other-test --yes-i-really-really-mean-it", + ) + + # Shut down ceph by stopping ceph.target. + monA.succeed("systemctl stop ceph.target") + + # Start it up + monA.succeed("systemctl start ceph.target") + monA.wait_for_unit("ceph-mon-${cfg.monA.name}") + monA.wait_for_unit("ceph-mgr-${cfg.monA.name}") + monA.wait_for_unit("ceph-osd-${cfg.osd0.name}") + monA.wait_for_unit("ceph-osd-${cfg.osd1.name}") + + # Ensure the cluster comes back up again + monA.succeed("ceph -s | grep 'mon: 1 daemons'") + monA.wait_until_succeeds("ceph -s | grep 'quorum ${cfg.monA.name}'") + monA.wait_until_succeeds("ceph osd stat | grep -e '2 osds: 2 up[^,]*, 2 in'") + monA.wait_until_succeeds("ceph -s | grep 'mgr: ${cfg.monA.name}(active,'") + monA.wait_until_succeeds("ceph -s | grep 'HEALTH_OK'") + ''; +in { + name = "basic-single-node-ceph-cluster"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ lejonet johanot ]; + }; + + nodes = { + monA = generateHost { pkgs = pkgs; cephConfig = cephConfigMonA; networkConfig = networkMonA; }; + }; + + testScript = testscript; +}) diff --git a/nixpkgs/nixos/tests/ceph.nix b/nixpkgs/nixos/tests/ceph.nix deleted file mode 100644 index 57120ff978f..00000000000 --- a/nixpkgs/nixos/tests/ceph.nix +++ /dev/null @@ -1,161 +0,0 @@ -import ./make-test.nix ({pkgs, lib, ...}: { - name = "All-in-one-basic-ceph-cluster"; - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ johanot lejonet ]; - }; - - nodes = { - aio = { pkgs, ... }: { - virtualisation = { - memorySize = 1536; - emptyDiskImages = [ 20480 20480 ]; - vlans = [ 1 ]; - }; - - networking = { - useDHCP = false; - interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ - { address = "192.168.1.1"; prefixLength = 24; } - ]; - }; - - environment.systemPackages = with pkgs; [ - bash - sudo - ceph - xfsprogs - ]; - - boot.kernelModules = [ "xfs" ]; - - services.ceph.enable = true; - services.ceph.global = { - fsid = "066ae264-2a5d-4729-8001-6ad265f50b03"; - monInitialMembers = "aio"; - monHost = "192.168.1.1"; - }; - - services.ceph.mon = { - enable = true; - daemons = [ "aio" ]; - }; - - services.ceph.mgr = { - enable = true; - daemons = [ "aio" ]; - }; - - services.ceph.osd = { - enable = true; - daemons = [ "0" "1" ]; - }; - - # So that we don't have to battle systemd when bootstraping - systemd.targets.ceph.wantedBy = lib.mkForce []; - }; - }; - - testScript = { ... }: '' - startAll; - - $aio->waitForUnit("network.target"); - - # Create the ceph-related directories - $aio->mustSucceed( - "mkdir -p /var/lib/ceph/mgr/ceph-aio", - "mkdir -p /var/lib/ceph/mon/ceph-aio", - "mkdir -p /var/lib/ceph/osd/ceph-{0,1}", - "chown ceph:ceph -R /var/lib/ceph/", - "mkdir -p /etc/ceph", - "chown ceph:ceph -R /etc/ceph" - ); - - # Bootstrap ceph-mon daemon - $aio->mustSucceed( - "sudo -u ceph ceph-authtool --create-keyring /tmp/ceph.mon.keyring --gen-key -n mon. --cap mon 'allow *'", - "sudo -u ceph ceph-authtool --create-keyring /etc/ceph/ceph.client.admin.keyring --gen-key -n client.admin --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow *' --cap mgr 'allow *'", - "sudo -u ceph ceph-authtool /tmp/ceph.mon.keyring --import-keyring /etc/ceph/ceph.client.admin.keyring", - "monmaptool --create --add aio 192.168.1.1 --fsid 066ae264-2a5d-4729-8001-6ad265f50b03 /tmp/monmap", - "sudo -u ceph ceph-mon --mkfs -i aio --monmap /tmp/monmap --keyring /tmp/ceph.mon.keyring", - "sudo -u ceph touch /var/lib/ceph/mon/ceph-aio/done", - "systemctl start ceph-mon-aio" - ); - $aio->waitForUnit("ceph-mon-aio"); - $aio->mustSucceed("ceph mon enable-msgr2"); - - # Can't check ceph status until a mon is up - $aio->succeed("ceph -s | grep 'mon: 1 daemons'"); - - # Start the ceph-mgr daemon, it has no deps and hardly any setup - $aio->mustSucceed( - "ceph auth get-or-create mgr.aio mon 'allow profile mgr' osd 'allow *' mds 'allow *' > /var/lib/ceph/mgr/ceph-aio/keyring", - "systemctl start ceph-mgr-aio" - ); - $aio->waitForUnit("ceph-mgr-aio"); - $aio->waitUntilSucceeds("ceph -s | grep 'quorum aio'"); - $aio->waitUntilSucceeds("ceph -s | grep 'mgr: aio(active,'"); - - # Bootstrap both OSDs - $aio->mustSucceed( - "mkfs.xfs /dev/vdb", - "mkfs.xfs /dev/vdc", - "mount /dev/vdb /var/lib/ceph/osd/ceph-0", - "mount /dev/vdc /var/lib/ceph/osd/ceph-1", - "ceph-authtool --create-keyring /var/lib/ceph/osd/ceph-0/keyring --name osd.0 --add-key AQBCEJNa3s8nHRAANvdsr93KqzBznuIWm2gOGg==", - "ceph-authtool --create-keyring /var/lib/ceph/osd/ceph-1/keyring --name osd.1 --add-key AQBEEJNac00kExAAXEgy943BGyOpVH1LLlHafQ==", - "echo '{\"cephx_secret\": \"AQBCEJNa3s8nHRAANvdsr93KqzBznuIWm2gOGg==\"}' | ceph osd new 55ba2294-3e24-478f-bee0-9dca4c231dd9 -i -", - "echo '{\"cephx_secret\": \"AQBEEJNac00kExAAXEgy943BGyOpVH1LLlHafQ==\"}' | ceph osd new 5e97a838-85b6-43b0-8950-cb56d554d1e5 -i -" - ); - - # Initialize the OSDs with regular filestore - $aio->mustSucceed( - "ceph-osd -i 0 --mkfs --osd-uuid 55ba2294-3e24-478f-bee0-9dca4c231dd9", - "ceph-osd -i 1 --mkfs --osd-uuid 5e97a838-85b6-43b0-8950-cb56d554d1e5", - "chown -R ceph:ceph /var/lib/ceph/osd", - "systemctl start ceph-osd-0", - "systemctl start ceph-osd-1" - ); - - $aio->waitUntilSucceeds("ceph osd stat | grep -e '2 osds: 2 up[^,]*, 2 in'"); - $aio->waitUntilSucceeds("ceph -s | grep 'mgr: aio(active,'"); - $aio->waitUntilSucceeds("ceph -s | grep 'HEALTH_OK'"); - - $aio->mustSucceed( - "ceph osd pool create aio-test 100 100", - "ceph osd pool ls | grep 'aio-test'", - "ceph osd pool rename aio-test aio-other-test", - "ceph osd pool ls | grep 'aio-other-test'", - "ceph -s | grep '1 pools, 100 pgs'", - "ceph osd getcrushmap -o crush", - "crushtool -d crush -o decrushed", - "sed 's/step chooseleaf firstn 0 type host/step chooseleaf firstn 0 type osd/' decrushed > modcrush", - "crushtool -c modcrush -o recrushed", - "ceph osd setcrushmap -i recrushed", - "ceph osd pool set aio-other-test size 2" - ); - $aio->waitUntilSucceeds("ceph -s | grep 'HEALTH_OK'"); - $aio->waitUntilSucceeds("ceph -s | grep '100 active+clean'"); - $aio->mustFail( - "ceph osd pool ls | grep 'aio-test'", - "ceph osd pool delete aio-other-test aio-other-test --yes-i-really-really-mean-it" - ); - - # As we disable the target in the config, we still want to test that it works as intended - $aio->mustSucceed( - "systemctl stop ceph-osd-0", - "systemctl stop ceph-osd-1", - "systemctl stop ceph-mgr-aio", - "systemctl stop ceph-mon-aio" - ); - $aio->succeed("systemctl start ceph.target"); - $aio->waitForUnit("ceph-mon-aio"); - $aio->waitForUnit("ceph-mgr-aio"); - $aio->waitForUnit("ceph-osd-0"); - $aio->waitForUnit("ceph-osd-1"); - $aio->succeed("ceph -s | grep 'mon: 1 daemons'"); - $aio->waitUntilSucceeds("ceph -s | grep 'quorum aio'"); - $aio->waitUntilSucceeds("ceph osd stat | grep -e '2 osds: 2 up[^,]*, 2 in'"); - $aio->waitUntilSucceeds("ceph -s | grep 'mgr: aio(active,'"); - $aio->waitUntilSucceeds("ceph -s | grep 'HEALTH_OK'"); - ''; -}) diff --git a/nixpkgs/nixos/tests/certmgr.nix b/nixpkgs/nixos/tests/certmgr.nix index fe67833808c..cb69f35e862 100644 --- a/nixpkgs/nixos/tests/certmgr.nix +++ b/nixpkgs/nixos/tests/certmgr.nix @@ -3,7 +3,7 @@ pkgs ? import ../.. { inherit system config; } }: -with import ../lib/testing.nix { inherit system pkgs; }; +with import ../lib/testing-python.nix { inherit system pkgs; }; let mkSpec = { host, service ? null, action }: { inherit action; @@ -123,17 +123,17 @@ in ))); }; testScript = '' - $machine->waitForUnit('cfssl.service'); - $machine->waitUntilSucceeds('ls /tmp/decl.example.org-ca.pem'); - $machine->waitUntilSucceeds('ls /tmp/decl.example.org-key.pem'); - $machine->waitUntilSucceeds('ls /tmp/decl.example.org-cert.pem'); - $machine->waitUntilSucceeds('ls /tmp/imp.example.org-ca.pem'); - $machine->waitUntilSucceeds('ls /tmp/imp.example.org-key.pem'); - $machine->waitUntilSucceeds('ls /tmp/imp.example.org-cert.pem'); - $machine->waitForUnit('nginx.service'); - $machine->succeed('[ "1" -lt "$(journalctl -u nginx | grep "Starting Nginx" | wc -l)" ]'); - $machine->succeed('curl --cacert /tmp/imp.example.org-ca.pem https://imp.example.org'); - $machine->succeed('curl --cacert /tmp/decl.example.org-ca.pem https://decl.example.org'); + machine.wait_for_unit("cfssl.service") + machine.wait_until_succeeds("ls /tmp/decl.example.org-ca.pem") + machine.wait_until_succeeds("ls /tmp/decl.example.org-key.pem") + machine.wait_until_succeeds("ls /tmp/decl.example.org-cert.pem") + machine.wait_until_succeeds("ls /tmp/imp.example.org-ca.pem") + machine.wait_until_succeeds("ls /tmp/imp.example.org-key.pem") + machine.wait_until_succeeds("ls /tmp/imp.example.org-cert.pem") + machine.wait_for_unit("nginx.service") + assert 1 < int(machine.succeed('journalctl -u nginx | grep "Starting Nginx" | wc -l')) + machine.succeed("curl --cacert /tmp/imp.example.org-ca.pem https://imp.example.org") + machine.succeed("curl --cacert /tmp/decl.example.org-ca.pem https://decl.example.org") ''; }; @@ -143,8 +143,8 @@ in test = mkSpec { host = "command.example.org"; action = "touch /tmp/command.executed"; }; }; testScript = '' - $machine->waitForUnit('cfssl.service'); - $machine->waitUntilSucceeds('stat /tmp/command.executed'); + machine.wait_for_unit("cfssl.service") + machine.wait_until_succeeds("stat /tmp/command.executed") ''; }; diff --git a/nixpkgs/nixos/tests/cfssl.nix b/nixpkgs/nixos/tests/cfssl.nix index 513ed8c4574..e291fc285fb 100644 --- a/nixpkgs/nixos/tests/cfssl.nix +++ b/nixpkgs/nixos/tests/cfssl.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "cfssl"; machine = { config, lib, pkgs, ... }: @@ -60,8 +60,8 @@ import ./make-test.nix ({ pkgs, ...} : { }); in '' - $machine->waitForUnit('cfssl.service'); - $machine->waitUntilSucceeds('${cfsslrequest}'); - $machine->succeed('ls /tmp/certificate-key.pem'); + machine.wait_for_unit("cfssl.service") + machine.wait_until_succeeds("${cfsslrequest}") + machine.succeed("ls /tmp/certificate-key.pem") ''; }) diff --git a/nixpkgs/nixos/tests/cjdns.nix b/nixpkgs/nixos/tests/cjdns.nix index 6660eecf05b..d72236d415d 100644 --- a/nixpkgs/nixos/tests/cjdns.nix +++ b/nixpkgs/nixos/tests/cjdns.nix @@ -17,7 +17,7 @@ let in -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "cjdns"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ ehmry ]; @@ -83,36 +83,39 @@ import ./make-test.nix ({ pkgs, ...} : { testScript = '' - startAll; + import re - $alice->waitForUnit("cjdns.service"); - $bob->waitForUnit("cjdns.service"); - $carol->waitForUnit("cjdns.service"); + start_all() - sub cjdnsIp { - my ($machine) = @_; - my $ip = (split /[ \/]+/, $machine->succeed("ip -o -6 addr show dev tun0"))[3]; - $machine->log("has ip $ip"); - return $ip; - } + alice.wait_for_unit("cjdns.service") + bob.wait_for_unit("cjdns.service") + carol.wait_for_unit("cjdns.service") - my $aliceIp6 = cjdnsIp $alice; - my $bobIp6 = cjdnsIp $bob; - my $carolIp6 = cjdnsIp $carol; + + def cjdns_ip(machine): + res = machine.succeed("ip -o -6 addr show dev tun0") + ip = re.split("\s+|/", res)[3] + machine.log("has ip {}".format(ip)) + return ip + + + alice_ip6 = cjdns_ip(alice) + bob_ip6 = cjdns_ip(bob) + carol_ip6 = cjdns_ip(carol) # ping a few times each to let the routing table establish itself - $alice->succeed("ping -c 4 $carolIp6"); - $bob->succeed("ping -c 4 $carolIp6"); + alice.succeed("ping -c 4 {}".format(carol_ip6)) + bob.succeed("ping -c 4 {}".format(carol_ip6)) - $carol->succeed("ping -c 4 $aliceIp6"); - $carol->succeed("ping -c 4 $bobIp6"); + carol.succeed("ping -c 4 {}".format(alice_ip6)) + carol.succeed("ping -c 4 {}".format(bob_ip6)) - $alice->succeed("ping -c 4 $bobIp6"); - $bob->succeed("ping -c 4 $aliceIp6"); + alice.succeed("ping -c 4 {}".format(bob_ip6)) + bob.succeed("ping -c 4 {}".format(alice_ip6)) - $alice->waitForUnit("httpd.service"); + alice.wait_for_unit("httpd.service") - $bob->succeed("curl --fail -g http://[$aliceIp6]"); + bob.succeed("curl --fail -g http://[{}]".format(alice_ip6)) ''; }) diff --git a/nixpkgs/nixos/tests/clickhouse.nix b/nixpkgs/nixos/tests/clickhouse.nix index 7d835069ec4..2d8a7cf7aa9 100644 --- a/nixpkgs/nixos/tests/clickhouse.nix +++ b/nixpkgs/nixos/tests/clickhouse.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "clickhouse"; meta.maintainers = with pkgs.stdenv.lib.maintainers; [ ma27 ]; @@ -14,12 +14,18 @@ import ./make-test.nix ({ pkgs, ... }: { selectQuery = pkgs.writeText "select.sql" "SELECT * from `demo`"; in '' - $machine->start(); - $machine->waitForUnit("clickhouse.service"); - $machine->waitForOpenPort(9000); + machine.start() + machine.wait_for_unit("clickhouse.service") + machine.wait_for_open_port(9000) - $machine->succeed("cat ${tableDDL} | clickhouse-client"); - $machine->succeed("cat ${insertQuery} | clickhouse-client"); - $machine->succeed("cat ${selectQuery} | clickhouse-client | grep foo"); + machine.succeed( + "cat ${tableDDL} | clickhouse-client" + ) + machine.succeed( + "cat ${insertQuery} | clickhouse-client" + ) + machine.succeed( + "cat ${selectQuery} | clickhouse-client | grep foo" + ) ''; }) diff --git a/nixpkgs/nixos/tests/cloud-init.nix b/nixpkgs/nixos/tests/cloud-init.nix index 516d29c9036..aafa6e24e84 100644 --- a/nixpkgs/nixos/tests/cloud-init.nix +++ b/nixpkgs/nixos/tests/cloud-init.nix @@ -3,7 +3,7 @@ pkgs ? import ../.. { inherit system config; } }: -with import ../lib/testing.nix { inherit system pkgs; }; +with import ../lib/testing-python.nix { inherit system pkgs; }; with pkgs.lib; let @@ -30,6 +30,7 @@ let ''; }; in makeTest { + name = "cloud-init"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ lewo ]; }; @@ -40,10 +41,12 @@ in makeTest { services.cloud-init.enable = true; }; testScript = '' - $machine->start; - $machine->waitForUnit("cloud-init.service"); - $machine->succeed("cat /tmp/cloudinit-write-file | grep -q 'cloudinit'"); + machine.start() + machine.wait_for_unit("cloud-init.service") + machine.succeed("cat /tmp/cloudinit-write-file | grep -q 'cloudinit'") - $machine->waitUntilSucceeds("cat /root/.ssh/authorized_keys | grep -q 'should be a key!'"); + machine.wait_until_succeeds( + "cat /root/.ssh/authorized_keys | grep -q 'should be a key!'" + ) ''; } diff --git a/nixpkgs/nixos/tests/codimd.nix b/nixpkgs/nixos/tests/codimd.nix index 562f6f24f99..b1acbf4a832 100644 --- a/nixpkgs/nixos/tests/codimd.nix +++ b/nixpkgs/nixos/tests/codimd.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "codimd"; @@ -35,20 +35,18 @@ import ./make-test.nix ({ pkgs, lib, ... }: }; testScript = '' - startAll(); + start_all() - subtest "CodiMD sqlite", sub { - $codimdSqlite->waitForUnit("codimd.service"); - $codimdSqlite->waitForOpenPort(3000); - $codimdSqlite->waitUntilSucceeds("curl -sSf http://localhost:3000/new"); - }; + with subtest("CodiMD sqlite"): + codimdSqlite.wait_for_unit("codimd.service") + codimdSqlite.wait_for_open_port(3000) + codimdSqlite.wait_until_succeeds("curl -sSf http://localhost:3000/new") - subtest "CodiMD postgres", sub { - $codimdPostgres->waitForUnit("postgresql.service"); - $codimdPostgres->waitForUnit("codimd.service"); - $codimdPostgres->waitForOpenPort(5432); - $codimdPostgres->waitForOpenPort(3000); - $codimdPostgres->waitUntilSucceeds("curl -sSf http://localhost:3000/new"); - }; + with subtest("CodiMD postgres"): + codimdPostgres.wait_for_unit("postgresql.service") + codimdPostgres.wait_for_unit("codimd.service") + codimdPostgres.wait_for_open_port(5432) + codimdPostgres.wait_for_open_port(3000) + codimdPostgres.wait_until_succeeds("curl -sSf http://localhost:3000/new") ''; }) diff --git a/nixpkgs/nixos/tests/colord.nix b/nixpkgs/nixos/tests/colord.nix deleted file mode 100644 index ce38aaca4bf..00000000000 --- a/nixpkgs/nixos/tests/colord.nix +++ /dev/null @@ -1,18 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: - -{ - name = "colord"; - - meta = { - maintainers = pkgs.colord.meta.maintainers; - }; - - machine = { pkgs, ... }: { - environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; - }; - - testScript = '' - $machine->succeed("gnome-desktop-testing-runner -d '${pkgs.colord.installedTests}/share'"); - ''; -}) diff --git a/nixpkgs/nixos/tests/common/letsencrypt/common.nix b/nixpkgs/nixos/tests/common/letsencrypt/common.nix index 798a749f7f9..c530de817bf 100644 --- a/nixpkgs/nixos/tests/common/letsencrypt/common.nix +++ b/nixpkgs/nixos/tests/common/letsencrypt/common.nix @@ -1,27 +1,9 @@ -{ lib, nodes, ... }: { +{ lib, nodes, pkgs, ... }: let + letsencrypt-ca = nodes.letsencrypt.config.test-support.letsencrypt.caCert; +in { networking.nameservers = [ nodes.letsencrypt.config.networking.primaryIPAddress ]; - nixpkgs.overlays = lib.singleton (self: super: { - cacert = super.cacert.overrideDerivation (drv: { - installPhase = (drv.installPhase or "") + '' - cat "${nodes.letsencrypt.config.test-support.letsencrypt.caCert}" \ - >> "$out/etc/ssl/certs/ca-bundle.crt" - ''; - }); - - # Override certifi so that it accepts fake certificate for Let's Encrypt - # Need to override the attribute used by simp_le, which is python3Packages - python3Packages = (super.python3.override { - packageOverrides = lib.const (pysuper: { - certifi = pysuper.certifi.overridePythonAttrs (attrs: { - postPatch = (attrs.postPatch or "") + '' - cat "${self.cacert}/etc/ssl/certs/ca-bundle.crt" \ - > certifi/cacert.pem - ''; - }); - }); - }).pkgs; - }); + security.pki.certificateFiles = [ letsencrypt-ca ]; } diff --git a/nixpkgs/nixos/tests/common/letsencrypt/default.nix b/nixpkgs/nixos/tests/common/letsencrypt/default.nix index 58d87c64e34..110a2520971 100644 --- a/nixpkgs/nixos/tests/common/letsencrypt/default.nix +++ b/nixpkgs/nixos/tests/common/letsencrypt/default.nix @@ -1,6 +1,3 @@ -# Fully pluggable module to have Letsencrypt's Boulder ACME service running in -# a test environment. -# # The certificate for the ACME service is exported as: # # config.test-support.letsencrypt.caCert @@ -54,277 +51,35 @@ # that it has to be started _before_ the ACME service. { config, pkgs, lib, ... }: -let - softhsm = pkgs.stdenv.mkDerivation rec { - pname = "softhsm"; - version = "1.3.8"; - - src = pkgs.fetchurl { - url = "https://dist.opendnssec.org/source/${pname}-${version}.tar.gz"; - sha256 = "0flmnpkgp65ym7w3qyg78d3fbmvq3aznmi66rgd420n33shf7aif"; - }; - - configureFlags = [ "--with-botan=${pkgs.botan}" ]; - buildInputs = [ pkgs.sqlite ]; - }; - - pkcs11-proxy = pkgs.stdenv.mkDerivation { - name = "pkcs11-proxy"; - - src = pkgs.fetchFromGitHub { - owner = "SUNET"; - repo = "pkcs11-proxy"; - rev = "944684f78bca0c8da6cabe3fa273fed3db44a890"; - sha256 = "1nxgd29y9wmifm11pjcdpd2y293p0dgi0x5ycis55miy97n0f5zy"; - }; - - postPatch = "patchShebangs mksyscalls.sh"; - - nativeBuildInputs = [ pkgs.cmake ]; - buildInputs = [ pkgs.openssl pkgs.libseccomp ]; - }; - - mkGoDep = { goPackagePath, url ? "https://${goPackagePath}", rev, sha256 }: { - inherit goPackagePath; - src = pkgs.fetchgit { inherit url rev sha256; }; - }; - - goose = let - owner = "liamstask"; - repo = "goose"; - rev = "8488cc47d90c8a502b1c41a462a6d9cc8ee0a895"; - version = "20150116"; - - in pkgs.buildGoPackage rec { - name = "${repo}-${version}"; - - src = pkgs.fetchFromBitbucket { - name = "${name}-src"; - inherit rev owner repo; - sha256 = "1jy0pscxjnxjdg3hj111w21g8079rq9ah2ix5ycxxhbbi3f0wdhs"; - }; - - goPackagePath = "bitbucket.org/${owner}/${repo}"; - subPackages = [ "cmd/goose" ]; - extraSrcs = map mkGoDep [ - { goPackagePath = "github.com/go-sql-driver/mysql"; - rev = "2e00b5cd70399450106cec6431c2e2ce3cae5034"; - sha256 = "085g48jq9hzmlcxg122n0c4pi41sc1nn2qpx1vrl2jfa8crsppa5"; - } - { goPackagePath = "github.com/kylelemons/go-gypsy"; - rev = "08cad365cd28a7fba23bb1e57aa43c5e18ad8bb8"; - sha256 = "1djv7nii3hy451n5jlslk0dblqzb1hia1cbqpdwhnps1g8hqjy8q"; - } - { goPackagePath = "github.com/lib/pq"; - rev = "ba5d4f7a35561e22fbdf7a39aa0070f4d460cfc0"; - sha256 = "1mfbqw9g00bk24bfmf53wri5c2wqmgl0qh4sh1qv2da13a7cwwg3"; - } - { goPackagePath = "github.com/mattn/go-sqlite3"; - rev = "2acfafad5870400156f6fceb12852c281cbba4d5"; - sha256 = "1rpgil3w4hh1cibidskv1js898hwz83ps06gh0hm3mym7ki8d5h7"; - } - { goPackagePath = "github.com/ziutek/mymysql"; - rev = "0582bcf675f52c0c2045c027fd135bd726048f45"; - sha256 = "0bkc9x8sgqbzgdimsmsnhb0qrzlzfv33fgajmmjxl4hcb21qz3rf"; - } - { goPackagePath = "golang.org/x/net"; - url = "https://go.googlesource.com/net"; - rev = "10c134ea0df15f7e34d789338c7a2d76cc7a3ab9"; - sha256 = "14cbr2shl08gyg85n5gj7nbjhrhhgrd52h073qd14j97qcxsakcz"; - } - ]; - }; - - boulder = let - owner = "letsencrypt"; - repo = "boulder"; - rev = "9c6a1f2adc4c26d925588f5ae366cfd4efb7813a"; - version = "20180129"; - - in pkgs.buildGoPackage rec { - name = "${repo}-${version}"; - - src = pkgs.fetchFromGitHub { - name = "${name}-src"; - inherit rev owner repo; - sha256 = "09kszswrifm9rc6idfaq0p1mz5w21as2qbc8gd5pphrq9cf9pn55"; - }; - - postPatch = '' - # compat for go < 1.8 - sed -i -e 's/time\.Until(\([^)]\+\))/\1.Sub(time.Now())/' \ - test/ocsp/helper/helper.go - - find test -type f -exec sed -i -e '/libpkcs11-proxy.so/ { - s,/usr/local,${pkcs11-proxy}, - }' {} + - - sed -i -r \ - -e '/^def +install/a \ return True' \ - -e 's,exec \./bin/,,' \ - test/startservers.py - - cat ${lib.escapeShellArg snakeOilCerts.ca.key} > test/test-ca.key - cat ${lib.escapeShellArg snakeOilCerts.ca.cert} > test/test-ca.pem - ''; - - # Until vendored pkcs11 is go 1.9 compatible - preBuild = '' - rm -r go/src/github.com/letsencrypt/boulder/vendor/github.com/miekg/pkcs11 - ''; - - # XXX: Temporarily brought back putting the source code in the output, - # since e95f17e2720e67e2eabd59d7754c814d3e27a0b2 was removing that from - # buildGoPackage. - preInstall = '' - mkdir -p $out - pushd "$NIX_BUILD_TOP/go" - while read f; do - echo "$f" | grep -q '^./\(src\|pkg/[^/]*\)/${goPackagePath}' \ - || continue - mkdir -p "$(dirname "$out/share/go/$f")" - cp "$NIX_BUILD_TOP/go/$f" "$out/share/go/$f" - done < <(find . -type f) - popd - ''; - - extraSrcs = map mkGoDep [ - { goPackagePath = "github.com/miekg/pkcs11"; - rev = "6dbd569b952ec150d1425722dbbe80f2c6193f83"; - sha256 = "1m8g6fx7df6hf6q6zsbyw1icjmm52dmsx28rgb0h930wagvngfwb"; - } - ]; - - goPackagePath = "github.com/${owner}/${repo}"; - buildInputs = [ pkgs.libtool ]; - }; - - boulderSource = "${boulder.out}/share/go/src/${boulder.goPackagePath}"; - - softHsmConf = pkgs.writeText "softhsm.conf" '' - 0:/var/lib/softhsm/slot0.db - 1:/var/lib/softhsm/slot1.db - ''; +let snakeOilCerts = import ./snakeoil-certs.nix; - wfeDomain = "acme-v01.api.letsencrypt.org"; + wfeDomain = "acme-v02.api.letsencrypt.org"; wfeCertFile = snakeOilCerts.${wfeDomain}.cert; wfeKeyFile = snakeOilCerts.${wfeDomain}.key; siteDomain = "letsencrypt.org"; siteCertFile = snakeOilCerts.${siteDomain}.cert; siteKeyFile = snakeOilCerts.${siteDomain}.key; - - # Retrieved via: - # curl -s -I https://acme-v01.api.letsencrypt.org/terms \ - # | sed -ne 's/^[Ll]ocation: *//p' - tosUrl = "https://letsencrypt.org/documents/2017.11.15-LE-SA-v1.2.pdf"; - tosPath = builtins.head (builtins.match "https?://[^/]+(.*)" tosUrl); - - tosFile = pkgs.fetchurl { - url = tosUrl; - sha256 = "0yvyckqzj0b1xi61sypcha82nanizzlm8yqy828h2jbza7cxi26c"; - }; - + pebble = pkgs.pebble; resolver = let message = "You need to define a resolver for the letsencrypt test module."; firstNS = lib.head config.networking.nameservers; in if config.networking.nameservers == [] then throw message else firstNS; - cfgDir = pkgs.stdenv.mkDerivation { - name = "boulder-config"; - src = "${boulderSource}/test/config"; - nativeBuildInputs = [ pkgs.jq ]; - phases = [ "unpackPhase" "patchPhase" "installPhase" ]; - postPatch = '' - sed -i -e 's/5002/80/' -e 's/5002/443/' va.json - sed -i -e '/listenAddress/s/:4000/:80/' wfe.json - sed -i -r \ - -e ${lib.escapeShellArg "s,http://boulder:4000/terms/v1,${tosUrl},g"} \ - -e 's,http://(boulder|127\.0\.0\.1):4000,https://${wfeDomain},g' \ - -e '/dnsResolver/s/127\.0\.0\.1:8053/${resolver}:53/' \ - *.json - if grep 4000 *.json; then exit 1; fi - - # Change all ports from 1909X to 909X, because the 1909X range of ports is - # allocated by startservers.py in order to intercept gRPC communication. - sed -i -e 's/\<1\(909[0-9]\)\>/\1/' *.json - - # Patch out all additional issuer certs - jq '. + {ca: (.ca + {Issuers: - [.ca.Issuers[] | select(.CertFile == "test/test-ca.pem")] - })}' ca.json > tmp - mv tmp ca.json - ''; - installPhase = "cp -r . \"$out\""; - }; - - components = { - gsb-test-srv.args = "-apikey my-voice-is-my-passport"; - gsb-test-srv.waitForPort = 6000; - gsb-test-srv.first = true; - boulder-sa.args = "--config ${cfgDir}/sa.json"; - boulder-wfe.args = "--config ${cfgDir}/wfe.json"; - boulder-ra.args = "--config ${cfgDir}/ra.json"; - boulder-ca.args = "--config ${cfgDir}/ca.json"; - boulder-va.args = "--config ${cfgDir}/va.json"; - boulder-publisher.args = "--config ${cfgDir}/publisher.json"; - boulder-publisher.waitForPort = 9091; - ocsp-updater.args = "--config ${cfgDir}/ocsp-updater.json"; - ocsp-updater.after = [ "boulder-publisher" ]; - ocsp-responder.args = "--config ${cfgDir}/ocsp-responder.json"; - ct-test-srv = {}; - mail-test-srv.args = let - key = "${boulderSource}/test/mail-test-srv/minica-key.pem"; - crt = "${boulderSource}/test/mail-test-srv/minica.pem"; - in - "--closeFirst 5 --cert ${crt} --key ${key}"; + pebbleConf.pebble = { + listenAddress = "0.0.0.0:443"; + managementListenAddress = "0.0.0.0:15000"; + certificate = snakeOilCerts.${wfeDomain}.cert; + privateKey = snakeOilCerts.${wfeDomain}.key; + httpPort = 80; + tlsPort = 443; + ocspResponderURL = "http://0.0.0.0:4002"; }; - commonPath = [ softhsm pkgs.mariadb goose boulder ]; - - mkServices = a: b: with lib; listToAttrs (concatLists (mapAttrsToList a b)); - - componentServices = mkServices (name: attrs: let - mkSrvName = n: "boulder-${n}.service"; - firsts = lib.filterAttrs (lib.const (c: c.first or false)) components; - firstServices = map mkSrvName (lib.attrNames firsts); - firstServicesNoSelf = lib.remove "boulder-${name}.service" firstServices; - additionalAfter = firstServicesNoSelf ++ map mkSrvName (attrs.after or []); - needsPort = attrs ? waitForPort; - inits = map (n: "boulder-init-${n}.service") [ "mysql" "softhsm" ]; - portWaiter = { - name = "boulder-${name}"; - value = { - description = "Wait For Port ${toString attrs.waitForPort} (${name})"; - after = [ "boulder-real-${name}.service" "bind.service" ]; - requires = [ "boulder-real-${name}.service" ]; - requiredBy = [ "boulder.service" ]; - serviceConfig.Type = "oneshot"; - serviceConfig.RemainAfterExit = true; - script = let - netcat = "${pkgs.libressl.nc}/bin/nc"; - portCheck = "${netcat} -z 127.0.0.1 ${toString attrs.waitForPort}"; - in "while ! ${portCheck}; do :; done"; - }; - }; - in lib.optional needsPort portWaiter ++ lib.singleton { - name = if needsPort then "boulder-real-${name}" else "boulder-${name}"; - value = { - description = "Boulder ACME Component (${name})"; - after = inits ++ additionalAfter; - requires = inits; - requiredBy = [ "boulder.service" ]; - path = commonPath; - environment.GORACE = "halt_on_error=1"; - environment.SOFTHSM_CONF = softHsmConf; - environment.PKCS11_PROXY_SOCKET = "tcp://127.0.0.1:5657"; - serviceConfig.WorkingDirectory = boulderSource; - serviceConfig.ExecStart = "${boulder}/bin/${name} ${attrs.args or ""}"; - serviceConfig.Restart = "on-failure"; - }; - }) components; + pebbleConfFile = pkgs.writeText "pebble.conf" (builtins.toJSON pebbleConf); + pebbleDataDir = "/root/pebble"; in { imports = [ ../resolver.nix ]; @@ -352,94 +107,29 @@ in { networking.firewall.enable = false; networking.extraHosts = '' - 127.0.0.1 ${toString [ - "sa.boulder" "ra.boulder" "wfe.boulder" "ca.boulder" "va.boulder" - "publisher.boulder" "ocsp-updater.boulder" "admin-revoker.boulder" - "boulder" "boulder-mysql" wfeDomain - ]} + 127.0.0.1 ${wfeDomain} ${config.networking.primaryIPAddress} ${wfeDomain} ${siteDomain} ''; - services.mysql.enable = true; - services.mysql.package = pkgs.mariadb; - - services.nginx.enable = true; - services.nginx.recommendedProxySettings = true; - # This fixes the test on i686 - services.nginx.commonHttpConfig = '' - server_names_hash_bucket_size 64; - ''; - services.nginx.virtualHosts.${wfeDomain} = { - onlySSL = true; - enableACME = false; - sslCertificate = wfeCertFile; - sslCertificateKey = wfeKeyFile; - locations."/".proxyPass = "http://127.0.0.1:80"; - }; - services.nginx.virtualHosts.${siteDomain} = { - onlySSL = true; - enableACME = false; - sslCertificate = siteCertFile; - sslCertificateKey = siteKeyFile; - locations."= ${tosPath}".alias = tosFile; - }; - systemd.services = { - pkcs11-daemon = { - description = "PKCS11 Daemon"; - after = [ "boulder-init-softhsm.service" ]; - before = map (n: "${n}.service") (lib.attrNames componentServices); - wantedBy = [ "multi-user.target" ]; - environment.SOFTHSM_CONF = softHsmConf; - environment.PKCS11_DAEMON_SOCKET = "tcp://127.0.0.1:5657"; - serviceConfig.ExecStart = let - softhsmLib = "${softhsm}/lib/softhsm/libsofthsm.so"; - in "${pkcs11-proxy}/bin/pkcs11-daemon ${softhsmLib}"; - }; - - boulder-init-mysql = { - description = "Boulder ACME Init (MySQL)"; - after = [ "mysql.service" ]; - serviceConfig.Type = "oneshot"; - serviceConfig.RemainAfterExit = true; - serviceConfig.WorkingDirectory = boulderSource; - path = commonPath; - script = "${pkgs.bash}/bin/sh test/create_db.sh"; - }; - - boulder-init-softhsm = { - description = "Boulder ACME Init (SoftHSM)"; - environment.SOFTHSM_CONF = softHsmConf; - serviceConfig.Type = "oneshot"; - serviceConfig.RemainAfterExit = true; - serviceConfig.WorkingDirectory = boulderSource; - preStart = "mkdir -p /var/lib/softhsm"; - path = commonPath; + pebble = { + enable = true; + description = "Pebble ACME server"; + requires = [ ]; + wantedBy = [ "network.target" ]; + preStart = '' + mkdir ${pebbleDataDir} + ''; script = '' - softhsm --slot 0 --init-token \ - --label intermediate --pin 5678 --so-pin 1234 - softhsm --slot 0 --import test/test-ca.key \ - --label intermediate_key --pin 5678 --id FB - softhsm --slot 1 --init-token \ - --label root --pin 5678 --so-pin 1234 - softhsm --slot 1 --import test/test-root.key \ - --label root_key --pin 5678 --id FA + cd ${pebbleDataDir} + ${pebble}/bin/pebble -config ${pebbleConfFile} ''; + serviceConfig = { + # Required to bind on privileged ports. + User = "root"; + Group = "root"; + }; }; - - boulder = { - description = "Boulder ACME Server"; - after = map (n: "${n}.service") (lib.attrNames componentServices); - wantedBy = [ "multi-user.target" ]; - serviceConfig.Type = "oneshot"; - serviceConfig.RemainAfterExit = true; - script = let - ports = lib.range 8000 8005 ++ lib.singleton 80; - netcat = "${pkgs.libressl.nc}/bin/nc"; - mkPortCheck = port: "${netcat} -z 127.0.0.1 ${toString port}"; - checks = "(${lib.concatMapStringsSep " && " mkPortCheck ports})"; - in "while ! ${checks}; do :; done"; - }; - } // componentServices; + }; }; } diff --git a/nixpkgs/nixos/tests/common/letsencrypt/mkcerts.nix b/nixpkgs/nixos/tests/common/letsencrypt/mkcerts.nix index 3b4a589e414..e7ac2bae46b 100644 --- a/nixpkgs/nixos/tests/common/letsencrypt/mkcerts.nix +++ b/nixpkgs/nixos/tests/common/letsencrypt/mkcerts.nix @@ -1,7 +1,7 @@ { pkgs ? import <nixpkgs> {} , lib ? pkgs.lib -, domains ? [ "acme-v01.api.letsencrypt.org" "letsencrypt.org" ] +, domains ? [ "acme-v02.api.letsencrypt.org" "letsencrypt.org" ] }: pkgs.runCommand "letsencrypt-snakeoil-ca" { diff --git a/nixpkgs/nixos/tests/common/letsencrypt/snakeoil-certs.nix b/nixpkgs/nixos/tests/common/letsencrypt/snakeoil-certs.nix index c3d29ab8f16..ca4f71ae688 100644 --- a/nixpkgs/nixos/tests/common/letsencrypt/snakeoil-certs.nix +++ b/nixpkgs/nixos/tests/common/letsencrypt/snakeoil-certs.nix @@ -2,252 +2,253 @@ { ca.key = builtins.toFile "ca.key" '' -----BEGIN PRIVATE KEY----- - MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDfdVxC/4HwhuzD - 9or9CDDu3TBQE5lirJI5KYmfMZtfgdzEjgOzmR9AVSkn2rQeCqzM5m+YCzPO+2y7 - 0Fdk7vDORi1OdhYfUQIW6/TZ27xEjx4t82j9i705yUqTJZKjMbD830geXImJ6VGj - Nv/WisTHmwBspWKefYQPN68ZvYNCn0d5rYJg9uROZPJHSI0MYj9iERWIPN+xhZoS - xN74ILJ0rEOQfx2GHDhTr99vZYAFqbAIfh35fYulRWarUSekI+rDxa83FD8q9cMg - OP84KkLep2dRXXTbUWErGUOpHP55M9M7ws0RVNdl9PUSbDgChl7yYlHCde3261q/ - zGp5dMV/t/jXXNUgRurvXc4gUKKjS4Sffvg0XVnPs3sMlZ4JNmycK9klgISVmbTK - VcjRRJv8Bva2NQVsJ9TIryV0QEk94DucgsC3LbhQfQdmnWVcEdzwrZHNpk9az5mn - w42RuvZW9L19T7xpIrdLSHaOis4VEquZjkWIhfIz0DVMeXtYEQmwqFG23Ww0utcp - mCW4FPvpyYs5GAPmGWfrlMxsLD/7eteot3AheC+56ZBoVBnI8FFvIX2qci+gfVDu - CjvDmbyS/0NvxLGqvSC1GUPmWP3TR5Fb1H8Rp+39zJHRmH+qYWlhcv6p7FlY2/6d - 9Rkw8WKRTSCB7yeUdNNPiPopk6N4NwIDAQABAoICAQCzV0ei5dntpvwjEp3eElLj - glYiDnjOPt5kTjgLsg6XCmyau7ewzrXMNgz/1YE1ky+4i0EI8AS2nAdafQ2HDlXp - 11zJWfDLVYKtztYGe1qQU6TPEEo1I4/M7waRLliP7XO0n6cL5wzjyIQi0CNolprz - 8CzZBasutGHmrLQ1nmnYcGk2+NBo7f2yBUaFe27of3mLRVbYrrKBkU5kveiNkABp - r0/SipKxbbivQbm7d+TVpqiHSGDaOa54CEksOcfs7n6efOvw8qj326KtG9GJzDE6 - 7XP4U19UHe40XuR0t7Zso/FmRyO6QzNUutJt5LjXHezZ75razTcdMyr0QCU8MUHH - jXZxQCsbt+9AmdxUMBm1SMNVBdHYM8oiNHynlgsEj9eM6jxDEss/Uc3FeKoHl+XL - L6m28guIB8NivqjVzZcwhxvdiQCzYxjyqMC+/eX7aaK4NIlX2QRMoDL6mJ58Bz/8 - V2Qxp2UNVwKJFWAmpgXC+sq6XV/TP3HkOvd0OK82Nid2QxEvfE/EmOhU63qAjgUR - QnteLEcJ3MkGGurs05pYBDE7ejKVz6uu2tHahFMOv+yanGP2gfivnT9a323/nTqH - oR5ffMEI1u/ufpWU7sWXZfL/mH1L47x87k+9wwXHCPeSigcy+hFI7t1+rYsdCmz9 - V6QtmxZHMLanwzh5R0ipcQKCAQEA8kuZIz9JyYP6L+5qmIUxiWESihVlRCSKIqLB - fJ5sQ06aDBV2sqS4XnoWsHuJWUd39rulks8cg8WIQu8oJwVkFI9EpARt/+a1fRP0 - Ncc9qiBdP6VctQGgKfe5KyOfMzIBUl3zj2cAmU6q+CW1OgdhnEl4QhgBe5XQGquZ - Alrd2P2jhJbMO3sNFgzTy7xPEr3KqUy+L4gtRnGOegKIh8EllmsyMRO4eIrZV2z3 - XI+S2ZLyUn3WHYkaJqvUFrbfekgBBmbk5Ead6ImlsLsBla6MolKrVYV1kN6KT+Y+ - plcxNpWY8bnWfw5058OWPLPa9LPfReu9rxAeGT2ZLmAhSkjGxQKCAQEA7BkBzT3m - SIzop9RKl5VzYbVysCYDjFU9KYMW5kBIw5ghSMnRmU7kXIZUkc6C1L/v9cTNFFLw - ZSF4vCHLdYLmDysW2d4DU8fS4qdlDlco5A00g8T1FS7nD9CzdkVN/oix6ujw7RuI - 7pE1K3JELUYFBc8AZ7mIGGbddeCwnM+NdPIlhWzk5s4x4/r31cdk0gzor0kE4e+d - 5m0s1T4O/Iak6rc0MGDeTejZQg04p1eAJFYQ6OY23tJhH/kO8CMYnQ4fidfCkf8v - 85v4EC1MCorFR7J65uSj8MiaL7LTXPvLAkgFls1c3ijQ2tJ8qXvqmfo0by33T1OF - ZGyaOP9/1WQSywKCAQB47m6CfyYO5EZNAgxGD8SHsuGT9dXTSwF/BAjacB/NAEA2 - 48eYpko3LWyBrUcCPn+LsGCVg7XRtxepgMBjqXcoI9G4o1VbsgTHZtwus0D91qV0 - DM7WsPcFu1S6SU8+OCkcuTPFUT2lRvRiYj+vtNttK+ZP5rdmvYFermLyH/Q2R3ID - zVgmH+aKKODVASneSsgJ8/nAs5EVZbwc/YKzbx2Zk+s7P4KE95g+4G4dzrMW0RcN - QS1LFJDu2DhFFgU4fRO15Ek9/lj2JS2DpfLGiJY8tlI5nyDsq4YRFvQSBdbUTZpG - m+CJDegffSlRJtuT4ur/dQf5hmvfYTVBRk2XS/eZAoIBAB143a22PWnvFRfmO02C - 3X1j/iYZCLZa6aCl+ZTSj4LDGdyRPPXrUDxwlFwDMHfIYfcHEyanV9T4Aa9SdKh9 - p6RbF6YovbeWqS+b/9RzcupM77JHQuTbDwL9ZXmtGxhcDgGqBHFEz6ogPEfpIrOY - GwZnmcBY+7E4HgsZ+lII4rqng6GNP2HEeZvg91Eba+2AqQdAkTh3Bfn+xOr1rT8+ - u5WFOyGS5g1JtN0280yIcrmWeNPp8Q2Nq4wnNgMqDmeEnNFDOsmo1l6NqMC0NtrW - CdxyXj82aXSkRgMQSqw/zk7BmNkDV8VvyOqX/fHWQynnfuYmEco4Pd2UZQgadOW5 - cVMCggEBANGz1fC+QQaangUzsVNOJwg2+CsUFYlAKYA3pRKZPIyMob2CBXk3Oln/ - YqOq6j373kG2AX74EZT07JFn28F27JF3r+zpyS/TYrfZyO1lz/5ZejPtDTmqBiVd - qa2coaPKwCOz64s77A9KSPyvpvyuTfRVa8UoArHcrQsPXMHgEhnFRsbxgmdP582A - kfYfoJBSse6dQtS9ZnREJtyWJlBNIBvsuKwzicuIgtE3oCBcIUZpEa6rBSN7Om2d - ex8ejCcS7qpHeULYspXbm5ZcwE4glKlQbJDTKaJ9mjiMdvuNFUZnv1BdMQ3Tb8zf - Gvfq54FbDuB10XP8JdLrsy9Z6GEsmoE= + MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDQ0b23I1srJZwR + 2MMdvSJK5pcwLfrXU+4gEZEnWNyT8yeVweya+8vmNNOlvK3zxf+ZiY/7aQ0RZJMO + h2+VdlgHmr2QKhQTf1HwfZA/06FolD3/DcS+DMJMSTVr179/XLndeVVZUqU7tjvB + AWKSIS8H2hSF1UOPi9gBDR8MwCP6Qgj8WYhbkt9q47/lO96qAmm6U1F+Q7RYM9ZQ + IWI81N0Ms5wJocg7n6S19iV66ePh7APapZFYup61gFGWfahmA217ELIZd56n8yjO + F0epb9sC0XpYCDRrYKBWLqPiv+6wvdZtZvALItyIv08ZwXlBkFg3LbAAhPnf0Vxz + pYysQmyyyzkgy252n+Sie0kx+B4qm6fOkpfgYlPSVTb2dXx/be/SE08u0a9FO0fZ + pkByWEZJUUwngsJgLUa7MorQf3avxozfC25XqvzbieZfSXlA7mOUclZbC/WUFpyj + MlyJU2eCQ8wSwsPXl91oxcYlOkuVLgd41gr9pGXQSuKIkrgbfkftjg2tDC+7g7O8 + qrdF42FjbZjIx/74AasmsGh4GTQtiSkvEnTstioC6aCV44DlJWbBIMvkyawubjUl + Ppij0H66Y9Q4tEc/ktc7oGQfqqluyLb43TeobTPHALsNeAYb39rMtBo5DDCUc81s + fuDMhMr/oYXKrFstUsg5AY6mJaRG0QIDAQABAoICAF5ZVfmoPOoKzTB3GvmV2iez + dj4rmDmwT1gn98iqasdiRtFwVGJWQHNcDQDGdmY9YNZThD2Y4nGoWpVm9jC2zuFo + thusF3QTw8cARKvCCBzDVhumce1YwHVNYpi+W2TFValOyBRathN7rBXxdUMHQUOv + 8jPh/uudyNP4xL2zFs5dBchW/7g4bT/TdYGyglGYU4L/YEPHfXWYvk1oOAW6O8Ig + aPElKt5drEMW2yplATSzua4RvtEzSMBDIRn43pxxEgdXrNC67nF9+ULc2+Efi/oD + Ad9CncSiXO9zlVK/W655p6e4qd6uOqyCm8/MTegkuub7eplRe8D3zGjoNN4kCQ4S + rckVvIDDb6vZk7PKx9F7GWIqaG/YvFFFKO1MrAZg7SguFA6PtGOYAFocT03P6KXT + l2SnZQWKyxUAlh4tOBGlRFgGCx/krRIKbgNYn/qk/ezcRl8c7GpOPh+b7Icoq7u3 + l4tIVBBHqS8uGgtyi+YwuJeht2MV1aEcSkykKLh2ipp8tb6spORJUkhjawDjvxeQ + GztN30Xh2riTXYZ0HExVTtJa8jyvFyp/97ptPIJXaVt2A2KIS3sBFHKnpY+/OrQg + uUauYgi13WFHsKOxZL9GYGk7Ujd8bw4CEcJFxKY7bhpGVI6Du7NRkUDWN0+0yusI + 2szCJ7+ZqJkrc1+GrI/RAoIBAQDseAEggOLYZkpU2Pht15ZbxjM9ayT2ANq1+RTu + LjJx4gv2/o/XJCfMZCL0b9TJqtYeH+N6G9oDRJ99VIhUPedhWSYdj9Qj+rPd++TS + bp+MoSjmfUfxLTDrmFHL7ppquAE65aDy3B5c+OCb0I4X6CILUf0LynBzgl4kdrzN + U6BG3Mt0RiGPojlPV82B9ZUF/09YAz7BIz9X3KMhze1Gps5OeGuUnc9O2IAJYkrj + ur9H2YlNS4w+IjRLAXSXUqC8bqPZp6WTo1G/rlyAkIRXCGN90uk5JQvXoj9immFO + WaylbdcNG3YcGutreYeZL/UIWF6zCdc6pYG0cCBJS6S/RN7FAoIBAQDiERrLuUbV + 3fx/a8uMeZop6hXtQpF7jlFxqUmza7QSvBuwks4QVJF+qMSiSvKDkCKqZD4qVf4N + TMxEj5vNR0PbnmDshyKJNGVjEauKJSb65CFDUcL1eR/A/oJvxiIdN1Z4cPrpnRux + /zIfPuYfYHpdz52buxxmlD7bfwYmVKVpnzjB9z0I1CasZ5uqB0Z8H0OLyUu8S4ju + RfkKBDMgVl2q96i8ZvX4C1b7XuimIUqv4WHq5+ejcYirgrYtUbBIaDU3/LORcJdy + /K76L1/up70RTDUYYm/HKaRy+vMTpUsZJ7Qbh0hrvQkUvNQ1HXjprW2AePIYi33N + h3mb1ulqw4idAoIBAQCsn0YjVjNDShkFK4bfmLv4rw2Ezoyi0SjYIsb2wN6uaBfX + 7SlQIuKywH8L9f9eYMoCH8FNyLs0G4paUbVb2fzpAc1jUzXINiHL8TCvtXXfkV5s + NBSqqRTHR+CegMZVFZJATpVZ9PptYHmHBY5VQW5o2SdizhudFxRmhg95zIx6boBP + l0q0sfYoR66MKpzpTeG8HFJZZ8O7/iNQcCXAp9B/VEUkrrdBlaaSMyD8cb1lVBZ5 + SKdOTGXkQ2G7feQ86n/OSiYDSvxIc56vc9BIQKVwmuEKiFLGzXh8ILrcGXaBJVgS + B3QHPFeTk5o7Z9j2iJxJEuv9sginkhrfpsrTnhEJAoIBACkrUkTtjd/e2F/gIqaH + crLVZX7a06G7rktTuA9LuvR6e1Rxt8Mzk3eMhprDqVyaQCXlsYiGNoj3hm+p84az + xsDVG/OXPIveFeSv0ByNXYbtSr12w1lu4ICGGP0ACTBm5oFymc83hFarEdas3r2y + FTbGW36D2c04jCXvARCz85fDnlN8kgnskMpu5+NUBdsO2n83fmphGyPBbHQNhb4K + 3G4JQhplab/tWL7YbufqQi67jdh4uS+Duo75c/HW4ZKeH6r9gzomVf5j0/3N6NuO + gpkG1tiE/LQ5ejBSUTgvrvh6yYsF3QN53pB/PuoZXu63Xay62ePsa1GlrVjbD5EY + 4OUCggEAJFr7F7AQLMJTAxHFLCsZZ0ZZ+tXYclBC4eHPkZ6sD5jvL3KIpW3Q7jXk + oIoD/XEX4B+Qe5M3jQJ/Y5ZJETHcgfcHZbDpCKN2WHQgldQbAJiFd4GY1OegdVsr + 7TC8jh3Q2eYjzL8u4z7LSNI6aQSv1eWE7S1Q5j/sX/YYDR4W3CBMeIUpqoDWpn87 + czbIRyA/4L0Y/HLpg/ZCbvtJZbsQwYXhyqfbjlm4BRQ6JiC5uEBKvuDRUXToBJta + JU8XMm+Ae5Ogrw7P6hg68dWpagfjb7UZ7Zxv+VDsbrU6KsDcyGCAwrrRZou/6KUG + Eq4OVTSu/s8gmY94tgbjeOaLUPEPmg== -----END PRIVATE KEY----- ''; ca.cert = builtins.toFile "ca.cert" '' -----BEGIN CERTIFICATE----- - MIIFATCCAumgAwIBAgIJANydi4uFZr0LMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV - BAMMC1NuYWtlb2lsIENBMCAXDTE4MDcxMjAwMjIxNloYDzIxMTgwNjE4MDAyMjE2 - WjAWMRQwEgYDVQQDDAtTbmFrZW9pbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIP - ADCCAgoCggIBAN91XEL/gfCG7MP2iv0IMO7dMFATmWKskjkpiZ8xm1+B3MSOA7OZ - H0BVKSfatB4KrMzmb5gLM877bLvQV2Tu8M5GLU52Fh9RAhbr9NnbvESPHi3zaP2L - vTnJSpMlkqMxsPzfSB5ciYnpUaM2/9aKxMebAGylYp59hA83rxm9g0KfR3mtgmD2 - 5E5k8kdIjQxiP2IRFYg837GFmhLE3vggsnSsQ5B/HYYcOFOv329lgAWpsAh+Hfl9 - i6VFZqtRJ6Qj6sPFrzcUPyr1wyA4/zgqQt6nZ1FddNtRYSsZQ6kc/nkz0zvCzRFU - 12X09RJsOAKGXvJiUcJ17fbrWr/Manl0xX+3+Ndc1SBG6u9dziBQoqNLhJ9++DRd - Wc+zewyVngk2bJwr2SWAhJWZtMpVyNFEm/wG9rY1BWwn1MivJXRAST3gO5yCwLct - uFB9B2adZVwR3PCtkc2mT1rPmafDjZG69lb0vX1PvGkit0tIdo6KzhUSq5mORYiF - 8jPQNUx5e1gRCbCoUbbdbDS61ymYJbgU++nJizkYA+YZZ+uUzGwsP/t616i3cCF4 - L7npkGhUGcjwUW8hfapyL6B9UO4KO8OZvJL/Q2/Esaq9ILUZQ+ZY/dNHkVvUfxGn - 7f3MkdGYf6phaWFy/qnsWVjb/p31GTDxYpFNIIHvJ5R000+I+imTo3g3AgMBAAGj - UDBOMB0GA1UdDgQWBBQ3vPWzjLmu5krbSpfhBAht9KL3czAfBgNVHSMEGDAWgBQ3 - vPWzjLmu5krbSpfhBAht9KL3czAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA - A4ICAQDF9HyC1ZFN3Ob+JA9Dj5+Rcobi7JIA5F8uW3Q92LfPoVaUGEkBrwJSiTFX - 47zvP/ySBJIpZ9rzHMbJ+1L+eJgczF1uQ91inthCKo1THTPo5TgBrpJj0YAIunsj - 9eH1tBnfWFYdVIDZoTSiwPtgIvglpyuK/eJXEe+FRzubhtdc9w1Hlzox1sd0TQuy - Pl9KFHg7BlFZfCPig1mkB8pfwjBDgVhv5DKJ9cJXh3R5zSoiyuS2b+qYSvw8YTHq - 0WNKWUthb7BVAYE3OmcbOHgUAUjtJ6EIGIB9z/SoLe90CofXLXFR5dppuVLKCMBA - kgL4luBIu7t8mcnN2yzobvcGHy8RVY6F5abCCy6gackLzjOzvH1SYOxP8yN74aKB - ANgcqdWspb8JYoU8lEbA8dhBVrsgBf7XeJlrZvMdcUENlJ2PI0JWr9WvlRAM9rYY - EY1alJqBCp6530Ggd6/f0V64cEqptejUdmN9L0zboxKjQf4LjpUNraGvg8tw/xkY - 4dT1U2HlVnhOyBVkx/tE6zIK/RU16oMqwpjCdfbK/TuWCNc/emJz5PMlp81zm83+ - dExpWwuV4rt6OQbZ/GSatNLJXOw+pkLjaEhnHgrsgI+HqAUXg3ByKol+1e76wN51 - k1ZKpB6mk4kejySGPYBHiJwED0IyXu9gUfalSczXFO4ySAvhCg== + MIIFDzCCAvegAwIBAgIUU9rbCLTuvaI6gjSsFsJJjfLWIX8wDQYJKoZIhvcNAQEL + BQAwFjEUMBIGA1UEAwwLU25ha2VvaWwgQ0EwIBcNMTkxMDE4MDc1NDEyWhgPMjEx + OTA5MjQwNzU0MTJaMBYxFDASBgNVBAMMC1NuYWtlb2lsIENBMIICIjANBgkqhkiG + 9w0BAQEFAAOCAg8AMIICCgKCAgEA0NG9tyNbKyWcEdjDHb0iSuaXMC3611PuIBGR + J1jck/MnlcHsmvvL5jTTpbyt88X/mYmP+2kNEWSTDodvlXZYB5q9kCoUE39R8H2Q + P9OhaJQ9/w3EvgzCTEk1a9e/f1y53XlVWVKlO7Y7wQFikiEvB9oUhdVDj4vYAQ0f + DMAj+kII/FmIW5LfauO/5TveqgJpulNRfkO0WDPWUCFiPNTdDLOcCaHIO5+ktfYl + eunj4ewD2qWRWLqetYBRln2oZgNtexCyGXeep/MozhdHqW/bAtF6WAg0a2CgVi6j + 4r/usL3WbWbwCyLciL9PGcF5QZBYNy2wAIT539Fcc6WMrEJssss5IMtudp/kontJ + MfgeKpunzpKX4GJT0lU29nV8f23v0hNPLtGvRTtH2aZAclhGSVFMJ4LCYC1GuzKK + 0H92r8aM3wtuV6r824nmX0l5QO5jlHJWWwv1lBacozJciVNngkPMEsLD15fdaMXG + JTpLlS4HeNYK/aRl0EriiJK4G35H7Y4NrQwvu4OzvKq3ReNhY22YyMf++AGrJrBo + eBk0LYkpLxJ07LYqAumgleOA5SVmwSDL5MmsLm41JT6Yo9B+umPUOLRHP5LXO6Bk + H6qpbsi2+N03qG0zxwC7DXgGG9/azLQaOQwwlHPNbH7gzITK/6GFyqxbLVLIOQGO + piWkRtECAwEAAaNTMFEwHQYDVR0OBBYEFAZcEiVphGxBT4OWXbM6lKu96dvbMB8G + A1UdIwQYMBaAFAZcEiVphGxBT4OWXbM6lKu96dvbMA8GA1UdEwEB/wQFMAMBAf8w + DQYJKoZIhvcNAQELBQADggIBAGJ5Jnxq1IQ++IRYxCE7r7BqzzF+HTx0EWKkSOmt + eSPqeOdhC26hJlclgGZXAF/Xosmn8vkSQMHhj/jr4HI0VF9IyvDUJm8AKsnOgu/7 + DUey3lEUdOtJpTG9NyTOcrzxToMJ+hWlFLZKxx2dk4FLIvTLjmo1VHM97Bat7XYW + IrL9RRIZ25V+eCYtlR7XYjceGFQ0rCdp8SFIQwC6C/AH2tV3b1AJFsND9PcoLu7c + //fH+WUQCcD/N0grdC/QCX7AFWzd4rKQ8gjfND4TSYFTSDwW10Mud4kAVhY2P1sY + Y3ZpnxWrCHbIZMbszlbMyD+cjsCBnNvOtYGm7pDut/371rllVcB/uOWYWMCtKPoj + 0elPrwNMrK+P+wceNBCRQO+9gwzB589F2morFTtsob/qtpAygW8Sfl8M+iLWXeYS + c3LBLnj0TpgXKRWg7wgIWKSZx9v6pgy70U0qvkjNS1XseUCPf7hfAbxT3xF+37Dw + zZRwF4WAWqdnJoOey21mgc+a2DQzqtykA6KfHgCqNFfDbQXPXvNy25DDThbk+paX + G2M2EWtr+Nv9s/zm7Xv/pOXlgMFavaj+ikqZ4wfJf6c/sMOdZJtMA4TsYtAJgbc8 + ts+0eymTq4v5S8/fW51Lbjw6hc1Kcm8k7NbHSi9sEjBfxFLTZNQ5eb4NGr9Od3sU + kgwJ -----END CERTIFICATE----- ''; - "acme-v01.api.letsencrypt.org".key = builtins.toFile "acme-v01.api.letsencrypt.org.key" '' + "acme-v02.api.letsencrypt.org".key = builtins.toFile "acme-v02.api.letsencrypt.org.key" '' -----BEGIN RSA PRIVATE KEY----- - MIIJKQIBAAKCAgEAvG+sL4q0VkgSClBTn4NkPiUrtXx5oLyZ+CCM1jrQx/xotUt5 - X2S4/7vMnAK/yRLsR7R2PhXO8CZPqJ7B6OfAgaDTgvipJkZYPZQSMP3KOinM3WJL - ssqKh7/HOxZIf0iyUXewrnX5eTAo/CLsUnhBjBD7E99nmQz/leLWSl82sSYDkO3n - Uk3/1qJZA8iddb4uH0IEQWcNKev3WoQQzwiVrXBiftlRQOJy5JJXm5m8229MCpMA - 1AUWmpdu6sl3/gFFdsDhUFq/a7LFrVyaUCMRIHg9szAB7ZFkixr9umQs8jKwuo98 - 3JHB11h2SirwgfIzHHmyhaWhCt22ucTwEXGhq63LtrzZvLsfP8Ql5S+AuqGTH0v8 - meuc784leAjulBZjkpuIFwDnVv9+YeUEbqJeo1hSHrILddora3nkH4E2dJWmLpqp - iPr++GRi+BNgYKW/BQLTJ7C6v+vUs+kdPgYJH5z7oP6f0YZkT0Wkubp/UEz7UV2d - fjz57d77DYx5rFWGYzJriWR/xltgL1zDpjwjwG1FDpRqwlyYbBFpjQhxI+X0aT98 - m6fCzBDQHDb/+JgvsjTHh6OZatahFAwzFIEfrceDv1BG8sBWIaZGhLzYiWQxafl8 - oXbWv1T6I1jpsTlCdCSkWzaJb4ZjxI9Ga1ynVu8F16+GR2a71wKWu7UbZQsCAwEA - AQKCAgBYvrs4FLoD3KNqahRIDqhaQEVKjtn1Yn2dBy9tAXwsg2qI34fE7nnWLwsY - +o56U0gmKQ57BOhV36Uqg8JNP0BBjI2wpA19simCrsa2fgAMznzmUpHWHV+KuT5K - TJ9OGt2oUpdKQtOASLc0r/neiTZNkf29iTyQLzf7zj4f/qGSYpXRXsnP0F5KJmGH - z6agujWckQnSB4eCk9gFsCb+akubyE8K8Kw8w6lajrVl2czBB7SnUj5UnCTeH62k - M8goP08Is6QppON8BFDm6bLfRPSe9yIPzu9JhGz2unp+mwkz872Zz1P9yUOieM4U - 9g4ZFQkPQx1ZpfynUm3pJZ/uhzadBabnIvMe/1qwDAEDifh/WzEM76/2kBpQkHtS - qcjwjAElfWnP8aBr1Pj42/cVJy3dbDqb0OawFHx/8xSO2CkY4Gq2h3OYv1XpPv3g - S9qqKhvuaT+aD0YjKhP4FYc2vvQSJwdZL8vqOyma8JGmc+r7jakIPCyOx3oPVqnS - L2P7DuJ1FcGIZyYOU3UUSzKndDU9fVC8YoLWvHDlwm4RK9UPtdsBY8mEu6BlaAwL - zEQG+fbcFnEkHPiJeAohYUCHiqCihLt0pqGwZi+QrudPQE6C47YijGZWJu4VVLjB - B2L9iDQKsN4FnBJ9egJIwWBLX3XXQfjC43UGm1A5sBvD+ScsCQKCAQEA7GxU7/SW - 4YJ+wBXrp7Z3vzlc5mTT5U4L2muWZLhIjT/jmpHpZ4c9a5DY/K9OYcu8XJ+7kx2B - N40cU3ZkT2ZbB5/BUCEmi3Wzy3R/KZshHDzvvSZHcXJqVBtv+HGJgR5ssFqAw8c6 - gJtDls+JE9Sz+nhLk0ZZ4658vbTQfG1lmtzrbC3Kz2xK8RPTdOU5Or7fayeaEKEW - ECBJPE41ME2UTdB/E85vyYoee0MBijjAs19QKqvoNbyrsZ5bihcIDYsrvjCmkdW1 - 20IUrSF3ZYJ9bb+CxHeRyNqwvRxPYSkzdMjZHx+xEAvJgw51QqmIi2QQf/qB+ych - cSbE/0Jhx4QbDQKCAQEAzAoenEOgmZvUegFUu8C6gWeibMjl3Y9SikQ4CoQO/zWr - aoCr5BpbzbtOffwnPfgk9wCGvXf6smOdrLUP1K2QAhBr/vJh7ih2MonvpYr5HPP7 - maVARR66IgtxXP2ER2I9+9p2OQdecGRP2fUn2KCDQIASHSSY/VjBb8LLJgryC/DS - r2b0+m1e2qXfNWt/BYTQZhD/8B/jl/2pl/jI2ne3rkeiwEm7lqZaDt3Q8gC+qoP5 - /IdG1Gob7UTMCbICWy1aGuzRYUmbpg0Vq4DAV1RtgBySB5oNq5PMBHYpOxedM2nM - NxHvf0u6wsxVULwQ4IfWUqUTspjxDmIgogSzmOGadwKCAQEA558if4tynjBImUtg - egirvG4oc5doeQhDWJN63eYlPizPgUleD41RQSbBTp04/1qoiV38WJ7ZT2Ex1Rry - H0+58vgyXZx8tLh1kufpBQv0HkQc44SzDZP4U7olspMZEaSK+yNPb36p9AEo8IEW - XJVQVhywffK4cfUqRHj2oFBU8KlrA6rBPQFtUk4IJkfED6ecHtDHgW8vvFDFLw23 - 0kDPAIU5WmAu6JYmUsBMq+v57kF8urF8Z9kVpIfuSpVR0GL+UfA74DgtWEefFhbp - cEutMm4jYPN7ofmOmVc49Yl13f4/qNxVjdDedUUe4FZTbax09cyotzOY8c/3w9R3 - Ew57qQKCAQAa5jqi30eM+L5KV2KUXhQ4ezEupk2np/15vQSmXkKb4rd2kwAWUmNH - /Cmc8mE6CjzVU3xv/iFO41MmMbikkT0rCH80XUAL5cmvX//4ExpEduX0m5SdiC+B - zYBkggeuYYVKbsKnQhFxP8hHM8rNBFxJZJj+vpRs0gaudT/TBB5k9JrSBQDHAyQ+ - Lx/+Ku3UDG5tBlC3l3ypzQdOwb25D49nqooKT64rbkLxMs0ZGoAIet26LRtpZZPI - 9AjyPkWRP6lhY1c3PD0I5zC0K4Uv/jFxclLOLcEfnZyH+gv1fmd7H7eMixDH93Pn - uoiE3EZdU4st2hV+tisRel5S/cuvnA6BAoIBAQDJISK8H0hwYp+J4/WUv/WLtrm4 - Mhmn8ItdEPAyCljycU6oLHJy4fgmmfRHeoO1i3jb87ks2GghegFBbJNzugfoGxIM - dLWIV+uFXWs24fMJ/J6lqN1JtAj7HjvqkXp061X+MdIJ0DsACygzFfJOjv+Ij77Q - Q1OBTSPfb0EWFNOuIJr9i2TwdN9eW/2ZMo1bPuwe4ttPEIBssfIC02dn2KD1RTqM - 1l+L97vVFk7CoSJZf5rLeysLVyUeGdDcoEcRA6fKhfB/55h+iqrZNvySX1HrR6on - PQcxDRPJD7f9rMsTzVl3DOxzvXAU3lIcZtPZps97IwXceAAh2e1kZNNv/cxj + MIIJKQIBAAKCAgEApny0WhfDwEXe6WDTCw8qBuMAPDr88pj6kbhQWfzAW2c0TggJ + Etjs9dktENeTpSl14nnLVMiSYIJPYY3KbOIFQH1qDaOuQ7NaOhj9CdMTm5r9bl+C + YAyqLIMQ9AAZDhUcQjOy3moiL7ClFHlkFYuEzZBO9DF7hJpfUFIs0Idg50mNoZh/ + K/fb4P2skNjfCjjomTRUmZHxT6G00ImSTtSaYbN/WHut1xXwJvOoT1nlEA/PghKm + JJ9ZuRMSddUJmjL+sT09L8LVkK8CKeHi4r58DHM0D0u8owIFV9qsXd5UvZHaNgvQ + 4OAWGukMX+TxRuqkUZkaj84vnNL+ttEMl4jedw0ImzNtCOYehDyTPRkfng5PLWMS + vWbwyP8jDd2578mSbx5BF7ypYX366+vknjIFyZ5WezcC1pscIHxLoEwuhuf+knN+ + kFkLOHeYbqQrU6mxSnu9q0hnNvGUkTP0a/1aLOGRfQ5C/pxpE/Rebi8qfM/OJFd4 + mSxGL93JUTXWAItiIeBnQpIne65/Ska9dWynOEfIb0okdet3kfmNHz3zc17dZ5g4 + AdOSCgHAlQgFt/Qd8W6xXUe4C5Mfv2ctxRrfQhDwtB6rMByPwzImnciC2h3vCwD3 + vS/vjUyWICyhZyi2LZDUQz+sCKBXCYYcYh8ThFO40j5x1OnYMq7XQvyl8QkCAwEA + AQKCAgBSAfdssWwRF9m3p6QNPIj9H3AMOxpB/azffqTFzsSJwYp4LWkayZPfffy+ + 4RGvN38D8e6ActP3ifjEGu3tOGBR5fUJhujeHEiDea+a2Ug9S9kuNwmnelWQ23bM + Wgf9cdSbn4+qEymHyEFolmsAWdsuzri1fHJVXR06GWBNz4GiLA8B3HY4GD1M1Gfe + aZVkGagpXyeVBdiR2xuP5VQWVI8/NQWzdiipW/sRlNABVkyI3uDeN4VzYLL3gTeE + p021kQz4DSxIjHZacHpmWwhBnIbKMy0fo7TlrqcnIWXqTwv63Q9Zs/RN8NOyqb0Y + t1NKFWafcwUsdOnrG9uv/cVwF1FNE8puydaOi8rL1zAeK89JH8NRQ02wohR9w8qy + b2tB6DyGMtuqBt8Il6GA16ZoEuaXeayvlsvDEmG1cS9ZwBvfgrVPAmlm2AYdIf5B + RHIJu4BJC6Nn2ehVLqxx1QDhog3SOnAsCmcfg5g/fCwxcVMLIhODFoiKYGeMitDG + Q4e5JKcOg+RR8PT/n4eY4rUDBGtsR+Nw8S2DWgXmSufyfDtKCjZB4IuLWPS29tNh + zF6iYfoiTWzrSs/yqPSKIFpv+PWZwkKSvjdxia6lSBYYEON4W2QICEtiEs+SvcG4 + 0eIqWM+rRmPnJyMfGqX6GCs3rHDQB2VNJPBCYPQalJ/KwZumAQKCAQEA0ezM6qPJ + 1JM/fddgeQ50h0T9TRXVUTCISxXza+l4NuFt1NdqUOdHsGtbL1JR4GaQUG8qD1/P + R39YgnQEQimxpmYLCZkobkwPxTZm9oiMXpcJrlN4PB5evaWShRSv3mgigpt3Wzml + Td+2R9RoA/hvF/wEyIvaWznYOyugBC7GXs20dNnZDULhUapeQu7r6JvgmxBOby7S + 0FbhGplBiSDETzZURqzH/GMJKaJtNgyyVf3Hbg4mZAQDWoBRr+8HxsNbDkxP6e91 + QrPHy2VZFiaTmJfoxRhyMTn7/JZaLJaUHDOniOsdMj/V7vMCgpfBqh5vR8bKzuPy + ZINggpcFPp1IYQKCAQEAywc7AQoktMBCru/3vzBqUveXbR3RKzNyZCTH5CMm3UNH + zmblFgqF2nxzNil21GqAXzSwZk5FyHbkeD3yvEZm+bXzsZTDNokAwoiTgyrr2tf8 + GLMlCHHl5euIh1xHuyg/oKajVGOoXUXK8piqiDpQKd3Zwc6u2oyQlh+gYTPKh+7i + ilipkYawoE6teb6JUGpvU+d27INgNhB2oDEXY3pG2PbV+wv229ykSZxh1sJUdDwT + a8eTg+3pCGXtOZiJoQTFwKUlD2WYTGqS4Gx6dIJco5k+ZikGNST1JGE64Jl4MZdI + rtyvpcYblh5Q14sJGvp4kWYS9tjEM8pA+4Z9th3JqQKCAQEAkidH0+UM1A9gmQCm + jiHeR39ky5Jz3f7oJT63J15479yrVxBTWNhtNQrJhXzOvGkr+JQsuF+ANMsYmFql + zFqy8KMC9D/JwmD6adeif+o5sHF/r/s1LsYGOAtao4TvnOzrefs7ciwERt+GTSQ4 + 9uq0jgJMYkPcVr9DKI8K7V6ThdW52dECKRVzQiRXVEp7vIsqKUuFECuNYrfaKWai + FhLWGkA9FKee5L0e1/naB1N3ph72Bk2btO6GVzAXr2HADEZe0umWiczJ2xLH+3go + Oh/JiufYi8ClYFh6dDVJutlrbOcZsV3gCegfzikqijmWABcIavSgpsJVNF2zh7gV + Uq62gQKCAQAdO2FHeQpn6/at8WceY/4rC/MFhvGC4tlpidIuCtGhsfo4wZ/iWImF + N73u4nF1jBAHpTJwyHxLrLKgjWrRqOFSutvniZ/BzmAJolh63kcvL0Hg3IpMePm8 + 7PivZJ3/WIAwxU1m7SJkq5PY8ho7mwnHvWWI/hU26l42/z68QBS9FawQd0uS5G2x + 5yIbEU/8ABcfYYhB7XiA0EYEMo1HiWeB/ag5iTN13ILbBmUf4sL+KVgygH3A1RRk + XSiWzluij2lZn22ClgIjnoSfQ38uH0bvVzUgyG9YX4XcQxOTGwWvPjT82FGB8NAw + ARVqs14QQFfzt1qrp/I38rsAfBDFk+xhAoIBAQCEKNk/oJcy9t/jMIbLcn6z3aCc + Fn8GBPSXtFj0t6weN5lHof+cggw4owMFWQQyAXxo/K6NnKNydMPZ5qjtLsHNpbpQ + aT1Or0/1YR1bJ8Lo82B4QM++7F761GWQPvE/tyrfPkfkWl92ITIpmnlw4wycRlkq + 9anI2fnj1nIZwixzE2peb6PcsZU2HOs9uZ5RRd9wia696I7IpNibs4O4J2WTm4va + +NeYif3V2g9qwgT0Va0c9/Jlg3b58R0vA8j/VCU5I0TyXpkB3Xapx+pvEdZ3viUL + mXZaVotmWjgBXGDtd2VQg2ZiAMXHn3RzXSgV4Z+A/XacRs75h9bNw0ZJYrz1 -----END RSA PRIVATE KEY----- ''; - "acme-v01.api.letsencrypt.org".cert = builtins.toFile "acme-v01.api.letsencrypt.org.cert" '' + "acme-v02.api.letsencrypt.org".cert = builtins.toFile "acme-v02.api.letsencrypt.org.cert" '' -----BEGIN CERTIFICATE----- MIIEtDCCApwCAgKaMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNVBAMMC1NuYWtlb2ls - IENBMCAXDTE4MDcxMjAwMjIxN1oYDzIxMTgwNjE4MDAyMjE3WjAnMSUwIwYDVQQD - DBxhY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnMIICIjANBgkqhkiG9w0BAQEF - AAOCAg8AMIICCgKCAgEAvG+sL4q0VkgSClBTn4NkPiUrtXx5oLyZ+CCM1jrQx/xo - tUt5X2S4/7vMnAK/yRLsR7R2PhXO8CZPqJ7B6OfAgaDTgvipJkZYPZQSMP3KOinM - 3WJLssqKh7/HOxZIf0iyUXewrnX5eTAo/CLsUnhBjBD7E99nmQz/leLWSl82sSYD - kO3nUk3/1qJZA8iddb4uH0IEQWcNKev3WoQQzwiVrXBiftlRQOJy5JJXm5m8229M - CpMA1AUWmpdu6sl3/gFFdsDhUFq/a7LFrVyaUCMRIHg9szAB7ZFkixr9umQs8jKw - uo983JHB11h2SirwgfIzHHmyhaWhCt22ucTwEXGhq63LtrzZvLsfP8Ql5S+AuqGT - H0v8meuc784leAjulBZjkpuIFwDnVv9+YeUEbqJeo1hSHrILddora3nkH4E2dJWm - LpqpiPr++GRi+BNgYKW/BQLTJ7C6v+vUs+kdPgYJH5z7oP6f0YZkT0Wkubp/UEz7 - UV2dfjz57d77DYx5rFWGYzJriWR/xltgL1zDpjwjwG1FDpRqwlyYbBFpjQhxI+X0 - aT98m6fCzBDQHDb/+JgvsjTHh6OZatahFAwzFIEfrceDv1BG8sBWIaZGhLzYiWQx - afl8oXbWv1T6I1jpsTlCdCSkWzaJb4ZjxI9Ga1ynVu8F16+GR2a71wKWu7UbZQsC - AwEAATANBgkqhkiG9w0BAQsFAAOCAgEAzeGlFMz1Bo+bbpZDQ60HLdw7qDp3SPJi - x5LYG860yzbh9ghvyc59MIm5E6vB140LRJAs+Xo6VdVSTC4jUA2kI9k1BQsbZKds - XT0RqA7HkqcLS3t3JWFkkKbCshMGZTSZ//hpbaUG1qEAfUfmZw1lAxqSa0kqavbP - awf7k8qHbqcj7WORCdH7fjKAjntEQwIpl1GEkAdCSghOJz2/o9aWmiGZt27OM/sG - MLSrcmL3QBElCjOxg14P8rnsmZ+VEp6MO93otoJ4dJL7fN7vTIh5ThbS384at/4l - 4KK/y7XctUzAtWzhnodjk/NSgrrGX2kseOGOWEM1sZc9xtinHH2tpOMqtLVOkgHD - Lul+TArqgqeoOdEM/9OL64kgOrO/JzxBq+egLUi4wgAul2wmtecKZK1dkwYZHeqW - 74i55yeBp+TTomnPr0ZBns6xKFYldJVzC34OB+2YVDxe8y9XtWtuQOxFw0LQHhNb - zy5aBverWzZFwiIIjJoVHTQq848uKBJec0YILfMinS1Wjif4xqW/IMfi+GFS0oka - sKCGNE/8ur9u/Jm6cbto3f2dtV8/vkhiITQgwzM2jalyuVJ9jyPxG7EvbTvZORgw - pRvBRTd4/eE7I1L+UDe6x8EjR/MrqfF9FWVGOZo4vPTyNbrSWYBh6s9kYy56ds1l - IRxst1BXEfI= + IENBMCAXDTE5MTAxODA3NTQxM1oYDzIxMTkwOTI0MDc1NDEzWjAnMSUwIwYDVQQD + DBxhY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnMIICIjANBgkqhkiG9w0BAQEF + AAOCAg8AMIICCgKCAgEApny0WhfDwEXe6WDTCw8qBuMAPDr88pj6kbhQWfzAW2c0 + TggJEtjs9dktENeTpSl14nnLVMiSYIJPYY3KbOIFQH1qDaOuQ7NaOhj9CdMTm5r9 + bl+CYAyqLIMQ9AAZDhUcQjOy3moiL7ClFHlkFYuEzZBO9DF7hJpfUFIs0Idg50mN + oZh/K/fb4P2skNjfCjjomTRUmZHxT6G00ImSTtSaYbN/WHut1xXwJvOoT1nlEA/P + ghKmJJ9ZuRMSddUJmjL+sT09L8LVkK8CKeHi4r58DHM0D0u8owIFV9qsXd5UvZHa + NgvQ4OAWGukMX+TxRuqkUZkaj84vnNL+ttEMl4jedw0ImzNtCOYehDyTPRkfng5P + LWMSvWbwyP8jDd2578mSbx5BF7ypYX366+vknjIFyZ5WezcC1pscIHxLoEwuhuf+ + knN+kFkLOHeYbqQrU6mxSnu9q0hnNvGUkTP0a/1aLOGRfQ5C/pxpE/Rebi8qfM/O + JFd4mSxGL93JUTXWAItiIeBnQpIne65/Ska9dWynOEfIb0okdet3kfmNHz3zc17d + Z5g4AdOSCgHAlQgFt/Qd8W6xXUe4C5Mfv2ctxRrfQhDwtB6rMByPwzImnciC2h3v + CwD3vS/vjUyWICyhZyi2LZDUQz+sCKBXCYYcYh8ThFO40j5x1OnYMq7XQvyl8QkC + AwEAATANBgkqhkiG9w0BAQsFAAOCAgEAkx0GLPuCvKSLTHxVLh5tP4jxSGG/zN37 + PeZLu3QJTdRdRc8bgeOGXAVEVFbqOLTNTsuY1mvpiv2V6wxR6nns+PIHeLY/UOdc + mOreKPtMU2dWPp3ybec2Jwii6PhAXZJ26AKintmug1psMw7662crR3SCnn85/CvW + 192vhr5gM1PqLBIlbsX0tAqxAwBe1YkxBb9vCq8NVghJlKme49xnwGULMTGs15MW + hIPx6sW93zwrGiTsDImH49ILGF+NcX1AgAq90nG0j/l5zhDgXGJglX+K1xP99X1R + de3I4uoufPa5q+Pjmhy7muL+o4Qt0D0Vm86RqqjTkNPsr7gAJtt66A7TJrYiIoKn + GTIBsgM6egeFLLYQsT0ap/59HJismO2Pjx4Jk/jHOkC8TJsXQNRq1Km76VMBnuc0 + 2CMoD9pb38GjUUH94D4hJK4Ls/gJMF3ftKUyR8Sr/LjE6qU6Yj+ZpeEQP4kW9ANq + Lv9KSNDQQpRTL4LwGLTGomksLTQEekge7/q4J2TQRZNYJ/mxnrBKRcv9EAMgBMXq + Q+7GHtKDv9tJVlMfG/MRD3CMuuSRiT3OVbvMMkFzsPkqxYAP1CqE/JGvh67TzKI+ + MUfXKehA6TKuxrTVqCtoFIfGaqA9IWyoRTtugYq/xssB9ESeEYGeaM1A9Yueqz+h + KkBZO00jHSE= -----END CERTIFICATE----- ''; "letsencrypt.org".key = builtins.toFile "letsencrypt.org.key" '' -----BEGIN RSA PRIVATE KEY----- - MIIJKAIBAAKCAgEAwPvhlwemgPi6919sSD7Pz6l6CRfU1G/fDc0AvsMN/nTmiGND - pqn9ef1CA+RtLtOuPc1LLyEovcfu75/V+6KSgO4k19E2CrFCFwjEOWDGF4DgclT3 - 751WGmFJgzPEfZfhbOrmQfQau86KxAtNZVp9FxcKbuLyQ/sNNxfNMB+7IHbVhwvz - VcndHpYZEP6kdnwvNLP22bouX5q3avxWStln01uZ0BfUm4XwxaUNIU7t0Dv56FK9 - C9hW9AZae0do0BJBWRF7xSwLeDJqn9uZz+sX0X/tIaaSQSBuZySj0He5ZKzdUO0t - px2xTS2Brl3Y2BOJaOE98HubWvdKoslLt4X2rVrMxGa86SmFzcyDL1RSowcP/ruy - y555l7pepL5s4cmMgRBBXj5tXhqUTVOn5WO+JClLk+rtvtAT4rogJmMqEKmMw2t7 - LNy1W9ri/378QG/i3AGaLIL/7GsPbuRO51Sdti4QMVe2zNFze72mzNmj1SXokWy7 - +ZvjUMp55oEjRRsTPUZdNOEHJWy6Os2znuqL7ZpIHCxBG8FKnkCViXRJqAA8bzcE - hR+pLamLIOHlv4kdzJ6phHkSvK68qvbRReUmOjJgSupVBI9jhK+fHay/UWR4zfJQ - ed99H8ZOoiXlrLCVs+VPDynUUKrzF1nYyolNzi/NS4e4AbnfWgyC5JKRpjUCAwEA - AQKCAgB0fNYL+zM3MGxy+2d6KGf6GnuuV3NBlBGY3ACyJT0iNmAdPYXNaVi2tPeP - L+fz1xSa+3uBhEt6Wt/QRrO8g8JZDuawWvl69MpG6yS+2bpY35MbkExkl50sqULd - bncRtIb+3r+EWht099RtR8E9B6TwNhk3G8hO3pB4i+ZwQQcMLo7vSHhmdUYCu2mA - B6UwW/+GmYbMoARz8wj6DDzuS1LPksBCis/r3KqcMue9Dk6gXkOYR7ETIFBEVj1x - ooYS6qIFaHdEajS2JgCUY9LxXR/wdn6lzE0GANSDb+tt34bJzUp+Gdxvvo2SX4Ci - xsUokIpmA2gG7CW3gAPORSFuMu/VYZtvt+owNYlODXRPuGi/eLDknFRB/S4Nx0J0 - WZZq5uTgJdQainyKYtDZALia5X4cc5I2hNetCorG9jNZIsSunbIAG+htx2FI3eqK - jwOUiHE8SCZ6YdXoDQjg2w+g8jeB23eqkPyzunpZphYiKay7VFeLwQEMC2a791ln - +MbHhhpRAc1uAoU2reB2fxKyaPlOfAWVMgUOGlgpVOuEVeMoc1CwjajaFztGG7fI - 8EHNoyAftCdXnTaLZk2KZnnIDHHzFXR62TE1GJFD1fdI1pHAloCbgA4h+Dtwm1Uu - iAEEfvVU/E5wbtAzv6pY32+OKX5kyHAbM5/e918B8ZxmHG1J9QKCAQEA6FwxsRG3 - 526NnZak540yboht5kV12BNBChjmARv/XgZ7o1VsfwjaosErMvasUBcHDEYOC/oE - ZgPAyrMVsYm0xe/5FSIFLJVeYXTr0rmCNhVtBCHx3IS94BCXreNnz0qoEWnb5E09 - Z1O42D0yGcLXklg6QaJfb7EdHh03F3dSVMHyDR3JlAQHRINeuP6LlQpbvRD3adH5 - QWr2M3k+Stuq2OJdG7eUS1dreCxRShLuDjDhiZekdl/TB3LM0prOaWrKBrryN2g6 - mjiasH6I5zRD3LQP5zg57Thb8afHqA4Fb85Frt6ltfFlPTIoxXZ5drVhmRWfXXnQ - POnj8T+w4zVjvwKCAQEA1J4ivyFkCL0JTSY3/PtwAQvBBj3GazzU6P+urWeH74Vh - WK17Ae40iOUHGyy80Db/fVY4VLQTpxvAeG91Gj5Nd/AucXJgOrisabcEz6N/xUs5 - sjJNgXuNKTAgjYBu0bqLXxgZj43zT8JhA6KW7RuYU0PtHMRragz4RbK9NWDaVvJb - xSR5QoVLS00PerUa0SfupEYKCrlSTP6FOM5YNkCuSMt7X6/m9cR0WwVINKvUQBiT - ObrN+KeBmF9awpQQnQOq/GbCl3kf6VyPQqYFhdrWSg52w33c2tBVYrtHJpeXGcin - akw4KKcj4rdU2qxMuuRiD5paagshbLdGsYMTbSzjCwKCAQEAh89DGAyUIcfDLAWd - st0bSfGh0oJsw3NVg3JUFPfpRWqiny/Rr1pcd95RwoLc6h7bdrgHg8aJBZtR9ue/ - WTp0l3CQdGKjBZD0TiAJqevViIjzZAP3Gn3XgPwRu4f75/Pp0eu+o2zl49vSYUk7 - XEU+vIGm4y/leiHaM/y9c5DBZVrKgBIV/NZx7QCfv56/tMgOIK6m/YnFlw/OgP1v - hE9qR0PfSdD98x9QaDf290WjMFYvrL0eWjXd4S+fOcVTude55z8jTXE1N2i4OUpr - +D7bH0d7OBjr+pQDYXZAQyCW2ueEYRYvYu2Jz7/ehrOdgN25AsHZmMgXB1NpcFta - pyJQfwKCAQByoPMwworRH0GVg4Zp8RFYrwKZH9MK29gZ6kc9m/Sw0OND0PvhdZCD - QZ8MKpl9VDl4VHS4TgHOdWrWQ5kJ1g8kG6yeY0C4R/pEYHTKkWaAcucfSHl61qar - TxQt1dFpZz5evXqCZ9CG7tApCo5+NQNx2MxMVyVmHqn3wb66uYXdnHqXlet+Tqji - ZyByUpOrsfC6RjyBvZo+gnZGwxDR5xtPiczxML+/PvRQYk+kfgNHrzgoxqrnZT+8 - a6ReBT/TtzeHLsu4qIfo44slLqcJnIstkBC9ouzgV7PBMCDTEKVZNFH2QDOCz2HM - iHTKFFyl4h1wNhKK24dguor1hyqBENMzAoIBAAQvQHwRWIVlfCMRI170Ls8AXB9Z - MMdZJ37bh6kmJpkV3+HB1ZkKwofHKR9h/3xLt5iYXzqT+/zA4EAsFFs1A93+tkzh - yPrN5iTSJicophZSlA4ObX1hMkgshvl7ZB1fRM5WyiszBOfm8W7eAxaK8nY2oAoP - tI7rioo6CFBNMCGbOl4gEX6YJ4OsVSm+efCRSDDw+3HW8H2YgqufBzAULk1Jcj5t - ZvraXpC5qZ92VtsH0cGA1ovNDAmoOV4AAvtZVpLQsXwaphad/Fbn/ItGrrluvvFC - HuldRzYtl/AQtoirK86LTY3aAmcwVFuiYvDQMzjzkJvVMmRCFZBcUIaz2oI= + MIIJKgIBAAKCAgEA9dpdPEyzD3/BBds7tA/51s+WmLFyWuFrq4yMd2R+vi5gvK7n + lLNVKhYgiTmK2Um+UEpGucJqZHcTSZA1Bz4S/8ND/AI9I6EmwvBinY5/PubxEALk + 9YiDA+IzH8ZGFM8wXg7fMbbJAsyv+SHAtr2jmCsggrpuD5fgzs2p+F2q0+oVoeFw + MAOUdAf2jNtNLEj2Q6MiR5Xq+wFOcRtXlNlXWIX3NrmubO/xOpDNpsyjyYC5Ld+W + 06MS5bTHSdv56AkUg2PugMChj15TOddEJIK8zPXFTlMYye9SKwjhNUZovfe4xXCa + Tj2nmzrcuMKLz+S3sKQeTWjiRcY3w4zTlAbhtGXDjXjhMObrHoWM8e3cTL4NJMvt + tNStXficxbeTbIiYu+7dtF0q+iWaZqexc6PdAaIpFZ0XSw+i5iLdQZmBwzY7NLlH + pQupfh6ze0qDUVZAMDubo4JKUTBzH6QTuhHx+uUm7Lc8YdNArn7o/vMZDQym1Eia + xKxZuCGaqFvq8ZK4nBVsHfcXbhF/XD2HMid3t7ImbREVu9qnc+En+acU/SJaaL3r + jMW6HLVMr6+vQrCzYkvLzKYpoUm9D1Kcn6d8Ofxl2iCaY9CkMr5/6J1p1wcTdcN7 + IVQ/DFBeTDauyWbyZkO/lPoZoakWyXOx9S9tgClzhFmNgRkZv9wN+QguNDcCAwEA + AQKCAgEA0ndlacGfaJ1NeN39dmBW2XZMzdrassJXkjx34528gsLhPaXdyobbWXQn + 1lHUc7+VlNaBRXUR73+gm1FAlDqnuRxIjuy7ukyzCh8PzSG3/PlnVPWlXCzJPAHh + EkqCpD3agirpF34LBsKDwxsKB2bBLft9kWxX3DGA2olmAKDvJQs4CaUcjX4DEHHg + tyTmJAsyByUYq3/D8a1koZ9ukpadF8NXpxm+ILQoJqLf6vM1I8N2w7atP/BStSLV + mH0gq2tajEB4ZPCDXmC5jsKiKz9gsXWUu0CX8AdYqE6pvRnRgQ8Ytq1265QMb+8s + FV82oXqDZkyZRFuNmX3fLyDX39kkTcVS37S56Gzk4EzDWE/u2RXCAPeWla2zUFYI + hg8X4ZAwbZRODtK2cZTuCZEILM/iKmtSgHC+aQhp18EUAefa7WGrRD4AvbTxH4VF + ek60bwISBk5Mhf39MwqIiQxGOFmfLsQReZvzH4jI5zfDXf/0yZ/1SdGeu6+Walt0 + V81Ua/DB6zshHpeSP74HMuJHZ4DOQfcV/ndyzvoP84pAjenSx6O034OwQTkpoMI/ + f/2rK8kdzYSL4f//kFMuRLqmAwOmAFYB2oMo0/YaIoQ4vgTHDKTSxj5mbno56GdT + huMAVMKskaCSVbyMB/xyQG7senLItVv+HafVk6ChMUbkIjv9zgECggEBAP+ux1RG + cETGjK2U3CRoHGxR7FwaX6hkSokG+aFdVLer+WUrZmR8Ccvh2ALpm8K1G6TTk/5X + ZeVX4+1VFYDeTHMN8g20usS5mw3v2GF3fGxGLe4q56l4/4kKMZOrSBuWH4niiIKD + 0QogdzWkpQJ93nMbZxZ5lk+lRZVf3qSm6nzyP468ndrfI57Ov5OUIWZ7KhTUH9IK + 8/urUk+lEvyzQmNTlt5ZZXRz7cR01K8chx1zevVAyynzSuGjTysaBN7LTT0v3yVu + 96yKNsxJvuIz2+4qSjhbnN4jH+feN0VsdF3+Qkru0lBmLVgJl4X67XFaAKMDU9yv + 3alS53Pkol+Dy1cCggEBAPYodofHC1ydoOmCvUAq4oJNtyI4iIOY/ch3sxVhkNyi + KBscQqbay/DiXFiNl+NsemzB1PrHzvCaqKcBKw537XzeKqUgYuVLkFGubf9bDhXi + wSRcYbU/oNTgiTgXPW8wH60uIoLaiNi1/YjO2zh4GEY/kFqSuD54Y91iFmcC75bv + OjCNugnRdpRjOFhaeNx75tdverR37w3APVZuBSv3bJlMPCtaf+fEAKxJxeqCs3Oq + rtsw2TQ4TqfE8/w9qPCVv3bQbMbO48SwjxAz47qH2h3qGu3Ov8badeARe+Ou7nuI + U13gPuPOhPXIQP/MYOyamPJdFyng1b8vyNsfjOcWMiECggEAEkMgl6NkV3U7DRbp + 1mvdQ9tiH33+wR9Qt5LY966b43aUHKbJ7Hlzla1u6V5YMsMO02oNUwhZDdWGQShn + ncnC+iDP3iy/flenfIpaETQgnfcxRqan31H2Joqk2eBNCTNi001r5K6XmrqQ6TL2 + WkQ1RFF7vn42vz+VxcKQO4B0lTIUWhSczcpMWAZ6ZocZD6HScqRoFW+U16/39Bpd + TdFb944742vNNFEndXXGzy8hc3gRGz1ihX+MJKuuduyn1mX9AVbPAHR5mkhQ+6x0 + xuFfXxaEMJxSiwdFOyGDHyFM+n2zrHh8ayOxL22X9gjjNspv6zTMo6GoGnUCdSOq + eVoHhwKCAQEAot5O3rOB/vuEljwcv7IgQJrvCsNg/8FgWR1p7kGpuXHJG3btWrz1 + pyH+e9DjqGQD9KWjJ3LAp02NPUJ2nJIZHj9Y8/yjspb2nDTPLt+uSCjKJibBt0ys + O219HRGzYjfzHYCi8PVrCggQAk7rmUdMuF4iQutE4ICDgtz9eZbls3YBiFKdvxVK + Yg/sHflucmPAbtah13prPyvs6ZzN6zNANYXNYdn1OwHieBwvyWRFG8jY/MorTHPd + BwA3drPNbbGHBzQMZNZKub8gSVYr3SU52gUlYCclmIq+50xqLlF2FWIz1q8irVPd + gUnIR/eQQbxgaivRwbGze1ZAjUsozVVQQQKCAQEA9uAKU3O06bEUGj+L0G+7R7r/ + bi2DNi2kLJ7jyq+n0OqcHEQ1zFK4LAPaXY0yMYXieUzhivMGLSNDiubGO2/KxkFF + REXUFgYWZYMwrKsUuscybB64cQDwzD0oXrhvEa2PHecdG6AZ63iLcHaaDzyCPID/ + wtljekLO2jbJ5esXZd016lykFfUd/K4KP1DGyI2Dkq6q0gTc/Y36gDAcPhIWtzna + UujYCe3a8DWCElH4geKXaB5ABbV1eJ8Lch599lXJ9Hszem6QNosFsPaHDCcqLS9H + yy2WA6CY2LVU7kONN+O0kxs2fVbxIkI+d/LZyX/yIGlkXcAzL07llIlrTAYebQ== -----END RSA PRIVATE KEY----- ''; "letsencrypt.org".cert = builtins.toFile "letsencrypt.org.cert" '' -----BEGIN CERTIFICATE----- MIIEpzCCAo8CAgKaMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNVBAMMC1NuYWtlb2ls - IENBMCAXDTE4MDcxMjAwMjIxOVoYDzIxMTgwNjE4MDAyMjE5WjAaMRgwFgYDVQQD + IENBMCAXDTE5MTAxODA3NTQxNVoYDzIxMTkwOTI0MDc1NDE1WjAaMRgwFgYDVQQD DA9sZXRzZW5jcnlwdC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC - AQDA++GXB6aA+Lr3X2xIPs/PqXoJF9TUb98NzQC+ww3+dOaIY0Omqf15/UID5G0u - 0649zUsvISi9x+7vn9X7opKA7iTX0TYKsUIXCMQ5YMYXgOByVPfvnVYaYUmDM8R9 - l+Fs6uZB9Bq7zorEC01lWn0XFwpu4vJD+w03F80wH7sgdtWHC/NVyd0elhkQ/qR2 - fC80s/bZui5fmrdq/FZK2WfTW5nQF9SbhfDFpQ0hTu3QO/noUr0L2Fb0Blp7R2jQ - EkFZEXvFLAt4Mmqf25nP6xfRf+0hppJBIG5nJKPQd7lkrN1Q7S2nHbFNLYGuXdjY - E4lo4T3we5ta90qiyUu3hfatWszEZrzpKYXNzIMvVFKjBw/+u7LLnnmXul6kvmzh - yYyBEEFePm1eGpRNU6flY74kKUuT6u2+0BPiuiAmYyoQqYzDa3ss3LVb2uL/fvxA - b+LcAZosgv/saw9u5E7nVJ22LhAxV7bM0XN7vabM2aPVJeiRbLv5m+NQynnmgSNF - GxM9Rl004QclbLo6zbOe6ovtmkgcLEEbwUqeQJWJdEmoADxvNwSFH6ktqYsg4eW/ - iR3MnqmEeRK8rryq9tFF5SY6MmBK6lUEj2OEr58drL9RZHjN8lB5330fxk6iJeWs - sJWz5U8PKdRQqvMXWdjKiU3OL81Lh7gBud9aDILkkpGmNQIDAQABMA0GCSqGSIb3 - DQEBCwUAA4ICAQAkx3jcryukAuYP7PQxMy3LElOl65ZFVqxDtTDlr7DvAkWJzVCb - g08L6Tu+K0rKh2RbG/PqS0+8/jBgc4IwSOPfDDAX+sinfj0kwXG34WMzB0G3fQzU - 2BMplJDOaBcNqHG8pLP1BG+9HAtR/RHe9p2Jw8LG2qmZs6uemPT/nCTNoyIL4oxh - UncjETV4ayCHDKD1XA7/icgddYsnfLQHWuIMuCrmQCHo0uQAd7qVHfUWZ+gcsZx0 - jTNCcaI8OTS2S65Bjaq2HaM7GMcUYNUD2vSyNQeQbha4ZeyZ9bPyFzznPMmrPXQe - MJdkbJ009RQIG9As79En4m+l+/6zrdx4DNdROqaL6YNiSebWMnuFHpMW/rCnhrT/ - HYadijHOiJJGj9tWSdC4XJs7fvZW3crMPUYxpOvl01xW2ZlgaekILi1FAjSMQVoV - NhWstdGCKJdthJqLL5MtNdfgihKcmgkJqKFXTkPv7sgAQCopu6X+S+srCgn856Lv - 21haRWZa8Ml+E0L/ticT8Fd8Luysc6K9TJ4mT8ENC5ywvgDlEkwBD3yvINXm5lg1 - xOIxv/Ye5gFk1knuM7OzpUFBrXUHdVVxflCUqNAhFPbcXwjgEQ+A+S5B0vI6Ohue - ZnR/wuiou6Y+Yzh8XfqL/3H18mGDdjyMXI1B6l4Judk000UVyr46cnI7mw== + AQD12l08TLMPf8EF2zu0D/nWz5aYsXJa4WurjIx3ZH6+LmC8rueUs1UqFiCJOYrZ + Sb5QSka5wmpkdxNJkDUHPhL/w0P8Aj0joSbC8GKdjn8+5vEQAuT1iIMD4jMfxkYU + zzBeDt8xtskCzK/5IcC2vaOYKyCCum4Pl+DOzan4XarT6hWh4XAwA5R0B/aM200s + SPZDoyJHler7AU5xG1eU2VdYhfc2ua5s7/E6kM2mzKPJgLkt35bToxLltMdJ2/no + CRSDY+6AwKGPXlM510QkgrzM9cVOUxjJ71IrCOE1Rmi997jFcJpOPaebOty4wovP + 5LewpB5NaOJFxjfDjNOUBuG0ZcONeOEw5usehYzx7dxMvg0ky+201K1d+JzFt5Ns + iJi77t20XSr6JZpmp7Fzo90BoikVnRdLD6LmIt1BmYHDNjs0uUelC6l+HrN7SoNR + VkAwO5ujgkpRMHMfpBO6EfH65Sbstzxh00Cufuj+8xkNDKbUSJrErFm4IZqoW+rx + kricFWwd9xduEX9cPYcyJ3e3siZtERW72qdz4Sf5pxT9IlpoveuMxboctUyvr69C + sLNiS8vMpimhSb0PUpyfp3w5/GXaIJpj0KQyvn/onWnXBxN1w3shVD8MUF5MNq7J + ZvJmQ7+U+hmhqRbJc7H1L22AKXOEWY2BGRm/3A35CC40NwIDAQABMA0GCSqGSIb3 + DQEBCwUAA4ICAQBbJwE+qc0j6JGHWe0TGjv1viJU3WuyJkMRi+ejx0p/k7Ntp5An + 2wLC7b/lVP/Nh+PKY/iXWn/BErv2MUo4POc1g8svgxsmMMh5KGGieIfGs7xT+JMH + dzZZM+pUpIB5fEO5JfjiOEOKDdAvRSs0mTAVYZEokGkXSNWyylvEaA16mHtMgPjo + Lm75d0O66RfJDdd/hTl8umGpF7kEGW1qYk2QmuPr7AqOa8na7olL5fMPh6Q7yRqx + GIS9JKQ0fWl8Ngk09WfwUN/kEMcp9Jl5iunNRkbpUJIM/lHFkSA7yOFFL+dVWzd4 + 2r+ddJXTFzW8Rwt65l8SV2MEhijEamKva3mqKLIRWxDsfFVT1T04LWFtnzMW4Z29 + UHF9Pi7XSyKz0Y/Lz31mNTkjJYbOvbnwok8lc3wFWHc+lummZk8IkCq8xfqzwmwX + Ow6EV+Q6VaQpOHumQZ12pBBLtL8DyDhWaRUgVy2vYpwYsMYa5BFMcKCynjlSewo9 + G2hNoW45cQZP1qHltRR9Xad7SaP7iTETDCiR7AWOqSpDipSh9eMfVW97ZbSfz+vl + xl8PZEZMTRIIRVXsPP+E8gtDUhUQp2+Vcz8r6q71qslXM09xl/501uaNjCc3hH2R + iw2N77Lho1F3FrBbHdML3RYHZI55eC9iQw6R4S+R4b+iWLJoHzHrW61itg== -----END CERTIFICATE----- ''; } diff --git a/nixpkgs/nixos/tests/containers-bridge.nix b/nixpkgs/nixos/tests/containers-bridge.nix index 38db64eb793..2c8e8fa5370 100644 --- a/nixpkgs/nixos/tests/containers-bridge.nix +++ b/nixpkgs/nixos/tests/containers-bridge.nix @@ -7,7 +7,7 @@ let containerIp6 = "fc00::2/7"; in -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "containers-bridge"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ aristid aszlig eelco kampfschlaefer ]; @@ -61,43 +61,42 @@ import ./make-test.nix ({ pkgs, ...} : { virtualisation.pathsInNixDB = [ pkgs.stdenv ]; }; - testScript = - '' - $machine->waitForUnit("default.target"); - $machine->succeed("nixos-container list") =~ /webserver/ or die; - - # Start the webserver container. - $machine->succeed("nixos-container status webserver") =~ /up/ or die; - - # Check if bridges exist inside containers - $machine->succeed("nixos-container run webserver -- ip link show eth0"); - $machine->succeed("nixos-container run web-noip -- ip link show eth0"); - - "${containerIp}" =~ /([^\/]+)\/([0-9+])/; - my $ip = $1; - chomp $ip; - $machine->succeed("ping -n -c 1 $ip"); - $machine->succeed("curl --fail http://$ip/ > /dev/null"); - - "${containerIp6}" =~ /([^\/]+)\/([0-9+])/; - my $ip6 = $1; - chomp $ip6; - $machine->succeed("ping -n -c 1 $ip6"); - $machine->succeed("curl --fail http://[$ip6]/ > /dev/null"); - - # Check that nixos-container show-ip works in case of an ipv4 address with - # subnetmask in CIDR notation. - my $result = $machine->succeed("nixos-container show-ip webserver"); - chomp $result; - $result eq $ip or die; - - # Stop the container. - $machine->succeed("nixos-container stop webserver"); - $machine->fail("curl --fail --connect-timeout 2 http://$ip/ > /dev/null"); - $machine->fail("curl --fail --connect-timeout 2 http://[$ip6]/ > /dev/null"); - - # Destroying a declarative container should fail. - $machine->fail("nixos-container destroy webserver"); - ''; - + testScript = '' + machine.wait_for_unit("default.target") + assert "webserver" in machine.succeed("nixos-container list") + + with subtest("Start the webserver container"): + assert "up" in machine.succeed("nixos-container status webserver") + + with subtest("Bridges exist inside containers"): + machine.succeed( + "nixos-container run webserver -- ip link show eth0", + "nixos-container run web-noip -- ip link show eth0", + ) + + ip = "${containerIp}".split("/")[0] + machine.succeed(f"ping -n -c 1 {ip}") + machine.succeed(f"curl --fail http://{ip}/ > /dev/null") + + ip6 = "${containerIp6}".split("/")[0] + machine.succeed(f"ping -n -c 1 {ip6}") + machine.succeed(f"curl --fail http://[{ip6}]/ > /dev/null") + + with subtest( + "nixos-container show-ip works in case of an ipv4 address " + + "with subnetmask in CIDR notation." + ): + result = machine.succeed("nixos-container show-ip webserver").rstrip() + assert result == ip + + with subtest("Stop the container"): + machine.succeed("nixos-container stop webserver") + machine.fail( + f"curl --fail --connect-timeout 2 http://{ip}/ > /dev/null", + f"curl --fail --connect-timeout 2 http://[{ip6}]/ > /dev/null", + ) + + # Destroying a declarative container should fail. + machine.fail("nixos-container destroy webserver") + ''; }) diff --git a/nixpkgs/nixos/tests/containers-ephemeral.nix b/nixpkgs/nixos/tests/containers-ephemeral.nix index 1ef8717d9a0..692554ac0ba 100644 --- a/nixpkgs/nixos/tests/containers-ephemeral.nix +++ b/nixpkgs/nixos/tests/containers-ephemeral.nix @@ -1,6 +1,6 @@ # Test for NixOS' container support. -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "containers-ephemeral"; machine = { pkgs, ... }: { @@ -16,10 +16,10 @@ import ./make-test.nix ({ pkgs, ...} : { services.nginx = { enable = true; virtualHosts.localhost = { - root = (pkgs.runCommand "localhost" {} '' + root = pkgs.runCommand "localhost" {} '' mkdir "$out" echo hello world > "$out/index.html" - ''); + ''; }; }; networking.firewall.allowedTCPPorts = [ 80 ]; @@ -28,29 +28,27 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - $machine->succeed("nixos-container list") =~ /webserver/ or die; + assert "webserver" in machine.succeed("nixos-container list") - # Start the webserver container. - $machine->succeed("nixos-container start webserver"); + machine.succeed("nixos-container start webserver") - # Check that container got its own root folder - $machine->succeed("ls /run/containers/webserver"); + with subtest("Container got its own root folder"): + machine.succeed("ls /run/containers/webserver") - # Check that container persistent directory is not created - $machine->fail("ls /var/lib/containers/webserver"); + with subtest("Container persistent directory is not created"): + machine.fail("ls /var/lib/containers/webserver") # Since "start" returns after the container has reached # multi-user.target, we should now be able to access it. - my $ip = $machine->succeed("nixos-container show-ip webserver"); - chomp $ip; - $machine->succeed("ping -n -c1 $ip"); - $machine->succeed("curl --fail http://$ip/ > /dev/null"); + ip = machine.succeed("nixos-container show-ip webserver").rstrip() + machine.succeed(f"ping -n -c1 {ip}") + machine.succeed(f"curl --fail http://{ip}/ > /dev/null") - # Stop the container. - $machine->succeed("nixos-container stop webserver"); - $machine->fail("curl --fail --connect-timeout 2 http://$ip/ > /dev/null"); + with subtest("Stop the container"): + machine.succeed("nixos-container stop webserver") + machine.fail(f"curl --fail --connect-timeout 2 http://{ip}/ > /dev/null") - # Check that container's root folder was removed - $machine->fail("ls /run/containers/webserver"); + with subtest("Container's root folder was removed"): + machine.fail("ls /run/containers/webserver") ''; }) diff --git a/nixpkgs/nixos/tests/containers-hosts.nix b/nixpkgs/nixos/tests/containers-hosts.nix index 8cf298c6225..d6fb4a761ee 100644 --- a/nixpkgs/nixos/tests/containers-hosts.nix +++ b/nixpkgs/nixos/tests/containers-hosts.nix @@ -1,6 +1,6 @@ # Test for NixOS' container support. -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "containers-hosts"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ montag451 ]; @@ -42,11 +42,11 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; - $machine->waitForUnit("default.target"); + start_all() + machine.wait_for_unit("default.target") - # Ping the containers using the entries added in /etc/hosts - $machine->succeed("ping -n -c 1 simple.containers"); - $machine->succeed("ping -n -c 1 netmask.containers"); + with subtest("Ping the containers using the entries added in /etc/hosts"): + for host in "simple.containers", "netmask.containers": + machine.succeed(f"ping -n -c 1 {host}") ''; }) diff --git a/nixpkgs/nixos/tests/containers-imperative.nix b/nixpkgs/nixos/tests/containers-imperative.nix index 2e7e4b2f1d6..61df74042cb 100644 --- a/nixpkgs/nixos/tests/containers-imperative.nix +++ b/nixpkgs/nixos/tests/containers-imperative.nix @@ -1,6 +1,6 @@ # Test for NixOS' container support. -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "containers-imperative"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ aristid aszlig eelco kampfschlaefer ]; @@ -36,95 +36,99 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = let - tmpfilesContainerConfig = pkgs.writeText "container-config-tmpfiles" '' - { - systemd.tmpfiles.rules = [ "d /foo - - - - -" ]; - systemd.services.foo = { - serviceConfig.Type = "oneshot"; - script = "ls -al /foo"; - wantedBy = [ "multi-user.target" ]; - }; - } - ''; in - '' - # Make sure we have a NixOS tree (required by ‘nixos-container create’). - $machine->succeed("PAGER=cat nix-env -qa -A nixos.hello >&2"); - - # Create some containers imperatively. - my $id1 = $machine->succeed("nixos-container create foo --ensure-unique-name"); - chomp $id1; - $machine->log("created container $id1"); - - my $id2 = $machine->succeed("nixos-container create foo --ensure-unique-name"); - chomp $id2; - $machine->log("created container $id2"); - - die if $id1 eq $id2; - - # Put the root of $id2 into a bind mount. - $machine->succeed( - "mv /var/lib/containers/$id2 /id2-bindmount", - "mount --bind /id2-bindmount /var/lib/containers/$id1" - ); - - my $ip1 = $machine->succeed("nixos-container show-ip $id1"); - chomp $ip1; - my $ip2 = $machine->succeed("nixos-container show-ip $id2"); - chomp $ip2; - die if $ip1 eq $ip2; - - # Create a directory and a file we can later check if it still exists - # after destruction of the container. - $machine->succeed( - "mkdir /nested-bindmount", - "echo important data > /nested-bindmount/dummy", - ); - - # Create a directory with a dummy file and bind-mount it into both - # containers. - foreach ($id1, $id2) { - my $importantPath = "/var/lib/containers/$_/very/important/data"; - $machine->succeed( - "mkdir -p $importantPath", - "mount --bind /nested-bindmount $importantPath" - ); - } - - # Start one of them. - $machine->succeed("nixos-container start $id1"); - - # Execute commands via the root shell. - $machine->succeed("nixos-container run $id1 -- uname") =~ /Linux/ or die; - - # Execute a nix command via the root shell. (regression test for #40355) - $machine->succeed("nixos-container run $id1 -- nix-instantiate -E 'derivation { name = \"empty\"; builder = \"false\"; system = \"false\"; }'"); - - # Stop and start (regression test for #4989) - $machine->succeed("nixos-container stop $id1"); - $machine->succeed("nixos-container start $id1"); - - # Ensure tmpfiles are present - $machine->log("creating container tmpfiles"); - $machine->succeed("nixos-container create tmpfiles --config-file ${tmpfilesContainerConfig}"); - $machine->log("created, starting…"); - $machine->succeed("nixos-container start tmpfiles"); - $machine->log("done starting, investigating…"); - $machine->succeed("echo \$(nixos-container run tmpfiles -- systemctl is-active foo.service) | grep -q active;"); - $machine->succeed("nixos-container destroy tmpfiles"); - - # Execute commands via the root shell. - $machine->succeed("nixos-container run $id1 -- uname") =~ /Linux/ or die; - - # Destroy the containers. - $machine->succeed("nixos-container destroy $id1"); - $machine->succeed("nixos-container destroy $id2"); - - $machine->succeed( - # Check whether destruction of any container has killed important data - "grep -qF 'important data' /nested-bindmount/dummy", - # Ensure that the container path is gone - "test ! -e /var/lib/containers/$id1" - ); + tmpfilesContainerConfig = pkgs.writeText "container-config-tmpfiles" '' + { + systemd.tmpfiles.rules = [ "d /foo - - - - -" ]; + systemd.services.foo = { + serviceConfig.Type = "oneshot"; + script = "ls -al /foo"; + wantedBy = [ "multi-user.target" ]; + }; + } + ''; + in '' + with subtest("Make sure we have a NixOS tree (required by ‘nixos-container create’)"): + machine.succeed("PAGER=cat nix-env -qa -A nixos.hello >&2") + + id1, id2 = None, None + + with subtest("Create some containers imperatively"): + id1 = machine.succeed("nixos-container create foo --ensure-unique-name").rstrip() + machine.log(f"created container {id1}") + + id2 = machine.succeed("nixos-container create foo --ensure-unique-name").rstrip() + machine.log(f"created container {id2}") + + assert id1 != id2 + + with subtest(f"Put the root of {id2} into a bind mount"): + machine.succeed( + f"mv /var/lib/containers/{id2} /id2-bindmount", + f"mount --bind /id2-bindmount /var/lib/containers/{id1}", + ) + + ip1 = machine.succeed(f"nixos-container show-ip {id1}").rstrip() + ip2 = machine.succeed(f"nixos-container show-ip {id2}").rstrip() + assert ip1 != ip2 + + with subtest( + "Create a directory and a file we can later check if it still exists " + + "after destruction of the container" + ): + machine.succeed("mkdir /nested-bindmount") + machine.succeed("echo important data > /nested-bindmount/dummy") + + with subtest( + "Create a directory with a dummy file and bind-mount it into both containers." + ): + for id in id1, id2: + important_path = f"/var/lib/containers/{id}/very/important/data" + machine.succeed( + f"mkdir -p {important_path}", + f"mount --bind /nested-bindmount {important_path}", + ) + + with subtest("Start one of them"): + machine.succeed(f"nixos-container start {id1}") + + with subtest("Execute commands via the root shell"): + assert "Linux" in machine.succeed(f"nixos-container run {id1} -- uname") + + with subtest("Execute a nix command via the root shell. (regression test for #40355)"): + machine.succeed( + f"nixos-container run {id1} -- nix-instantiate -E " + + '\'derivation { name = "empty"; builder = "false"; system = "false"; }\' ' + ) + + with subtest("Stop and start (regression test for #4989)"): + machine.succeed(f"nixos-container stop {id1}") + machine.succeed(f"nixos-container start {id1}") + + with subtest("tmpfiles are present"): + machine.log("creating container tmpfiles") + machine.succeed( + "nixos-container create tmpfiles --config-file ${tmpfilesContainerConfig}" + ) + machine.log("created, starting…") + machine.succeed("nixos-container start tmpfiles") + machine.log("done starting, investigating…") + machine.succeed( + "echo $(nixos-container run tmpfiles -- systemctl is-active foo.service) | grep -q active;" + ) + machine.succeed("nixos-container destroy tmpfiles") + + with subtest("Execute commands via the root shell"): + assert "Linux" in machine.succeed(f"nixos-container run {id1} -- uname") + + with subtest("Destroy the containers"): + for id in id1, id2: + machine.succeed(f"nixos-container destroy {id}") + + with subtest("Check whether destruction of any container has killed important data"): + machine.succeed("grep -qF 'important data' /nested-bindmount/dummy") + + with subtest("Ensure that the container path is gone"): + print(machine.succeed("ls -lsa /var/lib/containers")) + machine.succeed(f"test ! -e /var/lib/containers/{id1}") ''; - }) diff --git a/nixpkgs/nixos/tests/containers-ip.nix b/nixpkgs/nixos/tests/containers-ip.nix new file mode 100644 index 00000000000..8583a08c625 --- /dev/null +++ b/nixpkgs/nixos/tests/containers-ip.nix @@ -0,0 +1,77 @@ +# Test for NixOS' container support. + +let + webserverFor = hostAddress: localAddress: { + inherit hostAddress localAddress; + privateNetwork = true; + config = { + services.httpd = { + enable = true; + adminAddr = "foo@example.org"; + }; + networking.firewall.allowedTCPPorts = [ 80 ]; + }; + }; + +in import ./make-test-python.nix ({ pkgs, ...} : { + name = "containers-ipv4-ipv6"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ aristid aszlig eelco kampfschlaefer ]; + }; + + machine = + { pkgs, ... }: { + imports = [ ../modules/installer/cd-dvd/channel.nix ]; + virtualisation = { + writableStore = true; + memorySize = 768; + }; + + containers.webserver4 = webserverFor "10.231.136.1" "10.231.136.2"; + containers.webserver6 = webserverFor "fc00::2" "fc00::1"; + virtualisation.pathsInNixDB = [ pkgs.stdenv ]; + }; + + testScript = { nodes, ... }: '' + import time + + + def curl_host(ip): + # put [] around ipv6 addresses for curl + host = ip if ":" not in ip else f"[{ip}]" + return f"curl --fail --connect-timeout 2 http://{host}/ > /dev/null" + + + def get_ip(container): + # need to distinguish because show-ip won't work for ipv6 + if container == "webserver4": + ip = machine.succeed(f"nixos-container show-ip {container}").rstrip() + assert ip == "${nodes.machine.config.containers.webserver4.localAddress}" + return ip + return "${nodes.machine.config.containers.webserver6.localAddress}" + + + for container in "webserver4", "webserver6": + assert container in machine.succeed("nixos-container list") + + with subtest(f"Start container {container}"): + machine.succeed(f"nixos-container start {container}") + # wait 2s for container to start and network to be up + time.sleep(2) + + # Since "start" returns after the container has reached + # multi-user.target, we should now be able to access it. + + ip = get_ip(container) + with subtest(f"{container} reacts to pings and HTTP requests"): + machine.succeed(f"ping -n -c1 {ip}") + machine.succeed(curl_host(ip)) + + with subtest(f"Stop container {container}"): + machine.succeed(f"nixos-container stop {container}") + machine.fail(curl_host(ip)) + + # Destroying a declarative container should fail. + machine.fail(f"nixos-container destroy {container}") + ''; +}) diff --git a/nixpkgs/nixos/tests/containers-ipv4.nix b/nixpkgs/nixos/tests/containers-ipv4.nix deleted file mode 100644 index ace68ff2df8..00000000000 --- a/nixpkgs/nixos/tests/containers-ipv4.nix +++ /dev/null @@ -1,55 +0,0 @@ -# Test for NixOS' container support. - -import ./make-test.nix ({ pkgs, ...} : { - name = "containers-ipv4"; - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ aristid aszlig eelco kampfschlaefer ]; - }; - - machine = - { pkgs, ... }: - { imports = [ ../modules/installer/cd-dvd/channel.nix ]; - virtualisation.writableStore = true; - virtualisation.memorySize = 768; - - containers.webserver = - { privateNetwork = true; - hostAddress = "10.231.136.1"; - localAddress = "10.231.136.2"; - config = - { services.httpd.enable = true; - services.httpd.adminAddr = "foo@example.org"; - networking.firewall.allowedTCPPorts = [ 80 ]; - system.stateVersion = "18.03"; - }; - }; - - virtualisation.pathsInNixDB = [ pkgs.stdenv ]; - }; - - testScript = - '' - $machine->succeed("nixos-container list") =~ /webserver/ or die; - - # Start the webserver container. - $machine->succeed("nixos-container start webserver"); - - # wait two seconds for the container to start and the network to be up - sleep 2; - - # Since "start" returns after the container has reached - # multi-user.target, we should now be able to access it. - my $ip = $machine->succeed("nixos-container show-ip webserver"); - chomp $ip; - $machine->succeed("ping -n -c1 $ip"); - $machine->succeed("curl --fail http://$ip/ > /dev/null"); - - # Stop the container. - $machine->succeed("nixos-container stop webserver"); - $machine->fail("curl --fail --connect-timeout 2 http://$ip/ > /dev/null"); - - # Destroying a declarative container should fail. - $machine->fail("nixos-container destroy webserver"); - ''; - -}) diff --git a/nixpkgs/nixos/tests/containers-ipv6.nix b/nixpkgs/nixos/tests/containers-ipv6.nix deleted file mode 100644 index a9499d192bd..00000000000 --- a/nixpkgs/nixos/tests/containers-ipv6.nix +++ /dev/null @@ -1,60 +0,0 @@ -# Test for NixOS' container support. - -let - hostIp = "fc00::2"; - localIp = "fc00::1"; -in - -import ./make-test.nix ({ pkgs, ...} : { - name = "containers-ipv6"; - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ aristid aszlig eelco kampfschlaefer ]; - }; - - machine = - { pkgs, ... }: - { imports = [ ../modules/installer/cd-dvd/channel.nix ]; - virtualisation.writableStore = true; - virtualisation.memorySize = 768; - - containers.webserver = - { privateNetwork = true; - hostAddress6 = hostIp; - localAddress6 = localIp; - config = - { services.httpd.enable = true; - services.httpd.adminAddr = "foo@example.org"; - networking.firewall.allowedTCPPorts = [ 80 ]; - }; - }; - - virtualisation.pathsInNixDB = [ pkgs.stdenv ]; - }; - - testScript = - '' - $machine->waitForUnit("default.target"); - $machine->succeed("nixos-container list") =~ /webserver/ or die; - - # Start the webserver container. - $machine->succeed("nixos-container start webserver"); - - # wait two seconds for the container to start and the network to be up - sleep 2; - - # Since "start" returns after the container has reached - # multi-user.target, we should now be able to access it. - my $ip = "${localIp}"; - chomp $ip; - $machine->succeed("ping -n -c 1 $ip"); - $machine->succeed("curl --fail http://[$ip]/ > /dev/null"); - - # Stop the container. - $machine->succeed("nixos-container stop webserver"); - $machine->fail("curl --fail --connect-timeout 2 http://[$ip]/ > /dev/null"); - - # Destroying a declarative container should fail. - $machine->fail("nixos-container destroy webserver"); - ''; - -}) diff --git a/nixpkgs/nixos/tests/containers-reloadable.nix b/nixpkgs/nixos/tests/containers-reloadable.nix index f41dea91b1e..35aff91e85b 100644 --- a/nixpkgs/nixos/tests/containers-reloadable.nix +++ b/nixpkgs/nixos/tests/containers-reloadable.nix @@ -1,7 +1,7 @@ -import ./make-test.nix ({ pkgs, lib, ...} : +import ./make-test-python.nix ({ pkgs, lib, ...} : let client_base = { - + containers.test1 = { autoStart = true; config = { @@ -48,18 +48,25 @@ in { c1System = nodes.client_c1.config.system.build.toplevel; c2System = nodes.client_c2.config.system.build.toplevel; in '' - $client->start(); - $client->waitForUnit("default.target"); - $client->succeed("[[ \$(nixos-container run test1 cat /etc/check) == client_base ]] >&2"); + client.start() + client.wait_for_unit("default.target") + + assert "client_base" in client.succeed("nixos-container run test1 cat /etc/check") - $client->succeed("${c1System}/bin/switch-to-configuration test >&2"); - $client->succeed("[[ \$(nixos-container run test1 cat /etc/check) == client_c1 ]] >&2"); - $client->succeed("systemctl status httpd -M test1 >&2"); + with subtest("httpd is available after activating config1"): + client.succeed( + "${c1System}/bin/switch-to-configuration test >&2", + "[[ $(nixos-container run test1 cat /etc/check) == client_c1 ]] >&2", + "systemctl status httpd -M test1 >&2", + ) - $client->succeed("${c2System}/bin/switch-to-configuration test >&2"); - $client->succeed("[[ \$(nixos-container run test1 cat /etc/check) == client_c2 ]] >&2"); - $client->fail("systemctl status httpd -M test1 >&2"); - $client->succeed("systemctl status nginx -M test1 >&2"); + with subtest("httpd is not available any longer after switching to config2"): + client.succeed( + "${c2System}/bin/switch-to-configuration test >&2", + "[[ $(nixos-container run test1 cat /etc/check) == client_c2 ]] >&2", + "systemctl status nginx -M test1 >&2", + ) + client.fail("systemctl status httpd -M test1 >&2") ''; }) diff --git a/nixpkgs/nixos/tests/containers-tmpfs.nix b/nixpkgs/nixos/tests/containers-tmpfs.nix index e29fe6bbf03..171e8f01c7b 100644 --- a/nixpkgs/nixos/tests/containers-tmpfs.nix +++ b/nixpkgs/nixos/tests/containers-tmpfs.nix @@ -1,6 +1,6 @@ # Test for NixOS' container support. -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "containers-tmpfs"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ kampka ]; @@ -31,49 +31,63 @@ import ./make-test.nix ({ pkgs, ...} : { virtualisation.pathsInNixDB = [ pkgs.stdenv ]; }; - testScript = - '' - $machine->waitForUnit("default.target"); - $machine->succeed("nixos-container list") =~ /tmpfs/ or die; - - # Start the tmpfs container. - #$machine->succeed("nixos-container status tmpfs") =~ /up/ or die; - - # Verify that /var is mounted as a tmpfs - #$machine->succeed("nixos-container run tmpfs -- systemctl status var.mount --no-pager 2>/dev/null") =~ /What: tmpfs/ or die; - $machine->succeed("nixos-container run tmpfs -- mountpoint -q /var 2>/dev/null"); - - # Verify that /var/log is mounted as a tmpfs - $machine->succeed("nixos-container run tmpfs -- systemctl status var-log.mount --no-pager 2>/dev/null") =~ /What: tmpfs/ or die; - $machine->succeed("nixos-container run tmpfs -- mountpoint -q /var/log 2>/dev/null"); - - # Verify that /some/random/path is mounted as a tmpfs - $machine->succeed("nixos-container run tmpfs -- systemctl status some-random-path.mount --no-pager 2>/dev/null") =~ /What: tmpfs/ or die; - $machine->succeed("nixos-container run tmpfs -- mountpoint -q /some/random/path 2>/dev/null"); - - # Verify that files created in the container in a non-tmpfs directory are visible on the host. - # This establishes legitimacy for the following tests - $machine->succeed("nixos-container run tmpfs -- touch /root/test.file 2>/dev/null"); - $machine->succeed("nixos-container run tmpfs -- ls -l /root | grep -q test.file 2>/dev/null"); - $machine->succeed("test -e /var/lib/containers/tmpfs/root/test.file"); - - - # Verify that /some/random/path is writable and that files created there - # are not in the hosts container dir but in the tmpfs - $machine->succeed("nixos-container run tmpfs -- touch /some/random/path/test.file 2>/dev/null"); - $machine->succeed("nixos-container run tmpfs -- test -e /some/random/path/test.file 2>/dev/null"); - - $machine->fail("test -e /var/lib/containers/tmpfs/some/random/path/test.file"); - - # Verify that files created in the hosts container dir in a path where a tmpfs file system has been mounted - # are not visible to the container as the do not exist in the tmpfs - $machine->succeed("touch /var/lib/containers/tmpfs/var/test.file"); - - $machine->succeed("test -e /var/lib/containers/tmpfs/var/test.file"); - $machine->succeed("ls -l /var/lib/containers/tmpfs/var/ | grep -q test.file 2>/dev/null"); - - $machine->fail("nixos-container run tmpfs -- ls -l /var | grep -q test.file 2>/dev/null"); - + testScript = '' + machine.wait_for_unit("default.target") + assert "tmpfs" in machine.succeed("nixos-container list") + + with subtest("tmpfs container is up"): + assert "up" in machine.succeed("nixos-container status tmpfs") + + + def tmpfs_cmd(command): + return f"nixos-container run tmpfs -- {command} 2>/dev/null" + + + with subtest("/var is mounted as a tmpfs"): + machine.succeed(tmpfs_cmd("mountpoint -q /var")) + + with subtest("/var/log is mounted as a tmpfs"): + assert "What: tmpfs" in machine.succeed( + tmpfs_cmd("systemctl status var-log.mount --no-pager") + ) + machine.succeed(tmpfs_cmd("mountpoint -q /var/log")) + + with subtest("/some/random/path is mounted as a tmpfs"): + assert "What: tmpfs" in machine.succeed( + tmpfs_cmd("systemctl status some-random-path.mount --no-pager") + ) + machine.succeed(tmpfs_cmd("mountpoint -q /some/random/path")) + + with subtest( + "files created in the container in a non-tmpfs directory are visible on the host." + ): + # This establishes legitimacy for the following tests + machine.succeed( + tmpfs_cmd("touch /root/test.file"), + tmpfs_cmd("ls -l /root | grep -q test.file"), + "test -e /var/lib/containers/tmpfs/root/test.file", + ) + + with subtest( + "/some/random/path is writable and that files created there are not " + + "in the hosts container dir but in the tmpfs" + ): + machine.succeed( + tmpfs_cmd("touch /some/random/path/test.file"), + tmpfs_cmd("test -e /some/random/path/test.file"), + ) + machine.fail("test -e /var/lib/containers/tmpfs/some/random/path/test.file") + + with subtest( + "files created in the hosts container dir in a path where a tmpfs " + + "file system has been mounted are not visible to the container as " + + "the do not exist in the tmpfs" + ): + machine.succeed( + "touch /var/lib/containers/tmpfs/var/test.file", + "test -e /var/lib/containers/tmpfs/var/test.file", + "ls -l /var/lib/containers/tmpfs/var/ | grep -q test.file 2>/dev/null", + ) + machine.fail(tmpfs_cmd("ls -l /var | grep -q test.file")) ''; - }) diff --git a/nixpkgs/nixos/tests/couchdb.nix b/nixpkgs/nixos/tests/couchdb.nix index 48ea48eebbb..10e95701acd 100644 --- a/nixpkgs/nixos/tests/couchdb.nix +++ b/nixpkgs/nixos/tests/couchdb.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ...}: +import ./make-test-python.nix ({ pkgs, lib, ...}: with lib; @@ -35,22 +35,42 @@ with lib; fi ''; in '' - startAll; - - $couchdb1->waitForUnit("couchdb.service"); - $couchdb1->waitUntilSucceeds("${curlJqCheck "GET" "" ".couchdb" "Welcome"}"); - $couchdb1->waitUntilSucceeds("${curlJqCheck "GET" "_all_dbs" ". | length" "2"}"); - $couchdb1->succeed("${curlJqCheck "PUT" "foo" ".ok" "true"}"); - $couchdb1->succeed("${curlJqCheck "GET" "_all_dbs" ". | length" "3"}"); - $couchdb1->succeed("${curlJqCheck "DELETE" "foo" ".ok" "true"}"); - $couchdb1->succeed("${curlJqCheck "GET" "_all_dbs" ". | length" "2"}"); - - $couchdb2->waitForUnit("couchdb.service"); - $couchdb2->waitUntilSucceeds("${curlJqCheck "GET" "" ".couchdb" "Welcome"}"); - $couchdb2->waitUntilSucceeds("${curlJqCheck "GET" "_all_dbs" ". | length" "0"}"); - $couchdb2->succeed("${curlJqCheck "PUT" "foo" ".ok" "true"}"); - $couchdb2->succeed("${curlJqCheck "GET" "_all_dbs" ". | length" "1"}"); - $couchdb2->succeed("${curlJqCheck "DELETE" "foo" ".ok" "true"}"); - $couchdb2->succeed("${curlJqCheck "GET" "_all_dbs" ". | length" "0"}"); + start_all() + + couchdb1.wait_for_unit("couchdb.service") + couchdb1.wait_until_succeeds( + "${curlJqCheck "GET" "" ".couchdb" "Welcome"}" + ) + couchdb1.wait_until_succeeds( + "${curlJqCheck "GET" "_all_dbs" ". | length" "2"}" + ) + couchdb1.succeed("${curlJqCheck "PUT" "foo" ".ok" "true"}") + couchdb1.succeed( + "${curlJqCheck "GET" "_all_dbs" ". | length" "3"}" + ) + couchdb1.succeed( + "${curlJqCheck "DELETE" "foo" ".ok" "true"}" + ) + couchdb1.succeed( + "${curlJqCheck "GET" "_all_dbs" ". | length" "2"}" + ) + + couchdb2.wait_for_unit("couchdb.service") + couchdb2.wait_until_succeeds( + "${curlJqCheck "GET" "" ".couchdb" "Welcome"}" + ) + couchdb2.wait_until_succeeds( + "${curlJqCheck "GET" "_all_dbs" ". | length" "0"}" + ) + couchdb2.succeed("${curlJqCheck "PUT" "foo" ".ok" "true"}") + couchdb2.succeed( + "${curlJqCheck "GET" "_all_dbs" ". | length" "1"}" + ) + couchdb2.succeed( + "${curlJqCheck "DELETE" "foo" ".ok" "true"}" + ) + couchdb2.succeed( + "${curlJqCheck "GET" "_all_dbs" ". | length" "0"}" + ) ''; }) diff --git a/nixpkgs/nixos/tests/deluge.nix b/nixpkgs/nixos/tests/deluge.nix index b58030409b5..37689c3d913 100644 --- a/nixpkgs/nixos/tests/deluge.nix +++ b/nixpkgs/nixos/tests/deluge.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "deluge"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ flokli ]; @@ -45,18 +45,20 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all() - $simple->waitForUnit("deluged"); - $simple->waitForUnit("delugeweb"); - $simple->waitForOpenPort("8112"); - $declarative->waitForUnit("network.target"); - $declarative->waitUntilSucceeds("curl --fail http://simple:8112"); + simple.wait_for_unit("deluged") + simple.wait_for_unit("delugeweb") + simple.wait_for_open_port("8112") + declarative.wait_for_unit("network.target") + declarative.wait_until_succeeds("curl --fail http://simple:8112") - $declarative->waitForUnit("deluged"); - $declarative->waitForUnit("delugeweb"); - $declarative->waitUntilSucceeds("curl --fail http://declarative:3142"); - $declarative->succeed("deluge-console 'help' | grep -q 'rm - Remove a torrent'"); - $declarative->succeed("deluge-console 'connect 127.0.0.1:58846 andrew password; help' | grep -q 'rm - Remove a torrent'"); + declarative.wait_for_unit("deluged") + declarative.wait_for_unit("delugeweb") + declarative.wait_until_succeeds("curl --fail http://declarative:3142") + declarative.succeed("deluge-console 'help' | grep -q 'rm - Remove a torrent'") + declarative.succeed( + "deluge-console 'connect 127.0.0.1:58846 andrew password; help' | grep -q 'rm - Remove a torrent'" + ) ''; }) diff --git a/nixpkgs/nixos/tests/dnscrypt-proxy.nix b/nixpkgs/nixos/tests/dnscrypt-proxy.nix index 13bc9d3d916..98153d5c904 100644 --- a/nixpkgs/nixos/tests/dnscrypt-proxy.nix +++ b/nixpkgs/nixos/tests/dnscrypt-proxy.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "dnscrypt-proxy"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ joachifm ]; @@ -23,11 +23,13 @@ import ./make-test.nix ({ pkgs, ... }: { }; testScript = '' - $client->waitForUnit("dnsmasq"); + client.wait_for_unit("dnsmasq") # The daemon is socket activated; sending a single ping should activate it. - $client->fail("systemctl is-active dnscrypt-proxy"); - $client->execute("${pkgs.iputils}/bin/ping -c1 example.com"); - $client->waitUntilSucceeds("systemctl is-active dnscrypt-proxy"); + client.fail("systemctl is-active dnscrypt-proxy") + client.execute( + "${pkgs.iputils}/bin/ping -c1 example.com" + ) + client.wait_until_succeeds("systemctl is-active dnscrypt-proxy") ''; }) diff --git a/nixpkgs/nixos/tests/docker-edge.nix b/nixpkgs/nixos/tests/docker-edge.nix index b306c149be9..96de885a554 100644 --- a/nixpkgs/nixos/tests/docker-edge.nix +++ b/nixpkgs/nixos/tests/docker-edge.nix @@ -1,6 +1,6 @@ # This test runs docker and checks if simple container starts -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "docker"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ nequissimus offline ]; @@ -31,17 +31,19 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all() - $docker->waitForUnit("sockets.target"); - $docker->succeed("tar cv --files-from /dev/null | docker import - scratchimg"); - $docker->succeed("docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"); - $docker->succeed("docker ps | grep sleeping"); - $docker->succeed("sudo -u hasprivs docker ps"); - $docker->fail("sudo -u noprivs docker ps"); - $docker->succeed("docker stop sleeping"); + docker.wait_for_unit("sockets.target") + docker.succeed("tar cv --files-from /dev/null | docker import - scratchimg") + docker.succeed( + "docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10" + ) + docker.succeed("docker ps | grep sleeping") + docker.succeed("sudo -u hasprivs docker ps") + docker.fail("sudo -u noprivs docker ps") + docker.succeed("docker stop sleeping") # Must match version twice to ensure client and server versions are correct - $docker->succeed('[ $(docker version | grep ${pkgs.docker-edge.version} | wc -l) = "2" ]'); + docker.succeed('[ $(docker version | grep ${pkgs.docker-edge.version} | wc -l) = "2" ]') ''; }) diff --git a/nixpkgs/nixos/tests/docker-registry.nix b/nixpkgs/nixos/tests/docker-registry.nix index 8936421072a..2928fd8141a 100644 --- a/nixpkgs/nixos/tests/docker-registry.nix +++ b/nixpkgs/nixos/tests/docker-registry.nix @@ -1,6 +1,6 @@ # This test runs docker-registry and check if it works -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "docker-registry"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ globin ma27 ironpinguin ]; @@ -28,36 +28,34 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - $client1->start(); - $client1->waitForUnit("docker.service"); - $client1->succeed("tar cv --files-from /dev/null | docker import - scratch"); - $client1->succeed("docker tag scratch registry:8080/scratch"); - - $registry->start(); - $registry->waitForUnit("docker-registry.service"); - $registry->waitForOpenPort("8080"); - $client1->succeed("docker push registry:8080/scratch"); - - $client2->start(); - $client2->waitForUnit("docker.service"); - $client2->succeed("docker pull registry:8080/scratch"); - $client2->succeed("docker images | grep scratch"); - - $client2->succeed( - 'curl -fsS -X DELETE registry:8080/v2/scratch/manifests/$(curl -fsS -I -H"Accept: application/vnd.docker.distribution.manifest.v2+json" registry:8080/v2/scratch/manifests/latest | grep Docker-Content-Digest | sed -e \'s/Docker-Content-Digest: //\' | tr -d \'\r\')' - ); - - $registry->systemctl("start docker-registry-garbage-collect.service"); - $registry->waitUntilFails("systemctl status docker-registry-garbage-collect.service"); - $registry->waitForUnit("docker-registry.service"); - - $registry->fail( - 'ls -l /var/lib/docker-registry/docker/registry/v2/blobs/sha256/*/*/data' - ); - - $client1->succeed("docker push registry:8080/scratch"); - $registry->succeed( - 'ls -l /var/lib/docker-registry/docker/registry/v2/blobs/sha256/*/*/data' - ); + client1.start() + client1.wait_for_unit("docker.service") + client1.succeed("tar cv --files-from /dev/null | docker import - scratch") + client1.succeed("docker tag scratch registry:8080/scratch") + + registry.start() + registry.wait_for_unit("docker-registry.service") + registry.wait_for_open_port("8080") + client1.succeed("docker push registry:8080/scratch") + + client2.start() + client2.wait_for_unit("docker.service") + client2.succeed("docker pull registry:8080/scratch") + client2.succeed("docker images | grep scratch") + + client2.succeed( + "curl -fsS -X DELETE registry:8080/v2/scratch/manifests/$(curl -fsS -I -H\"Accept: application/vnd.docker.distribution.manifest.v2+json\" registry:8080/v2/scratch/manifests/latest | grep Docker-Content-Digest | sed -e 's/Docker-Content-Digest: //' | tr -d '\\r')" + ) + + registry.systemctl("start docker-registry-garbage-collect.service") + registry.wait_until_fails("systemctl status docker-registry-garbage-collect.service") + registry.wait_for_unit("docker-registry.service") + + registry.fail("ls -l /var/lib/docker-registry/docker/registry/v2/blobs/sha256/*/*/data") + + client1.succeed("docker push registry:8080/scratch") + registry.succeed( + "ls -l /var/lib/docker-registry/docker/registry/v2/blobs/sha256/*/*/data" + ) ''; }) diff --git a/nixpkgs/nixos/tests/docker.nix b/nixpkgs/nixos/tests/docker.nix index d67b2f8743d..8fda7c1395e 100644 --- a/nixpkgs/nixos/tests/docker.nix +++ b/nixpkgs/nixos/tests/docker.nix @@ -1,6 +1,6 @@ # This test runs docker and checks if simple container starts -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "docker"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ nequissimus offline ]; @@ -31,17 +31,19 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all() - $docker->waitForUnit("sockets.target"); - $docker->succeed("tar cv --files-from /dev/null | docker import - scratchimg"); - $docker->succeed("docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"); - $docker->succeed("docker ps | grep sleeping"); - $docker->succeed("sudo -u hasprivs docker ps"); - $docker->fail("sudo -u noprivs docker ps"); - $docker->succeed("docker stop sleeping"); + docker.wait_for_unit("sockets.target") + docker.succeed("tar cv --files-from /dev/null | docker import - scratchimg") + docker.succeed( + "docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10" + ) + docker.succeed("docker ps | grep sleeping") + docker.succeed("sudo -u hasprivs docker ps") + docker.fail("sudo -u noprivs docker ps") + docker.succeed("docker stop sleeping") # Must match version twice to ensure client and server versions are correct - $docker->succeed('[ $(docker version | grep ${pkgs.docker.version} | wc -l) = "2" ]'); + docker.succeed('[ $(docker version | grep ${pkgs.docker.version} | wc -l) = "2" ]') ''; }) diff --git a/nixpkgs/nixos/tests/documize.nix b/nixpkgs/nixos/tests/documize.nix index 8b852a4f779..3be20a780d3 100644 --- a/nixpkgs/nixos/tests/documize.nix +++ b/nixpkgs/nixos/tests/documize.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ...} : { +import ./make-test-python.nix ({ pkgs, lib, ...} : { name = "documize"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ ma27 ]; @@ -29,30 +29,34 @@ import ./make-test.nix ({ pkgs, lib, ...} : { }; testScript = '' - startAll; - - $machine->waitForUnit("documize-server.service"); - $machine->waitForOpenPort(3000); - - my $dbhash = $machine->succeed("curl -f localhost:3000 " - . " | grep 'property=\"dbhash' " - . " | grep -Po 'content=\"\\K[^\"]*'" - ); - - chomp($dbhash); - - $machine->succeed("curl -X POST " - . "--data 'dbname=documize' " - . "--data 'dbhash=$dbhash' " - . "--data 'title=NixOS' " - . "--data 'message=Docs' " - . "--data 'firstname=John' " - . "--data 'lastname=Doe' " - . "--data 'email=john.doe\@nixos.org' " - . "--data 'password=verysafe' " - . "-f localhost:3000/api/setup" - ); - - $machine->succeed('test "$(curl -f localhost:3000/api/public/meta | jq ".title" | xargs echo)" = "NixOS"'); + start_all() + + machine.wait_for_unit("documize-server.service") + machine.wait_for_open_port(3000) + + dbhash = machine.succeed( + "curl -f localhost:3000 | grep 'property=\"dbhash' | grep -Po 'content=\"\\K[^\"]*'" + ) + + dbhash = dbhash.strip() + + machine.succeed( + ( + "curl -X POST" + " --data 'dbname=documize'" + " --data 'dbhash={}'" + " --data 'title=NixOS'" + " --data 'message=Docs'" + " --data 'firstname=John'" + " --data 'lastname=Doe'" + " --data 'email=john.doe@nixos.org'" + " --data 'password=verysafe'" + " -f localhost:3000/api/setup" + ).format(dbhash) + ) + + machine.succeed( + 'test "$(curl -f localhost:3000/api/public/meta | jq ".title" | xargs echo)" = "NixOS"' + ) ''; }) diff --git a/nixpkgs/nixos/tests/dovecot.nix b/nixpkgs/nixos/tests/dovecot.nix index 156079d1d58..c19850f418b 100644 --- a/nixpkgs/nixos/tests/dovecot.nix +++ b/nixpkgs/nixos/tests/dovecot.nix @@ -1,4 +1,4 @@ -import ./make-test.nix { +import ./make-test-python.nix { name = "dovecot"; machine = { pkgs, ... }: { @@ -66,12 +66,12 @@ import ./make-test.nix { }; testScript = '' - $machine->waitForUnit('postfix.service'); - $machine->waitForUnit('dovecot2.service'); - $machine->succeed('send-testmail'); - $machine->succeed('send-lda'); - $machine->waitUntilFails('[ "$(postqueue -p)" != "Mail queue is empty" ]'); - $machine->succeed('test-imap'); - $machine->succeed('test-pop'); + machine.wait_for_unit("postfix.service") + machine.wait_for_unit("dovecot2.service") + machine.succeed("send-testmail") + machine.succeed("send-lda") + machine.wait_until_fails('[ "$(postqueue -p)" != "Mail queue is empty" ]') + machine.succeed("test-imap") + machine.succeed("test-pop") ''; } diff --git a/nixpkgs/nixos/tests/emacs-daemon.nix b/nixpkgs/nixos/tests/emacs-daemon.nix index 3594e35e343..b89d9b1bde6 100644 --- a/nixpkgs/nixos/tests/emacs-daemon.nix +++ b/nixpkgs/nixos/tests/emacs-daemon.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "emacs-daemon"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ ]; @@ -21,25 +21,28 @@ import ./make-test.nix ({ pkgs, ...} : { environment.variables.TEST_SYSTEM_VARIABLE = "system variable"; }; - testScript = - '' - $machine->waitForUnit("multi-user.target"); + testScript = '' + machine.wait_for_unit("multi-user.target") # checks that the EDITOR environment variable is set - $machine->succeed("test \$(basename \"\$EDITOR\") = emacseditor"); + machine.succeed('test $(basename "$EDITOR") = emacseditor') # waits for the emacs service to be ready - $machine->waitUntilSucceeds("systemctl --user status emacs.service | grep 'Active: active'"); + machine.wait_until_succeeds( + "systemctl --user status emacs.service | grep 'Active: active'" + ) # connects to the daemon - $machine->succeed("emacsclient --create-frame \$EDITOR &"); + machine.succeed("emacsclient --create-frame $EDITOR &") # checks that Emacs shows the edited filename - $machine->waitForText("emacseditor"); + machine.wait_for_text("emacseditor") # makes sure environment variables are accessible from Emacs - $machine->succeed("emacsclient --eval '(getenv \"TEST_SYSTEM_VARIABLE\")'") =~ /system variable/ or die; + machine.succeed( + "emacsclient --eval '(getenv \"TEST_SYSTEM_VARIABLE\")' | grep -q 'system variable'" + ) - $machine->screenshot("emacsclient"); + machine.screenshot("emacsclient") ''; }) diff --git a/nixpkgs/nixos/tests/etcd-cluster.nix b/nixpkgs/nixos/tests/etcd-cluster.nix index 43fde7d5920..19c5d915823 100644 --- a/nixpkgs/nixos/tests/etcd-cluster.nix +++ b/nixpkgs/nixos/tests/etcd-cluster.nix @@ -1,6 +1,6 @@ # This test runs simple etcd cluster -import ./make-test.nix ({ pkgs, ... } : let +import ./make-test-python.nix ({ pkgs, ... } : let runWithOpenSSL = file: cmd: pkgs.runCommand file { buildInputs = [ pkgs.openssl ]; @@ -129,29 +129,26 @@ in { }; testScript = '' - subtest "should start etcd cluster", sub { - $node1->start(); - $node2->start(); - $node1->waitForUnit("etcd.service"); - $node2->waitForUnit("etcd.service"); - $node2->waitUntilSucceeds("etcdctl cluster-health"); - $node1->succeed("etcdctl set /foo/bar 'Hello world'"); - $node2->succeed("etcdctl get /foo/bar | grep 'Hello world'"); - }; - - subtest "should add another member", sub { - $node1->waitUntilSucceeds("etcdctl member add node3 https://node3:2380"); - $node3->start(); - $node3->waitForUnit("etcd.service"); - $node3->waitUntilSucceeds("etcdctl member list | grep 'node3'"); - $node3->succeed("etcdctl cluster-health"); - }; - - subtest "should survive member crash", sub { - $node3->crash; - $node1->succeed("etcdctl cluster-health"); - $node1->succeed("etcdctl set /foo/bar 'Hello degraded world'"); - $node1->succeed("etcdctl get /foo/bar | grep 'Hello degraded world'"); - }; + with subtest("should start etcd cluster"): + node1.start() + node2.start() + node1.wait_for_unit("etcd.service") + node2.wait_for_unit("etcd.service") + node2.wait_until_succeeds("etcdctl cluster-health") + node1.succeed("etcdctl set /foo/bar 'Hello world'") + node2.succeed("etcdctl get /foo/bar | grep 'Hello world'") + + with subtest("should add another member"): + node1.wait_until_succeeds("etcdctl member add node3 https://node3:2380") + node3.start() + node3.wait_for_unit("etcd.service") + node3.wait_until_succeeds("etcdctl member list | grep 'node3'") + node3.succeed("etcdctl cluster-health") + + with subtest("should survive member crash"): + node3.crash() + node1.succeed("etcdctl cluster-health") + node1.succeed("etcdctl set /foo/bar 'Hello degraded world'") + node1.succeed("etcdctl get /foo/bar | grep 'Hello degraded world'") ''; }) diff --git a/nixpkgs/nixos/tests/etcd.nix b/nixpkgs/nixos/tests/etcd.nix index 6c23b31779b..84272434384 100644 --- a/nixpkgs/nixos/tests/etcd.nix +++ b/nixpkgs/nixos/tests/etcd.nix @@ -1,6 +1,6 @@ # This test runs simple etcd node -import ./make-test.nix ({ pkgs, ... } : { +import ./make-test-python.nix ({ pkgs, ... } : { name = "etcd"; meta = with pkgs.stdenv.lib.maintainers; { @@ -14,14 +14,12 @@ import ./make-test.nix ({ pkgs, ... } : { }; testScript = '' - subtest "should start etcd node", sub { - $node->start(); - $node->waitForUnit("etcd.service"); - }; + with subtest("should start etcd node"): + node.start() + node.wait_for_unit("etcd.service") - subtest "should write and read some values to etcd", sub { - $node->succeed("etcdctl set /foo/bar 'Hello world'"); - $node->succeed("etcdctl get /foo/bar | grep 'Hello world'"); - } + with subtest("should write and read some values to etcd"): + node.succeed("etcdctl set /foo/bar 'Hello world'") + node.succeed("etcdctl get /foo/bar | grep 'Hello world'") ''; }) diff --git a/nixpkgs/nixos/tests/fancontrol.nix b/nixpkgs/nixos/tests/fancontrol.nix new file mode 100644 index 00000000000..356cd57ffa1 --- /dev/null +++ b/nixpkgs/nixos/tests/fancontrol.nix @@ -0,0 +1,28 @@ +import ./make-test-python.nix ({ pkgs, ... } : { + name = "fancontrol"; + + machine = + { ... }: + { hardware.fancontrol.enable = true; + hardware.fancontrol.config = '' + INTERVAL=42 + DEVPATH=hwmon1=devices/platform/dummy + DEVNAME=hwmon1=dummy + FCTEMPS=hwmon1/device/pwm1=hwmon1/device/temp1_input + FCFANS=hwmon1/device/pwm1=hwmon1/device/fan1_input + MINTEMP=hwmon1/device/pwm1=25 + MAXTEMP=hwmon1/device/pwm1=65 + MINSTART=hwmon1/device/pwm1=150 + MINSTOP=hwmon1/device/pwm1=0 + ''; + }; + + # This configuration cannot be valid for the test VM, so it's expected to get an 'outdated' error. + testScript = '' + start_all() + machine.wait_for_unit("fancontrol.service") + machine.wait_until_succeeds( + "journalctl -eu fancontrol | grep 'Configuration appears to be outdated'" + ) + ''; +}) diff --git a/nixpkgs/nixos/tests/firefox.nix b/nixpkgs/nixos/tests/firefox.nix index f5b946a0881..56ddabbae77 100644 --- a/nixpkgs/nixos/tests/firefox.nix +++ b/nixpkgs/nixos/tests/firefox.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "firefox"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ eelco shlevy ]; @@ -11,19 +11,27 @@ import ./make-test.nix ({ pkgs, ... }: { environment.systemPackages = [ pkgs.firefox pkgs.xdotool ]; }; - testScript = - '' - $machine->waitForX; - $machine->execute("xterm -e 'firefox file://${pkgs.valgrind.doc}/share/doc/valgrind/html/index.html' &"); - $machine->waitForWindow(qr/Valgrind/); - $machine->sleep(40); # wait until Firefox has finished loading the page - $machine->execute("xdotool key space"); # do I want to make Firefox the - # default browser? I just want to close the dialog - $machine->sleep(2); # wait until Firefox hides the default browser window - $machine->execute("xdotool key F12"); - $machine->sleep(10); # wait until Firefox draws the developer tool panel - $machine->succeed("xwininfo -root -tree | grep Valgrind"); - $machine->screenshot("screen"); + testScript = '' + machine.wait_for_x() + + with subtest("wait until Firefox has finished loading the Valgrind docs page"): + machine.execute( + "xterm -e 'firefox file://${pkgs.valgrind.doc}/share/doc/valgrind/html/index.html' &" + ) + machine.wait_for_window("Valgrind") + machine.sleep(40) + + with subtest("Close default browser prompt"): + machine.execute("xdotool key space") + + with subtest("Hide default browser window"): + machine.sleep(2) + machine.execute("xdotool key F12") + + with subtest("wait until Firefox draws the developer tool panel"): + machine.sleep(10) + machine.succeed("xwininfo -root -tree | grep Valgrind") + machine.screenshot("screen") ''; }) diff --git a/nixpkgs/nixos/tests/firewall.nix b/nixpkgs/nixos/tests/firewall.nix index fcf758910e0..09a1fef852e 100644 --- a/nixpkgs/nixos/tests/firewall.nix +++ b/nixpkgs/nixos/tests/firewall.nix @@ -1,6 +1,6 @@ # Test the firewall module. -import ./make-test.nix ( { pkgs, ... } : { +import ./make-test-python.nix ( { pkgs, ... } : { name = "firewall"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ eelco ]; @@ -36,30 +36,30 @@ import ./make-test.nix ( { pkgs, ... } : { testScript = { nodes, ... }: let newSystem = nodes.walled2.config.system.build.toplevel; in '' - $walled->start; - $attacker->start; + start_all() - $walled->waitForUnit("firewall"); - $walled->waitForUnit("httpd"); - $attacker->waitForUnit("network.target"); + walled.wait_for_unit("firewall") + walled.wait_for_unit("httpd") + attacker.wait_for_unit("network.target") # Local connections should still work. - $walled->succeed("curl -v http://localhost/ >&2"); + walled.succeed("curl -v http://localhost/ >&2") # Connections to the firewalled machine should fail, but ping should succeed. - $attacker->fail("curl --fail --connect-timeout 2 http://walled/ >&2"); - $attacker->succeed("ping -c 1 walled >&2"); + attacker.fail("curl --fail --connect-timeout 2 http://walled/ >&2") + attacker.succeed("ping -c 1 walled >&2") # Outgoing connections/pings should still work. - $walled->succeed("curl -v http://attacker/ >&2"); - $walled->succeed("ping -c 1 attacker >&2"); + walled.succeed("curl -v http://attacker/ >&2") + walled.succeed("ping -c 1 attacker >&2") # If we stop the firewall, then connections should succeed. - $walled->stopJob("firewall"); - $attacker->succeed("curl -v http://walled/ >&2"); + walled.stop_job("firewall") + attacker.succeed("curl -v http://walled/ >&2") # Check whether activation of a new configuration reloads the firewall. - $walled->succeed("${newSystem}/bin/switch-to-configuration test 2>&1" . - " | grep -qF firewall.service"); + walled.succeed( + "${newSystem}/bin/switch-to-configuration test 2>&1 | grep -qF firewall.service" + ) ''; }) diff --git a/nixpkgs/nixos/tests/fish.nix b/nixpkgs/nixos/tests/fish.nix index 97c4e8e37ac..68fba428439 100644 --- a/nixpkgs/nixos/tests/fish.nix +++ b/nixpkgs/nixos/tests/fish.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "fish"; machine = @@ -14,8 +14,11 @@ import ./make-test.nix ({ pkgs, ... }: { testScript = '' - $machine->waitForFile("/etc/fish/generated_completions/coreutils.fish"); - $machine->waitForFile("/etc/fish/generated_completions/kill.fish"); - $machine->succeed("fish -ic 'echo \$fish_complete_path' | grep -q '/share/fish/completions /etc/fish/generated_completions /root/.local/share/fish/generated_completions\$'"); + start_all() + machine.wait_for_file("/etc/fish/generated_completions/coreutils.fish") + machine.wait_for_file("/etc/fish/generated_completions/kill.fish") + machine.succeed( + "fish -ic 'echo $fish_complete_path' | grep -q '/share/fish/completions /etc/fish/generated_completions /root/.local/share/fish/generated_completions$'" + ) ''; }) diff --git a/nixpkgs/nixos/tests/flatpak-builder.nix b/nixpkgs/nixos/tests/flatpak-builder.nix deleted file mode 100644 index 49b97e8ca99..00000000000 --- a/nixpkgs/nixos/tests/flatpak-builder.nix +++ /dev/null @@ -1,20 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: - -{ - name = "flatpak-builder"; - meta = { - maintainers = pkgs.flatpak-builder.meta.maintainers; - }; - - machine = { pkgs, ... }: { - services.flatpak.enable = true; - xdg.portal.enable = true; - environment.systemPackages = with pkgs; [ gnome-desktop-testing flatpak-builder ] ++ flatpak-builder.installedTestsDependencies; - virtualisation.diskSize = 2048; - }; - - testScript = '' - $machine->succeed("gnome-desktop-testing-runner -d '${pkgs.flatpak-builder.installedTests}/share' --timeout 3600"); - ''; -}) diff --git a/nixpkgs/nixos/tests/flatpak.nix b/nixpkgs/nixos/tests/flatpak.nix deleted file mode 100644 index b0c61830d05..00000000000 --- a/nixpkgs/nixos/tests/flatpak.nix +++ /dev/null @@ -1,26 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: - -{ - name = "flatpak"; - meta = { - maintainers = pkgs.flatpak.meta.maintainers; - }; - - machine = { pkgs, ... }: { - imports = [ ./common/x11.nix ]; - services.xserver.desktopManager.gnome3.enable = true; # TODO: figure out minimal environment where the tests work - # common/x11.nix enables the auto display manager (lightdm) - services.xserver.displayManager.gdm.enable = false; - environment.gnome3.excludePackages = pkgs.gnome3.optionalPackages; - services.flatpak.enable = true; - environment.systemPackages = with pkgs; [ gnupg gnome-desktop-testing ostree python2 ]; - virtualisation.memorySize = 2047; - virtualisation.diskSize = 1024; - }; - - testScript = '' - $machine->waitForX(); - $machine->succeed("gnome-desktop-testing-runner -d '${pkgs.flatpak.installedTests}/share' --timeout 3600"); - ''; -}) diff --git a/nixpkgs/nixos/tests/fluentd.nix b/nixpkgs/nixos/tests/fluentd.nix index e5c4c3d2163..918f2f87db1 100644 --- a/nixpkgs/nixos/tests/fluentd.nix +++ b/nixpkgs/nixos/tests/fluentd.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: { +import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "fluentd"; machine = { pkgs, ... }: { @@ -33,14 +33,17 @@ import ./make-test.nix ({ pkgs, lib, ... }: { inherit testMessage; }); in '' - $machine->start; - $machine->waitForUnit('fluentd.service'); - $machine->waitForOpenPort(9880); + machine.start() + machine.wait_for_unit("fluentd.service") + machine.wait_for_open_port(9880) - $machine->succeed("curl -fsSL -X POST -H 'Content-type: application/json' -d @${payload} http://localhost:9880/test.tag"); + machine.succeed( + "curl -fsSL -X POST -H 'Content-type: application/json' -d @${payload} http://localhost:9880/test.tag" + ) - $machine->succeed("systemctl stop fluentd"); # blocking flush + # blocking flush + machine.succeed("systemctl stop fluentd") - $machine->succeed("grep '${testMessage}' /tmp/current-log"); + machine.succeed("grep '${testMessage}' /tmp/current-log") ''; }) diff --git a/nixpkgs/nixos/tests/fontconfig-default-fonts.nix b/nixpkgs/nixos/tests/fontconfig-default-fonts.nix index 1991cec9218..68c6ac9e9c8 100644 --- a/nixpkgs/nixos/tests/fontconfig-default-fonts.nix +++ b/nixpkgs/nixos/tests/fontconfig-default-fonts.nix @@ -1,7 +1,12 @@ -import ./make-test.nix ({ lib, ... }: +import ./make-test-python.nix ({ lib, ... }: { name = "fontconfig-default-fonts"; + meta.maintainers = with lib.maintainers; [ + jtojnar + worldofpeace + ]; + machine = { config, pkgs, ... }: { fonts.enableDefaultFonts = true; # Background fonts fonts.fonts = with pkgs; [ @@ -20,9 +25,9 @@ import ./make-test.nix ({ lib, ... }: }; testScript = '' - $machine->succeed("fc-match serif | grep '\"Gentium Plus\"'"); - $machine->succeed("fc-match sans-serif | grep '\"Cantarell\"'"); - $machine->succeed("fc-match monospace | grep '\"Source Code Pro\"'"); - $machine->succeed("fc-match emoji | grep '\"Twitter Color Emoji\"'"); + machine.succeed("fc-match serif | grep '\"Gentium Plus\"'") + machine.succeed("fc-match sans-serif | grep '\"Cantarell\"'") + machine.succeed("fc-match monospace | grep '\"Source Code Pro\"'") + machine.succeed("fc-match emoji | grep '\"Twitter Color Emoji\"'") ''; }) diff --git a/nixpkgs/nixos/tests/fsck.nix b/nixpkgs/nixos/tests/fsck.nix index f943bb7f235..e522419fde2 100644 --- a/nixpkgs/nixos/tests/fsck.nix +++ b/nixpkgs/nixos/tests/fsck.nix @@ -1,4 +1,4 @@ -import ./make-test.nix { +import ./make-test-python.nix { name = "fsck"; machine = { lib, ... }: { @@ -14,16 +14,18 @@ import ./make-test.nix { }; testScript = '' - $machine->waitForUnit('default.target'); + machine.wait_for_unit("default.target") - subtest "root fs is fsckd", sub { - $machine->succeed('journalctl -b | grep "fsck.ext4.*/dev/vda"'); - }; + with subtest("root fs is fsckd"): + machine.succeed("journalctl -b | grep 'fsck.ext4.*/dev/vda'") - subtest "mnt fs is fsckd", sub { - $machine->succeed('journalctl -b | grep "fsck.*/dev/vdb.*clean"'); - $machine->succeed('grep "Requires=systemd-fsck@dev-vdb.service" /run/systemd/generator/mnt.mount'); - $machine->succeed('grep "After=systemd-fsck@dev-vdb.service" /run/systemd/generator/mnt.mount'); - }; + with subtest("mnt fs is fsckd"): + machine.succeed("journalctl -b | grep 'fsck.*/dev/vdb.*clean'") + machine.succeed( + "grep 'Requires=systemd-fsck@dev-vdb.service' /run/systemd/generator/mnt.mount" + ) + machine.succeed( + "grep 'After=systemd-fsck@dev-vdb.service' /run/systemd/generator/mnt.mount" + ) ''; } diff --git a/nixpkgs/nixos/tests/fwupd.nix b/nixpkgs/nixos/tests/fwupd.nix deleted file mode 100644 index 88dac8ccbcd..00000000000 --- a/nixpkgs/nixos/tests/fwupd.nix +++ /dev/null @@ -1,21 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: { - name = "fwupd"; - - meta = { - maintainers = pkgs.fwupd.meta.maintainers; - }; - - machine = { pkgs, ... }: { - services.fwupd.enable = true; - services.fwupd.blacklistPlugins = []; # don't blacklist test plugin - services.fwupd.enableTestRemote = true; - environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; - environment.variables.XDG_DATA_DIRS = [ "${pkgs.fwupd.installedTests}/share" ]; - virtualisation.memorySize = 768; - }; - - testScript = '' - $machine->succeed("gnome-desktop-testing-runner"); - ''; -}) diff --git a/nixpkgs/nixos/tests/gdk-pixbuf.nix b/nixpkgs/nixos/tests/gdk-pixbuf.nix deleted file mode 100644 index 9a62b593f46..00000000000 --- a/nixpkgs/nixos/tests/gdk-pixbuf.nix +++ /dev/null @@ -1,21 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: { - name = "gdk-pixbuf"; - - meta = { - maintainers = pkgs.gdk-pixbuf.meta.maintainers; - }; - - machine = { pkgs, ... }: { - environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; - environment.variables.XDG_DATA_DIRS = [ "${pkgs.gdk-pixbuf.installedTests}/share" ]; - - # Tests allocate a lot of memory trying to exploit a CVE - # but qemu-system-i386 has a 2047M memory limit - virtualisation.memorySize = if pkgs.stdenv.isi686 then 2047 else 4096; - }; - - testScript = '' - $machine->succeed("gnome-desktop-testing-runner -t 1800"); # increase timeout to 1800s - ''; -}) diff --git a/nixpkgs/nixos/tests/gitea.nix b/nixpkgs/nixos/tests/gitea.nix index b8ab6dabc8c..ffbc07cfbb2 100644 --- a/nixpkgs/nixos/tests/gitea.nix +++ b/nixpkgs/nixos/tests/gitea.nix @@ -3,7 +3,7 @@ pkgs ? import ../.. { inherit system config; } }: -with import ../lib/testing.nix { inherit system pkgs; }; +with import ../lib/testing-python.nix { inherit system pkgs; }; with pkgs.lib; { @@ -18,11 +18,11 @@ with pkgs.lib; }; testScript = '' - startAll; + start_all() - $machine->waitForUnit('gitea.service'); - $machine->waitForOpenPort('3000'); - $machine->succeed("curl --fail http://localhost:3000/"); + machine.wait_for_unit("gitea.service") + machine.wait_for_open_port(3000) + machine.succeed("curl --fail http://localhost:3000/") ''; }; @@ -37,11 +37,11 @@ with pkgs.lib; }; testScript = '' - startAll; + start_all() - $machine->waitForUnit('gitea.service'); - $machine->waitForOpenPort('3000'); - $machine->succeed("curl --fail http://localhost:3000/"); + machine.wait_for_unit("gitea.service") + machine.wait_for_open_port(3000) + machine.succeed("curl --fail http://localhost:3000/") ''; }; @@ -56,12 +56,14 @@ with pkgs.lib; }; testScript = '' - startAll; + start_all() - $machine->waitForUnit('gitea.service'); - $machine->waitForOpenPort('3000'); - $machine->succeed("curl --fail http://localhost:3000/"); - $machine->succeed("curl --fail http://localhost:3000/user/sign_up | grep 'Registration is disabled. Please contact your site administrator.'"); + machine.wait_for_unit("gitea.service") + machine.wait_for_open_port(3000) + machine.succeed("curl --fail http://localhost:3000/") + machine.succeed( + "curl --fail http://localhost:3000/user/sign_up | grep 'Registration is disabled. Please contact your site administrator.'" + ) ''; }; } diff --git a/nixpkgs/nixos/tests/gitlab.nix b/nixpkgs/nixos/tests/gitlab.nix index be0b3c8746a..7e4e8bcef92 100644 --- a/nixpkgs/nixos/tests/gitlab.nix +++ b/nixpkgs/nixos/tests/gitlab.nix @@ -3,7 +3,7 @@ let initialRootPassword = "notproduction"; in -import ./make-test.nix ({ pkgs, lib, ...} : with lib; { +import ./make-test-python.nix ({ pkgs, lib, ...} : with lib; { name = "gitlab"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ globin ]; @@ -63,21 +63,35 @@ import ./make-test.nix ({ pkgs, lib, ...} : with lib; { }); in '' - $gitlab->start(); - $gitlab->waitForUnit("gitaly.service"); - $gitlab->waitForUnit("gitlab-workhorse.service"); - $gitlab->waitForUnit("gitlab.service"); - $gitlab->waitForUnit("gitlab-sidekiq.service"); - $gitlab->waitForFile("/var/gitlab/state/tmp/sockets/gitlab.socket"); - $gitlab->waitUntilSucceeds("curl -sSf http://gitlab/users/sign_in"); - $gitlab->succeed("curl -isSf http://gitlab | grep -i location | grep -q http://gitlab/users/sign_in"); - $gitlab->succeed("${pkgs.sudo}/bin/sudo -u gitlab -H gitlab-rake gitlab:check 1>&2"); - $gitlab->succeed("echo \"Authorization: Bearer \$(curl -X POST -H 'Content-Type: application/json' -d @${auth} http://gitlab/oauth/token | ${pkgs.jq}/bin/jq -r '.access_token')\" >/tmp/headers"); - $gitlab->succeed("curl -X POST -H 'Content-Type: application/json' -H @/tmp/headers -d @${createProject} http://gitlab/api/v4/projects"); - $gitlab->succeed("curl -X POST -H 'Content-Type: application/json' -H @/tmp/headers -d @${putFile} http://gitlab/api/v4/projects/1/repository/files/some-file.txt"); - $gitlab->succeed("curl -H @/tmp/headers http://gitlab/api/v4/projects/1/repository/archive.tar.gz > /tmp/archive.tar.gz"); - $gitlab->succeed("curl -H @/tmp/headers http://gitlab/api/v4/projects/1/repository/archive.tar.bz2 > /tmp/archive.tar.bz2"); - $gitlab->succeed("test -s /tmp/archive.tar.gz"); - $gitlab->succeed("test -s /tmp/archive.tar.bz2"); + gitlab.start() + gitlab.wait_for_unit("gitaly.service") + gitlab.wait_for_unit("gitlab-workhorse.service") + gitlab.wait_for_unit("gitlab.service") + gitlab.wait_for_unit("gitlab-sidekiq.service") + gitlab.wait_for_file("/var/gitlab/state/tmp/sockets/gitlab.socket") + gitlab.wait_until_succeeds("curl -sSf http://gitlab/users/sign_in") + gitlab.succeed( + "curl -isSf http://gitlab | grep -i location | grep -q http://gitlab/users/sign_in" + ) + gitlab.succeed( + "${pkgs.sudo}/bin/sudo -u gitlab -H gitlab-rake gitlab:check 1>&2" + ) + gitlab.succeed( + "echo \"Authorization: Bearer \$(curl -X POST -H 'Content-Type: application/json' -d @${auth} http://gitlab/oauth/token | ${pkgs.jq}/bin/jq -r '.access_token')\" >/tmp/headers" + ) + gitlab.succeed( + "curl -X POST -H 'Content-Type: application/json' -H @/tmp/headers -d @${createProject} http://gitlab/api/v4/projects" + ) + gitlab.succeed( + "curl -X POST -H 'Content-Type: application/json' -H @/tmp/headers -d @${putFile} http://gitlab/api/v4/projects/1/repository/files/some-file.txt" + ) + gitlab.succeed( + "curl -H @/tmp/headers http://gitlab/api/v4/projects/1/repository/archive.tar.gz > /tmp/archive.tar.gz" + ) + gitlab.succeed( + "curl -H @/tmp/headers http://gitlab/api/v4/projects/1/repository/archive.tar.bz2 > /tmp/archive.tar.bz2" + ) + gitlab.succeed("test -s /tmp/archive.tar.gz") + gitlab.succeed("test -s /tmp/archive.tar.bz2") ''; }) diff --git a/nixpkgs/nixos/tests/gitolite.nix b/nixpkgs/nixos/tests/gitolite.nix index 690e456ed7c..a928645bd80 100644 --- a/nixpkgs/nixos/tests/gitolite.nix +++ b/nixpkgs/nixos/tests/gitolite.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...}: +import ./make-test-python.nix ({ pkgs, ...}: let adminPrivateKey = pkgs.writeText "id_ed25519" '' @@ -43,7 +43,7 @@ let ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJZNonUP1ePHLrvn0W9D2hdN6zWWZYFyJc+QR6pOKQEw bob@client ''; - gitoliteAdminConfSnippet = '' + gitoliteAdminConfSnippet = pkgs.writeText "gitolite-admin-conf-snippet" '' repo alice-project RW+ = alice ''; @@ -85,55 +85,54 @@ in }; testScript = '' - startAll; - - subtest "can setup ssh keys on system", sub { - $client->mustSucceed("mkdir -p ~root/.ssh"); - $client->mustSucceed("cp ${adminPrivateKey} ~root/.ssh/id_ed25519"); - $client->mustSucceed("chmod 600 ~root/.ssh/id_ed25519"); - - $client->mustSucceed("sudo -u alice mkdir -p ~alice/.ssh"); - $client->mustSucceed("sudo -u alice cp ${alicePrivateKey} ~alice/.ssh/id_ed25519"); - $client->mustSucceed("sudo -u alice chmod 600 ~alice/.ssh/id_ed25519"); - - $client->mustSucceed("sudo -u bob mkdir -p ~bob/.ssh"); - $client->mustSucceed("sudo -u bob cp ${bobPrivateKey} ~bob/.ssh/id_ed25519"); - $client->mustSucceed("sudo -u bob chmod 600 ~bob/.ssh/id_ed25519"); - }; - - subtest "gitolite server starts", sub { - $server->waitForUnit("gitolite-init.service"); - $server->waitForUnit("sshd.service"); - $client->mustSucceed('ssh gitolite@server info'); - }; - - subtest "admin can clone and configure gitolite-admin.git", sub { - $client->mustSucceed('git clone gitolite@server:gitolite-admin.git'); - $client->mustSucceed("git config --global user.name 'System Administrator'"); - $client->mustSucceed("git config --global user.email root\@domain.example"); - $client->mustSucceed("cp ${alicePublicKey} gitolite-admin/keydir/alice.pub"); - $client->mustSucceed("cp ${bobPublicKey} gitolite-admin/keydir/bob.pub"); - $client->mustSucceed('(cd gitolite-admin && git add . && git commit -m "Add keys for alice, bob" && git push)'); - $client->mustSucceed("printf '${gitoliteAdminConfSnippet}' >> gitolite-admin/conf/gitolite.conf"); - $client->mustSucceed('(cd gitolite-admin && git add . && git commit -m "Add repo for alice" && git push)'); - }; - - subtest "non-admins cannot clone gitolite-admin.git", sub { - $client->mustFail('sudo -i -u alice git clone gitolite@server:gitolite-admin.git'); - $client->mustFail('sudo -i -u bob git clone gitolite@server:gitolite-admin.git'); - }; - - subtest "non-admins can clone testing.git", sub { - $client->mustSucceed('sudo -i -u alice git clone gitolite@server:testing.git'); - $client->mustSucceed('sudo -i -u bob git clone gitolite@server:testing.git'); - }; - - subtest "alice can clone alice-project.git", sub { - $client->mustSucceed('sudo -i -u alice git clone gitolite@server:alice-project.git'); - }; - - subtest "bob cannot clone alice-project.git", sub { - $client->mustFail('sudo -i -u bob git clone gitolite@server:alice-project.git'); - }; + start_all() + + with subtest("can setup ssh keys on system"): + client.succeed( + "mkdir -p ~root/.ssh", + "cp ${adminPrivateKey} ~root/.ssh/id_ed25519", + "chmod 600 ~root/.ssh/id_ed25519", + ) + client.succeed( + "sudo -u alice mkdir -p ~alice/.ssh", + "sudo -u alice cp ${alicePrivateKey} ~alice/.ssh/id_ed25519", + "sudo -u alice chmod 600 ~alice/.ssh/id_ed25519", + ) + client.succeed( + "sudo -u bob mkdir -p ~bob/.ssh", + "sudo -u bob cp ${bobPrivateKey} ~bob/.ssh/id_ed25519", + "sudo -u bob chmod 600 ~bob/.ssh/id_ed25519", + ) + + with subtest("gitolite server starts"): + server.wait_for_unit("gitolite-init.service") + server.wait_for_unit("sshd.service") + client.succeed("ssh gitolite@server info") + + with subtest("admin can clone and configure gitolite-admin.git"): + client.succeed( + "git clone gitolite@server:gitolite-admin.git", + "git config --global user.name 'System Administrator'", + "git config --global user.email root\@domain.example", + "cp ${alicePublicKey} gitolite-admin/keydir/alice.pub", + "cp ${bobPublicKey} gitolite-admin/keydir/bob.pub", + "(cd gitolite-admin && git add . && git commit -m 'Add keys for alice, bob' && git push)", + "cat ${gitoliteAdminConfSnippet} >> gitolite-admin/conf/gitolite.conf", + "(cd gitolite-admin && git add . && git commit -m 'Add repo for alice' && git push)", + ) + + with subtest("non-admins cannot clone gitolite-admin.git"): + client.fail("sudo -i -u alice git clone gitolite@server:gitolite-admin.git") + client.fail("sudo -i -u bob git clone gitolite@server:gitolite-admin.git") + + with subtest("non-admins can clone testing.git"): + client.succeed("sudo -i -u alice git clone gitolite@server:testing.git") + client.succeed("sudo -i -u bob git clone gitolite@server:testing.git") + + with subtest("alice can clone alice-project.git"): + client.succeed("sudo -i -u alice git clone gitolite@server:alice-project.git") + + with subtest("bob cannot clone alice-project.git"): + client.fail("sudo -i -u bob git clone gitolite@server:alice-project.git") ''; }) diff --git a/nixpkgs/nixos/tests/gjs.nix b/nixpkgs/nixos/tests/gjs.nix deleted file mode 100644 index e6002ef98dd..00000000000 --- a/nixpkgs/nixos/tests/gjs.nix +++ /dev/null @@ -1,19 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: { - name = "gjs"; - - meta = { - maintainers = pkgs.gnome3.gjs.meta.maintainers; - }; - - machine = { pkgs, ... }: { - imports = [ ./common/x11.nix ]; - environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; - environment.variables.XDG_DATA_DIRS = [ "${pkgs.gnome3.gjs.installedTests}/share" ]; - }; - - testScript = '' - $machine->waitForX; - $machine->succeed("gnome-desktop-testing-runner"); - ''; -}) diff --git a/nixpkgs/nixos/tests/glib-networking.nix b/nixpkgs/nixos/tests/glib-networking.nix deleted file mode 100644 index c0bbb2b3554..00000000000 --- a/nixpkgs/nixos/tests/glib-networking.nix +++ /dev/null @@ -1,17 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: - -{ - name = "glib-networking"; - meta = { - maintainers = pkgs.glib-networking.meta.maintainers; - }; - - machine = { pkgs, ... }: { - environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; - }; - - testScript = '' - $machine->succeed("gnome-desktop-testing-runner -d '${pkgs.glib-networking.installedTests}/share'"); - ''; -}) diff --git a/nixpkgs/nixos/tests/glusterfs.nix b/nixpkgs/nixos/tests/glusterfs.nix index 9fd8bd2ed12..8f9cb8973d5 100644 --- a/nixpkgs/nixos/tests/glusterfs.nix +++ b/nixpkgs/nixos/tests/glusterfs.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ ... } : +import ./make-test-python.nix ({pkgs, lib, ...}: let client = { pkgs, ... } : { @@ -39,27 +39,29 @@ in { }; testScript = '' - $server1->waitForUnit("glusterd.service"); - $server2->waitForUnit("glusterd.service"); + server1.wait_for_unit("glusterd.service") + server2.wait_for_unit("glusterd.service") + + server1.wait_until_succeeds("gluster peer status") + server2.wait_until_succeeds("gluster peer status") # establish initial contact - $server1->succeed("sleep 2"); - $server1->succeed("gluster peer probe server2"); - $server1->succeed("gluster peer probe server1"); + server1.succeed("gluster peer probe server2") + server1.succeed("gluster peer probe server1") - $server1->succeed("gluster peer status | grep Connected"); + server1.succeed("gluster peer status | grep Connected") # create volumes - $server1->succeed("mkdir -p /data/vg0"); - $server2->succeed("mkdir -p /data/vg0"); - $server1->succeed("gluster volume create gv0 server1:/data/vg0 server2:/data/vg0"); - $server1->succeed("gluster volume start gv0"); + server1.succeed("mkdir -p /data/vg0") + server2.succeed("mkdir -p /data/vg0") + server1.succeed("gluster volume create gv0 server1:/data/vg0 server2:/data/vg0") + server1.succeed("gluster volume start gv0") # test clients - $client1->waitForUnit("gluster.mount"); - $client2->waitForUnit("gluster.mount"); + client1.wait_for_unit("gluster.mount") + client2.wait_for_unit("gluster.mount") - $client1->succeed("echo test > /gluster/file1"); - $client2->succeed("grep test /gluster/file1"); + client1.succeed("echo test > /gluster/file1") + client2.succeed("grep test /gluster/file1") ''; }) diff --git a/nixpkgs/nixos/tests/gnome-photos.nix b/nixpkgs/nixos/tests/gnome-photos.nix deleted file mode 100644 index 2ecda1d68ce..00000000000 --- a/nixpkgs/nixos/tests/gnome-photos.nix +++ /dev/null @@ -1,42 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, lib, ... }: - -let - - # gsettings tool with access to gsettings-desktop-schemas - desktop-gsettings = with pkgs; stdenv.mkDerivation { - name = "desktop-gsettings"; - dontUnpack = true; - nativeBuildInputs = [ glib wrapGAppsHook ]; - buildInputs = [ gsettings-desktop-schemas ]; - installPhase = '' - runHook preInstall - mkdir -p $out/bin - ln -s ${glib.bin}/bin/gsettings $out/bin/desktop-gsettings - runHook postInstall - ''; - }; - -in - -{ - name = "gnome-photos"; - meta = { - maintainers = pkgs.gnome-photos.meta.maintainers; - }; - - machine = { pkgs, ... }: { - imports = [ ./common/x11.nix ]; - programs.dconf.enable = true; - services.gnome3.at-spi2-core.enable = true; # needed for dogtail - environment.systemPackages = with pkgs; [ gnome-desktop-testing desktop-gsettings ]; - services.dbus.packages = with pkgs; [ gnome-photos ]; - }; - - testScript = '' - $machine->waitForX; - # dogtail needs accessibility enabled - $machine->succeed("desktop-gsettings set org.gnome.desktop.interface toolkit-accessibility true 2>&1"); - $machine->succeed("gnome-desktop-testing-runner -d '${pkgs.gnome-photos.installedTests}/share' 2>&1"); - ''; -}) diff --git a/nixpkgs/nixos/tests/google-oslogin/default.nix b/nixpkgs/nixos/tests/google-oslogin/default.nix index 3b84bba3f98..1977e92e987 100644 --- a/nixpkgs/nixos/tests/google-oslogin/default.nix +++ b/nixpkgs/nixos/tests/google-oslogin/default.nix @@ -1,7 +1,14 @@ -import ../make-test.nix ({ pkgs, ... } : +import ../make-test-python.nix ({ pkgs, ... } : let inherit (import ./../ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey; + + # don't check host keys or known hosts, use the snakeoil ssh key + ssh-config = builtins.toFile "ssh.conf" '' + UserKnownHostsFile=/dev/null + StrictHostKeyChecking=no + IdentityFile=~/.ssh/id_snakeoil + ''; in { name = "google-oslogin"; meta = with pkgs.stdenv.lib.maintainers; { @@ -15,38 +22,49 @@ in { client = { ... }: {}; }; testScript = '' - startAll; + start_all() - $server->waitForUnit("mock-google-metadata.service"); - $server->waitForOpenPort(80); + server.wait_for_unit("mock-google-metadata.service") + server.wait_for_open_port(80) # mockserver should return a non-expired ssh key for both mockuser and mockadmin - $server->succeed('${pkgs.google-compute-engine-oslogin}/bin/google_authorized_keys mockuser | grep -q "${snakeOilPublicKey}"'); - $server->succeed('${pkgs.google-compute-engine-oslogin}/bin/google_authorized_keys mockadmin | grep -q "${snakeOilPublicKey}"'); + server.succeed( + '${pkgs.google-compute-engine-oslogin}/bin/google_authorized_keys mockuser | grep -q "${snakeOilPublicKey}"' + ) + server.succeed( + '${pkgs.google-compute-engine-oslogin}/bin/google_authorized_keys mockadmin | grep -q "${snakeOilPublicKey}"' + ) - # install snakeoil ssh key on the client - $client->succeed("mkdir -p ~/.ssh"); - $client->succeed("cat ${snakeOilPrivateKey} > ~/.ssh/id_snakeoil"); - $client->succeed("chmod 600 ~/.ssh/id_snakeoil"); + # install snakeoil ssh key on the client, and provision .ssh/config file + client.succeed("mkdir -p ~/.ssh") + client.succeed( + "cat ${snakeOilPrivateKey} > ~/.ssh/id_snakeoil" + ) + client.succeed("chmod 600 ~/.ssh/id_snakeoil") + client.succeed("cp ${ssh-config} ~/.ssh/config") - $client->waitForUnit("network.target"); - $server->waitForUnit("sshd.service"); + client.wait_for_unit("network.target") + server.wait_for_unit("sshd.service") # we should not be able to connect as non-existing user - $client->fail("ssh -o User=ghost -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server -i ~/.ssh/id_snakeoil 'true'"); + client.fail("ssh ghost@server 'true'") # we should be able to connect as mockuser - $client->succeed("ssh -o User=mockuser -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server -i ~/.ssh/id_snakeoil 'true'"); + client.succeed("ssh mockuser@server 'true'") # but we shouldn't be able to sudo - $client->fail("ssh -o User=mockuser -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server -i ~/.ssh/id_snakeoil '/run/wrappers/bin/sudo /run/current-system/sw/bin/id' | grep -q 'root'"); + client.fail( + "ssh mockuser@server '/run/wrappers/bin/sudo /run/current-system/sw/bin/id' | grep -q 'root'" + ) # we should also be able to log in as mockadmin - $client->succeed("ssh -o User=mockadmin -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server -i ~/.ssh/id_snakeoil 'true'"); + client.succeed("ssh mockadmin@server 'true'") # pam_oslogin_admin.so should now have generated a sudoers file - $server->succeed("find /run/google-sudoers.d | grep -q '/run/google-sudoers.d/mockadmin'"); + server.succeed("find /run/google-sudoers.d | grep -q '/run/google-sudoers.d/mockadmin'") # and we should be able to sudo - $client->succeed("ssh -o User=mockadmin -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server -i ~/.ssh/id_snakeoil '/run/wrappers/bin/sudo /run/current-system/sw/bin/id' | grep -q 'root'"); + client.succeed( + "ssh mockadmin@server '/run/wrappers/bin/sudo /run/current-system/sw/bin/id' | grep -q 'root'" + ) ''; }) diff --git a/nixpkgs/nixos/tests/gotify-server.nix b/nixpkgs/nixos/tests/gotify-server.nix new file mode 100644 index 00000000000..c6e00686aed --- /dev/null +++ b/nixpkgs/nixos/tests/gotify-server.nix @@ -0,0 +1,45 @@ +import ./make-test-python.nix ({ pkgs, lib, ...} : { + name = "gotify-server"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ ma27 ]; + }; + + machine = { pkgs, ... }: { + environment.systemPackages = [ pkgs.jq ]; + + services.gotify = { + enable = true; + port = 3000; + }; + }; + + testScript = '' + machine.start() + + machine.wait_for_unit("gotify-server.service") + machine.wait_for_open_port(3000) + + token = machine.succeed( + "curl --fail -sS -X POST localhost:3000/application -F name=nixos " + + '-H "Authorization: Basic $(echo -ne "admin:admin" | base64 --wrap 0)" ' + + "| jq .token | xargs echo -n" + ) + + usertoken = machine.succeed( + "curl --fail -sS -X POST localhost:3000/client -F name=nixos " + + '-H "Authorization: Basic $(echo -ne "admin:admin" | base64 --wrap 0)" ' + + "| jq .token | xargs echo -n" + ) + + machine.succeed( + f"curl --fail -sS -X POST 'localhost:3000/message?token={token}' -H 'Accept: application/json' " + + "-F title=Gotify -F message=Works" + ) + + title = machine.succeed( + f"curl --fail -sS 'localhost:3000/message?since=0&token={usertoken}' | jq '.messages|.[0]|.title' | xargs echo -n" + ) + + assert title == "Gotify" + ''; +}) diff --git a/nixpkgs/nixos/tests/grafana.nix b/nixpkgs/nixos/tests/grafana.nix index 7a1b4c8ffbb..4b453ece7f1 100644 --- a/nixpkgs/nixos/tests/grafana.nix +++ b/nixpkgs/nixos/tests/grafana.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, pkgs, ... }: +import ./make-test-python.nix ({ lib, pkgs, ... }: let inherit (lib) mkMerge nameValuePair maintainers; @@ -64,28 +64,34 @@ in { inherit nodes; testScript = '' - startAll(); + start_all() - subtest "Grafana sqlite", sub { - $sqlite->waitForUnit("grafana.service"); - $sqlite->waitForOpenPort(3000); - $sqlite->succeed("curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/org/users | grep -q testadmin\@localhost"); - }; + with subtest("Successful API query as admin user with sqlite db"): + sqlite.wait_for_unit("grafana.service") + sqlite.wait_for_open_port(3000) + sqlite.succeed( + "curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/org/users | grep -q testadmin\@localhost" + ) + sqlite.shutdown() - subtest "Grafana postgresql", sub { - $postgresql->waitForUnit("grafana.service"); - $postgresql->waitForUnit("postgresql.service"); - $postgresql->waitForOpenPort(3000); - $postgresql->waitForOpenPort(5432); - $postgresql->succeed("curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/org/users | grep -q testadmin\@localhost"); - }; + with subtest("Successful API query as admin user with postgresql db"): + postgresql.wait_for_unit("grafana.service") + postgresql.wait_for_unit("postgresql.service") + postgresql.wait_for_open_port(3000) + postgresql.wait_for_open_port(5432) + postgresql.succeed( + "curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/org/users | grep -q testadmin\@localhost" + ) + postgresql.shutdown() - subtest "Grafana mysql", sub { - $mysql->waitForUnit("grafana.service"); - $mysql->waitForUnit("mysql.service"); - $mysql->waitForOpenPort(3000); - $mysql->waitForOpenPort(3306); - $mysql->succeed("curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/org/users | grep -q testadmin\@localhost"); - }; + with subtest("Successful API query as admin user with mysql db"): + mysql.wait_for_unit("grafana.service") + mysql.wait_for_unit("mysql.service") + mysql.wait_for_open_port(3000) + mysql.wait_for_open_port(3306) + mysql.succeed( + "curl -sSfN -u testadmin:snakeoilpwd http://127.0.0.1:3000/api/org/users | grep -q testadmin\@localhost" + ) + mysql.shutdown() ''; }) diff --git a/nixpkgs/nixos/tests/graphene.nix b/nixpkgs/nixos/tests/graphene.nix deleted file mode 100644 index 5591bcc30c0..00000000000 --- a/nixpkgs/nixos/tests/graphene.nix +++ /dev/null @@ -1,18 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: - -{ - name = "graphene"; - - meta = { - maintainers = pkgs.graphene.meta.maintainers; - }; - - machine = { pkgs, ... }: { - environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; - }; - - testScript = '' - $machine->succeed("gnome-desktop-testing-runner -d '${pkgs.graphene.installedTests}/share'"); - ''; -}) diff --git a/nixpkgs/nixos/tests/graylog.nix b/nixpkgs/nixos/tests/graylog.nix index dc54afd1d26..2d22012fa7c 100644 --- a/nixpkgs/nixos/tests/graylog.nix +++ b/nixpkgs/nixos/tests/graylog.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: { +import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "graylog"; meta.maintainers = with lib.maintainers; [ ma27 ]; @@ -64,48 +64,52 @@ import ./make-test.nix ({ pkgs, lib, ... }: { facility = "Test"; }); in '' - $machine->start; - $machine->waitForUnit("graylog.service"); - $machine->waitForOpenPort(9000); - $machine->succeed("curl -sSfL http://127.0.0.1:9000/"); + machine.start() + machine.wait_for_unit("graylog.service") + machine.wait_for_open_port(9000) + machine.succeed("curl -sSfL http://127.0.0.1:9000/") - my $session = $machine->succeed("curl -X POST " - . "-sSfL http://127.0.0.1:9000/api/system/sessions " - . "-d \$(cat ${payloads.login}) " - . "-H 'Content-Type: application/json' " - . "-H 'Accept: application/json' " - . "-H 'x-requested-by: cli' " - . "| jq .session_id | xargs echo" - ); + session = machine.succeed( + "curl -X POST " + + "-sSfL http://127.0.0.1:9000/api/system/sessions " + + "-d $(cat ${payloads.login}) " + + "-H 'Content-Type: application/json' " + + "-H 'Accept: application/json' " + + "-H 'x-requested-by: cli' " + + "| jq .session_id | xargs echo" + ).rstrip() - chomp($session); + machine.succeed( + "curl -X POST " + + f"-sSfL http://127.0.0.1:9000/api/system/inputs -u {session}:session " + + '-d $(cat ${payloads.input} | sed -e "s,@node@,$(cat /var/lib/graylog/server/node-id),") ' + + "-H 'Accept: application/json' " + + "-H 'Content-Type: application/json' " + + "-H 'x-requested-by: cli' " + ) - $machine->succeed("curl -X POST " - . "-sSfL http://127.0.0.1:9000/api/system/inputs -u $session:session " - . "-d \$(cat ${payloads.input} | sed -e \"s,\@node\@,\$(cat /var/lib/graylog/server/node-id),\") " - . "-H 'Accept: application/json' " - . "-H 'Content-Type: application/json' " - . "-H 'x-requested-by: cli' " - ); + machine.wait_until_succeeds( + "test \"$(curl -sSfL 'http://127.0.0.1:9000/api/cluster/inputstates' " + + f"-u {session}:session " + + "-H 'Accept: application/json' " + + "-H 'Content-Type: application/json' " + + "-H 'x-requested-by: cli'" + + "| jq 'to_entries[]|.value|.[0]|.state' | xargs echo" + + ')" = "RUNNING"' + ) - $machine->waitUntilSucceeds("test \"\$(curl -sSfL 'http://127.0.0.1:9000/api/cluster/inputstates' " - . "-u $session:session " - . "-H 'Accept: application/json' " - . "-H 'Content-Type: application/json' " - . "-H 'x-requested-by: cli'" - . "| jq 'to_entries[]|.value|.[0]|.state' | xargs echo" - . ")\" = \"RUNNING\"" - ); + machine.succeed( + "echo -n $(cat ${payloads.gelf_message}) | nc -w10 -u 127.0.0.1 12201" + ) - $machine->succeed("echo -n \$(cat ${payloads.gelf_message}) | nc -w10 -u 127.0.0.1 12201"); - - $machine->succeed("test \"\$(curl -X GET " - . "-sSfL 'http://127.0.0.1:9000/api/search/universal/relative?query=*' " - . "-u $session:session " - . "-H 'Accept: application/json' " - . "-H 'Content-Type: application/json' " - . "-H 'x-requested-by: cli'" - . " | jq '.total_results' | xargs echo)\" = \"1\"" - ); + machine.succeed( + 'test "$(curl -X GET ' + + "-sSfL 'http://127.0.0.1:9000/api/search/universal/relative?query=*' " + + f"-u {session}:session " + + "-H 'Accept: application/json' " + + "-H 'Content-Type: application/json' " + + "-H 'x-requested-by: cli'" + + ' | jq \'.total_results\' | xargs echo)" = "1"' + ) ''; }) diff --git a/nixpkgs/nixos/tests/handbrake.nix b/nixpkgs/nixos/tests/handbrake.nix index ae87e1f69a7..e5fb6b269b1 100644 --- a/nixpkgs/nixos/tests/handbrake.nix +++ b/nixpkgs/nixos/tests/handbrake.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: let # Download Big Buck Bunny example, licensed under CC Attribution 3.0. testMkv = pkgs.fetchurl { @@ -19,7 +19,13 @@ in { testScript = '' # Test MP4 and MKV transcoding. Since this is a short clip, transcoding typically # only takes a few seconds. - $machine->succeed("HandBrakeCLI -i ${testMkv} -o test.mp4 -e x264 -q 20 -B 160"); - $machine->succeed("HandBrakeCLI -i ${testMkv} -o test.mkv -e x264 -q 20 -B 160"); + start_all() + + machine.succeed( + "HandBrakeCLI -i ${testMkv} -o test.mp4 -e x264 -q 20 -B 160" + ) + machine.succeed( + "HandBrakeCLI -i ${testMkv} -o test.mkv -e x264 -q 20 -B 160" + ) ''; }) diff --git a/nixpkgs/nixos/tests/haproxy.nix b/nixpkgs/nixos/tests/haproxy.nix index 22a83e9d1ea..72e77a68193 100644 --- a/nixpkgs/nixos/tests/haproxy.nix +++ b/nixpkgs/nixos/tests/haproxy.nix @@ -16,6 +16,8 @@ import ./make-test.nix ({ pkgs, ...}: { frontend http bind *:80 mode http + option http-use-htx + http-request use-service prometheus-exporter if { path /metrics } use_backend http_server ''; }; @@ -36,6 +38,6 @@ import ./make-test.nix ({ pkgs, ...}: { $machine->waitForUnit('haproxy.service'); $machine->waitForUnit('httpd.service'); $machine->succeed('curl -k http://localhost:80/index.txt | grep "We are all good!"'); - + $machine->succeed('curl -k http://localhost:80/metrics | grep haproxy_process_pool_allocated_bytes'); ''; }) diff --git a/nixpkgs/nixos/tests/hibernate.nix b/nixpkgs/nixos/tests/hibernate.nix index 274aa7becc8..8251c6e7ef8 100644 --- a/nixpkgs/nixos/tests/hibernate.nix +++ b/nixpkgs/nixos/tests/hibernate.nix @@ -1,6 +1,6 @@ # Test whether hibernation from partition works. -import ./make-test.nix (pkgs: { +import ./make-test-python.nix (pkgs: { name = "hibernate"; nodes = { @@ -28,16 +28,17 @@ import ./make-test.nix (pkgs: { testScript = '' - $machine->waitForUnit("multi-user.target"); - $machine->succeed("mkswap /dev/vdb"); - $machine->succeed("swapon -a"); - $machine->startJob("listener"); - $machine->waitForOpenPort(4444); - $machine->succeed("systemctl hibernate &"); - $machine->waitForShutdown; - $probe->waitForUnit("multi-user.target"); - $machine->start; - $probe->waitUntilSucceeds("echo test | nc machine 4444 -N"); + machine.start() + machine.wait_for_unit("multi-user.target") + machine.succeed("mkswap /dev/vdb") + machine.succeed("swapon -a") + machine.start_job("listener") + machine.wait_for_open_port(4444) + machine.succeed("systemctl hibernate &") + machine.wait_for_shutdown() + probe.wait_for_unit("multi-user.target") + machine.start() + probe.wait_until_succeeds("echo test | nc machine 4444 -N") ''; }) diff --git a/nixpkgs/nixos/tests/hound.nix b/nixpkgs/nixos/tests/hound.nix index cb8e25332c0..27c65abdf27 100644 --- a/nixpkgs/nixos/tests/hound.nix +++ b/nixpkgs/nixos/tests/hound.nix @@ -1,5 +1,5 @@ # Test whether `houndd` indexes nixpkgs -import ./make-test.nix ({ pkgs, ... } : { +import ./make-test-python.nix ({ pkgs, ... } : { name = "hound"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ grahamc ]; @@ -46,13 +46,14 @@ import ./make-test.nix ({ pkgs, ... } : { }; }; - testScript = - '' startAll; + testScript = '' + start_all() - $machine->waitForUnit("network.target"); - $machine->waitForUnit("hound.service"); - $machine->waitForOpenPort(6080); - $machine->waitUntilSucceeds('curl http://127.0.0.1:6080/api/v1/search\?stats\=fosho\&repos\=\*\&rng=%3A20\&q\=hi\&files\=\&i=nope | grep "Filename" | grep "hello"'); - - ''; + machine.wait_for_unit("network.target") + machine.wait_for_unit("hound.service") + machine.wait_for_open_port(6080) + machine.wait_until_succeeds( + "curl http://127.0.0.1:6080/api/v1/search\?stats\=fosho\&repos\=\*\&rng=%3A20\&q\=hi\&files\=\&i=nope | grep 'Filename' | grep 'hello'" + ) + ''; }) diff --git a/nixpkgs/nixos/tests/icingaweb2.nix b/nixpkgs/nixos/tests/icingaweb2.nix index ea1b94c526b..2f65604539c 100644 --- a/nixpkgs/nixos/tests/icingaweb2.nix +++ b/nixpkgs/nixos/tests/icingaweb2.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "icingaweb2"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ das_j ]; @@ -64,8 +64,8 @@ import ./make-test.nix ({ pkgs, ... }: { }; testScript = '' - startAll(); - $icingaweb2->waitForUnit("multi-user.target"); - $icingaweb2->succeed("curl -sSf http://icingaweb2/authentication/login"); + start_all() + icingaweb2.wait_for_unit("multi-user.target") + icingaweb2.succeed("curl -sSf http://icingaweb2/authentication/login") ''; }) diff --git a/nixpkgs/nixos/tests/iftop.nix b/nixpkgs/nixos/tests/iftop.nix index a4f524ceb27..8a161027c2a 100644 --- a/nixpkgs/nixos/tests/iftop.nix +++ b/nixpkgs/nixos/tests/iftop.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: with lib; @@ -18,17 +18,16 @@ with lib; }; testScript = '' - subtest "machine with iftop enabled", sub { - $withIftop->waitForUnit("default.target"); - # limit to eth1 (eth0 is the test driver's control interface) - # and don't try name lookups - $withIftop->succeed("su -l alice -c 'iftop -t -s 1 -n -i eth1'"); - }; - subtest "machine without iftop", sub { - $withoutIftop->waitForUnit("default.target"); - # check that iftop is there but user alice lacks capabilities - $withoutIftop->succeed("iftop -t -s 1 -n -i eth1"); - $withoutIftop->fail("su -l alice -c 'iftop -t -s 1 -n -i eth1'"); - }; + with subtest("machine with iftop enabled"): + withIftop.wait_for_unit("default.target") + # limit to eth1 (eth0 is the test driver's control interface) + # and don't try name lookups + withIftop.succeed("su -l alice -c 'iftop -t -s 1 -n -i eth1'") + + with subtest("machine without iftop"): + withoutIftop.wait_for_unit("default.target") + # check that iftop is there but user alice lacks capabilitie + withoutIftop.succeed("iftop -t -s 1 -n -i eth1") + withoutIftop.fail("su -l alice -c 'iftop -t -s 1 -n -i eth1'") ''; }) diff --git a/nixpkgs/nixos/tests/incron.nix b/nixpkgs/nixos/tests/incron.nix index e39bbb5f096..b22ee4c9a03 100644 --- a/nixpkgs/nixos/tests/incron.nix +++ b/nixpkgs/nixos/tests/incron.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "incron"; @@ -19,34 +19,34 @@ import ./make-test.nix ({ pkgs, lib, ... }: }; testScript = '' - startAll; + start_all() - $machine->waitForUnit("multi-user.target"); - $machine->waitForUnit("incron.service"); + machine.wait_for_unit("multi-user.target") + machine.wait_for_unit("incron.service") - $machine->succeed("test -d /test"); + machine.succeed("test -d /test") # create some activity for incron to monitor - $machine->succeed("touch /test/file"); - $machine->succeed("echo foo >> /test/file"); - $machine->succeed("mv /test/file /root"); - $machine->succeed("mv /root/file /test"); + machine.succeed("touch /test/file") + machine.succeed("echo foo >> /test/file") + machine.succeed("mv /test/file /root") + machine.succeed("mv /root/file /test") - $machine->sleep(1); + machine.sleep(1) # touch /test/file - $machine->succeed("grep '/test/file IN_CREATE' /root/incron.log"); + machine.succeed("grep '/test/file IN_CREATE' /root/incron.log") # echo foo >> /test/file - $machine->succeed("grep '/test/file IN_MODIFY' /root/incron.log"); - $machine->succeed("grep '/test/file IN_CLOSE_WRITE' /root/incron.log"); + machine.succeed("grep '/test/file IN_MODIFY' /root/incron.log") + machine.succeed("grep '/test/file IN_CLOSE_WRITE' /root/incron.log") # mv /test/file /root - $machine->succeed("grep '/test/file IN_MOVED_FROM' /root/incron.log"); + machine.succeed("grep '/test/file IN_MOVED_FROM' /root/incron.log") # mv /root/file /test - $machine->succeed("grep '/test/file IN_MOVED_TO' /root/incron.log"); + machine.succeed("grep '/test/file IN_MOVED_TO' /root/incron.log") # ensure something unexpected is not present - $machine->fail("grep 'IN_OPEN' /root/incron.log"); + machine.fail("grep 'IN_OPEN' /root/incron.log") ''; }) diff --git a/nixpkgs/nixos/tests/influxdb.nix b/nixpkgs/nixos/tests/influxdb.nix index 61201202204..04ef8046101 100644 --- a/nixpkgs/nixos/tests/influxdb.nix +++ b/nixpkgs/nixos/tests/influxdb.nix @@ -1,6 +1,6 @@ # This test runs influxdb and checks if influxdb is up and running -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "influxdb"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ offline ]; @@ -9,25 +9,32 @@ import ./make-test.nix ({ pkgs, ...} : { nodes = { one = { ... }: { services.influxdb.enable = true; + environment.systemPackages = [ pkgs.httpie ]; }; }; testScript = '' - startAll; - - $one->waitForUnit("influxdb.service"); + import shlex + + start_all() + + one.wait_for_unit("influxdb.service") # create database - $one->succeed(q~ - curl -XPOST http://localhost:8086/query --data-urlencode "q=CREATE DATABASE test" - ~); + one.succeed( + "curl -XPOST http://localhost:8086/query --data-urlencode 'q=CREATE DATABASE test'" + ) # write some points and run simple query - $one->succeed(q~ - curl -XPOST 'http://localhost:8086/write?db=test' --data-binary 'cpu_load_short,host=server01,region=us-west value=0.64 1434055562000000000' - ~); - $one->succeed(q~ - curl -GET 'http://localhost:8086/query' --data-urlencode "db=test" --data-urlencode "q=SELECT \"value\" FROM \"cpu_load_short\" WHERE \"region\"='us-west'" | grep "0\.64" - ~); + out = one.succeed( + "curl -XPOST 'http://localhost:8086/write?db=test' --data-binary 'cpu_load_short,host=server01,region=us-west value=0.64 1434055562000000000'" + ) + + qv = "SELECT value FROM cpu_load_short WHERE region='us-west'" + cmd = f'curl -GET "http://localhost:8086/query?db=test" --data-urlencode {shlex.quote("q="+ qv)}' + out = one.succeed(cmd) + + assert "2015-06-11T20:46:02Z" in out + assert "0.64" in out ''; }) diff --git a/nixpkgs/nixos/tests/initrd-network-ssh/default.nix b/nixpkgs/nixos/tests/initrd-network-ssh/default.nix index 796c50c610e..73d9f938e22 100644 --- a/nixpkgs/nixos/tests/initrd-network-ssh/default.nix +++ b/nixpkgs/nixos/tests/initrd-network-ssh/default.nix @@ -1,4 +1,4 @@ -import ../make-test.nix ({ lib, ... }: +import ../make-test-python.nix ({ lib, ... }: { name = "initrd-network-ssh"; @@ -35,25 +35,31 @@ import ../make-test.nix ({ lib, ... }: client = { config, ... }: { - environment.etc.knownHosts = { - text = concatStrings [ - "server," - "${toString (head (splitString " " ( - toString (elemAt (splitString "\n" config.networking.extraHosts) 2) - )))} " - "${readFile ./dropbear.pub}" - ]; + environment.etc = { + knownHosts = { + text = concatStrings [ + "server," + "${toString (head (splitString " " ( + toString (elemAt (splitString "\n" config.networking.extraHosts) 2) + )))} " + "${readFile ./dropbear.pub}" + ]; + }; + sshKey = { + source = ./openssh.priv; # dont use this anywhere else + mode = "0600"; + }; }; }; }; testScript = '' - startAll; - $client->waitForUnit("network.target"); - $client->copyFileFromHost("${./openssh.priv}","/etc/sshKey"); - $client->succeed("chmod 0600 /etc/sshKey"); - $client->waitUntilSucceeds("ping -c 1 server"); - $client->succeed("ssh -i /etc/sshKey -o UserKnownHostsFile=/etc/knownHosts server 'touch /fnord'"); - $client->shutdown; + start_all() + client.wait_for_unit("network.target") + client.wait_until_succeeds("ping -c 1 server") + client.succeed( + "ssh -i /etc/sshKey -o UserKnownHostsFile=/etc/knownHosts server 'touch /fnord'" + ) + client.shutdown() ''; }) diff --git a/nixpkgs/nixos/tests/installed-tests/colord.nix b/nixpkgs/nixos/tests/installed-tests/colord.nix new file mode 100644 index 00000000000..77e6b917fe6 --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/colord.nix @@ -0,0 +1,5 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.colord; +} diff --git a/nixpkgs/nixos/tests/installed-tests/default.nix b/nixpkgs/nixos/tests/installed-tests/default.nix new file mode 100644 index 00000000000..f4780bdcfc9 --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/default.nix @@ -0,0 +1,80 @@ +# NixOS tests for gnome-desktop-testing-runner using software +# See https://wiki.gnome.org/Initiatives/GnomeGoals/InstalledTests + +{ system ? builtins.currentSystem, + config ? {}, + pkgs ? import ../../.. { inherit system config; } +}: + +with import ../../lib/testing-python.nix { inherit system pkgs; }; +with pkgs.lib; + +let + + callInstalledTest = pkgs.newScope { inherit makeInstalledTest; }; + + makeInstalledTest = + { # Package to test. Needs to have an installedTests output + tested + + # Config to inject into machine + , testConfig ? {} + + # Test script snippet to inject before gnome-desktop-testing-runner begins. + # This is useful for extra setup the environment may need before the runner begins. + , preTestScript ? "" + + # Does test need X11? + , withX11 ? false + + # Extra flags to pass to gnome-desktop-testing-runner. + , testRunnerFlags ? "" + }: + makeTest rec { + name = tested.name; + + meta = { + maintainers = tested.meta.maintainers; + }; + + machine = { ... }: { + imports = [ + testConfig + ] ++ optional withX11 ../common/x11.nix; + + environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; + + }; + + testScript = + optionalString withX11 '' + machine.wait_for_x() + '' + + optionalString (preTestScript != "") '' + ${preTestScript} + '' + + '' + machine.succeed( + "gnome-desktop-testing-runner ${testRunnerFlags} -d '${tested.installedTests}/share'" + ) + ''; + }; + +in + +{ + colord = callInstalledTest ./colord.nix {}; + flatpak = callInstalledTest ./flatpak.nix {}; + flatpak-builder = callInstalledTest ./flatpak-builder.nix {}; + fwupd = callInstalledTest ./fwupd.nix {}; + gcab = callInstalledTest ./gcab.nix {}; + gdk-pixbuf = callInstalledTest ./gdk-pixbuf.nix {}; + gjs = callInstalledTest ./gjs.nix {}; + glib-networking = callInstalledTest ./glib-networking.nix {}; + gnome-photos = callInstalledTest ./gnome-photos.nix {}; + graphene = callInstalledTest ./graphene.nix {}; + libgdata = callInstalledTest ./libgdata.nix {}; + libxmlb = callInstalledTest ./libxmlb.nix {}; + ostree = callInstalledTest ./ostree.nix {}; + xdg-desktop-portal = callInstalledTest ./xdg-desktop-portal.nix {}; +} diff --git a/nixpkgs/nixos/tests/installed-tests/flatpak-builder.nix b/nixpkgs/nixos/tests/installed-tests/flatpak-builder.nix new file mode 100644 index 00000000000..31b9f2b258f --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/flatpak-builder.nix @@ -0,0 +1,14 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.flatpak-builder; + + testConfig = { + services.flatpak.enable = true; + xdg.portal.enable = true; + environment.systemPackages = with pkgs; [ flatpak-builder ] ++ flatpak-builder.installedTestsDependencies; + virtualisation.diskSize = 2048; + }; + + testRunnerFlags = "--timeout 3600"; +} diff --git a/nixpkgs/nixos/tests/installed-tests/flatpak.nix b/nixpkgs/nixos/tests/installed-tests/flatpak.nix new file mode 100644 index 00000000000..091c9932662 --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/flatpak.nix @@ -0,0 +1,19 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.flatpak; + withX11 = true; + + testConfig = { + services.xserver.desktopManager.gnome3.enable = true; # TODO: figure out minimal environment where the tests work + # common/x11.nix enables the auto display manager (lightdm) + services.xserver.displayManager.gdm.enable = false; + services.gnome3.core-utilities.enable = false; + services.flatpak.enable = true; + environment.systemPackages = with pkgs; [ gnupg ostree python2 ]; + virtualisation.memorySize = 2047; + virtualisation.diskSize = 1024; + }; + + testRunnerFlags = "--timeout 3600"; +} diff --git a/nixpkgs/nixos/tests/installed-tests/fwupd.nix b/nixpkgs/nixos/tests/installed-tests/fwupd.nix new file mode 100644 index 00000000000..b9f761e9958 --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/fwupd.nix @@ -0,0 +1,12 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.fwupd; + + testConfig = { + services.fwupd.enable = true; + services.fwupd.blacklistPlugins = []; # don't blacklist test plugin + services.fwupd.enableTestRemote = true; + virtualisation.memorySize = 768; + }; +} diff --git a/nixpkgs/nixos/tests/installed-tests/gcab.nix b/nixpkgs/nixos/tests/installed-tests/gcab.nix new file mode 100644 index 00000000000..b24cc2e0126 --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/gcab.nix @@ -0,0 +1,5 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.gcab; +} diff --git a/nixpkgs/nixos/tests/installed-tests/gdk-pixbuf.nix b/nixpkgs/nixos/tests/installed-tests/gdk-pixbuf.nix new file mode 100644 index 00000000000..3d0011a427a --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/gdk-pixbuf.nix @@ -0,0 +1,13 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.gdk-pixbuf; + + testConfig = { + # Tests allocate a lot of memory trying to exploit a CVE + # but qemu-system-i386 has a 2047M memory limit + virtualisation.memorySize = if pkgs.stdenv.isi686 then 2047 else 4096; + }; + + testRunnerFlags = "--timeout 1800"; +} diff --git a/nixpkgs/nixos/tests/installed-tests/gjs.nix b/nixpkgs/nixos/tests/installed-tests/gjs.nix new file mode 100644 index 00000000000..1656e9de171 --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/gjs.nix @@ -0,0 +1,6 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.gjs; + withX11 = true; +} diff --git a/nixpkgs/nixos/tests/installed-tests/glib-networking.nix b/nixpkgs/nixos/tests/installed-tests/glib-networking.nix new file mode 100644 index 00000000000..b58d4df21fc --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/glib-networking.nix @@ -0,0 +1,5 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.glib-networking; +} diff --git a/nixpkgs/nixos/tests/installed-tests/gnome-photos.nix b/nixpkgs/nixos/tests/installed-tests/gnome-photos.nix new file mode 100644 index 00000000000..05e7ccb65ad --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/gnome-photos.nix @@ -0,0 +1,35 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.gnome-photos; + + withX11 = true; + + testConfig = { + programs.dconf.enable = true; + services.gnome3.at-spi2-core.enable = true; # needed for dogtail + environment.systemPackages = with pkgs; [ + # gsettings tool with access to gsettings-desktop-schemas + (stdenv.mkDerivation { + name = "desktop-gsettings"; + dontUnpack = true; + nativeBuildInputs = [ glib wrapGAppsHook ]; + buildInputs = [ gsettings-desktop-schemas ]; + installPhase = '' + runHook preInstall + mkdir -p $out/bin + ln -s ${glib.bin}/bin/gsettings $out/bin/desktop-gsettings + runHook postInstall + ''; + }) + ]; + services.dbus.packages = with pkgs; [ gnome-photos ]; + }; + + preTestScript = '' + # dogtail needs accessibility enabled + machine.succeed( + "desktop-gsettings set org.gnome.desktop.interface toolkit-accessibility true 2>&1" + ) + ''; +} diff --git a/nixpkgs/nixos/tests/installed-tests/graphene.nix b/nixpkgs/nixos/tests/installed-tests/graphene.nix new file mode 100644 index 00000000000..e43339abd88 --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/graphene.nix @@ -0,0 +1,5 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.graphene; +} diff --git a/nixpkgs/nixos/tests/installed-tests/libgdata.nix b/nixpkgs/nixos/tests/installed-tests/libgdata.nix new file mode 100644 index 00000000000..f11a7bc1bc5 --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/libgdata.nix @@ -0,0 +1,11 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.libgdata; + + testConfig = { + # # GLib-GIO-DEBUG: _g_io_module_get_default: Found default implementation dummy (GDummyTlsBackend) for ‘gio-tls-backend’ + # Bail out! libgdata:ERROR:../gdata/tests/common.c:134:gdata_test_init: assertion failed (child_error == NULL): TLS support is not available (g-tls-error-quark, 0) + services.gnome3.glib-networking.enable = true; + }; +} diff --git a/nixpkgs/nixos/tests/installed-tests/libxmlb.nix b/nixpkgs/nixos/tests/installed-tests/libxmlb.nix new file mode 100644 index 00000000000..af2bbe9c35e --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/libxmlb.nix @@ -0,0 +1,5 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.libxmlb; +} diff --git a/nixpkgs/nixos/tests/installed-tests/ostree.nix b/nixpkgs/nixos/tests/installed-tests/ostree.nix new file mode 100644 index 00000000000..eef7cace54c --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/ostree.nix @@ -0,0 +1,23 @@ +{ pkgs, lib, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.ostree; + + # TODO: Wrap/patch the tests directly in the package + testConfig = { + environment.systemPackages = with pkgs; [ + (python3.withPackages (p: with p; [ pyyaml ])) + gnupg + ostree + ]; + + # for GJS tests + environment.variables.GI_TYPELIB_PATH = lib.makeSearchPath "lib/girepository-1.0" (with pkgs; [ + gtk3 + pango.out + ostree + gdk-pixbuf + atk + ]); + }; +} diff --git a/nixpkgs/nixos/tests/installed-tests/xdg-desktop-portal.nix b/nixpkgs/nixos/tests/installed-tests/xdg-desktop-portal.nix new file mode 100644 index 00000000000..b16008ff4ad --- /dev/null +++ b/nixpkgs/nixos/tests/installed-tests/xdg-desktop-portal.nix @@ -0,0 +1,5 @@ +{ pkgs, makeInstalledTest, ... }: + +makeInstalledTest { + tested = pkgs.xdg-desktop-portal; +} diff --git a/nixpkgs/nixos/tests/installer.nix b/nixpkgs/nixos/tests/installer.nix index a136678c6ef..eb1f4f192dd 100644 --- a/nixpkgs/nixos/tests/installer.nix +++ b/nixpkgs/nixos/tests/installer.nix @@ -54,8 +54,6 @@ let hardware.enableAllFirmware = lib.mkForce false; - services.udisks2.enable = lib.mkDefault false; - ${replaceChars ["\n"] ["\n "] extraConfig} } ''; @@ -295,8 +293,6 @@ let ++ optional (bootLoader == "grub" && grubVersion == 1) pkgs.grub ++ optionals (bootLoader == "grub" && grubVersion == 2) [ pkgs.grub2 pkgs.grub2_efi ]; - services.udisks2.enable = mkDefault false; - nix.binaryCaches = mkForce [ ]; nix.extraOptions = '' diff --git a/nixpkgs/nixos/tests/jackett.nix b/nixpkgs/nixos/tests/jackett.nix index c749c32ad04..0a706c99b99 100644 --- a/nixpkgs/nixos/tests/jackett.nix +++ b/nixpkgs/nixos/tests/jackett.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, ... }: +import ./make-test-python.nix ({ lib, ... }: with lib; @@ -11,8 +11,9 @@ with lib; { services.jackett.enable = true; }; testScript = '' - $machine->waitForUnit('jackett.service'); - $machine->waitForOpenPort('9117'); - $machine->succeed("curl --fail http://localhost:9117/"); + machine.start() + machine.wait_for_unit("jackett.service") + machine.wait_for_open_port(9117) + machine.succeed("curl --fail http://localhost:9117/") ''; }) diff --git a/nixpkgs/nixos/tests/jellyfin.nix b/nixpkgs/nixos/tests/jellyfin.nix index b60c6eb94f4..65360624d48 100644 --- a/nixpkgs/nixos/tests/jellyfin.nix +++ b/nixpkgs/nixos/tests/jellyfin.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, ...}: +import ./make-test-python.nix ({ lib, ...}: { name = "jellyfin"; @@ -9,8 +9,8 @@ import ./make-test.nix ({ lib, ...}: { services.jellyfin.enable = true; }; testScript = '' - $machine->waitForUnit('jellyfin.service'); - $machine->waitForOpenPort('8096'); - $machine->succeed("curl --fail http://localhost:8096/"); + machine.wait_for_unit("jellyfin.service") + machine.wait_for_open_port(8096) + machine.succeed("curl --fail http://localhost:8096/") ''; }) diff --git a/nixpkgs/nixos/tests/jenkins.nix b/nixpkgs/nixos/tests/jenkins.nix index a6eec411ff2..cd64ff51287 100644 --- a/nixpkgs/nixos/tests/jenkins.nix +++ b/nixpkgs/nixos/tests/jenkins.nix @@ -3,7 +3,7 @@ # 2. jenkins user can be extended on both master and slave # 3. jenkins service not started on slave node -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "jenkins"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ bjornfor coconnor domenkozar eelco ]; @@ -33,18 +33,17 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all() - $master->waitForUnit("jenkins"); + master.wait_for_unit("jenkins") - $master->mustSucceed("curl http://localhost:8080 | grep 'Authentication required'"); + assert "Authentication required" in master.succeed("curl http://localhost:8080") - print $master->execute("sudo -u jenkins groups"); - $master->mustSucceed("sudo -u jenkins groups | grep jenkins | grep users"); + for host in master, slave: + groups = host.succeed("sudo -u jenkins groups") + assert "jenkins" in groups + assert "users" in groups - print $slave->execute("sudo -u jenkins groups"); - $slave->mustSucceed("sudo -u jenkins groups | grep jenkins | grep users"); - - $slave->mustFail("systemctl is-enabled jenkins.service"); + slave.fail("systemctl is-enabled jenkins.service") ''; }) diff --git a/nixpkgs/nixos/tests/jormungandr.nix b/nixpkgs/nixos/tests/jormungandr.nix deleted file mode 100644 index 2abafc53ce5..00000000000 --- a/nixpkgs/nixos/tests/jormungandr.nix +++ /dev/null @@ -1,77 +0,0 @@ -import ./make-test.nix ({ pkgs, ... }: { - name = "jormungandr"; - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ mmahut ]; - }; - - nodes = { - # Testing the Byzantine Fault Tolerant protocol - bft = { ... }: { - environment.systemPackages = [ pkgs.jormungandr ]; - services.jormungandr.enable = true; - services.jormungandr.genesisBlockFile = "/var/lib/jormungandr/block-0.bin"; - services.jormungandr.secretFile = "/etc/secrets/jormungandr.yaml"; - }; - - # Testing the Ouroboros Genesis Praos protocol - genesis = { ... }: { - environment.systemPackages = [ pkgs.jormungandr ]; - services.jormungandr.enable = true; - services.jormungandr.genesisBlockFile = "/var/lib/jormungandr/block-0.bin"; - services.jormungandr.secretFile = "/etc/secrets/jormungandr.yaml"; - }; - }; - - testScript = '' - startAll; - - ## Testing BFT - # Let's wait for the StateDirectory - $bft->waitForFile("/var/lib/jormungandr/"); - - # First, we generate the genesis file for our new blockchain - $bft->succeed("jcli genesis init > /root/genesis.yaml"); - - # We need to generate our secret key - $bft->succeed("jcli key generate --type=Ed25519 > /root/key.prv"); - - # We include the secret key into our services.jormungandr.secretFile - $bft->succeed("mkdir -p /etc/secrets"); - $bft->succeed("echo -e \"bft:\\n signing_key:\" \$(cat /root/key.prv) > /etc/secrets/jormungandr.yaml"); - - # After that, we generate our public key from it - $bft->succeed("cat /root/key.prv | jcli key to-public > /root/key.pub"); - - # We add our public key as a consensus leader in the genesis configration file - $bft->succeed("sed -ie \"s/ed25519_pk1vvwp2s0n5jl5f4xcjurp2e92sj2awehkrydrlas4vgqr7xzt33jsadha32/\$(cat /root/key.pub)/\" /root/genesis.yaml"); - - # Now we can generate the genesis block from it - $bft->succeed("jcli genesis encode --input /root/genesis.yaml --output /var/lib/jormungandr/block-0.bin"); - - # We should have everything to start the service now - $bft->succeed("systemctl restart jormungandr"); - $bft->waitForUnit("jormungandr.service"); - - # Now we can test if we are able to reach the REST API - $bft->waitUntilSucceeds("curl -L http://localhost:8607/api/v0/node/stats | grep uptime"); - - ## Testing Genesis - # Let's wait for the StateDirectory - $genesis->waitForFile("/var/lib/jormungandr/"); - - # Bootstraping the configuration - $genesis->succeed("jormungandr-bootstrap -g -p 8607 -s 1"); - - # Moving generated files in place - $genesis->succeed("mkdir -p /etc/secrets"); - $genesis->succeed("mv pool-secret1.yaml /etc/secrets/jormungandr.yaml"); - $genesis->succeed("mv block-0.bin /var/lib/jormungandr/"); - - # We should have everything to start the service now - $genesis->succeed("systemctl restart jormungandr"); - $genesis->waitForUnit("jormungandr.service"); - - # Now we can create and delegate an account - $genesis->succeed("./create-account-and-delegate.sh | tee -a /tmp/delegate.log"); - ''; -}) diff --git a/nixpkgs/nixos/tests/kerberos/heimdal.nix b/nixpkgs/nixos/tests/kerberos/heimdal.nix index a0551b131e9..8abae667d04 100644 --- a/nixpkgs/nixos/tests/kerberos/heimdal.nix +++ b/nixpkgs/nixos/tests/kerberos/heimdal.nix @@ -1,4 +1,4 @@ -import ../make-test.nix ({pkgs, ...}: { +import ../make-test-python.nix ({pkgs, ...}: { name = "kerberos_server-heimdal"; machine = { config, libs, pkgs, ...}: { services.kerberos_server = @@ -23,31 +23,20 @@ import ../make-test.nix ({pkgs, ...}: { }; testScript = '' - $machine->start; + machine.succeed( + "kadmin -l init --realm-max-ticket-life='8 day' --realm-max-renewable-life='10 day' FOO.BAR", + "systemctl restart kadmind.service kdc.service", + ) - $machine->succeed( - "kadmin -l init --realm-max-ticket-life='8 day' \\ - --realm-max-renewable-life='10 day' FOO.BAR" - ); + for unit in ["kadmind", "kdc", "kpasswdd"]: + machine.wait_for_unit(f"{unit}.service") - $machine->succeed("systemctl restart kadmind.service kdc.service"); - $machine->waitForUnit("kadmind.service"); - $machine->waitForUnit("kdc.service"); - $machine->waitForUnit("kpasswdd.service"); - - $machine->succeed( - "kadmin -l add --password=admin_pw --use-defaults admin" - ); - $machine->succeed( - "kadmin -l ext_keytab --keytab=admin.keytab admin" - ); - $machine->succeed( - "kadmin -p admin -K admin.keytab add --password=alice_pw --use-defaults \\ - alice" - ); - $machine->succeed( - "kadmin -l ext_keytab --keytab=alice.keytab alice" - ); - $machine->succeed("kinit -kt alice.keytab alice"); + machine.succeed( + "kadmin -l add --password=admin_pw --use-defaults admin", + "kadmin -l ext_keytab --keytab=admin.keytab admin", + "kadmin -p admin -K admin.keytab add --password=alice_pw --use-defaults alice", + "kadmin -l ext_keytab --keytab=alice.keytab alice", + "kinit -kt alice.keytab alice", + ) ''; }) diff --git a/nixpkgs/nixos/tests/kerberos/mit.nix b/nixpkgs/nixos/tests/kerberos/mit.nix index 6da3a384aa9..93b4020d499 100644 --- a/nixpkgs/nixos/tests/kerberos/mit.nix +++ b/nixpkgs/nixos/tests/kerberos/mit.nix @@ -1,4 +1,4 @@ -import ../make-test.nix ({pkgs, ...}: { +import ../make-test-python.nix ({pkgs, ...}: { name = "kerberos_server-mit"; machine = { config, libs, pkgs, ...}: { services.kerberos_server = @@ -24,22 +24,18 @@ import ../make-test.nix ({pkgs, ...}: { }; testScript = '' - $machine->start; + machine.succeed( + "kdb5_util create -s -r FOO.BAR -P master_key", + "systemctl restart kadmind.service kdc.service", + ) - $machine->succeed( - "kdb5_util create -s -r FOO.BAR -P master_key" - ); + for unit in ["kadmind", "kdc"]: + machine.wait_for_unit(f"{unit}.service") - $machine->succeed("systemctl restart kadmind.service kdc.service"); - $machine->waitForUnit("kadmind.service"); - $machine->waitForUnit("kdc.service"); - - $machine->succeed( - "kadmin.local add_principal -pw admin_pw admin" - ); - $machine->succeed( - "kadmin -p admin -w admin_pw addprinc -pw alice_pw alice" - ); - $machine->succeed("echo alice_pw | sudo -u alice kinit"); + machine.succeed( + "kadmin.local add_principal -pw admin_pw admin", + "kadmin -p admin -w admin_pw addprinc -pw alice_pw alice", + "echo alice_pw | sudo -u alice kinit", + ) ''; }) diff --git a/nixpkgs/nixos/tests/kernel-latest.nix b/nixpkgs/nixos/tests/kernel-latest.nix index f30bd2e2e76..f09d0926d22 100644 --- a/nixpkgs/nixos/tests/kernel-latest.nix +++ b/nixpkgs/nixos/tests/kernel-latest.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "kernel-latest"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ nequissimus ]; @@ -11,7 +11,7 @@ import ./make-test.nix ({ pkgs, ...} : { testScript = '' - $machine->succeed("uname -s | grep 'Linux'"); - $machine->succeed("uname -a | grep '${pkgs.linuxPackages_latest.kernel.version}'"); + assert "Linux" in machine.succeed("uname -s") + assert "${pkgs.linuxPackages_latest.kernel.version}" in machine.succeed("uname -a") ''; }) diff --git a/nixpkgs/nixos/tests/kernel-lts.nix b/nixpkgs/nixos/tests/kernel-lts.nix index 28717fa6a84..bad706d63c0 100644 --- a/nixpkgs/nixos/tests/kernel-lts.nix +++ b/nixpkgs/nixos/tests/kernel-lts.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "kernel-lts"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ nequissimus ]; @@ -11,7 +11,7 @@ import ./make-test.nix ({ pkgs, ...} : { testScript = '' - $machine->succeed("uname -s | grep 'Linux'"); - $machine->succeed("uname -a | grep '${pkgs.linuxPackages.kernel.version}'"); + assert "Linux" in machine.succeed("uname -s") + assert "${pkgs.linuxPackages.kernel.version}" in machine.succeed("uname -a") ''; }) diff --git a/nixpkgs/nixos/tests/kernel-testing.nix b/nixpkgs/nixos/tests/kernel-testing.nix index 276d2de12bb..b7e10ebd5bd 100644 --- a/nixpkgs/nixos/tests/kernel-testing.nix +++ b/nixpkgs/nixos/tests/kernel-testing.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "kernel-testing"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ nequissimus ]; @@ -11,7 +11,7 @@ import ./make-test.nix ({ pkgs, ...} : { testScript = '' - $machine->succeed("uname -s | grep 'Linux'"); - $machine->succeed("uname -a | grep '${pkgs.linuxPackages_testing.kernel.modDirVersion}'"); + assert "Linux" in machine.succeed("uname -s") + assert "${pkgs.linuxPackages_testing.kernel.modDirVersion}" in machine.succeed("uname -a") ''; }) diff --git a/nixpkgs/nixos/tests/knot.nix b/nixpkgs/nixos/tests/knot.nix index e46159836cc..0588cf86ac0 100644 --- a/nixpkgs/nixos/tests/knot.nix +++ b/nixpkgs/nixos/tests/knot.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ...} : +import ./make-test-python.nix ({ pkgs, lib, ...} : let common = { networking.firewall.enable = false; @@ -30,6 +30,10 @@ let }; in { name = "knot"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ hexa ]; + }; + nodes = { master = { lib, ... }: { @@ -161,37 +165,35 @@ in { slave4 = (lib.head nodes.slave.config.networking.interfaces.eth1.ipv4.addresses).address; slave6 = (lib.head nodes.slave.config.networking.interfaces.eth1.ipv6.addresses).address; in '' - startAll; - - $client->waitForUnit("network.target"); - $master->waitForUnit("knot.service"); - $slave->waitForUnit("knot.service"); - - sub assertResponse { - my ($knot, $query_type, $query, $expected) = @_; - my $out = $client->succeed("khost -t $query_type $query $knot"); - $client->log("$knot replies with: $out"); - chomp $out; - die "DNS query for $query ($query_type) against $knot gave '$out' instead of '$expected'" - if ($out !~ $expected); - } - - foreach ("${master4}", "${master6}", "${slave4}", "${slave6}") { - subtest $_, sub { - assertResponse($_, "SOA", "example.com", qr/start of authority.*?noc\.example\.com/); - assertResponse($_, "A", "example.com", qr/has no [^ ]+ record/); - assertResponse($_, "AAAA", "example.com", qr/has no [^ ]+ record/); - - assertResponse($_, "A", "www.example.com", qr/address 192.0.2.1$/); - assertResponse($_, "AAAA", "www.example.com", qr/address 2001:db8::1$/); - - assertResponse($_, "NS", "sub.example.com", qr/nameserver is ns\d\.example\.com.$/); - assertResponse($_, "A", "sub.example.com", qr/address 192.0.2.2$/); - assertResponse($_, "AAAA", "sub.example.com", qr/address 2001:db8::2$/); - - assertResponse($_, "RRSIG", "www.example.com", qr/RR set signature is/); - assertResponse($_, "DNSKEY", "example.com", qr/DNSSEC key is/); - }; - } + import re + + start_all() + + client.wait_for_unit("network.target") + master.wait_for_unit("knot.service") + slave.wait_for_unit("knot.service") + + + def test(host, query_type, query, pattern): + out = client.succeed(f"khost -t {query_type} {query} {host}").strip() + client.log(f"{host} replied with: {out}") + assert re.search(pattern, out), f'Did not match "{pattern}"' + + + for host in ("${master4}", "${master6}", "${slave4}", "${slave6}"): + with subtest(f"Interrogate {host}"): + test(host, "SOA", "example.com", r"start of authority.*noc\.example\.com\.") + test(host, "A", "example.com", r"has no [^ ]+ record") + test(host, "AAAA", "example.com", r"has no [^ ]+ record") + + test(host, "A", "www.example.com", r"address 192.0.2.1$") + test(host, "AAAA", "www.example.com", r"address 2001:db8::1$") + + test(host, "NS", "sub.example.com", r"nameserver is ns\d\.example\.com.$") + test(host, "A", "sub.example.com", r"address 192.0.2.2$") + test(host, "AAAA", "sub.example.com", r"address 2001:db8::2$") + + test(host, "RRSIG", "www.example.com", r"RR set signature is") + test(host, "DNSKEY", "example.com", r"DNSSEC key is") ''; }) diff --git a/nixpkgs/nixos/tests/kubernetes/base.nix b/nixpkgs/nixos/tests/kubernetes/base.nix index f21634c4ffb..adb73650689 100644 --- a/nixpkgs/nixos/tests/kubernetes/base.nix +++ b/nixpkgs/nixos/tests/kubernetes/base.nix @@ -53,6 +53,7 @@ let services.flannel.iface = "eth1"; services.kubernetes = { addons.dashboard.enable = true; + proxy.hostname = "${masterName}.${domain}"; easyCerts = true; inherit (machine) roles; diff --git a/nixpkgs/nixos/tests/libgdata.nix b/nixpkgs/nixos/tests/libgdata.nix deleted file mode 100644 index 10a3ca97dd2..00000000000 --- a/nixpkgs/nixos/tests/libgdata.nix +++ /dev/null @@ -1,21 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: - -{ - name = "libgdata"; - - meta = { - maintainers = pkgs.libgdata.meta.maintainers; - }; - - machine = { pkgs, ... }: { - environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; - # # GLib-GIO-DEBUG: _g_io_module_get_default: Found default implementation dummy (GDummyTlsBackend) for ‘gio-tls-backend’ - # Bail out! libgdata:ERROR:../gdata/tests/common.c:134:gdata_test_init: assertion failed (child_error == NULL): TLS support is not available (g-tls-error-quark, 0) - services.gnome3.glib-networking.enable = true; - }; - - testScript = '' - $machine->succeed("gnome-desktop-testing-runner -d '${pkgs.libgdata.installedTests}/share'"); - ''; -}) diff --git a/nixpkgs/nixos/tests/libxmlb.nix b/nixpkgs/nixos/tests/libxmlb.nix deleted file mode 100644 index 3bee568ac5a..00000000000 --- a/nixpkgs/nixos/tests/libxmlb.nix +++ /dev/null @@ -1,17 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: - -{ - name = "libxmlb"; - meta = { - maintainers = pkgs.libxmlb.meta.maintainers; - }; - - machine = { pkgs, ... }: { - environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; - }; - - testScript = '' - $machine->succeed("gnome-desktop-testing-runner -d '${pkgs.libxmlb.installedTests}/share'"); - ''; -}) diff --git a/nixpkgs/nixos/tests/lightdm.nix b/nixpkgs/nixos/tests/lightdm.nix index c805f1ed9f3..ef30f7741e2 100644 --- a/nixpkgs/nixos/tests/lightdm.nix +++ b/nixpkgs/nixos/tests/lightdm.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "lightdm"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ aszlig worldofpeace ]; @@ -18,12 +18,12 @@ import ./make-test.nix ({ pkgs, ...} : { testScript = { nodes, ... }: let user = nodes.machine.config.users.users.alice; in '' - startAll; - $machine->waitForText(qr/${user.description}/); - $machine->screenshot("lightdm"); - $machine->sendChars("${user.password}\n"); - $machine->waitForFile("/home/alice/.Xauthority"); - $machine->succeed("xauth merge ~alice/.Xauthority"); - $machine->waitForWindow("^IceWM "); + start_all() + machine.wait_for_text("${user.description}") + machine.screenshot("lightdm") + machine.send_chars("${user.password}\n") + machine.wait_for_file("${user.home}/.Xauthority") + machine.succeed("xauth merge ${user.home}/.Xauthority") + machine.wait_for_window("^IceWM ") ''; }) diff --git a/nixpkgs/nixos/tests/login.nix b/nixpkgs/nixos/tests/login.nix index bd8ed23a7b8..d36c1a91be4 100644 --- a/nixpkgs/nixos/tests/login.nix +++ b/nixpkgs/nixos/tests/login.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, latestKernel ? false, ... }: +import ./make-test-python.nix ({ pkgs, latestKernel ? false, ... }: { name = "login"; @@ -12,62 +12,48 @@ import ./make-test.nix ({ pkgs, latestKernel ? false, ... }: sound.enable = true; # needed for the factl test, /dev/snd/* exists without them but udev doesn't care then }; - testScript = - '' - $machine->waitForUnit('multi-user.target'); - $machine->waitUntilSucceeds("pgrep -f 'agetty.*tty1'"); - $machine->screenshot("postboot"); - - subtest "create user", sub { - $machine->succeed("useradd -m alice"); - $machine->succeed("(echo foobar; echo foobar) | passwd alice"); - }; - - # Check whether switching VTs works. - subtest "virtual console switching", sub { - $machine->fail("pgrep -f 'agetty.*tty2'"); - $machine->sendKeys("alt-f2"); - $machine->waitUntilSucceeds("[ \$(fgconsole) = 2 ]"); - $machine->waitForUnit('getty@tty2.service'); - $machine->waitUntilSucceeds("pgrep -f 'agetty.*tty2'"); - }; - - # Log in as alice on a virtual console. - subtest "virtual console login", sub { - $machine->waitUntilTTYMatches(2, "login: "); - $machine->sendChars("alice\n"); - $machine->waitUntilTTYMatches(2, "login: alice"); - $machine->waitUntilSucceeds("pgrep login"); - $machine->waitUntilTTYMatches(2, "Password: "); - $machine->sendChars("foobar\n"); - $machine->waitUntilSucceeds("pgrep -u alice bash"); - $machine->sendChars("touch done\n"); - $machine->waitForFile("/home/alice/done"); - }; - - # Check whether systemd gives and removes device ownership as - # needed. - subtest "device permissions", sub { - $machine->succeed("getfacl -p /dev/snd/timer | grep -q alice"); - $machine->sendKeys("alt-f1"); - $machine->waitUntilSucceeds("[ \$(fgconsole) = 1 ]"); - $machine->fail("getfacl -p /dev/snd/timer | grep -q alice"); - $machine->succeed("chvt 2"); - $machine->waitUntilSucceeds("getfacl -p /dev/snd/timer | grep -q alice"); - }; - - # Log out. - subtest "virtual console logout", sub { - $machine->sendChars("exit\n"); - $machine->waitUntilFails("pgrep -u alice bash"); - $machine->screenshot("mingetty"); - }; - - # Check whether ctrl-alt-delete works. - subtest "ctrl-alt-delete", sub { - $machine->sendKeys("ctrl-alt-delete"); - $machine->waitForShutdown; - }; - ''; - + testScript = '' + machine.wait_for_unit("multi-user.target") + machine.wait_until_succeeds("pgrep -f 'agetty.*tty1'") + machine.screenshot("postboot") + + with subtest("create user"): + machine.succeed("useradd -m alice") + machine.succeed("(echo foobar; echo foobar) | passwd alice") + + with subtest("Check whether switching VTs works"): + machine.fail("pgrep -f 'agetty.*tty2'") + machine.send_key("alt-f2") + machine.wait_until_succeeds("[ $(fgconsole) = 2 ]") + machine.wait_for_unit("getty@tty2.service") + machine.wait_until_succeeds("pgrep -f 'agetty.*tty2'") + + with subtest("Log in as alice on a virtual console"): + machine.wait_until_tty_matches(2, "login: ") + machine.send_chars("alice\n") + machine.wait_until_tty_matches(2, "login: alice") + machine.wait_until_succeeds("pgrep login") + machine.wait_until_tty_matches(2, "Password: ") + machine.send_chars("foobar\n") + machine.wait_until_succeeds("pgrep -u alice bash") + machine.send_chars("touch done\n") + machine.wait_for_file("/home/alice/done") + + with subtest("Systemd gives and removes device ownership as needed"): + machine.succeed("getfacl /dev/snd/timer | grep -q alice") + machine.send_key("alt-f1") + machine.wait_until_succeeds("[ $(fgconsole) = 1 ]") + machine.fail("getfacl /dev/snd/timer | grep -q alice") + machine.succeed("chvt 2") + machine.wait_until_succeeds("getfacl /dev/snd/timer | grep -q alice") + + with subtest("Virtual console logout"): + machine.send_chars("exit\n") + machine.wait_until_fails("pgrep -u alice bash") + machine.screenshot("mingetty") + + with subtest("Check whether ctrl-alt-delete works"): + machine.send_key("ctrl-alt-delete") + machine.wait_for_shutdown() + ''; }) diff --git a/nixpkgs/nixos/tests/loki.nix b/nixpkgs/nixos/tests/loki.nix index 9c3058d02f8..dbf1e8a650f 100644 --- a/nixpkgs/nixos/tests/loki.nix +++ b/nixpkgs/nixos/tests/loki.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, pkgs, ... }: +import ./make-test-python.nix ({ lib, pkgs, ... }: { name = "loki"; @@ -26,12 +26,14 @@ import ./make-test.nix ({ lib, pkgs, ... }: }; testScript = '' - $machine->start; - $machine->waitForUnit("loki.service"); - $machine->waitForUnit("promtail.service"); - $machine->waitForOpenPort(3100); - $machine->waitForOpenPort(9080); - $machine->succeed("echo 'Loki Ingestion Test' > /var/log/testlog"); - $machine->waitUntilSucceeds("${pkgs.grafana-loki}/bin/logcli --addr='http://localhost:3100' query --no-labels '{job=\"varlogs\",filename=\"/var/log/testlog\"}' | grep -q 'Loki Ingestion Test'"); + machine.start + machine.wait_for_unit("loki.service") + machine.wait_for_unit("promtail.service") + machine.wait_for_open_port(3100) + machine.wait_for_open_port(9080) + machine.succeed("echo 'Loki Ingestion Test' > /var/log/testlog") + machine.wait_until_succeeds( + "${pkgs.grafana-loki}/bin/logcli --addr='http://localhost:3100' query --no-labels '{job=\"varlogs\",filename=\"/var/log/testlog\"}' | grep -q 'Loki Ingestion Test'" + ) ''; }) diff --git a/nixpkgs/nixos/tests/lorri/builder.sh b/nixpkgs/nixos/tests/lorri/builder.sh new file mode 100644 index 00000000000..b586b2bf798 --- /dev/null +++ b/nixpkgs/nixos/tests/lorri/builder.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +printf "%s" "${name:?}" > "${out:?}" diff --git a/nixpkgs/nixos/tests/lorri/default.nix b/nixpkgs/nixos/tests/lorri/default.nix new file mode 100644 index 00000000000..53074385a65 --- /dev/null +++ b/nixpkgs/nixos/tests/lorri/default.nix @@ -0,0 +1,26 @@ +import ../make-test-python.nix { + machine = { pkgs, ... }: { + imports = [ ../../modules/profiles/minimal.nix ]; + environment.systemPackages = [ pkgs.lorri ]; + }; + + testScript = '' + # Copy files over + machine.succeed( + "cp '${./fake-shell.nix}' shell.nix" + ) + machine.succeed( + "cp '${./builder.sh}' builder.sh" + ) + + # Start the daemon and wait until it is ready + machine.execute("lorri daemon > lorri.stdout 2> lorri.stderr &") + machine.wait_until_succeeds("grep --fixed-strings 'lorri: ready' lorri.stdout") + + # Ping the daemon + machine.execute("lorri ping_ $(readlink -f shell.nix)") + + # Wait for the daemon to finish the build + machine.wait_until_succeeds("grep --fixed-strings 'OutputPaths' lorri.stdout") + ''; +} diff --git a/nixpkgs/nixos/tests/lorri/fake-shell.nix b/nixpkgs/nixos/tests/lorri/fake-shell.nix new file mode 100644 index 00000000000..9de9d247e54 --- /dev/null +++ b/nixpkgs/nixos/tests/lorri/fake-shell.nix @@ -0,0 +1,5 @@ +derivation { + system = builtins.currentSystem; + name = "fake-shell"; + builder = ./builder.sh; +} diff --git a/nixpkgs/nixos/tests/magnetico.nix b/nixpkgs/nixos/tests/magnetico.nix index bc7aef653ee..6770d32358e 100644 --- a/nixpkgs/nixos/tests/magnetico.nix +++ b/nixpkgs/nixos/tests/magnetico.nix @@ -1,4 +1,9 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : + +let + port = 8081; +in +{ name = "magnetico"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ rnhmjoj ]; @@ -12,17 +17,24 @@ import ./make-test.nix ({ pkgs, ...} : { services.magnetico = { enable = true; crawler.port = 9000; + web.port = port; web.credentials.user = "$2y$12$P88ZF6soFthiiAeXnz64aOWDsY3Dw7Yw8fZ6GtiqFNjknD70zDmNe"; }; }; testScript = '' - startAll; - $machine->waitForUnit("magneticod"); - $machine->waitForUnit("magneticow"); - $machine->succeed("${pkgs.curl}/bin/curl -u user:password http://localhost:8080"); - $machine->succeed("${pkgs.curl}/bin/curl -u user:wrongpwd http://localhost:8080") =~ "Unauthorised." or die; - $machine->shutdown(); + start_all() + machine.wait_for_unit("magneticod") + machine.wait_for_unit("magneticow") + machine.succeed( + "${pkgs.curl}/bin/curl " + + "-u user:password http://localhost:${toString port}" + ) + assert "Unauthorised." in machine.succeed( + "${pkgs.curl}/bin/curl " + + "-u user:wrongpwd http://localhost:${toString port}" + ) + machine.shutdown() ''; }) diff --git a/nixpkgs/nixos/tests/mailcatcher.nix b/nixpkgs/nixos/tests/mailcatcher.nix index d45b5d4edfc..eb5b606ecc8 100644 --- a/nixpkgs/nixos/tests/mailcatcher.nix +++ b/nixpkgs/nixos/tests/mailcatcher.nix @@ -9,8 +9,8 @@ import ./make-test.nix ({ lib, ... }: { services.mailcatcher.enable = true; - networking.defaultMailServer.directDelivery = true; - networking.defaultMailServer.hostName = "localhost:1025"; + services.ssmtp.enable = true; + services.ssmtp.hostName = "localhost:1025"; environment.systemPackages = [ pkgs.mailutils ]; }; diff --git a/nixpkgs/nixos/tests/make-test-python.nix b/nixpkgs/nixos/tests/make-test-python.nix new file mode 100644 index 00000000000..89897fe7e61 --- /dev/null +++ b/nixpkgs/nixos/tests/make-test-python.nix @@ -0,0 +1,9 @@ +f: { + system ? builtins.currentSystem, + pkgs ? import ../.. { inherit system; config = {}; }, + ... +} @ args: + +with import ../lib/testing-python.nix { inherit system pkgs; }; + +makeTest (if pkgs.lib.isFunction f then f (args // { inherit pkgs; inherit (pkgs) lib; }) else f) diff --git a/nixpkgs/nixos/tests/matomo.nix b/nixpkgs/nixos/tests/matomo.nix new file mode 100644 index 00000000000..4efa65a7b6d --- /dev/null +++ b/nixpkgs/nixos/tests/matomo.nix @@ -0,0 +1,43 @@ +{ system ? builtins.currentSystem, config ? { } +, pkgs ? import ../.. { inherit system config; } }: + +with import ../lib/testing.nix { inherit system pkgs; }; +with pkgs.lib; + +let + matomoTest = package: + makeTest { + machine = { config, pkgs, ... }: { + services.matomo = { + package = package; + enable = true; + nginx = { + forceSSL = false; + enableACME = false; + }; + }; + services.mysql = { + enable = true; + package = pkgs.mysql; + }; + services.nginx.enable = true; + }; + + testScript = '' + startAll; + $machine->waitForUnit("mysql.service"); + $machine->waitForUnit("phpfpm-matomo.service"); + $machine->waitForUnit("nginx.service"); + $machine->succeed("curl -sSfL http://localhost/ | grep '<title>Matomo[^<]*Installation'"); + ''; + }; +in { + matomo = matomoTest pkgs.matomo // { + name = "matomo"; + meta.maintainers = with maintainers; [ florianjacob kiwi mmilata ]; + }; + matomo-beta = matomoTest pkgs.matomo-beta // { + name = "matomo-beta"; + meta.maintainers = with maintainers; [ florianjacob kiwi mmilata ]; + }; +} diff --git a/nixpkgs/nixos/tests/matrix-synapse.nix b/nixpkgs/nixos/tests/matrix-synapse.nix index 882e4b75814..fca53009083 100644 --- a/nixpkgs/nixos/tests/matrix-synapse.nix +++ b/nixpkgs/nixos/tests/matrix-synapse.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... } : let +import ./make-test-python.nix ({ pkgs, ... } : let runWithOpenSSL = file: cmd: pkgs.runCommand file { @@ -55,13 +55,17 @@ in { }; testScript = '' - startAll; - $serverpostgres->waitForUnit("matrix-synapse.service"); - $serverpostgres->waitUntilSucceeds("curl -L --cacert ${ca_pem} https://localhost:8448/"); - $serverpostgres->requireActiveUnit("postgresql.service"); - $serversqlite->waitForUnit("matrix-synapse.service"); - $serversqlite->waitUntilSucceeds("curl -L --cacert ${ca_pem} https://localhost:8448/"); - $serversqlite->mustSucceed("[ -e /var/lib/matrix-synapse/homeserver.db ]"); + start_all() + serverpostgres.wait_for_unit("matrix-synapse.service") + serverpostgres.wait_until_succeeds( + "curl -L --cacert ${ca_pem} https://localhost:8448/" + ) + serverpostgres.require_unit_state("postgresql.service") + serversqlite.wait_for_unit("matrix-synapse.service") + serversqlite.wait_until_succeeds( + "curl -L --cacert ${ca_pem} https://localhost:8448/" + ) + serversqlite.succeed("[ -e /var/lib/matrix-synapse/homeserver.db ]") ''; }) diff --git a/nixpkgs/nixos/tests/memcached.nix b/nixpkgs/nixos/tests/memcached.nix index b120599c51d..31f5627d25c 100644 --- a/nixpkgs/nixos/tests/memcached.nix +++ b/nixpkgs/nixos/tests/memcached.nix @@ -1,28 +1,24 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ... }: { name = "memcached"; - nodes = { - machine = - { ... }: - { - imports = [ ../modules/profiles/minimal.nix ]; - services.memcached.enable = true; - }; + machine = { + imports = [ ../modules/profiles/minimal.nix ]; + services.memcached.enable = true; }; testScript = let - testScript = pkgs.writeScript "testScript.py" '' - #!${pkgs.python3.withPackages (p: [p.memcached])}/bin/python - + testScript = pkgs.writers.writePython3 "test_memcache" { + libraries = with pkgs.python3Packages; [ memcached ]; + } '' import memcache c = memcache.Client(['localhost:11211']) c.set('key', 'value') assert 'value' == c.get('key') ''; in '' - startAll; - $machine->waitForUnit("memcached.service"); - $machine->waitForOpenPort("11211"); - $machine->succeed("${testScript}"); + machine.start() + machine.wait_for_unit("memcached.service") + machine.wait_for_open_port(11211) + machine.succeed("${testScript}") ''; }) diff --git a/nixpkgs/nixos/tests/metabase.nix b/nixpkgs/nixos/tests/metabase.nix index be9e5ed5b1e..1450a4e9086 100644 --- a/nixpkgs/nixos/tests/metabase.nix +++ b/nixpkgs/nixos/tests/metabase.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "metabase"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ mmahut ]; @@ -12,9 +12,9 @@ import ./make-test.nix ({ pkgs, ... }: { }; testScript = '' - startAll; - $machine->waitForUnit("metabase.service"); - $machine->waitForOpenPort(3000); - $machine->waitUntilSucceeds("curl -L http://localhost:3000/setup | grep Metabase"); + start_all() + machine.wait_for_unit("metabase.service") + machine.wait_for_open_port(3000) + machine.wait_until_succeeds("curl -L http://localhost:3000/setup | grep Metabase") ''; }) diff --git a/nixpkgs/nixos/tests/minidlna.nix b/nixpkgs/nixos/tests/minidlna.nix index 7bf1bed69d0..d852c7f60bc 100644 --- a/nixpkgs/nixos/tests/minidlna.nix +++ b/nixpkgs/nixos/tests/minidlna.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "minidlna"; nodes = { @@ -29,11 +29,11 @@ import ./make-test.nix ({ pkgs, ... }: { testScript = '' - startAll; - $server->succeed("mkdir -p /tmp/stuff && chown minidlna: /tmp/stuff"); - $server->waitForUnit("minidlna"); - $server->waitForOpenPort("8200"); - $server->succeed("curl --fail http://localhost:8200/"); - $client->succeed("curl --fail http://server:8200/"); + start_all() + server.succeed("mkdir -p /tmp/stuff && chown minidlna: /tmp/stuff") + server.wait_for_unit("minidlna") + server.wait_for_open_port("8200") + server.succeed("curl --fail http://localhost:8200/") + client.succeed("curl --fail http://server:8200/") ''; }) diff --git a/nixpkgs/nixos/tests/miniflux.nix b/nixpkgs/nixos/tests/miniflux.nix index 19ab4803a1d..7d83d061a9d 100644 --- a/nixpkgs/nixos/tests/miniflux.nix +++ b/nixpkgs/nixos/tests/miniflux.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: let port = 3142; @@ -37,16 +37,20 @@ with lib; }; }; testScript = '' - startAll; + start_all() - $default->waitForUnit('miniflux.service'); - $default->waitForOpenPort(${toString defaultPort}); - $default->succeed("curl --fail 'http://localhost:${toString defaultPort}/healthcheck' | grep -q OK"); - $default->succeed("curl 'http://localhost:${toString defaultPort}/v1/me' -u '${defaultUsername}:${defaultPassword}' -H Content-Type:application/json | grep -q '\"is_admin\":true'"); + default.wait_for_unit("miniflux.service") + default.wait_for_open_port(${toString defaultPort}) + default.succeed("curl --fail 'http://localhost:${toString defaultPort}/healthcheck' | grep -q OK") + default.succeed( + "curl 'http://localhost:${toString defaultPort}/v1/me' -u '${defaultUsername}:${defaultPassword}' -H Content-Type:application/json | grep -q '\"is_admin\":true'" + ) - $customized->waitForUnit('miniflux.service'); - $customized->waitForOpenPort(${toString port}); - $customized->succeed("curl --fail 'http://localhost:${toString port}/healthcheck' | grep -q OK"); - $customized->succeed("curl 'http://localhost:${toString port}/v1/me' -u '${username}:${password}' -H Content-Type:application/json | grep -q '\"is_admin\":true'"); + customized.wait_for_unit("miniflux.service") + customized.wait_for_open_port(${toString port}) + customized.succeed("curl --fail 'http://localhost:${toString port}/healthcheck' | grep -q OK") + customized.succeed( + "curl 'http://localhost:${toString port}/v1/me' -u '${username}:${password}' -H Content-Type:application/json | grep -q '\"is_admin\":true'" + ) ''; }) diff --git a/nixpkgs/nixos/tests/minio.nix b/nixpkgs/nixos/tests/minio.nix index f1218b53771..3b061974267 100644 --- a/nixpkgs/nixos/tests/minio.nix +++ b/nixpkgs/nixos/tests/minio.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : +import ./make-test-python.nix ({ pkgs, ...} : let accessKey = "BKIKJAA5BMMU2RHO6IBB"; secretKey = "V7f1CwQqAcwo80UEIJEjc5gVQUSSx5ohQ9GSrr12"; @@ -18,7 +18,7 @@ let sio.seek(0) minioClient.put_object('test-bucket', 'test.txt', sio, sio_len, content_type='text/plain') ''; - in { +in { name = "minio"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ bachp ]; @@ -37,19 +37,19 @@ let }; }; - testScript = - '' - startAll; - $machine->waitForUnit("minio.service"); - $machine->waitForOpenPort(9000); + testScript = '' + start_all() + machine.wait_for_unit("minio.service") + machine.wait_for_open_port(9000) - # Create a test bucket on the server - $machine->succeed("mc config host add minio http://localhost:9000 ${accessKey} ${secretKey} S3v4"); - $machine->succeed("mc mb minio/test-bucket"); - $machine->succeed("${minioPythonScript}"); - $machine->succeed("mc ls minio") =~ /test-bucket/ or die; - $machine->succeed("mc cat minio/test-bucket/test.txt") =~ /Test from Python/ or die; - $machine->shutdown; - - ''; + # Create a test bucket on the server + machine.succeed( + "mc config host add minio http://localhost:9000 ${accessKey} ${secretKey} S3v4" + ) + machine.succeed("mc mb minio/test-bucket") + machine.succeed("${minioPythonScript}") + assert "test-bucket" in machine.succeed("mc ls minio") + assert "Test from Python" in machine.succeed("mc cat minio/test-bucket/test.txt") + machine.shutdown() + ''; }) diff --git a/nixpkgs/nixos/tests/moinmoin.nix b/nixpkgs/nixos/tests/moinmoin.nix new file mode 100644 index 00000000000..2662b79aa09 --- /dev/null +++ b/nixpkgs/nixos/tests/moinmoin.nix @@ -0,0 +1,24 @@ +import ./make-test.nix ({ pkgs, lib, ... }: { + name = "moinmoin"; + meta.maintainers = [ ]; # waiting for https://github.com/NixOS/nixpkgs/pull/65397 + + machine = + { ... }: + { services.moinmoin.enable = true; + services.moinmoin.wikis.ExampleWiki.superUsers = [ "admin" ]; + services.moinmoin.wikis.ExampleWiki.webHost = "localhost"; + + services.nginx.virtualHosts.localhost.enableACME = false; + services.nginx.virtualHosts.localhost.forceSSL = false; + }; + + testScript = '' + startAll; + + $machine->waitForUnit('moin-ExampleWiki.service'); + $machine->waitForUnit('nginx.service'); + $machine->waitForFile('/run/moin/ExampleWiki/gunicorn.sock'); + $machine->succeed('curl -L http://localhost/') =~ /If you have just installed/ or die; + $machine->succeed('moin-ExampleWiki account create --name=admin --email=admin@example.com --password=foo 2>&1') =~ /status success/ or die; + ''; +}) diff --git a/nixpkgs/nixos/tests/mongodb.nix b/nixpkgs/nixos/tests/mongodb.nix index 0ccbeb062f9..9ebf84eed23 100644 --- a/nixpkgs/nixos/tests/mongodb.nix +++ b/nixpkgs/nixos/tests/mongodb.nix @@ -1,6 +1,6 @@ # This test start mongodb, runs a query using mongo shell -import ./make-test.nix ({ pkgs, ...} : let +import ./make-test-python.nix ({ pkgs, ...} : let testQuery = pkgs.writeScript "nixtest.js" '' db.greetings.insert({ "greeting": "hello" }); print(db.greetings.findOne().greeting); @@ -33,8 +33,10 @@ in { }; testScript = '' - startAll; - $one->waitForUnit("mongodb.service"); - $one->succeed("mongo -u nixtest -p nixtest nixtest ${testQuery}") =~ /hello/ or die; + start_all() + one.wait_for_unit("mongodb.service") + one.succeed( + "mongo -u nixtest -p nixtest nixtest ${testQuery} | grep -q hello" + ) ''; }) diff --git a/nixpkgs/nixos/tests/moodle.nix b/nixpkgs/nixos/tests/moodle.nix index 565a6b63694..56aa62596c0 100644 --- a/nixpkgs/nixos/tests/moodle.nix +++ b/nixpkgs/nixos/tests/moodle.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: { +import ./make-test-python.nix ({ pkgs, lib, ... }: { name = "moodle"; meta.maintainers = [ lib.maintainers.aanderse ]; @@ -15,8 +15,8 @@ import ./make-test.nix ({ pkgs, lib, ... }: { }; testScript = '' - startAll; - $machine->waitForUnit('phpfpm-moodle.service'); - $machine->succeed('curl http://localhost/') =~ /You are not logged in/ or die; + start_all() + machine.wait_for_unit("phpfpm-moodle.service") + machine.wait_until_succeeds("curl http://localhost/ | grep 'You are not logged in'") ''; }) diff --git a/nixpkgs/nixos/tests/morty.nix b/nixpkgs/nixos/tests/morty.nix index eab123bd50f..64c5a27665d 100644 --- a/nixpkgs/nixos/tests/morty.nix +++ b/nixpkgs/nixos/tests/morty.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: { name = "morty"; @@ -22,11 +22,9 @@ import ./make-test.nix ({ pkgs, ... }: testScript = { ... }: '' - $mortyProxyWithKey->waitForUnit("default.target"); - - $mortyProxyWithKey->waitForOpenPort(3001); - $mortyProxyWithKey->succeed("curl -L 127.0.0.1:3001 | grep MortyProxy"); - + mortyProxyWithKey.wait_for_unit("default.target") + mortyProxyWithKey.wait_for_open_port(3001) + mortyProxyWithKey.succeed("curl -L 127.0.0.1:3001 | grep MortyProxy") ''; }) diff --git a/nixpkgs/nixos/tests/mosquitto.nix b/nixpkgs/nixos/tests/mosquitto.nix index b4c897c3ab5..1f2fdf4237f 100644 --- a/nixpkgs/nixos/tests/mosquitto.nix +++ b/nixpkgs/nixos/tests/mosquitto.nix @@ -1,21 +1,10 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: let port = 1888; username = "mqtt"; password = "VERY_secret"; topic = "test/foo"; - - cmd = bin: pkgs.lib.concatStringsSep " " [ - "${pkgs.mosquitto}/bin/mosquitto_${bin}" - "-V mqttv311" - "-h server" - "-p ${toString port}" - "-u ${username}" - "-P '${password}'" - "-t ${topic}" - ]; - in { name = "mosquitto"; meta = with pkgs.stdenv.lib; { @@ -49,40 +38,53 @@ in { testScript = let file = "/tmp/msg"; - sub = args: - "(${cmd "sub"} -C 1 ${args} | tee ${file} &)"; in '' - startAll; - $server->waitForUnit("mosquitto.service"); + def mosquitto_cmd(binary): + return ( + "${pkgs.mosquitto}/bin/mosquitto_{} " + "-V mqttv311 " + "-h server " + "-p ${toString port} " + "-u ${username} " + "-P '${password}' " + "-t ${topic}" + ).format(binary) + + + def publish(args): + return "{} {}".format(mosquitto_cmd("pub"), args) + - $server->fail("test -f ${file}"); - $client1->fail("test -f ${file}"); - $client2->fail("test -f ${file}"); + def subscribe(args): + return "({} -C 1 {} | tee ${file} &)".format(mosquitto_cmd("sub"), args) + start_all() + server.wait_for_unit("mosquitto.service") + + for machine in server, client1, client2: + machine.fail("test -f ${file}") + # QoS = 0, so only one subscribers should get it - $server->execute("${sub "-q 0"}"); + server.execute(subscribe("-q 0")) # we need to give the subscribers some time to connect - $client2->execute("sleep 5"); - $client2->succeed("${cmd "pub"} -m FOO -q 0"); - - $server->waitUntilSucceeds("grep -q FOO ${file}"); - $server->execute("rm ${file}"); + client2.execute("sleep 5") + client2.succeed(publish("-m FOO -q 0")) + server.wait_until_succeeds("grep -q FOO ${file}") + server.execute("rm ${file}") # QoS = 1, so both subscribers should get it - $server->execute("${sub "-q 1"}"); - $client1->execute("${sub "-q 1"}"); + server.execute(subscribe("-q 1")) + client1.execute(subscribe("-q 1")) # we need to give the subscribers some time to connect - $client2->execute("sleep 5"); - $client2->succeed("${cmd "pub"} -m BAR -q 1"); - - $server->waitUntilSucceeds("grep -q BAR ${file}"); - $server->execute("rm ${file}"); + client2.execute("sleep 5") + client2.succeed(publish("-m BAR -q 1")) - $client1->waitUntilSucceeds("grep -q BAR ${file}"); - $client1->execute("rm ${file}"); + for machine in server, client1: + machine.wait_until_succeeds("grep -q BAR ${file}") + machine.execute("rm ${file}") ''; }) diff --git a/nixpkgs/nixos/tests/mpd.nix b/nixpkgs/nixos/tests/mpd.nix index ac2b810defe..895b7e2014c 100644 --- a/nixpkgs/nixos/tests/mpd.nix +++ b/nixpkgs/nixos/tests/mpd.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: let track = pkgs.fetchurl { # Sourced from http://freemusicarchive.org/music/Blue_Wave_Theory/Surf_Music_Month_Challenge/Skyhawk_Beach_fade_in @@ -46,74 +46,87 @@ import ./make-test.nix ({ pkgs, ... }: }; nodes = - { client = + { client = { ... }: { }; serverALSA = - { ... }: (mkServer { - mpd = defaultMpdCfg // { - network.listenAddress = "any"; - extraConfig = '' - audio_output { - type "alsa" - name "ALSA" - mixer_type "null" - } - ''; - }; - - musicService = with defaultMpdCfg; musicService { inherit user group musicDirectory; }; - }) // { networking.firewall.allowedTCPPorts = [ 6600 ]; }; + { ... }: lib.mkMerge [ + (mkServer { + mpd = defaultMpdCfg // { + network.listenAddress = "any"; + extraConfig = '' + audio_output { + type "alsa" + name "ALSA" + mixer_type "null" + } + ''; + }; + musicService = with defaultMpdCfg; musicService { inherit user group musicDirectory; }; + }) + { networking.firewall.allowedTCPPorts = [ 6600 ]; } + ]; serverPulseAudio = - { ... }: (mkServer { - mpd = defaultMpdCfg // { - extraConfig = '' - audio_output { - type "pulse" - name "The Pulse" - } - ''; - }; - - musicService = with defaultCfg; musicService { inherit user group musicDirectory; }; - }) // { hardware.pulseaudio.enable = true; }; + { ... }: lib.mkMerge [ + (mkServer { + mpd = defaultMpdCfg // { + extraConfig = '' + audio_output { + type "pulse" + name "The Pulse" + } + ''; + }; + + musicService = with defaultCfg; musicService { inherit user group musicDirectory; }; + }) + { + hardware.pulseaudio = { + enable = true; + systemWide = true; + tcp.enable = true; + tcp.anonymousClients.allowAll = true; + }; + systemd.services.mpd.environment.PULSE_SERVER = "localhost"; + } + ]; }; testScript = '' - my $mpc = "${pkgs.mpc_cli}/bin/mpc --wait"; + mpc = "${pkgs.mpc_cli}/bin/mpc --wait" # Connects to the given server and attempts to play a tune. - sub play_some_music { - my $server = $_[0]; + def play_some_music(server): + server.wait_for_unit("mpd.service") + server.succeed(f"{mpc} update") + _, tracks = server.execute(f"{mpc} ls") - $server->waitForUnit("mpd.service"); - $server->succeed("$mpc update"); - my @tracks = $server->execute("$mpc ls"); + for track in tracks.splitlines(): + server.succeed(f"{mpc} add {track}") - for my $track (split(/\n/, $tracks[1])) { - $server->succeed("$mpc add $track"); - }; + _, added_tracks = server.execute(f"{mpc} listall") - my @added_tracks = $server->execute("$mpc listall"); - (length $added_tracks[1]) > 0 or die "Failed to add audio tracks to the playlist."; + # Check we succeeded adding audio tracks to the playlist + assert len(added_tracks.splitlines()) > 0 - $server->succeed("$mpc play"); + server.succeed(f"{mpc} play") - my @status = $server->execute("$mpc status"); - my @output = split(/\n/, $status[1]); - $output[1] =~ /.*playing.*/ or die "Audio track is not playing, as expected."; + _, output = server.execute(f"{mpc} status") + # Assure audio track is playing + assert "playing" in output + + server.succeed(f"{mpc} stop") - $server->succeed("$mpc stop"); - }; - play_some_music($serverALSA); - play_some_music($serverPulseAudio); + play_some_music(serverALSA) + play_some_music(serverPulseAudio) - $client->succeed("$mpc -h serverALSA status"); + client.wait_for_unit("multi-user.target") + client.succeed(f"{mpc} -h serverALSA status") # The PulseAudio-based server is configured not to accept external client connections # to perform the following test: - $client->fail("$mpc -h serverPulseAudio status"); + client.fail(f"{mpc} -h serverPulseAudio status") ''; }) diff --git a/nixpkgs/nixos/tests/mysql-backup.nix b/nixpkgs/nixos/tests/mysql-backup.nix index 81482dfef7e..a0595e4d553 100644 --- a/nixpkgs/nixos/tests/mysql-backup.nix +++ b/nixpkgs/nixos/tests/mysql-backup.nix @@ -1,5 +1,5 @@ # Test whether mysqlBackup option works -import ./make-test.nix ({ pkgs, ... } : { +import ./make-test-python.nix ({ pkgs, ... } : { name = "mysql-backup"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ rvl ]; @@ -20,31 +20,37 @@ import ./make-test.nix ({ pkgs, ... } : { }; }; - testScript = - '' startAll; + testScript = '' + start_all() - # Delete backup file that may be left over from a previous test run. - # This is not needed on Hydra but useful for repeated local test runs. - $master->execute("rm -f /var/backup/mysql/testdb.gz"); + # Delete backup file that may be left over from a previous test run. + # This is not needed on Hydra but useful for repeated local test runs. + master.execute("rm -f /var/backup/mysql/testdb.gz") - # Need to have mysql started so that it can be populated with data. - $master->waitForUnit("mysql.service"); + # Need to have mysql started so that it can be populated with data. + master.wait_for_unit("mysql.service") - # Wait for testdb to be fully populated (5 rows). - $master->waitUntilSucceeds("mysql -u root -D testdb -N -B -e 'select count(id) from tests' | grep -q 5"); + # Wait for testdb to be fully populated (5 rows). + master.wait_until_succeeds( + "mysql -u root -D testdb -N -B -e 'select count(id) from tests' | grep -q 5" + ) - # Do a backup and wait for it to start - $master->startJob("mysql-backup.service"); - $master->waitForJob("mysql-backup.service"); + # Do a backup and wait for it to start + master.start_job("mysql-backup.service") + master.wait_for_unit("mysql-backup.service") - # wait for backup to fail, because of database 'doesnotexist' - $master->waitUntilFails("systemctl is-active -q mysql-backup.service"); + # wait for backup to fail, because of database 'doesnotexist' + master.wait_until_fails("systemctl is-active -q mysql-backup.service") - # wait for backup file and check that data appears in backup - $master->waitForFile("/var/backup/mysql/testdb.gz"); - $master->succeed("${pkgs.gzip}/bin/zcat /var/backup/mysql/testdb.gz | grep hello"); + # wait for backup file and check that data appears in backup + master.wait_for_file("/var/backup/mysql/testdb.gz") + master.succeed( + "${pkgs.gzip}/bin/zcat /var/backup/mysql/testdb.gz | grep hello" + ) - # Check that a failed backup is logged - $master->succeed("journalctl -u mysql-backup.service | grep 'fail.*doesnotexist' > /dev/null"); - ''; + # Check that a failed backup is logged + master.succeed( + "journalctl -u mysql-backup.service | grep 'fail.*doesnotexist' > /dev/null" + ) + ''; }) diff --git a/nixpkgs/nixos/tests/mysql-replication.nix b/nixpkgs/nixos/tests/mysql-replication.nix index c75a862106f..a2654f041ad 100644 --- a/nixpkgs/nixos/tests/mysql-replication.nix +++ b/nixpkgs/nixos/tests/mysql-replication.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : +import ./make-test-python.nix ({ pkgs, ...} : let replicateUser = "replicate"; @@ -54,28 +54,36 @@ in }; testScript = '' - $master->start; - $master->waitForUnit("mysql"); - $master->waitForOpenPort(3306); + master.start() + master.wait_for_unit("mysql") + master.wait_for_open_port(3306) # Wait for testdb to be fully populated (5 rows). - $master->waitUntilSucceeds("mysql -u root -D testdb -N -B -e 'select count(id) from tests' | grep -q 5"); + master.wait_until_succeeds( + "mysql -u root -D testdb -N -B -e 'select count(id) from tests' | grep -q 5" + ) - $slave1->start; - $slave2->start; - $slave1->waitForUnit("mysql"); - $slave1->waitForOpenPort(3306); - $slave2->waitForUnit("mysql"); - $slave2->waitForOpenPort(3306); + slave1.start() + slave2.start() + slave1.wait_for_unit("mysql") + slave1.wait_for_open_port(3306) + slave2.wait_for_unit("mysql") + slave2.wait_for_open_port(3306) # wait for replications to finish - $slave1->waitUntilSucceeds("mysql -u root -D testdb -N -B -e 'select count(id) from tests' | grep -q 5"); - $slave2->waitUntilSucceeds("mysql -u root -D testdb -N -B -e 'select count(id) from tests' | grep -q 5"); + slave1.wait_until_succeeds( + "mysql -u root -D testdb -N -B -e 'select count(id) from tests' | grep -q 5" + ) + slave2.wait_until_succeeds( + "mysql -u root -D testdb -N -B -e 'select count(id) from tests' | grep -q 5" + ) - $slave2->succeed("systemctl stop mysql"); - $master->succeed("echo 'insert into testdb.tests values (123, 456);' | mysql -u root -N"); - $slave2->succeed("systemctl start mysql"); - $slave2->waitForUnit("mysql"); - $slave2->waitForOpenPort(3306); - $slave2->waitUntilSucceeds("echo 'select * from testdb.tests where Id = 123;' | mysql -u root -N | grep 456"); + slave2.succeed("systemctl stop mysql") + master.succeed("echo 'insert into testdb.tests values (123, 456);' | mysql -u root -N") + slave2.succeed("systemctl start mysql") + slave2.wait_for_unit("mysql") + slave2.wait_for_open_port(3306) + slave2.wait_until_succeeds( + "echo 'select * from testdb.tests where Id = 123;' | mysql -u root -N | grep 456" + ) ''; }) diff --git a/nixpkgs/nixos/tests/mysql.nix b/nixpkgs/nixos/tests/mysql.nix index 05bd968de02..2c0d212c2f1 100644 --- a/nixpkgs/nixos/tests/mysql.nix +++ b/nixpkgs/nixos/tests/mysql.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "mysql"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ eelco shlevy ]; @@ -47,17 +47,23 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all - $mysql->waitForUnit("mysql"); - $mysql->succeed("echo 'use empty_testdb;' | mysql -u root"); - $mysql->succeed("echo 'use testdb; select * from tests;' | mysql -u root -N | grep 4"); + mysql.wait_for_unit("mysql") + mysql.succeed("echo 'use empty_testdb;' | mysql -u root") + mysql.succeed("echo 'use testdb; select * from tests;' | mysql -u root -N | grep 4") # ';' acts as no-op, just check whether login succeeds with the user created from the initialScript - $mysql->succeed("echo ';' | mysql -u passworduser --password=password123"); + mysql.succeed("echo ';' | mysql -u passworduser --password=password123") - $mariadb->waitForUnit("mysql"); - $mariadb->succeed("echo 'use testdb; create table tests (test_id INT, PRIMARY KEY (test_id));' | sudo -u testuser mysql -u testuser"); - $mariadb->succeed("echo 'use testdb; insert into tests values (42);' | sudo -u testuser mysql -u testuser"); - $mariadb->succeed("echo 'use testdb; select test_id from tests;' | sudo -u testuser mysql -u testuser -N | grep 42"); + mariadb.wait_for_unit("mysql") + mariadb.succeed( + "echo 'use testdb; create table tests (test_id INT, PRIMARY KEY (test_id));' | sudo -u testuser mysql -u testuser" + ) + mariadb.succeed( + "echo 'use testdb; insert into tests values (42);' | sudo -u testuser mysql -u testuser" + ) + mariadb.succeed( + "echo 'use testdb; select test_id from tests;' | sudo -u testuser mysql -u testuser -N | grep 42" + ) ''; }) diff --git a/nixpkgs/nixos/tests/ndppd.nix b/nixpkgs/nixos/tests/ndppd.nix index 6a6f602726d..b67b26a7934 100644 --- a/nixpkgs/nixos/tests/ndppd.nix +++ b/nixpkgs/nixos/tests/ndppd.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ...} : { +import ./make-test-python.nix ({ pkgs, lib, ...} : { name = "ndppd"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ fpletz ]; @@ -52,9 +52,9 @@ import ./make-test.nix ({ pkgs, lib, ...} : { }; testScript = '' - startAll; - $server->waitForUnit("multi-user.target"); - $upstream->waitForUnit("multi-user.target"); - $upstream->waitUntilSucceeds("ping -c5 fd42::2"); + start_all() + server.wait_for_unit("multi-user.target") + upstream.wait_for_unit("multi-user.target") + upstream.wait_until_succeeds("ping -c5 fd42::2") ''; }) diff --git a/nixpkgs/nixos/tests/neo4j.nix b/nixpkgs/nixos/tests/neo4j.nix index 86ed8970517..32ee7f501b8 100644 --- a/nixpkgs/nixos/tests/neo4j.nix +++ b/nixpkgs/nixos/tests/neo4j.nix @@ -1,4 +1,4 @@ -import ./make-test.nix { +import ./make-test-python.nix { name = "neo4j"; nodes = { @@ -11,10 +11,10 @@ import ./make-test.nix { }; testScript = '' - startAll; + start_all() - $master->waitForUnit("neo4j"); - $master->sleep(20); # Hopefully this is long enough!! - $master->succeed("curl http://localhost:7474/"); + master.wait_for_unit("neo4j") + master.wait_for_open_port(7474) + master.succeed("curl http://localhost:7474/") ''; } diff --git a/nixpkgs/nixos/tests/netdata.nix b/nixpkgs/nixos/tests/netdata.nix index 9bd147968e4..8dd5eafb097 100644 --- a/nixpkgs/nixos/tests/netdata.nix +++ b/nixpkgs/nixos/tests/netdata.nix @@ -1,6 +1,6 @@ # This test runs netdata and checks for data via apps.plugin -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "netdata"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ cransom ]; @@ -16,23 +16,22 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all() - $netdata->waitForUnit("netdata.service"); + netdata.wait_for_unit("netdata.service") # wait for the service to listen before sending a request - $netdata->waitForOpenPort(19999); + netdata.wait_for_open_port(19999) # check if the netdata main page loads. - $netdata->succeed("curl --fail http://localhost:19999/"); + netdata.succeed("curl --fail http://localhost:19999/") # check if netdata can read disk ops for root owned processes. # if > 0, successful. verifies both netdata working and # apps.plugin has elevated capabilities. - my $cmd = <<'CMD'; - curl -s http://localhost:19999/api/v1/data\?chart=users.pwrites | \ - jq -e '[.data[range(10)][.labels | indices("root")[0]]] | add | . > 0' - CMD - $netdata->waitUntilSucceeds($cmd); + url = "http://localhost:19999/api/v1/data\?chart=users.pwrites" + filter = '[.data[range(10)][.labels | indices("root")[0]]] | add | . > 0' + cmd = f"curl -s {url} | jq -e '{filter}'" + netdata.wait_until_succeeds(cmd) ''; }) diff --git a/nixpkgs/nixos/tests/nextcloud/basic.nix b/nixpkgs/nixos/tests/nextcloud/basic.nix index bfb97ec3f23..75862feb202 100644 --- a/nixpkgs/nixos/tests/nextcloud/basic.nix +++ b/nixpkgs/nixos/tests/nextcloud/basic.nix @@ -1,4 +1,4 @@ -import ../make-test.nix ({ pkgs, ...}: let +import ../make-test-python.nix ({ pkgs, ...}: let adminpass = "notproduction"; adminuser = "root"; in { @@ -50,11 +50,15 @@ in { diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file) ''; in '' - startAll(); - $nextcloud->waitForUnit("multi-user.target"); - $nextcloud->succeed("curl -sSf http://nextcloud/login"); - $nextcloud->succeed("${withRcloneEnv} ${copySharedFile}"); - $client->waitForUnit("multi-user.target"); - $client->succeed("${withRcloneEnv} ${diffSharedFile}"); + start_all() + nextcloud.wait_for_unit("multi-user.target") + nextcloud.succeed("curl -sSf http://nextcloud/login") + nextcloud.succeed( + "${withRcloneEnv} ${copySharedFile}" + ) + client.wait_for_unit("multi-user.target") + client.succeed( + "${withRcloneEnv} ${diffSharedFile}" + ) ''; }) diff --git a/nixpkgs/nixos/tests/nextcloud/with-mysql-and-memcached.nix b/nixpkgs/nixos/tests/nextcloud/with-mysql-and-memcached.nix index aaf37ee4c81..b9ba5888187 100644 --- a/nixpkgs/nixos/tests/nextcloud/with-mysql-and-memcached.nix +++ b/nixpkgs/nixos/tests/nextcloud/with-mysql-and-memcached.nix @@ -1,4 +1,4 @@ -import ../make-test.nix ({ pkgs, ...}: let +import ../make-test-python.nix ({ pkgs, ...}: let adminpass = "hunter2"; adminuser = "root"; in { @@ -85,13 +85,16 @@ in { diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file) ''; in '' - startAll(); - $nextcloud->waitForUnit("multi-user.target"); - $nextcloud->succeed("${configureMemcached}"); - $nextcloud->succeed("curl -sSf http://nextcloud/login"); - $nextcloud->succeed("${withRcloneEnv} ${copySharedFile}"); - $client->waitForUnit("multi-user.target"); - $client->succeed("${withRcloneEnv} ${diffSharedFile}"); - + start_all() + nextcloud.wait_for_unit("multi-user.target") + nextcloud.succeed("${configureMemcached}") + nextcloud.succeed("curl -sSf http://nextcloud/login") + nextcloud.succeed( + "${withRcloneEnv} ${copySharedFile}" + ) + client.wait_for_unit("multi-user.target") + client.succeed( + "${withRcloneEnv} ${diffSharedFile}" + ) ''; }) diff --git a/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix b/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix index f655aba9d45..324853350af 100644 --- a/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix +++ b/nixpkgs/nixos/tests/nextcloud/with-postgresql-and-redis.nix @@ -1,4 +1,4 @@ -import ../make-test.nix ({ pkgs, ...}: let +import ../make-test-python.nix ({ pkgs, ...}: let adminpass = "hunter2"; adminuser = "custom-admin-username"; in { @@ -85,12 +85,16 @@ in { diff <(echo 'hi') <(${pkgs.rclone}/bin/rclone cat nextcloud:test-shared-file) ''; in '' - startAll(); - $nextcloud->waitForUnit("multi-user.target"); - $nextcloud->succeed("${configureRedis}"); - $nextcloud->succeed("curl -sSf http://nextcloud/login"); - $nextcloud->succeed("${withRcloneEnv} ${copySharedFile}"); - $client->waitForUnit("multi-user.target"); - $client->succeed("${withRcloneEnv} ${diffSharedFile}"); + start_all() + nextcloud.wait_for_unit("multi-user.target") + nextcloud.succeed("${configureRedis}") + nextcloud.succeed("curl -sSf http://nextcloud/login") + nextcloud.succeed( + "${withRcloneEnv} ${copySharedFile}" + ) + client.wait_for_unit("multi-user.target") + client.succeed( + "${withRcloneEnv} ${diffSharedFile}" + ) ''; }) diff --git a/nixpkgs/nixos/tests/nexus.nix b/nixpkgs/nixos/tests/nexus.nix index 783c9f5c019..1ec5c40476a 100644 --- a/nixpkgs/nixos/tests/nexus.nix +++ b/nixpkgs/nixos/tests/nexus.nix @@ -3,7 +3,7 @@ # 2. nexus service can startup on server (creating database and all other initial stuff) # 3. the web application is reachable via HTTP -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "nexus"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ ironpinguin ma27 ]; @@ -22,11 +22,11 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all() - $server->waitForUnit("nexus"); - $server->waitForOpenPort(8081); + server.wait_for_unit("nexus") + server.wait_for_open_port(8081) - $server->succeed("curl -f 127.0.0.1:8081"); + server.succeed("curl -f 127.0.0.1:8081") ''; }) diff --git a/nixpkgs/nixos/tests/nix-ssh-serve.nix b/nixpkgs/nixos/tests/nix-ssh-serve.nix index 494d55121eb..03f83542c7c 100644 --- a/nixpkgs/nixos/tests/nix-ssh-serve.nix +++ b/nixpkgs/nixos/tests/nix-ssh-serve.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: let inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey; ssh-config = builtins.toFile "ssh.conf" '' @@ -18,22 +18,28 @@ in client.nix.package = pkgs.nix; }; testScript = '' - startAll; + start_all() - $client->succeed("mkdir -m 700 /root/.ssh"); - $client->copyFileFromHost("${ssh-config}", "/root/.ssh/config"); - $client->succeed("cat ${snakeOilPrivateKey} > /root/.ssh/id_ecdsa"); - $client->succeed("chmod 600 /root/.ssh/id_ecdsa"); + client.succeed("mkdir -m 700 /root/.ssh") + client.succeed( + "cat ${ssh-config} > /root/.ssh/config" + ) + client.succeed( + "cat ${snakeOilPrivateKey} > /root/.ssh/id_ecdsa" + ) + client.succeed("chmod 600 /root/.ssh/id_ecdsa") - $client->succeed("nix-store --add /etc/machine-id > mach-id-path"); + client.succeed("nix-store --add /etc/machine-id > mach-id-path") - $server->waitForUnit("sshd"); + server.wait_for_unit("sshd") - $client->fail("diff /root/other-store\$(cat mach-id-path) /etc/machine-id"); + client.fail("diff /root/other-store$(cat mach-id-path) /etc/machine-id") # Currently due to shared store this is a noop :( - $client->succeed("nix copy --to ssh-ng://nix-ssh\@server \$(cat mach-id-path)"); - $client->succeed("nix-store --realise \$(cat mach-id-path) --store /root/other-store --substituters ssh-ng://nix-ssh\@server"); - $client->succeed("diff /root/other-store\$(cat mach-id-path) /etc/machine-id"); + client.succeed("nix copy --to ssh-ng://nix-ssh@server $(cat mach-id-path)") + client.succeed( + "nix-store --realise $(cat mach-id-path) --store /root/other-store --substituters ssh-ng://nix-ssh@server" + ) + client.succeed("diff /root/other-store$(cat mach-id-path) /etc/machine-id") ''; } ) diff --git a/nixpkgs/nixos/tests/nixos-generate-config.nix b/nixpkgs/nixos/tests/nixos-generate-config.nix index 15a173e024b..6c83ccecc70 100644 --- a/nixpkgs/nixos/tests/nixos-generate-config.nix +++ b/nixpkgs/nixos/tests/nixos-generate-config.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, ... } : { +import ./make-test-python.nix ({ lib, ... } : { name = "nixos-generate-config"; meta.maintainers = with lib.maintainers; [ basvandijk ]; machine = { @@ -11,14 +11,16 @@ import ./make-test.nix ({ lib, ... } : { ''; }; testScript = '' - startAll; - $machine->waitForUnit("multi-user.target"); - $machine->succeed("nixos-generate-config"); + start_all() + machine.wait_for_unit("multi-user.target") + machine.succeed("nixos-generate-config") # Test if the configuration really is overridden - $machine->succeed("grep 'OVERRIDDEN' /etc/nixos/configuration.nix"); + machine.succeed("grep 'OVERRIDDEN' /etc/nixos/configuration.nix") # Test of if the Perl variable $bootLoaderConfig is spliced correctly: - $machine->succeed("grep 'boot\\.loader\\.grub\\.enable = true;' /etc/nixos/configuration.nix"); + machine.succeed( + "grep 'boot\\.loader\\.grub\\.enable = true;' /etc/nixos/configuration.nix" + ) ''; }) diff --git a/nixpkgs/nixos/tests/openarena.nix b/nixpkgs/nixos/tests/openarena.nix new file mode 100644 index 00000000000..4cc4db22963 --- /dev/null +++ b/nixpkgs/nixos/tests/openarena.nix @@ -0,0 +1,36 @@ +import ./make-test.nix ({ pkgs, ...} : { + name = "openarena"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ tomfitzhenry ]; + }; + + machine = + { pkgs, ... }: + + { imports = []; + environment.systemPackages = with pkgs; [ + socat + ]; + services.openarena = { + enable = true; + extraFlags = [ + "+set dedicated 2" + "+set sv_hostname 'My NixOS server'" + "+map oa_dm1" + ]; + }; + }; + + testScript = + '' + $machine->waitForUnit("openarena.service"); + $machine->waitUntilSucceeds("ss --numeric --udp --listening | grep -q 27960"); + + # The log line containing 'resolve address' is last and only message that occurs after + # the server starts accepting clients. + $machine->waitUntilSucceeds("journalctl -u openarena.service | grep 'resolve address: dpmaster.deathmask.net'"); + + # Check it's possible to join the server. + $machine->succeed("echo -n -e '\\xff\\xff\\xff\\xffgetchallenge' | socat - UDP4-DATAGRAM:127.0.0.1:27960 | grep -q challengeResponse"); + ''; +}) diff --git a/nixpkgs/nixos/tests/opensmtpd.nix b/nixpkgs/nixos/tests/opensmtpd.nix index 883ad760494..e6f52db1d98 100644 --- a/nixpkgs/nixos/tests/opensmtpd.nix +++ b/nixpkgs/nixos/tests/opensmtpd.nix @@ -1,4 +1,4 @@ -import ./make-test.nix { +import ./make-test-python.nix { name = "opensmtpd"; nodes = { @@ -102,23 +102,23 @@ import ./make-test.nix { }; testScript = '' - startAll; + start_all() - $client->waitForUnit("network-online.target"); - $smtp1->waitForUnit('opensmtpd'); - $smtp2->waitForUnit('opensmtpd'); - $smtp2->waitForUnit('dovecot2'); + client.wait_for_unit("network-online.target") + smtp1.wait_for_unit("opensmtpd") + smtp2.wait_for_unit("opensmtpd") + smtp2.wait_for_unit("dovecot2") # To prevent sporadic failures during daemon startup, make sure # services are listening on their ports before sending requests - $smtp1->waitForOpenPort(25); - $smtp2->waitForOpenPort(25); - $smtp2->waitForOpenPort(143); + smtp1.wait_for_open_port(25) + smtp2.wait_for_open_port(25) + smtp2.wait_for_open_port(143) - $client->succeed('send-a-test-mail'); - $smtp1->waitUntilFails('smtpctl show queue | egrep .'); - $smtp2->waitUntilFails('smtpctl show queue | egrep .'); - $client->succeed('check-mail-landed >&2'); + client.succeed("send-a-test-mail") + smtp1.wait_until_fails("smtpctl show queue | egrep .") + smtp2.wait_until_fails("smtpctl show queue | egrep .") + client.succeed("check-mail-landed >&2") ''; meta.timeout = 30; diff --git a/nixpkgs/nixos/tests/openssh.nix b/nixpkgs/nixos/tests/openssh.nix index 8b9e2170f15..e9692b50327 100644 --- a/nixpkgs/nixos/tests/openssh.nix +++ b/nixpkgs/nixos/tests/openssh.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: let inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey; @@ -58,47 +58,55 @@ in { }; testScript = '' - startAll; - - my $key=`${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f key -N ""`; - - $server->waitForUnit("sshd"); - - subtest "manual-authkey", sub { - $server->succeed("mkdir -m 700 /root/.ssh"); - $server->copyFileFromHost("key.pub", "/root/.ssh/authorized_keys"); - $server_lazy->succeed("mkdir -m 700 /root/.ssh"); - $server_lazy->copyFileFromHost("key.pub", "/root/.ssh/authorized_keys"); - - $client->succeed("mkdir -m 700 /root/.ssh"); - $client->copyFileFromHost("key", "/root/.ssh/id_ed25519"); - $client->succeed("chmod 600 /root/.ssh/id_ed25519"); - - $client->waitForUnit("network.target"); - $client->succeed("ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server 'echo hello world' >&2"); - $client->succeed("ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server 'ulimit -l' | grep 1024"); - - $client->succeed("ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server_lazy 'echo hello world' >&2"); - $client->succeed("ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server_lazy 'ulimit -l' | grep 1024"); - - }; - - subtest "configured-authkey", sub { - $client->succeed("cat ${snakeOilPrivateKey} > privkey.snakeoil"); - $client->succeed("chmod 600 privkey.snakeoil"); - $client->succeed("ssh -o UserKnownHostsFile=/dev/null" . - " -o StrictHostKeyChecking=no -i privkey.snakeoil" . - " server true"); - - $client->succeed("ssh -o UserKnownHostsFile=/dev/null" . - " -o StrictHostKeyChecking=no -i privkey.snakeoil" . - " server_lazy true"); - - }; - - subtest "localhost-only", sub { - $server_localhost_only->succeed("ss -nlt | grep '127.0.0.1:22'"); - $server_localhost_only_lazy->succeed("ss -nlt | grep '127.0.0.1:22'"); - } + start_all() + + server.wait_for_unit("sshd") + + with subtest("manual-authkey"): + client.succeed("mkdir -m 700 /root/.ssh") + client.succeed( + '${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f /root/.ssh/id_ed25519 -N ""' + ) + public_key = client.succeed( + "${pkgs.openssh}/bin/ssh-keygen -y -f /root/.ssh/id_ed25519" + ) + public_key = public_key.strip() + client.succeed("chmod 600 /root/.ssh/id_ed25519") + + server.succeed("mkdir -m 700 /root/.ssh") + server.succeed("echo '{}' > /root/.ssh/authorized_keys".format(public_key)) + server_lazy.succeed("mkdir -m 700 /root/.ssh") + server_lazy.succeed("echo '{}' > /root/.ssh/authorized_keys".format(public_key)) + + client.wait_for_unit("network.target") + client.succeed( + "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server 'echo hello world' >&2" + ) + client.succeed( + "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server 'ulimit -l' | grep 1024" + ) + + client.succeed( + "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server_lazy 'echo hello world' >&2" + ) + client.succeed( + "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no server_lazy 'ulimit -l' | grep 1024" + ) + + with subtest("configured-authkey"): + client.succeed( + "cat ${snakeOilPrivateKey} > privkey.snakeoil" + ) + client.succeed("chmod 600 privkey.snakeoil") + client.succeed( + "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil server true" + ) + client.succeed( + "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil server_lazy true" + ) + + with subtest("localhost-only"): + server_localhost_only.succeed("ss -nlt | grep '127.0.0.1:22'") + server_localhost_only_lazy.succeed("ss -nlt | grep '127.0.0.1:22'") ''; }) diff --git a/nixpkgs/nixos/tests/orangefs.nix b/nixpkgs/nixos/tests/orangefs.nix new file mode 100644 index 00000000000..bdf4fc10c44 --- /dev/null +++ b/nixpkgs/nixos/tests/orangefs.nix @@ -0,0 +1,88 @@ +import ./make-test.nix ({ ... } : + +let + server = { pkgs, ... } : { + networking.firewall.allowedTCPPorts = [ 3334 ]; + boot.initrd.postDeviceCommands = '' + ${pkgs.e2fsprogs}/bin/mkfs.ext4 -L data /dev/vdb + ''; + + virtualisation.emptyDiskImages = [ 4096 ]; + + fileSystems = pkgs.lib.mkVMOverride + [ { mountPoint = "/data"; + device = "/dev/disk/by-label/data"; + fsType = "ext4"; + } + ]; + + services.orangefs.server = { + enable = true; + dataStorageSpace = "/data/storage"; + metadataStorageSpace = "/data/meta"; + servers = { + server1 = "tcp://server1:3334"; + server2 = "tcp://server2:3334"; + }; + }; + }; + + client = { lib, ... } : { + networking.firewall.enable = true; + + services.orangefs.client = { + enable = true; + fileSystems = [{ + target = "tcp://server1:3334/orangefs"; + mountPoint = "/orangefs"; + }]; + }; + }; + +in { + name = "orangefs"; + + nodes = { + server1 = server; + server2 = server; + + client1 = client; + client2 = client; + }; + + testScript = '' + # format storage + foreach my $server (($server1,$server2)) + { + $server->start(); + $server->waitForUnit("multi-user.target"); + $server->succeed("mkdir -p /data/storage /data/meta"); + $server->succeed("chown orangefs:orangefs /data/storage /data/meta"); + $server->succeed("chmod 0770 /data/storage /data/meta"); + $server->succeed("sudo -g orangefs -u orangefs pvfs2-server -f /etc/orangefs/server.conf"); + } + + # start services after storage is formated on all machines + foreach my $server (($server1,$server2)) + { + $server->succeed("systemctl start orangefs-server.service"); + } + + # Check if clients can reach and mount the FS + foreach my $client (($client1,$client2)) + { + $client->start(); + $client->waitForUnit("orangefs-client.service"); + # Both servers need to be reachable + $client->succeed("pvfs2-check-server -h server1 -f orangefs -n tcp -p 3334"); + $client->succeed("pvfs2-check-server -h server2 -f orangefs -n tcp -p 3334"); + $client->waitForUnit("orangefs.mount"); + + } + + # R/W test between clients + $client1->succeed("echo test > /orangefs/file1"); + $client2->succeed("grep test /orangefs/file1"); + + ''; +}) diff --git a/nixpkgs/nixos/tests/os-prober.nix b/nixpkgs/nixos/tests/os-prober.nix index 9cd9f4ecd15..5407a62339f 100644 --- a/nixpkgs/nixos/tests/os-prober.nix +++ b/nixpkgs/nixos/tests/os-prober.nix @@ -51,12 +51,11 @@ let hashed-mirrors = connect-timeout = 1 ''; - services.udisks2.enable = lib.mkForce false; }; # /etc/nixos/configuration.nix for the vm configFile = pkgs.writeText "configuration.nix" '' {config, pkgs, ...}: ({ - imports = + imports = [ ./hardware-configuration.nix <nixpkgs/nixos/modules/testing/test-instrumentation.nix> ]; diff --git a/nixpkgs/nixos/tests/osquery.nix b/nixpkgs/nixos/tests/osquery.nix deleted file mode 100644 index d95871ffafc..00000000000 --- a/nixpkgs/nixos/tests/osquery.nix +++ /dev/null @@ -1,28 +0,0 @@ -import ./make-test.nix ({ pkgs, lib, ... }: - -with lib; - -{ - name = "osquery"; - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ ma27 ]; - }; - - machine = { - services.osquery.enable = true; - services.osquery.loggerPath = "/var/log/osquery/logs"; - services.osquery.pidfile = "/run/osqueryd.pid"; - }; - - testScript = '' - $machine->start; - $machine->waitForUnit("osqueryd.service"); - - $machine->succeed("echo 'SELECT address FROM etc_hosts LIMIT 1;' | osqueryi | grep '127.0.0.1'"); - $machine->succeed( - "echo 'SELECT value FROM osquery_flags WHERE name = \"logger_path\";' | osqueryi | grep /var/log/osquery/logs" - ); - - $machine->succeed("echo 'SELECT value FROM osquery_flags WHERE name = \"pidfile\";' | osqueryi | grep /run/osqueryd.pid"); - ''; -}) diff --git a/nixpkgs/nixos/tests/ostree.nix b/nixpkgs/nixos/tests/ostree.nix deleted file mode 100644 index d7ad84a1a5f..00000000000 --- a/nixpkgs/nixos/tests/ostree.nix +++ /dev/null @@ -1,21 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, lib, ... }: { - name = "ostree"; - - meta = { - maintainers = pkgs.ostree.meta.maintainers; - }; - - # TODO: Wrap/patch the tests directly in the package - machine = { pkgs, ... }: { - environment.systemPackages = with pkgs; [ - gnome-desktop-testing ostree gnupg (python3.withPackages (p: with p; [ pyyaml ])) - ]; - - environment.variables.GI_TYPELIB_PATH = lib.makeSearchPath "lib/girepository-1.0" (with pkgs; [ gtk3 pango.out ostree gdk-pixbuf atk ]); # for GJS tests - }; - - testScript = '' - $machine->succeed("gnome-desktop-testing-runner -d ${pkgs.ostree.installedTests}/share"); - ''; -}) diff --git a/nixpkgs/nixos/tests/packagekit.nix b/nixpkgs/nixos/tests/packagekit.nix index e2d68af661f..7e93ad35e80 100644 --- a/nixpkgs/nixos/tests/packagekit.nix +++ b/nixpkgs/nixos/tests/packagekit.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "packagekit"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ peterhoeg ]; @@ -13,12 +13,14 @@ import ./make-test.nix ({ pkgs, ... }: { }; testScript = '' - startAll; + start_all() # send a dbus message to activate the service - $machine->succeed("dbus-send --system --type=method_call --print-reply --dest=org.freedesktop.PackageKit /org/freedesktop/PackageKit org.freedesktop.DBus.Introspectable.Introspect"); + machine.succeed( + "dbus-send --system --type=method_call --print-reply --dest=org.freedesktop.PackageKit /org/freedesktop/PackageKit org.freedesktop.DBus.Introspectable.Introspect" + ) # so now it should be running - $machine->succeed("systemctl is-active packagekit.service"); + machine.wait_for_unit("packagekit.service") ''; }) diff --git a/nixpkgs/nixos/tests/pantheon.nix b/nixpkgs/nixos/tests/pantheon.nix index 9888887ee8b..c0434f20754 100644 --- a/nixpkgs/nixos/tests/pantheon.nix +++ b/nixpkgs/nixos/tests/pantheon.nix @@ -1,9 +1,10 @@ -import ./make-test.nix ({ pkgs, ...} : +import ./make-test-python.nix ({ pkgs, ...} : { name = "pantheon"; + meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ worldofpeace ]; + maintainers = pkgs.pantheon.maintainers; }; machine = { ... }: @@ -21,35 +22,38 @@ import ./make-test.nix ({ pkgs, ...} : testScript = { nodes, ... }: let user = nodes.machine.config.users.users.alice; + bob = nodes.machine.config.users.users.bob; in '' - startAll; - - # Wait for display manager to start - $machine->waitForText(qr/${user.description}/); - $machine->screenshot("lightdm"); - - # Log in - $machine->sendChars("${user.password}\n"); - $machine->waitForFile("/home/alice/.Xauthority"); - $machine->succeed("xauth merge ~alice/.Xauthority"); - - # Check if "pantheon-shell" components actually start - $machine->waitUntilSucceeds("pgrep gala"); - $machine->waitForWindow(qr/gala/); - $machine->waitUntilSucceeds("pgrep wingpanel"); - $machine->waitForWindow("wingpanel"); - $machine->waitUntilSucceeds("pgrep plank"); - $machine->waitForWindow(qr/plank/); - - # Check that logging in has given the user ownership of devices. - $machine->succeed("getfacl -p /dev/snd/timer | grep -q alice"); - - # Open elementary terminal - $machine->execute("su - alice -c 'DISPLAY=:0.0 io.elementary.terminal &'"); - $machine->waitForWindow(qr/io.elementary.terminal/); - - # Take a screenshot of the desktop - $machine->sleep(20); - $machine->screenshot("screen"); + machine.wait_for_unit("display-manager.service") + + with subtest("Test we can see usernames in elementary-greeter"): + machine.wait_for_text("${user.description}") + # OCR was struggling with this one. + # machine.wait_for_text("${bob.description}") + machine.screenshot("elementary_greeter_lightdm") + + with subtest("Login with elementary-greeter"): + machine.send_chars("${user.password}\n") + machine.wait_for_x() + machine.wait_for_file("${user.home}/.Xauthority") + machine.succeed("xauth merge ${user.home}/.Xauthority") + + with subtest("Check that logging in has given the user ownership of devices"): + machine.succeed("getfacl -p /dev/snd/timer | grep -q ${user.name}") + + # TODO: DBus API could eliminate this? Pantheon uses Bamf. + with subtest("Check if pantheon session components actually start"): + machine.wait_until_succeeds("pgrep gala") + machine.wait_for_window("gala") + machine.wait_until_succeeds("pgrep wingpanel") + machine.wait_for_window("wingpanel") + machine.wait_until_succeeds("pgrep plank") + machine.wait_for_window("plank") + + with subtest("Open elementary terminal"): + machine.execute("su - ${user.name} -c 'DISPLAY=:0 io.elementary.terminal &'") + machine.wait_for_window("io.elementary.terminal") + machine.sleep(20) + machine.screenshot("screen") ''; }) diff --git a/nixpkgs/nixos/tests/pgjwt.nix b/nixpkgs/nixos/tests/pgjwt.nix index a2d81288c81..4793a3e3150 100644 --- a/nixpkgs/nixos/tests/pgjwt.nix +++ b/nixpkgs/nixos/tests/pgjwt.nix @@ -1,12 +1,5 @@ -import ./make-test.nix ({ pkgs, lib, ...}: -let - test = with pkgs; runCommand "patch-test" { - nativeBuildInputs = [ pgjwt ]; - } - '' - sed -e '12 i CREATE EXTENSION pgcrypto;\nCREATE EXTENSION pgtap;\nSET search_path TO tap,public;' ${pgjwt.src}/test.sql > $out; - ''; -in +import ./make-test-python.nix ({ pkgs, lib, ...}: + with pkgs; { name = "pgjwt"; meta = with lib.maintainers; { @@ -29,9 +22,13 @@ with pkgs; { pgProve = "${pkgs.perlPackages.TAPParserSourceHandlerpgTAP}"; in '' - startAll; - $master->waitForUnit("postgresql"); - $master->copyFileFromHost("${test}","/tmp/test.sql"); - $master->succeed("${pkgs.sudo}/bin/sudo -u ${sqlSU} PGOPTIONS=--search_path=tap,public ${pgProve}/bin/pg_prove -d postgres -v -f /tmp/test.sql"); + start_all() + master.wait_for_unit("postgresql") + master.succeed( + "${pkgs.gnused}/bin/sed -e '12 i CREATE EXTENSION pgcrypto;\\nCREATE EXTENSION pgtap;\\nSET search_path TO tap,public;' ${pgjwt.src}/test.sql > /tmp/test.sql" + ) + master.succeed( + "${pkgs.sudo}/bin/sudo -u ${sqlSU} PGOPTIONS=--search_path=tap,public ${pgProve}/bin/pg_prove -d postgres -v -f /tmp/test.sql" + ) ''; }) diff --git a/nixpkgs/nixos/tests/plasma5.nix b/nixpkgs/nixos/tests/plasma5.nix index 614fc9bf316..6884f17aabb 100644 --- a/nixpkgs/nixos/tests/plasma5.nix +++ b/nixpkgs/nixos/tests/plasma5.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : +import ./make-test-python.nix ({ pkgs, ...} : { name = "plasma5"; @@ -7,23 +7,11 @@ import ./make-test.nix ({ pkgs, ...} : }; machine = { ... }: - let - sddm_theme = pkgs.stdenv.mkDerivation { - name = "breeze-ocr-theme"; - phases = "buildPhase"; - buildCommand = '' - mkdir -p $out/share/sddm/themes/ - cp -r ${pkgs.plasma-workspace}/share/sddm/themes/breeze $out/share/sddm/themes/breeze-ocr-theme - chmod -R +w $out/share/sddm/themes/breeze-ocr-theme - printf "[General]\ntype=color\ncolor=#1d99f3\nbackground=\n" > $out/share/sddm/themes/breeze-ocr-theme/theme.conf - ''; - }; - in + { imports = [ ./common/user-account.nix ]; services.xserver.enable = true; services.xserver.displayManager.sddm.enable = true; - services.xserver.displayManager.sddm.theme = "breeze-ocr-theme"; services.xserver.desktopManager.plasma5.enable = true; services.xserver.desktopManager.default = "plasma5"; services.xserver.displayManager.sddm.autoLogin = { @@ -32,34 +20,40 @@ import ./make-test.nix ({ pkgs, ...} : }; hardware.pulseaudio.enable = true; # needed for the factl test, /dev/snd/* exists without them but udev doesn't care then virtualisation.memorySize = 1024; - environment.systemPackages = [ sddm_theme ]; }; testScript = { nodes, ... }: let user = nodes.machine.config.users.users.alice; xdo = "${pkgs.xdotool}/bin/xdotool"; in '' - startAll; - # wait for log in - $machine->waitForFile("/home/alice/.Xauthority"); - $machine->succeed("xauth merge ~alice/.Xauthority"); - - $machine->waitUntilSucceeds("pgrep plasmashell"); - $machine->waitForWindow("^Desktop "); - - # Check that logging in has given the user ownership of devices. - $machine->succeed("getfacl -p /dev/snd/timer | grep -q alice"); - - $machine->execute("su - alice -c 'DISPLAY=:0.0 dolphin &'"); - $machine->waitForWindow(" Dolphin"); - - $machine->execute("su - alice -c 'DISPLAY=:0.0 konsole &'"); - $machine->waitForWindow("Konsole"); - - $machine->execute("su - alice -c 'DISPLAY=:0.0 systemsettings5 &'"); - $machine->waitForWindow("Settings"); - - $machine->execute("${xdo} key Alt+F1 sleep 10"); - $machine->screenshot("screen"); + with subtest("Wait for login"): + start_all() + machine.wait_for_file("${user.home}/.Xauthority") + machine.succeed("xauth merge ${user.home}/.Xauthority") + + with subtest("Check plasmashell started"): + machine.wait_until_succeeds("pgrep plasmashell") + machine.wait_for_window("^Desktop ") + + with subtest("Check that logging in has given the user ownership of devices"): + machine.succeed("getfacl -p /dev/snd/timer | grep -q ${user.name}") + + with subtest("Run Dolphin"): + machine.execute("su - ${user.name} -c 'DISPLAY=:0.0 dolphin &'") + machine.wait_for_window(" Dolphin") + + with subtest("Run Konsole"): + machine.execute("su - ${user.name} -c 'DISPLAY=:0.0 konsole &'") + machine.wait_for_window("Konsole") + + with subtest("Run systemsettings"): + machine.execute("su - ${user.name} -c 'DISPLAY=:0.0 systemsettings5 &'") + machine.wait_for_window("Settings") + + with subtest("Wait to get a screenshot"): + machine.execute( + "${xdo} key Alt+F1 sleep 10" + ) + machine.screenshot("screen") ''; }) diff --git a/nixpkgs/nixos/tests/postgresql.nix b/nixpkgs/nixos/tests/postgresql.nix index ae5d6d095ea..e71c3888288 100644 --- a/nixpkgs/nixos/tests/postgresql.nix +++ b/nixpkgs/nixos/tests/postgresql.nix @@ -3,7 +3,7 @@ pkgs ? import ../.. { inherit system config; } }: -with import ../lib/testing.nix { inherit system pkgs; }; +with import ../lib/testing-python.nix { inherit system pkgs; }; with pkgs.lib; let @@ -40,29 +40,33 @@ let backupName = if backup-all then "all" else "postgres"; backupService = if backup-all then "postgresqlBackup" else "postgresqlBackup-postgres"; in '' - sub check_count { - my ($select, $nlines) = @_; - return 'test $(sudo -u postgres psql postgres -tAc "' . $select . '"|wc -l) -eq ' . $nlines; - } + def check_count(statement, lines): + return 'test $(sudo -u postgres psql postgres -tAc "{}"|wc -l) -eq {}'.format( + statement, lines + ) + + + machine.start() + machine.wait_for_unit("postgresql") - $machine->start; - $machine->waitForUnit("postgresql"); # postgresql should be available just after unit start - $machine->succeed("cat ${test-sql} | sudo -u postgres psql"); - $machine->shutdown; # make sure that postgresql survive restart (bug #1735) - sleep(2); - $machine->start; - $machine->waitForUnit("postgresql"); - $machine->fail(check_count("SELECT * FROM sth;", 3)); - $machine->succeed(check_count("SELECT * FROM sth;", 5)); - $machine->fail(check_count("SELECT * FROM sth;", 4)); - $machine->succeed(check_count("SELECT xpath(\'/test/text()\', doc) FROM xmltest;", 1)); + machine.succeed( + "cat ${test-sql} | sudo -u postgres psql" + ) + machine.shutdown() # make sure that postgresql survive restart (bug #1735) + time.sleep(2) + machine.start() + machine.wait_for_unit("postgresql") + machine.fail(check_count("SELECT * FROM sth;", 3)) + machine.succeed(check_count("SELECT * FROM sth;", 5)) + machine.fail(check_count("SELECT * FROM sth;", 4)) + machine.succeed(check_count("SELECT xpath('/test/text()', doc) FROM xmltest;", 1)) # Check backup service - $machine->succeed("systemctl start ${backupService}.service"); - $machine->succeed("zcat /var/backup/postgresql/${backupName}.sql.gz | grep '<test>ok</test>'"); - $machine->succeed("stat -c '%a' /var/backup/postgresql/${backupName}.sql.gz | grep 600"); - $machine->shutdown; + machine.succeed("systemctl start ${backupService}.service") + machine.succeed("zcat /var/backup/postgresql/${backupName}.sql.gz | grep '<test>ok</test>'") + machine.succeed("stat -c '%a' /var/backup/postgresql/${backupName}.sql.gz | grep 600") + machine.shutdown() ''; }; diff --git a/nixpkgs/nixos/tests/powerdns.nix b/nixpkgs/nixos/tests/powerdns.nix index 8addcc78401..75d71315e64 100644 --- a/nixpkgs/nixos/tests/powerdns.nix +++ b/nixpkgs/nixos/tests/powerdns.nix @@ -1,12 +1,13 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "powerdns"; nodes.server = { ... }: { services.powerdns.enable = true; + environment.systemPackages = [ pkgs.dnsutils ]; }; testScript = '' - $server->waitForUnit("pdns"); - $server->succeed("${pkgs.dnsutils}/bin/dig version.bind txt chaos \@127.0.0.1"); + server.wait_for_unit("pdns") + server.succeed("dig version.bind txt chaos \@127.0.0.1") ''; }) diff --git a/nixpkgs/nixos/tests/pppd.nix b/nixpkgs/nixos/tests/pppd.nix index 91f81185909..bda0aa75bb5 100644 --- a/nixpkgs/nixos/tests/pppd.nix +++ b/nixpkgs/nixos/tests/pppd.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ( +import ./make-test-python.nix ( let chap-secrets = { text = ''"flynn" * "reindeerflotilla" *''; @@ -53,10 +53,10 @@ import ./make-test.nix ( environment.etc."ppp/chap-secrets" = chap-secrets; }; }; - + testScript = '' - startAll; - $client->waitUntilSucceeds("ping -c1 -W1 192.0.2.1"); - $server->waitUntilSucceeds("ping -c1 -W1 192.0.2.2"); + start_all() + client.wait_until_succeeds("ping -c1 -W1 192.0.2.1") + server.wait_until_succeeds("ping -c1 -W1 192.0.2.2") ''; - }) + }) diff --git a/nixpkgs/nixos/tests/prometheus-exporters.nix b/nixpkgs/nixos/tests/prometheus-exporters.nix index 676183f6356..563f2472647 100644 --- a/nixpkgs/nixos/tests/prometheus-exporters.nix +++ b/nixpkgs/nixos/tests/prometheus-exporters.nix @@ -4,12 +4,10 @@ }: let - inherit (import ../lib/testing.nix { inherit system pkgs; }) makeTest; + inherit (import ../lib/testing-python.nix { inherit system pkgs; }) makeTest; inherit (pkgs.lib) concatStringsSep maintainers mapAttrs mkMerge removeSuffix replaceChars singleton splitString; - escape' = str: replaceChars [''"'' "$" "\n"] [''\\\"'' "\\$" ""] str; - /* * The attrset `exporterTests` contains one attribute * for each exporter test. Each of these attributes @@ -33,9 +31,9 @@ let * services.<metricProvider>.enable = true; * }; * exporterTest = '' - * waitForUnit("prometheus-<exporterName>-exporter.service"); - * waitForOpenPort("1234"); - * succeed("curl -sSf 'localhost:1234/metrics'"); + * wait_for_unit("prometheus-<exporterName>-exporter.service") + * wait_for_open_port("1234") + * succeed("curl -sSf 'localhost:1234/metrics'") * ''; * }; * @@ -49,11 +47,11 @@ let * }; * * testScript = '' - * $<exporterName>->start(); - * $<exporterName>->waitForUnit("prometheus-<exporterName>-exporter.service"); - * $<exporterName>->waitForOpenPort("1234"); - * $<exporterName>->succeed("curl -sSf 'localhost:1234/metrics'"); - * $<exporterName>->shutdown(); + * <exporterName>.start() + * <exporterName>.wait_for_unit("prometheus-<exporterName>-exporter.service") + * <exporterName>.wait_for_open_port("1234") + * <exporterName>.succeed("curl -sSf 'localhost:1234/metrics'") + * <exporterName>.shutdown() * ''; */ @@ -72,9 +70,11 @@ let ''; }; exporterTest = '' - waitForUnit("prometheus-bind-exporter.service"); - waitForOpenPort(9119); - succeed("curl -sSf http://localhost:9119/metrics | grep -q 'bind_query_recursions_total 0'"); + wait_for_unit("prometheus-bind-exporter.service") + wait_for_open_port(9119) + succeed( + "curl -sSf http://localhost:9119/metrics | grep -q 'bind_query_recursions_total 0'" + ) ''; }; @@ -89,9 +89,11 @@ let }); }; exporterTest = '' - waitForUnit("prometheus-blackbox-exporter.service"); - waitForOpenPort(9115); - succeed("curl -sSf 'http://localhost:9115/probe?target=localhost&module=icmp_v6' | grep -q 'probe_success 1'"); + wait_for_unit("prometheus-blackbox-exporter.service") + wait_for_open_port(9115) + succeed( + "curl -sSf 'http://localhost:9115/probe?target=localhost&module=icmp_v6' | grep -q 'probe_success 1'" + ) ''; }; @@ -100,7 +102,7 @@ let enable = true; extraFlags = [ "--web.collectd-push-path /collectd" ]; }; - exporterTest =let postData = escape' '' + exporterTest = let postData = replaceChars [ "\n" ] [ "" ] '' [{ "values":[23], "dstypes":["gauge"], @@ -108,13 +110,21 @@ let "interval":1000, "host":"testhost", "plugin":"testplugin", - "time":$(date +%s) + "time":DATE }] ''; in '' - waitForUnit("prometheus-collectd-exporter.service"); - waitForOpenPort(9103); - succeed("curl -sSfH 'Content-Type: application/json' -X POST --data \"${postData}\" localhost:9103/collectd"); - succeed("curl -sSf localhost:9103/metrics | grep -q 'collectd_testplugin_gauge{instance=\"testhost\"} 23'"); + wait_for_unit("prometheus-collectd-exporter.service") + wait_for_open_port(9103) + succeed( + 'echo \'${postData}\'> /tmp/data.json' + ) + succeed('sed -ie "s DATE $(date +%s) " /tmp/data.json') + succeed( + "curl -sSfH 'Content-Type: application/json' -X POST --data @/tmp/data.json localhost:9103/collectd" + ) + succeed( + "curl -sSf localhost:9103/metrics | grep -q 'collectd_testplugin_gauge{instance=\"testhost\"} 23'" + ) ''; }; @@ -127,9 +137,9 @@ let services.dnsmasq.enable = true; }; exporterTest = '' - waitForUnit("prometheus-dnsmasq-exporter.service"); - waitForOpenPort(9153); - succeed("curl -sSf http://localhost:9153/metrics | grep -q 'dnsmasq_leases 0'"); + wait_for_unit("prometheus-dnsmasq-exporter.service") + wait_for_open_port(9153) + succeed("curl -sSf http://localhost:9153/metrics | grep -q 'dnsmasq_leases 0'") ''; }; @@ -144,9 +154,11 @@ let services.dovecot2.enable = true; }; exporterTest = '' - waitForUnit("prometheus-dovecot-exporter.service"); - waitForOpenPort(9166); - succeed("curl -sSf http://localhost:9166/metrics | grep -q 'dovecot_up{scope=\"global\"} 1'"); + wait_for_unit("prometheus-dovecot-exporter.service") + wait_for_open_port(9166) + succeed( + "curl -sSf http://localhost:9166/metrics | grep -q 'dovecot_up{scope=\"global\"} 1'" + ) ''; }; @@ -155,9 +167,11 @@ let enable = true; }; exporterTest = '' - waitForUnit("prometheus-fritzbox-exporter.service"); - waitForOpenPort(9133); - succeed("curl -sSf http://localhost:9133/metrics | grep -q 'fritzbox_exporter_collect_errors 0'"); + wait_for_unit("prometheus-fritzbox-exporter.service") + wait_for_open_port(9133) + succeed( + "curl -sSf http://localhost:9133/metrics | grep -q 'fritzbox_exporter_collect_errors 0'" + ) ''; }; @@ -180,11 +194,11 @@ let }; }; exporterTest = '' - waitForUnit("nginx.service"); - waitForOpenPort(80); - waitForUnit("prometheus-json-exporter.service"); - waitForOpenPort(7979); - succeed("curl -sSf localhost:7979/metrics | grep -q 'json_test_metric 1'"); + wait_for_unit("nginx.service") + wait_for_open_port(80) + wait_for_unit("prometheus-json-exporter.service") + wait_for_open_port(7979) + succeed("curl -sSf localhost:7979/metrics | grep -q 'json_test_metric 1'") ''; }; @@ -222,10 +236,12 @@ let users.users.mailexporter.isSystemUser = true; }; exporterTest = '' - waitForUnit("postfix.service") - waitForUnit("prometheus-mail-exporter.service") - waitForOpenPort(9225) - waitUntilSucceeds("curl -sSf http://localhost:9225/metrics | grep -q 'mail_deliver_success{configname=\"testserver\"} 1'") + wait_for_unit("postfix.service") + wait_for_unit("prometheus-mail-exporter.service") + wait_for_open_port(9225) + wait_until_succeeds( + "curl -sSf http://localhost:9225/metrics | grep -q 'mail_deliver_success{configname=\"testserver\"} 1'" + ) ''; }; @@ -256,9 +272,9 @@ let }; }; exporterTest = '' - waitForUnit("nginx.service") - waitForUnit("prometheus-nextcloud-exporter.service") - waitForOpenPort(9205) + wait_for_unit("nginx.service") + wait_for_unit("prometheus-nextcloud-exporter.service") + wait_for_open_port(9205) succeed("curl -sSf http://localhost:9205/metrics | grep -q 'nextcloud_up 1'") ''; }; @@ -275,9 +291,9 @@ let }; }; exporterTest = '' - waitForUnit("nginx.service") - waitForUnit("prometheus-nginx-exporter.service") - waitForOpenPort(9113) + wait_for_unit("nginx.service") + wait_for_unit("prometheus-nginx-exporter.service") + wait_for_open_port(9113) succeed("curl -sSf http://localhost:9113/metrics | grep -q 'nginx_up 1'") ''; }; @@ -287,9 +303,11 @@ let enable = true; }; exporterTest = '' - waitForUnit("prometheus-node-exporter.service"); - waitForOpenPort(9100); - succeed("curl -sSf http://localhost:9100/metrics | grep -q 'node_exporter_build_info{.\\+} 1'"); + wait_for_unit("prometheus-node-exporter.service") + wait_for_open_port(9100) + succeed( + "curl -sSf http://localhost:9100/metrics | grep -q 'node_exporter_build_info{.\\+} 1'" + ) ''; }; @@ -301,9 +319,11 @@ let services.postfix.enable = true; }; exporterTest = '' - waitForUnit("prometheus-postfix-exporter.service"); - waitForOpenPort(9154); - succeed("curl -sSf http://localhost:9154/metrics | grep -q 'postfix_smtpd_connects_total 0'"); + wait_for_unit("prometheus-postfix-exporter.service") + wait_for_open_port(9154) + succeed( + "curl -sSf http://localhost:9154/metrics | grep -q 'postfix_smtpd_connects_total 0'" + ) ''; }; @@ -316,18 +336,24 @@ let services.postgresql.enable = true; }; exporterTest = '' - waitForUnit("prometheus-postgres-exporter.service"); - waitForOpenPort(9187); - waitForUnit("postgresql.service"); - succeed("curl -sSf http://localhost:9187/metrics | grep -q 'pg_exporter_last_scrape_error 0'"); - succeed("curl -sSf http://localhost:9187/metrics | grep -q 'pg_up 1'"); - systemctl("stop postgresql.service"); - succeed("curl -sSf http://localhost:9187/metrics | grep -qv 'pg_exporter_last_scrape_error 0'"); - succeed("curl -sSf http://localhost:9187/metrics | grep -q 'pg_up 0'"); - systemctl("start postgresql.service"); - waitForUnit("postgresql.service"); - succeed("curl -sSf http://localhost:9187/metrics | grep -q 'pg_exporter_last_scrape_error 0'"); - succeed("curl -sSf http://localhost:9187/metrics | grep -q 'pg_up 1'"); + wait_for_unit("prometheus-postgres-exporter.service") + wait_for_open_port(9187) + wait_for_unit("postgresql.service") + succeed( + "curl -sSf http://localhost:9187/metrics | grep -q 'pg_exporter_last_scrape_error 0'" + ) + succeed("curl -sSf http://localhost:9187/metrics | grep -q 'pg_up 1'") + systemctl("stop postgresql.service") + succeed( + "curl -sSf http://localhost:9187/metrics | grep -qv 'pg_exporter_last_scrape_error 0'" + ) + succeed("curl -sSf http://localhost:9187/metrics | grep -q 'pg_up 0'") + systemctl("start postgresql.service") + wait_for_unit("postgresql.service") + succeed( + "curl -sSf http://localhost:9187/metrics | grep -q 'pg_exporter_last_scrape_error 0'" + ) + succeed("curl -sSf http://localhost:9187/metrics | grep -q 'pg_up 1'") ''; }; @@ -339,11 +365,13 @@ let services.rspamd.enable = true; }; exporterTest = '' - waitForUnit("rspamd.service"); - waitForUnit("prometheus-rspamd-exporter.service"); - waitForOpenPort(11334); - waitForOpenPort(7980); - waitUntilSucceeds("curl -sSf localhost:7980/metrics | grep -q 'rspamd_scanned{host=\"rspamd\"} 0'"); + wait_for_unit("rspamd.service") + wait_for_unit("prometheus-rspamd-exporter.service") + wait_for_open_port(11334) + wait_for_open_port(7980) + wait_until_succeeds( + "curl -sSf localhost:7980/metrics | grep -q 'rspamd_scanned{host=\"rspamd\"} 0'" + ) ''; }; @@ -356,9 +384,9 @@ let }; }; exporterTest = '' - waitForUnit("prometheus-snmp-exporter.service"); - waitForOpenPort(9116); - succeed("curl -sSf localhost:9116/metrics | grep -q 'snmp_request_errors_total 0'"); + wait_for_unit("prometheus-snmp-exporter.service") + wait_for_open_port(9116) + succeed("curl -sSf localhost:9116/metrics | grep -q 'snmp_request_errors_total 0'") ''; }; @@ -377,11 +405,11 @@ let }; }; exporterTest = '' - waitForUnit("nginx.service"); - waitForOpenPort(80); - waitForUnit("prometheus-surfboard-exporter.service"); - waitForOpenPort(9239); - succeed("curl -sSf localhost:9239/metrics | grep -q 'surfboard_up 1'"); + wait_for_unit("nginx.service") + wait_for_open_port(80) + wait_for_unit("prometheus-surfboard-exporter.service") + wait_for_open_port(9239) + succeed("curl -sSf localhost:9239/metrics | grep -q 'surfboard_up 1'") ''; }; @@ -396,11 +424,11 @@ let services.tor.controlPort = 9051; }; exporterTest = '' - waitForUnit("tor.service"); - waitForOpenPort(9051); - waitForUnit("prometheus-tor-exporter.service"); - waitForOpenPort(9130); - succeed("curl -sSf localhost:9130/metrics | grep -q 'tor_version{.\\+} 1'"); + wait_for_unit("tor.service") + wait_for_open_port(9051) + wait_for_unit("prometheus-tor-exporter.service") + wait_for_open_port(9130) + succeed("curl -sSf localhost:9130/metrics | grep -q 'tor_version{.\\+} 1'") ''; }; @@ -426,10 +454,10 @@ let }; }; exporterTest = '' - waitForUnit("prometheus-varnish-exporter.service"); - waitForOpenPort(6081); - waitForOpenPort(9131); - succeed("curl -sSf http://localhost:9131/metrics | grep -q 'varnish_up 1'"); + wait_for_unit("prometheus-varnish-exporter.service") + wait_for_open_port(6081) + wait_for_open_port(9131) + succeed("curl -sSf http://localhost:9131/metrics | grep -q 'varnish_up 1'") ''; }; @@ -451,9 +479,11 @@ let systemd.services.prometheus-wireguard-exporter.after = [ "wireguard-wg0.service" ]; }; exporterTest = '' - waitForUnit("prometheus-wireguard-exporter.service"); - waitForOpenPort(9586); - waitUntilSucceeds("curl -sSf http://localhost:9586/metrics | grep '${snakeoil.peer1.publicKey}'"); + wait_for_unit("prometheus-wireguard-exporter.service") + wait_for_open_port(9586) + wait_until_succeeds( + "curl -sSf http://localhost:9586/metrics | grep '${snakeoil.peer1.publicKey}'" + ) ''; }; }; @@ -466,11 +496,13 @@ mapAttrs (exporter: testConfig: (makeTest { } testConfig.metricProvider or {}]; testScript = '' - ${"$"+exporter}->start(); - ${concatStringsSep " " (map (line: '' - ${"$"+exporter}->${line}; - '') (splitString "\n" (removeSuffix "\n" testConfig.exporterTest)))} - ${"$"+exporter}->shutdown(); + ${exporter}.start() + ${concatStringsSep "\n" (map (line: + if (builtins.substring 0 1 line == " " || builtins.substring 0 1 line == ")") + then line + else "${exporter}.${line}" + ) (splitString "\n" (removeSuffix "\n" testConfig.exporterTest)))} + ${exporter}.shutdown() ''; meta = with maintainers; { diff --git a/nixpkgs/nixos/tests/prometheus.nix b/nixpkgs/nixos/tests/prometheus.nix index 52f61046be3..8bfd0c131e6 100644 --- a/nixpkgs/nixos/tests/prometheus.nix +++ b/nixpkgs/nixos/tests/prometheus.nix @@ -31,7 +31,7 @@ let }; }; -in import ./make-test.nix { +in import ./make-test-python.nix { name = "prometheus"; nodes = { @@ -173,67 +173,73 @@ in import ./make-test.nix { testScript = { nodes, ... } : '' # Before starting the other machines we first make sure that our S3 service is online # and has a bucket added for thanos: - $s3->start; - $s3->waitForUnit("minio.service"); - $s3->waitForOpenPort(${toString minioPort}); - $s3->succeed( - "mc config host add minio " . - "http://localhost:${toString minioPort} ${s3.accessKey} ${s3.secretKey} S3v4"); - $s3->succeed("mc mb minio/thanos-bucket"); + s3.start() + s3.wait_for_unit("minio.service") + s3.wait_for_open_port(${toString minioPort}) + s3.succeed( + "mc config host add minio " + + "http://localhost:${toString minioPort} " + + "${s3.accessKey} ${s3.secretKey} S3v4", + "mc mb minio/thanos-bucket", + ) # Now that s3 has started we can start the other machines: - $prometheus->start; - $query->start; - $store->start; + for machine in prometheus, query, store: + machine.start() # Check if prometheus responds to requests: - $prometheus->waitForUnit("prometheus.service"); - $prometheus->waitForOpenPort(${toString queryPort}); - $prometheus->succeed("curl -s http://127.0.0.1:${toString queryPort}/metrics"); + prometheus.wait_for_unit("prometheus.service") + prometheus.wait_for_open_port(${toString queryPort}) + prometheus.succeed("curl -s http://127.0.0.1:${toString queryPort}/metrics") # Let's test if pushing a metric to the pushgateway succeeds: - $prometheus->waitForUnit("pushgateway.service"); - $prometheus->succeed( - "echo 'some_metric 3.14' | " . - "curl --data-binary \@- http://127.0.0.1:${toString pushgwPort}/metrics/job/some_job"); + prometheus.wait_for_unit("pushgateway.service") + prometheus.succeed( + "echo 'some_metric 3.14' | " + + "curl --data-binary \@- " + + "http://127.0.0.1:${toString pushgwPort}/metrics/job/some_job" + ) # Now check whether that metric gets ingested by prometheus. # Since we'll check for the metric several times on different machines # we abstract the test using the following function: # Function to check if the metric "some_metric" has been received and returns the correct value. - local *Machine::waitForMetric = sub { - my ($self) = @_; - $self->waitUntilSucceeds( - "curl -sf 'http://127.0.0.1:${toString queryPort}/api/v1/query?query=some_metric' " . - "| jq '.data.result[0].value[1]' | grep '\"3.14\"'"); - }; + def wait_for_metric(machine): + return machine.wait_until_succeeds( + "curl -sf 'http://127.0.0.1:${toString queryPort}/api/v1/query?query=some_metric' | " + + "jq '.data.result[0].value[1]' | grep '\"3.14\"'" + ) + - $prometheus->waitForMetric; + wait_for_metric(prometheus) # Let's test if the pushgateway persists metrics to the configured location. - $prometheus->waitUntilSucceeds("test -e /var/lib/prometheus-pushgateway/metrics"); + prometheus.wait_until_succeeds("test -e /var/lib/prometheus-pushgateway/metrics") # Test thanos - $prometheus->waitForUnit("thanos-sidecar.service"); + prometheus.wait_for_unit("thanos-sidecar.service") # Test if the Thanos query service can correctly retrieve the metric that was send above. - $query->waitForUnit("thanos-query.service"); - $query->waitForMetric; + query.wait_for_unit("thanos-query.service") + wait_for_metric(query) # Test if the Thanos sidecar has correctly uploaded its TSDB to S3, if the # Thanos storage service has correctly downloaded it from S3 and if the Thanos # query service running on $store can correctly retrieve the metric: - $store->waitForUnit("thanos-store.service"); - $store->waitForMetric; + store.wait_for_unit("thanos-store.service") + wait_for_metric(store) - $store->waitForUnit("thanos-compact.service"); + store.wait_for_unit("thanos-compact.service") # Test if the Thanos bucket command is able to retrieve blocks from the S3 bucket # and check if the blocks have the correct labels: - $store->succeed( - "thanos bucket ls" . - " --objstore.config-file=${nodes.store.config.services.thanos.store.objstore.config-file}" . - " --output=json | jq .thanos.labels.some_label | grep 'required by thanos'"); + store.succeed( + "thanos bucket ls " + + "--objstore.config-file=${nodes.store.config.services.thanos.store.objstore.config-file} " + + "--output=json | " + + "jq .thanos.labels.some_label | " + + "grep 'required by thanos'" + ) ''; } diff --git a/nixpkgs/nixos/tests/quake3.nix b/nixpkgs/nixos/tests/quake3.nix deleted file mode 100644 index 4253ce4a867..00000000000 --- a/nixpkgs/nixos/tests/quake3.nix +++ /dev/null @@ -1,95 +0,0 @@ -import ./make-test.nix ({ pkgs, ...} : - -let - - # Build Quake with coverage instrumentation. - overrides = pkgs: - { - quake3game = pkgs.quake3game.override (args: { - stdenv = pkgs.stdenvAdapters.addCoverageInstrumentation args.stdenv; - }); - }; - - # Only allow the demo data to be used (only if it's unfreeRedistributable). - unfreePredicate = pkg: with pkgs.lib; let - allowPackageNames = [ "quake3-demodata" "quake3-pointrelease" ]; - allowLicenses = [ pkgs.lib.licenses.unfreeRedistributable ]; - in elem pkg.pname allowPackageNames && - elem (pkg.meta.license or null) allowLicenses; - -in - -rec { - name = "quake3"; - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ domenkozar eelco ]; - }; - - # TODO: lcov doesn't work atm - #makeCoverageReport = true; - - client = - { pkgs, ... }: - - { imports = [ ./common/x11.nix ]; - hardware.opengl.driSupport = true; - environment.systemPackages = [ pkgs.quake3demo ]; - nixpkgs.config.packageOverrides = overrides; - nixpkgs.config.allowUnfreePredicate = unfreePredicate; - }; - - nodes = - { server = - { pkgs, ... }: - - { systemd.services.quake3-server = - { wantedBy = [ "multi-user.target" ]; - script = - "${pkgs.quake3demo}/bin/quake3-server +set g_gametype 0 " + - "+map q3dm7 +addbot grunt +addbot daemia 2> /tmp/log"; - }; - nixpkgs.config.packageOverrides = overrides; - nixpkgs.config.allowUnfreePredicate = unfreePredicate; - networking.firewall.allowedUDPPorts = [ 27960 ]; - }; - - client1 = client; - client2 = client; - }; - - testScript = - '' - startAll; - - $server->waitForUnit("quake3-server"); - $client1->waitForX; - $client2->waitForX; - - $client1->execute("quake3 +set r_fullscreen 0 +set name Foo +connect server &"); - $client2->execute("quake3 +set r_fullscreen 0 +set name Bar +connect server &"); - - $server->waitUntilSucceeds("grep -q 'Foo.*entered the game' /tmp/log"); - $server->waitUntilSucceeds("grep -q 'Bar.*entered the game' /tmp/log"); - - $server->sleep(10); # wait for a while to get a nice screenshot - - $client1->block(); - - $server->sleep(20); - - $client1->screenshot("screen1"); - $client2->screenshot("screen2"); - - $client1->unblock(); - - $server->sleep(10); - - $client1->screenshot("screen3"); - $client2->screenshot("screen4"); - - $client1->shutdown(); - $client2->shutdown(); - $server->stopJob("quake3-server"); - ''; - -}) diff --git a/nixpkgs/nixos/tests/rabbitmq.nix b/nixpkgs/nixos/tests/rabbitmq.nix index bb5932c3641..8e7f34d06e3 100644 --- a/nixpkgs/nixos/tests/rabbitmq.nix +++ b/nixpkgs/nixos/tests/rabbitmq.nix @@ -1,21 +1,21 @@ # This test runs rabbitmq and checks if rabbitmq is up and running. -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "rabbitmq"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ eelco offline ]; }; - nodes = { - one = { ... }: { - services.rabbitmq.enable = true; - }; + machine = { + services.rabbitmq.enable = true; }; testScript = '' - startAll; + machine.start() - $one->waitForUnit("rabbitmq.service"); - $one->waitUntilSucceeds("su -s ${pkgs.stdenv.shell} rabbitmq -c \"rabbitmqctl status\""); + machine.wait_for_unit("rabbitmq.service") + machine.wait_until_succeeds( + 'su -s ${pkgs.stdenv.shell} rabbitmq -c "rabbitmqctl status"' + ) ''; }) diff --git a/nixpkgs/nixos/tests/radarr.nix b/nixpkgs/nixos/tests/radarr.nix index 9bc5607ccd5..ed90025ac42 100644 --- a/nixpkgs/nixos/tests/radarr.nix +++ b/nixpkgs/nixos/tests/radarr.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, ... }: +import ./make-test-python.nix ({ lib, ... }: with lib; @@ -11,8 +11,8 @@ with lib; { services.radarr.enable = true; }; testScript = '' - $machine->waitForUnit('radarr.service'); - $machine->waitForOpenPort('7878'); - $machine->succeed("curl --fail http://localhost:7878/"); + machine.wait_for_unit("radarr.service") + machine.wait_for_open_port("7878") + machine.succeed("curl --fail http://localhost:7878/") ''; }) diff --git a/nixpkgs/nixos/tests/redis.nix b/nixpkgs/nixos/tests/redis.nix index 325d93424dd..529965d7acd 100644 --- a/nixpkgs/nixos/tests/redis.nix +++ b/nixpkgs/nixos/tests/redis.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "redis"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ flokli ]; @@ -15,12 +15,10 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; - - $machine->waitForUnit("redis"); - $machine->waitForOpenPort("6379"); - - $machine->succeed("redis-cli ping | grep PONG"); - $machine->succeed("redis-cli -s /run/redis/redis.sock ping | grep PONG"); + start_all() + machine.wait_for_unit("redis") + machine.wait_for_open_port("6379") + machine.succeed("redis-cli ping | grep PONG") + machine.succeed("redis-cli -s /run/redis/redis.sock ping | grep PONG") ''; }) diff --git a/nixpkgs/nixos/tests/redmine.nix b/nixpkgs/nixos/tests/redmine.nix index 2d4df288b05..f0f4cbf6a21 100644 --- a/nixpkgs/nixos/tests/redmine.nix +++ b/nixpkgs/nixos/tests/redmine.nix @@ -64,18 +64,13 @@ let }; in { - v3-mysql = mysqlTest pkgs.redmine // { - name = "v3-mysql"; + mysql = mysqlTest pkgs.redmine // { + name = "mysql"; meta.maintainers = [ maintainers.aanderse ]; }; - v4-mysql = mysqlTest pkgs.redmine_4 // { - name = "v4-mysql"; - meta.maintainers = [ maintainers.aanderse ]; - }; - - v4-pgsql = pgsqlTest pkgs.redmine_4 // { - name = "v4-pgsql"; + pgsql = pgsqlTest pkgs.redmine // { + name = "pgsql"; meta.maintainers = [ maintainers.aanderse ]; }; } diff --git a/nixpkgs/nixos/tests/roundcube.nix b/nixpkgs/nixos/tests/roundcube.nix index ed0ebd7dd19..1897b53e283 100644 --- a/nixpkgs/nixos/tests/roundcube.nix +++ b/nixpkgs/nixos/tests/roundcube.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "roundcube"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ globin ]; @@ -9,7 +9,7 @@ import ./make-test.nix ({ pkgs, ...} : { services.roundcube = { enable = true; hostName = "roundcube"; - database.password = "notproduction"; + database.password = "not production"; package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]); plugins = [ "persistent_login" ]; }; @@ -21,10 +21,10 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - $roundcube->start; - $roundcube->waitForUnit("postgresql.service"); - $roundcube->waitForUnit("phpfpm-roundcube.service"); - $roundcube->waitForUnit("nginx.service"); - $roundcube->succeed("curl -sSfL http://roundcube/ | grep 'Keep me logged in'"); + roundcube.start + roundcube.wait_for_unit("postgresql.service") + roundcube.wait_for_unit("phpfpm-roundcube.service") + roundcube.wait_for_unit("nginx.service") + roundcube.succeed("curl -sSfL http://roundcube/ | grep 'Keep me logged in'") ''; }) diff --git a/nixpkgs/nixos/tests/rss2email.nix b/nixpkgs/nixos/tests/rss2email.nix index 492d47da9f5..d62207a417b 100644 --- a/nixpkgs/nixos/tests/rss2email.nix +++ b/nixpkgs/nixos/tests/rss2email.nix @@ -1,4 +1,4 @@ -import ./make-test.nix { +import ./make-test-python.nix { name = "opensmtpd"; nodes = { @@ -53,14 +53,14 @@ import ./make-test.nix { }; testScript = '' - startAll; + start_all() - $server->waitForUnit("network-online.target"); - $server->waitForUnit("opensmtpd"); - $server->waitForUnit("dovecot2"); - $server->waitForUnit("nginx"); - $server->waitForUnit("rss2email"); + server.wait_for_unit("network-online.target") + server.wait_for_unit("opensmtpd") + server.wait_for_unit("dovecot2") + server.wait_for_unit("nginx") + server.wait_for_unit("rss2email") - $server->waitUntilSucceeds('check-mail-landed >&2'); + server.wait_until_succeeds("check-mail-landed >&2") ''; } diff --git a/nixpkgs/nixos/tests/rxe.nix b/nixpkgs/nixos/tests/rxe.nix index d0b53db8eeb..194a2e3d2b9 100644 --- a/nixpkgs/nixos/tests/rxe.nix +++ b/nixpkgs/nixos/tests/rxe.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ ... } : +import ./make-test-python.nix ({ ... } : let node = { pkgs, ... } : { @@ -26,27 +26,21 @@ in { testScript = '' # Test if rxe interface comes up - $server->waitForUnit("default.target"); - $server->succeed("systemctl status rxe.service"); - $server->succeed("ibv_devices | grep rxe0"); + server.wait_for_unit("default.target") + server.succeed("systemctl status rxe.service") + server.succeed("ibv_devices | grep rxe0") - $client->waitForUnit("default.target"); + client.wait_for_unit("default.target") - # ping pong test - $server->succeed("screen -dmS rc_pingpong ibv_rc_pingpong -p 4800 -g0"); - $client->succeed("sleep 2; ibv_rc_pingpong -p 4800 -g0 server"); + # ping pong tests + for proto in "rc", "uc", "ud", "srq": + server.succeed( + "screen -dmS {0}_pingpong ibv_{0}_pingpong -p 4800 -s 1024 -g0".format(proto) + ) + client.succeed("sleep 2; ibv_{}_pingpong -p 4800 -s 1024 -g0 server".format(proto)) - $server->succeed("screen -dmS uc_pingpong ibv_uc_pingpong -p 4800 -g0"); - $client->succeed("sleep 2; ibv_uc_pingpong -p 4800 -g0 server"); - - $server->succeed("screen -dmS ud_pingpong ibv_ud_pingpong -p 4800 -s 1024 -g0"); - $client->succeed("sleep 2; ibv_ud_pingpong -p 4800 -s 1024 -g0 server"); - - $server->succeed("screen -dmS srq_pingpong ibv_srq_pingpong -p 4800 -g0"); - $client->succeed("sleep 2; ibv_srq_pingpong -p 4800 -g0 server"); - - $server->succeed("screen -dmS rping rping -s -a server -C 10"); - $client->succeed("sleep 2; rping -c -a server -C 10"); + server.succeed("screen -dmS rping rping -s -a server -C 10") + client.succeed("sleep 2; rping -c -a server -C 10") ''; }) diff --git a/nixpkgs/nixos/tests/samba.nix b/nixpkgs/nixos/tests/samba.nix index 2802e00a5b1..142269752b3 100644 --- a/nixpkgs/nixos/tests/samba.nix +++ b/nixpkgs/nixos/tests/samba.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: { name = "samba"; @@ -36,12 +36,12 @@ import ./make-test.nix ({ pkgs, ... }: testScript = '' - $server->start; - $server->waitForUnit("samba.target"); - $server->succeed("mkdir -p /public; echo bar > /public/foo"); + server.start() + server.wait_for_unit("samba.target") + server.succeed("mkdir -p /public; echo bar > /public/foo") - $client->start; - $client->waitForUnit("remote-fs.target"); - $client->succeed("[[ \$(cat /public/foo) = bar ]]"); + client.start() + client.wait_for_unit("remote-fs.target") + client.succeed("[[ $(cat /public/foo) = bar ]]") ''; }) diff --git a/nixpkgs/nixos/tests/sddm.nix b/nixpkgs/nixos/tests/sddm.nix index 678bcbeab20..4bdcd701dcf 100644 --- a/nixpkgs/nixos/tests/sddm.nix +++ b/nixpkgs/nixos/tests/sddm.nix @@ -3,7 +3,7 @@ pkgs ? import ../.. { inherit system config; } }: -with import ../lib/testing.nix { inherit system pkgs; }; +with import ../lib/testing-python.nix { inherit system pkgs; }; let inherit (pkgs) lib; @@ -26,13 +26,13 @@ let testScript = { nodes, ... }: let user = nodes.machine.config.users.users.alice; in '' - startAll; - $machine->waitForText(qr/select your user/i); - $machine->screenshot("sddm"); - $machine->sendChars("${user.password}\n"); - $machine->waitForFile("/home/alice/.Xauthority"); - $machine->succeed("xauth merge ~alice/.Xauthority"); - $machine->waitForWindow("^IceWM "); + start_all() + machine.wait_for_text("(?i)select your user") + machine.screenshot("sddm") + machine.send_chars("${user.password}\n") + machine.wait_for_file("${user.home}/.Xauthority") + machine.succeed("xauth merge ${user.home}/.Xauthority") + machine.wait_for_window("^IceWM ") ''; }; @@ -57,11 +57,13 @@ let services.xserver.desktopManager.default = "none"; }; - testScript = { ... }: '' - startAll; - $machine->waitForFile("/home/alice/.Xauthority"); - $machine->succeed("xauth merge ~alice/.Xauthority"); - $machine->waitForWindow("^IceWM "); + testScript = { nodes, ... }: let + user = nodes.machine.config.users.users.alice; + in '' + start_all() + machine.wait_for_file("${user.home}/.Xauthority") + machine.succeed("xauth merge ${user.home}/.Xauthority") + machine.wait_for_window("^IceWM ") ''; }; }; diff --git a/nixpkgs/nixos/tests/shiori.nix b/nixpkgs/nixos/tests/shiori.nix index 0022a7220fe..a5771262c6f 100644 --- a/nixpkgs/nixos/tests/shiori.nix +++ b/nixpkgs/nixos/tests/shiori.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, ...}: +import ./make-test-python.nix ({ pkgs, lib, ...}: { name = "shiori"; @@ -8,10 +8,74 @@ import ./make-test.nix ({ lib, ...}: { ... }: { services.shiori.enable = true; }; - testScript = '' - $machine->waitForUnit('shiori.service'); - $machine->waitForOpenPort('8080'); - $machine->succeed("curl --fail http://localhost:8080/"); - $machine->succeed("curl --fail --location http://localhost:8080/ | grep -qi shiori"); + testScript = let + authJSON = pkgs.writeText "auth.json" (builtins.toJSON { + username = "shiori"; + password = "gopher"; + remember = 1; # hour + owner = true; + }); + + insertBookmark = { + url = "http://example.org"; + title = "Example Bookmark"; + }; + + insertBookmarkJSON = pkgs.writeText "insertBookmark.json" (builtins.toJSON insertBookmark); + in '' + import json + + machine.wait_for_unit("shiori.service") + machine.wait_for_open_port(8080) + machine.succeed("curl --fail http://localhost:8080/") + machine.succeed("curl --fail --location http://localhost:8080/ | grep -qi shiori") + + with subtest("login"): + auth_json = machine.succeed( + "curl --fail --location http://localhost:8080/api/login " + "-X POST -H 'Content-Type:application/json' -d @${authJSON}" + ) + auth_ret = json.loads(auth_json) + session_id = auth_ret["session"] + + with subtest("bookmarks"): + with subtest("first use no bookmarks"): + bookmarks_json = machine.succeed( + ( + "curl --fail --location http://localhost:8080/api/bookmarks " + "-H 'X-Session-Id:{}'" + ).format(session_id) + ) + + if json.loads(bookmarks_json)["bookmarks"] != []: + raise Exception("Shiori have a bookmark on first use") + + with subtest("insert bookmark"): + machine.succeed( + ( + "curl --fail --location http://localhost:8080/api/bookmarks " + "-X POST -H 'X-Session-Id:{}' " + "-H 'Content-Type:application/json' -d @${insertBookmarkJSON}" + ).format(session_id) + ) + + with subtest("get inserted bookmark"): + bookmarks_json = machine.succeed( + ( + "curl --fail --location http://localhost:8080/api/bookmarks " + "-H 'X-Session-Id:{}'" + ).format(session_id) + ) + + bookmarks = json.loads(bookmarks_json)["bookmarks"] + if len(bookmarks) != 1: + raise Exception("Shiori didn't save the bookmark") + + bookmark = bookmarks[0] + if ( + bookmark["url"] != "${insertBookmark.url}" + or bookmark["title"] != "${insertBookmark.title}" + ): + raise Exception("Inserted bookmark doesn't have same URL or title") ''; }) diff --git a/nixpkgs/nixos/tests/signal-desktop.nix b/nixpkgs/nixos/tests/signal-desktop.nix index 605b9c3e130..c746d46dc55 100644 --- a/nixpkgs/nixos/tests/signal-desktop.nix +++ b/nixpkgs/nixos/tests/signal-desktop.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : +import ./make-test-python.nix ({ pkgs, ...} : { name = "signal-desktop"; @@ -24,14 +24,14 @@ import ./make-test.nix ({ pkgs, ...} : testScript = { nodes, ... }: let user = nodes.machine.config.users.users.alice; in '' - startAll; - $machine->waitForX; + start_all() + machine.wait_for_x() # start signal desktop - $machine->execute("su - alice -c signal-desktop &"); + machine.execute("su - alice -c signal-desktop &") # wait for the "Link your phone to Signal Desktop" message - $machine->waitForText(qr/Link your phone to Signal Desktop/); - $machine->screenshot("signal_desktop"); + machine.wait_for_text("Link your phone to Signal Desktop") + machine.screenshot("signal_desktop") ''; }) diff --git a/nixpkgs/nixos/tests/simple.nix b/nixpkgs/nixos/tests/simple.nix index 84c5621d962..3810a2cd3a5 100644 --- a/nixpkgs/nixos/tests/simple.nix +++ b/nixpkgs/nixos/tests/simple.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "simple"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ eelco ]; @@ -10,8 +10,8 @@ import ./make-test.nix ({ pkgs, ...} : { testScript = '' - startAll; - $machine->waitForUnit("multi-user.target"); - $machine->shutdown; + start_all() + machine.wait_for_unit("multi-user.target") + machine.shutdown() ''; }) diff --git a/nixpkgs/nixos/tests/slim.nix b/nixpkgs/nixos/tests/slim.nix deleted file mode 100644 index 42c87dfa039..00000000000 --- a/nixpkgs/nixos/tests/slim.nix +++ /dev/null @@ -1,66 +0,0 @@ -import ./make-test.nix ({ pkgs, ...} : { - name = "slim"; - - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ aszlig ]; - }; - - machine = { pkgs, ... }: { - imports = [ ./common/user-account.nix ]; - services.xserver.enable = true; - services.xserver.windowManager.default = "icewm"; - services.xserver.windowManager.icewm.enable = true; - services.xserver.desktopManager.default = "none"; - services.xserver.displayManager.slim = { - enable = true; - - # Use a custom theme in order to get best OCR results - theme = pkgs.runCommand "slim-theme-ocr" { - nativeBuildInputs = [ pkgs.imagemagick ]; - } '' - mkdir "$out" - convert -size 1x1 xc:white "$out/background.jpg" - convert -size 200x100 xc:white "$out/panel.jpg" - cat > "$out/slim.theme" <<EOF - background_color #ffffff - background_style tile - - input_fgcolor #000000 - msg_color #000000 - - session_color #000000 - session_font Verdana:size=16:bold - - username_msg Username: - username_font Verdana:size=16:bold - username_color #000000 - username_x 50% - username_y 40% - - password_msg Password: - password_x 50% - password_y 40% - EOF - ''; - }; - }; - - enableOCR = true; - - testScript = { nodes, ... }: let - user = nodes.machine.config.users.users.alice; - in '' - startAll; - $machine->waitForText(qr/Username:/); - $machine->sendChars("${user.name}\n"); - $machine->waitForText(qr/Password:/); - $machine->sendChars("${user.password}\n"); - - $machine->waitForFile('${user.home}/.Xauthority'); - $machine->succeed('xauth merge ${user.home}/.Xauthority'); - $machine->waitForWindow('^IceWM '); - - # Make sure SLiM doesn't create a log file - $machine->fail('test -e /var/log/slim.log'); - ''; -}) diff --git a/nixpkgs/nixos/tests/slurm.nix b/nixpkgs/nixos/tests/slurm.nix index 4c2cd3c3d26..17527378cf0 100644 --- a/nixpkgs/nixos/tests/slurm.nix +++ b/nixpkgs/nixos/tests/slurm.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, ... }: +import ./make-test-python.nix ({ lib, ... }: let mungekey = "mungeverryweakkeybuteasytointegratoinatest"; @@ -54,10 +54,15 @@ in { networking.firewall.enable = false; services.slurm.dbdserver = { enable = true; + storagePass = "password123"; }; services.mysql = { enable = true; - package = pkgs.mysql; + package = pkgs.mariadb; + initialScript = pkgs.writeText "mysql-init.sql" '' + CREATE USER 'slurm'@'localhost' IDENTIFIED BY 'password123'; + GRANT ALL PRIVILEGES ON slurm_acct_db.* TO 'slurm'@'localhost'; + ''; ensureDatabases = [ "slurm_acct_db" ]; ensureUsers = [{ ensurePermissions = { "slurm_acct_db.*" = "ALL PRIVILEGES"; }; @@ -80,63 +85,57 @@ in { testScript = '' - startAll; + start_all() # Set up authentification across the cluster - foreach my $node (($submit,$control,$dbd,$node1,$node2,$node3)) - { - $node->waitForUnit("default.target"); + for node in [submit, control, dbd, node1, node2, node3]: - $node->succeed("mkdir /etc/munge"); - $node->succeed("echo '${mungekey}' > /etc/munge/munge.key"); - $node->succeed("chmod 0400 /etc/munge/munge.key"); - $node->succeed("chown munge:munge /etc/munge/munge.key"); - $node->succeed("systemctl restart munged"); + node.wait_for_unit("default.target") + + node.succeed("mkdir /etc/munge") + node.succeed( + "echo '${mungekey}' > /etc/munge/munge.key" + ) + node.succeed("chmod 0400 /etc/munge/munge.key") + node.succeed("chown munge:munge /etc/munge/munge.key") + node.succeed("systemctl restart munged") + + node.wait_for_unit("munged") - $node->waitForUnit("munged"); - }; # Restart the services since they have probably failed due to the munge init # failure - subtest "can_start_slurmdbd", sub { - $dbd->succeed("systemctl restart slurmdbd"); - $dbd->waitForUnit("slurmdbd.service"); - $dbd->waitForOpenPort(6819); - }; + with subtest("can_start_slurmdbd"): + dbd.succeed("systemctl restart slurmdbd") + dbd.wait_for_unit("slurmdbd.service") + dbd.wait_for_open_port(6819) # there needs to be an entry for the current # cluster in the database before slurmctld is restarted - subtest "add_account", sub { - $control->succeed("sacctmgr -i add cluster default"); - # check for cluster entry - $control->succeed("sacctmgr list cluster | awk '{ print \$1 }' | grep default"); - }; + with subtest("add_account"): + control.succeed("sacctmgr -i add cluster default") + # check for cluster entry + control.succeed("sacctmgr list cluster | awk '{ print $1 }' | grep default") - subtest "can_start_slurmctld", sub { - $control->succeed("systemctl restart slurmctld"); - $control->waitForUnit("slurmctld.service"); - }; + with subtest("can_start_slurmctld"): + control.succeed("systemctl restart slurmctld") + control.waitForUnit("slurmctld.service") - subtest "can_start_slurmd", sub { - foreach my $node (($node1,$node2,$node3)) - { - $node->succeed("systemctl restart slurmd.service"); - $node->waitForUnit("slurmd"); - } - }; + with subtest("can_start_slurmd"): + for node in [node1, node2, node3]: + node.succeed("systemctl restart slurmd.service") + node.wait_for_unit("slurmd") # Test that the cluster works and can distribute jobs; - subtest "run_distributed_command", sub { - # Run `hostname` on 3 nodes of the partition (so on all the 3 nodes). - # The output must contain the 3 different names - $submit->succeed("srun -N 3 hostname | sort | uniq | wc -l | xargs test 3 -eq"); - }; + with subtest("run_distributed_command"): + # Run `hostname` on 3 nodes of the partition (so on all the 3 nodes). + # The output must contain the 3 different names + submit.succeed("srun -N 3 hostname | sort | uniq | wc -l | xargs test 3 -eq") - subtest "check_slurm_dbd", sub { - # find the srun job from above in the database - sleep 5; - $control->succeed("sacct | grep hostname"); - }; + with subtest("check_slurm_dbd"): + # find the srun job from above in the database + control.succeed("sleep 5") + control.succeed("sacct | grep hostname") ''; }) diff --git a/nixpkgs/nixos/tests/smokeping.nix b/nixpkgs/nixos/tests/smokeping.nix index 07d22805112..4f8f0fcc9fe 100644 --- a/nixpkgs/nixos/tests/smokeping.nix +++ b/nixpkgs/nixos/tests/smokeping.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "smokeping"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ cransom ]; @@ -22,12 +22,12 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; - $sm->waitForUnit("smokeping"); - $sm->waitForUnit("thttpd"); - $sm->waitForFile("/var/lib/smokeping/data/Local/LocalMachine.rrd"); - $sm->succeed("curl -s -f localhost:8081/smokeping.fcgi?target=Local"); - $sm->succeed("ls /var/lib/smokeping/cache/Local/LocalMachine_mini.png"); - $sm->succeed("ls /var/lib/smokeping/cache/index.html"); + start_all() + sm.wait_for_unit("smokeping") + sm.wait_for_unit("thttpd") + sm.wait_for_file("/var/lib/smokeping/data/Local/LocalMachine.rrd") + sm.succeed("curl -s -f localhost:8081/smokeping.fcgi?target=Local") + sm.succeed("ls /var/lib/smokeping/cache/Local/LocalMachine_mini.png") + sm.succeed("ls /var/lib/smokeping/cache/index.html") ''; }) diff --git a/nixpkgs/nixos/tests/snapper.nix b/nixpkgs/nixos/tests/snapper.nix index 74ec22fd349..018102d7f64 100644 --- a/nixpkgs/nixos/tests/snapper.nix +++ b/nixpkgs/nixos/tests/snapper.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ ... }: +import ./make-test-python.nix ({ ... }: { name = "snapper"; @@ -20,24 +20,16 @@ import ./make-test.nix ({ ... }: }; testScript = '' - $machine->succeed("btrfs subvolume create /home/.snapshots"); - - $machine->succeed("snapper -c home list"); - - $machine->succeed("snapper -c home create --description empty"); - - $machine->succeed("echo test > /home/file"); - $machine->succeed("snapper -c home create --description file"); - - $machine->succeed("snapper -c home status 1..2"); - - $machine->succeed("snapper -c home undochange 1..2"); - $machine->fail("ls /home/file"); - - $machine->succeed("snapper -c home delete 2"); - - $machine->succeed("systemctl --wait start snapper-timeline.service"); - - $machine->succeed("systemctl --wait start snapper-cleanup.service"); + machine.succeed("btrfs subvolume create /home/.snapshots") + machine.succeed("snapper -c home list") + machine.succeed("snapper -c home create --description empty") + machine.succeed("echo test > /home/file") + machine.succeed("snapper -c home create --description file") + machine.succeed("snapper -c home status 1..2") + machine.succeed("snapper -c home undochange 1..2") + machine.fail("ls /home/file") + machine.succeed("snapper -c home delete 2") + machine.succeed("systemctl --wait start snapper-timeline.service") + machine.succeed("systemctl --wait start snapper-cleanup.service") ''; }) diff --git a/nixpkgs/nixos/tests/spike.nix b/nixpkgs/nixos/tests/spike.nix new file mode 100644 index 00000000000..47763e75ffa --- /dev/null +++ b/nixpkgs/nixos/tests/spike.nix @@ -0,0 +1,22 @@ +import ./make-test-python.nix ({ pkgs, ... }: + +let + riscvPkgs = import ../.. { crossSystem = pkgs.stdenv.lib.systems.examples.riscv64-embedded; }; +in +{ + name = "spike"; + meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ blitz ]; }; + + machine = { pkgs, lib, ... }: { + environment.systemPackages = [ pkgs.spike riscvPkgs.riscv-pk riscvPkgs.hello ]; + }; + + # Run the RISC-V hello applications using the proxy kernel on the + # Spike emulator and see whether we get the expected output. + testScript = + '' + machine.wait_for_unit("multi-user.target") + output = machine.succeed("spike -m64 $(which pk) $(which hello)") + assert output == "Hello, world!\n" + ''; +}) diff --git a/nixpkgs/nixos/tests/strongswan-swanctl.nix b/nixpkgs/nixos/tests/strongswan-swanctl.nix index 9bab9349ea7..152c0d61c54 100644 --- a/nixpkgs/nixos/tests/strongswan-swanctl.nix +++ b/nixpkgs/nixos/tests/strongswan-swanctl.nix @@ -16,7 +16,7 @@ # See the NixOS manual for how to run this test: # https://nixos.org/nixos/manual/index.html#sec-running-nixos-tests-interactively -import ./make-test.nix ({ pkgs, ...} : +import ./make-test-python.nix ({ pkgs, ...} : let allowESP = "iptables --insert INPUT --protocol ESP --jump ACCEPT"; @@ -142,7 +142,7 @@ in { }; testScript = '' - startAll(); - $carol->waitUntilSucceeds("ping -c 1 alice"); + start_all() + carol.wait_until_succeeds("ping -c 1 alice") ''; }) diff --git a/nixpkgs/nixos/tests/sudo.nix b/nixpkgs/nixos/tests/sudo.nix index fc16b99cc19..5bbec3d5726 100644 --- a/nixpkgs/nixos/tests/sudo.nix +++ b/nixpkgs/nixos/tests/sudo.nix @@ -4,7 +4,7 @@ let password = "helloworld"; in - import ./make-test.nix ({ pkgs, ...} : { + import ./make-test-python.nix ({ pkgs, ...} : { name = "sudo"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ lschuermann ]; @@ -50,44 +50,34 @@ in testScript = '' - subtest "users in wheel group should have passwordless sudo", sub { - $machine->succeed("su - test0 -c \"sudo -u root true\""); - }; + with subtest("users in wheel group should have passwordless sudo"): + machine.succeed('su - test0 -c "sudo -u root true"') - subtest "test1 user should have sudo with password", sub { - $machine->succeed("su - test1 -c \"echo ${password} | sudo -S -u root true\""); - }; + with subtest("test1 user should have sudo with password"): + machine.succeed('su - test1 -c "echo ${password} | sudo -S -u root true"') - subtest "test1 user should not be able to use sudo without password", sub { - $machine->fail("su - test1 -c \"sudo -n -u root true\""); - }; + with subtest("test1 user should not be able to use sudo without password"): + machine.fail('su - test1 -c "sudo -n -u root true"') - subtest "users in group 'foobar' should be able to use sudo with password", sub { - $machine->succeed("sudo -u test2 echo ${password} | sudo -S -u root true"); - }; + with subtest("users in group 'foobar' should be able to use sudo with password"): + machine.succeed("sudo -u test2 echo ${password} | sudo -S -u root true") - subtest "users in group 'barfoo' should be able to use sudo without password", sub { - $machine->succeed("sudo -u test3 sudo -n -u root true"); - }; + with subtest("users in group 'barfoo' should be able to use sudo without password"): + machine.succeed("sudo -u test3 sudo -n -u root true") - subtest "users in group 'baz' (GID 1337) should be able to use sudo without password", sub { - $machine->succeed("sudo -u test4 sudo -n -u root echo true"); - }; + with subtest("users in group 'baz' (GID 1337)"): + machine.succeed("sudo -u test4 sudo -n -u root echo true") - subtest "test5 user should be able to run commands under test1", sub { - $machine->succeed("sudo -u test5 sudo -n -u test1 true"); - }; + with subtest("test5 user should be able to run commands under test1"): + machine.succeed("sudo -u test5 sudo -n -u test1 true") - subtest "test5 user should not be able to run commands under root", sub { - $machine->fail("sudo -u test5 sudo -n -u root true"); - }; + with subtest("test5 user should not be able to run commands under root"): + machine.fail("sudo -u test5 sudo -n -u root true") - subtest "test5 user should be able to keep his environment", sub { - $machine->succeed("sudo -u test5 sudo -n -E -u test1 true"); - }; + with subtest("test5 user should be able to keep his environment"): + machine.succeed("sudo -u test5 sudo -n -E -u test1 true") - subtest "users in group 'barfoo' should not be able to keep their environment", sub { - $machine->fail("sudo -u test3 sudo -n -E -u root true"); - }; + with subtest("users in group 'barfoo' should not be able to keep their environment"): + machine.fail("sudo -u test3 sudo -n -E -u root true") ''; }) diff --git a/nixpkgs/nixos/tests/syncthing-init.nix b/nixpkgs/nixos/tests/syncthing-init.nix index 0de76b688bd..9c8e0a3d087 100644 --- a/nixpkgs/nixos/tests/syncthing-init.nix +++ b/nixpkgs/nixos/tests/syncthing-init.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, pkgs, ... }: let +import ./make-test-python.nix ({ lib, pkgs, ... }: let testId = "7CFNTQM-IMTJBHJ-3UWRDIU-ZGQJFR6-VCXZ3NB-XUH3KZO-N52ITXR-LAIYUAU"; @@ -22,13 +22,11 @@ in { }; testScript = '' - my $config; - - $machine->waitForUnit("syncthing-init.service"); - $config = $machine->succeed("cat /var/lib/syncthing/.config/syncthing/config.xml"); + machine.wait_for_unit("syncthing-init.service") + config = machine.succeed("cat /var/lib/syncthing/.config/syncthing/config.xml") - $config =~ /${testId}/ or die; - $config =~ /testFolder/ or die; + assert "testFolder" in config + assert "${testId}" in config ''; }) diff --git a/nixpkgs/nixos/tests/syncthing-relay.nix b/nixpkgs/nixos/tests/syncthing-relay.nix index f1ceb499333..cd72ef1cbe1 100644 --- a/nixpkgs/nixos/tests/syncthing-relay.nix +++ b/nixpkgs/nixos/tests/syncthing-relay.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, pkgs, ... }: { +import ./make-test-python.nix ({ lib, pkgs, ... }: { name = "syncthing-relay"; meta.maintainers = with pkgs.stdenv.lib.maintainers; [ delroth ]; @@ -14,9 +14,13 @@ import ./make-test.nix ({ lib, pkgs, ... }: { }; testScript = '' - $machine->waitForUnit("syncthing-relay.service"); - $machine->waitForOpenPort(12345); - $machine->waitForOpenPort(12346); - $machine->succeed("curl http://localhost:12346/status | jq -r '.options.\"provided-by\"'") =~ /nixos-test/ or die; + machine.wait_for_unit("syncthing-relay.service") + machine.wait_for_open_port(12345) + machine.wait_for_open_port(12346) + + out = machine.succeed( + "curl -sS http://localhost:12346/status | jq -r '.options.\"provided-by\"'" + ) + assert "nixos-test" in out ''; }) diff --git a/nixpkgs/nixos/tests/systemd-networkd-wireguard.nix b/nixpkgs/nixos/tests/systemd-networkd-wireguard.nix index aa0ac54e796..be5c0da981d 100644 --- a/nixpkgs/nixos/tests/systemd-networkd-wireguard.nix +++ b/nixpkgs/nixos/tests/systemd-networkd-wireguard.nix @@ -1,4 +1,4 @@ -let generateNodeConf = { lib, pkgs, config, privkpath, pubk, peerId, nodeId, ...}: { +let generateNodeConf = { lib, pkgs, config, privk, pubk, peerId, nodeId, ...}: { imports = [ common/user-account.nix ]; systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug"; networking.useNetworkd = true; @@ -7,13 +7,16 @@ let generateNodeConf = { lib, pkgs, config, privkpath, pubk, peerId, nodeId, ... virtualisation.vlans = [ 1 ]; environment.systemPackages = with pkgs; [ wireguard-tools ]; boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ]; + systemd.tmpfiles.rules = [ + "f /run/wg_priv 0640 root systemd-network - ${privk}" + ]; systemd.network = { enable = true; netdevs = { "90-wg0" = { netdevConfig = { Kind = "wireguard"; Name = "wg0"; }; wireguardConfig = { - PrivateKeyFile = privkpath ; + PrivateKeyFile = "/run/wg_priv"; ListenPort = 51820; FwMark = 42; }; @@ -45,7 +48,7 @@ let generateNodeConf = { lib, pkgs, config, privkpath, pubk, peerId, nodeId, ... }; }; }; -in import ./make-test.nix ({pkgs, ... }: { +in import ./make-test-python.nix ({pkgs, ... }: { name = "networkd-wireguard"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ ninjatrappeur ]; @@ -53,7 +56,7 @@ in import ./make-test.nix ({pkgs, ... }: { nodes = { node1 = { pkgs, ... }@attrs: let localConf = { - privkpath = pkgs.writeText "priv.key" "GDiXWlMQKb379XthwX0haAbK6hTdjblllpjGX0heP00="; + privk = "GDiXWlMQKb379XthwX0haAbK6hTdjblllpjGX0heP00="; pubk = "iRxpqj42nnY0Qz8MAQbSm7bXxXP5hkPqWYIULmvW+EE="; nodeId = "1"; peerId = "2"; @@ -62,7 +65,7 @@ in import ./make-test.nix ({pkgs, ... }: { node2 = { pkgs, ... }@attrs: let localConf = { - privkpath = pkgs.writeText "priv.key" "eHxSI2jwX/P4AOI0r8YppPw0+4NZnjOxfbS5mt06K2k="; + privk = "eHxSI2jwX/P4AOI0r8YppPw0+4NZnjOxfbS5mt06K2k="; pubk = "27s0OvaBBdHoJYkH9osZpjpgSOVNw+RaKfboT/Sfq0g="; nodeId = "2"; peerId = "1"; @@ -70,12 +73,12 @@ in import ./make-test.nix ({pkgs, ... }: { in generateNodeConf (attrs // localConf); }; testScript = '' - startAll; - $node1->waitForUnit('systemd-networkd-wait-online.service'); - $node2->waitForUnit('systemd-networkd-wait-online.service'); - $node1->succeed('ping -c 5 10.0.0.2'); - $node2->succeed('ping -c 5 10.0.0.1'); + start_all() + node1.wait_for_unit("systemd-networkd-wait-online.service") + node2.wait_for_unit("systemd-networkd-wait-online.service") + node1.succeed("ping -c 5 10.0.0.2") + node2.succeed("ping -c 5 10.0.0.1") # Is the fwmark set? - $node2->succeed('wg | grep -q 42'); + node2.succeed("wg | grep -q 42") ''; }) diff --git a/nixpkgs/nixos/tests/systemd-nspawn.nix b/nixpkgs/nixos/tests/systemd-nspawn.nix new file mode 100644 index 00000000000..5bf55060d2e --- /dev/null +++ b/nixpkgs/nixos/tests/systemd-nspawn.nix @@ -0,0 +1,60 @@ +import ./make-test-python.nix ({pkgs, lib, ...}: +let + gpgKeyring = (pkgs.runCommand "gpg-keyring" { buildInputs = [ pkgs.gnupg ]; } '' + mkdir -p $out + export GNUPGHOME=$out + cat > foo <<EOF + %echo Generating a basic OpenPGP key + %no-protection + Key-Type: DSA + Key-Length: 1024 + Subkey-Type: ELG-E + Subkey-Length: 1024 + Name-Real: Joe Tester + Name-Email: joe@foo.bar + Expire-Date: 0 + # Do a commit here, so that we can later print "done" + %commit + %echo done + EOF + gpg --batch --generate-key foo + rm $out/S.gpg-agent $out/S.gpg-agent.* + gpg --export joe@foo.bar -a > $out/pubkey.gpg + ''); + + nspawnImages = (pkgs.runCommand "localhost" { buildInputs = [ pkgs.coreutils pkgs.gnupg ]; } '' + mkdir -p $out + cd $out + dd if=/dev/urandom of=$out/testimage.raw bs=$((1024*1024+7)) count=5 + sha256sum testimage.raw > SHA256SUMS + export GNUPGHOME="$(mktemp -d)" + cp -R ${gpgKeyring}/* $GNUPGHOME + gpg --batch --sign --detach-sign --output SHA256SUMS.gpg SHA256SUMS + ''); +in { + name = "systemd-nspawn"; + + nodes = { + server = { pkgs, ... }: { + networking.firewall.allowedTCPPorts = [ 80 ]; + services.nginx = { + enable = true; + virtualHosts."server".root = nspawnImages; + }; + }; + client = { pkgs, ... }: { + environment.etc."systemd/import-pubring.gpg".source = "${gpgKeyring}/pubkey.gpg"; + }; + }; + + testScript = '' + start_all() + + server.wait_for_unit("nginx.service") + client.wait_for_unit("network-online.target") + client.succeed("machinectl pull-raw --verify=signature http://server/testimage.raw") + client.succeed( + "cmp /var/lib/machines/testimage.raw ${nspawnImages}/testimage.raw" + ) + ''; +}) diff --git a/nixpkgs/nixos/tests/telegraf.nix b/nixpkgs/nixos/tests/telegraf.nix index 6776f8d8c37..73f741b1135 100644 --- a/nixpkgs/nixos/tests/telegraf.nix +++ b/nixpkgs/nixos/tests/telegraf.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "telegraf"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ mic92 ]; @@ -22,9 +22,9 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all() - $machine->waitForUnit("telegraf.service"); - $machine->waitUntilSucceeds("grep -q example /tmp/metrics.out"); + machine.wait_for_unit("telegraf.service") + machine.wait_until_succeeds("grep -q example /tmp/metrics.out") ''; }) diff --git a/nixpkgs/nixos/tests/tinydns.nix b/nixpkgs/nixos/tests/tinydns.nix index cb7ee0c5fb5..c7740d5ade3 100644 --- a/nixpkgs/nixos/tests/tinydns.nix +++ b/nixpkgs/nixos/tests/tinydns.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, ...} : { +import ./make-test-python.nix ({ lib, ...} : { name = "tinydns"; meta = { maintainers = with lib.maintainers; [ basvandijk ]; @@ -19,8 +19,8 @@ import ./make-test.nix ({ lib, ...} : { }; }; testScript = '' - $nameserver->start; - $nameserver->waitForUnit("tinydns.service"); - $nameserver->succeed("host bla.foo.bar | grep '1\.2\.3\.4'"); + nameserver.start() + nameserver.wait_for_unit("tinydns.service") + nameserver.succeed("host bla.foo.bar | grep '1\.2\.3\.4'") ''; }) diff --git a/nixpkgs/nixos/tests/tor.nix b/nixpkgs/nixos/tests/tor.nix index 0cb44ddff24..ad07231557c 100644 --- a/nixpkgs/nixos/tests/tor.nix +++ b/nixpkgs/nixos/tests/tor.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ lib, ... }: with lib; +import ./make-test-python.nix ({ lib, ... }: with lib; rec { name = "tor"; @@ -21,8 +21,10 @@ rec { }; testScript = '' - $client->waitForUnit("tor.service"); - $client->waitForOpenPort(9051); - $client->succeed("echo GETINFO version | nc 127.0.0.1 9051") =~ /514 Authentication required./ or die; + client.wait_for_unit("tor.service") + client.wait_for_open_port(9051) + assert "514 Authentication required." in client.succeed( + "echo GETINFO version | nc 127.0.0.1 9051" + ) ''; }) diff --git a/nixpkgs/nixos/tests/trac.nix b/nixpkgs/nixos/tests/trac.nix new file mode 100644 index 00000000000..7953f8d41f7 --- /dev/null +++ b/nixpkgs/nixos/tests/trac.nix @@ -0,0 +1,19 @@ +import ./make-test-python.nix ({ pkgs, ... }: { + name = "trac"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ mmahut ]; + }; + + nodes = { + machine = { ... }: { + services.trac.enable = true; + }; + }; + + testScript = '' + start_all() + machine.wait_for_unit("trac.service") + machine.wait_for_open_port(8000) + machine.wait_until_succeeds("curl -L http://localhost:8000/ | grep 'Trac Powered'") + ''; +}) diff --git a/nixpkgs/nixos/tests/transmission.nix b/nixpkgs/nixos/tests/transmission.nix index f1c238730eb..f4f2186be1f 100644 --- a/nixpkgs/nixos/tests/transmission.nix +++ b/nixpkgs/nixos/tests/transmission.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "transmission"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ coconnor ]; @@ -14,8 +14,8 @@ import ./make-test.nix ({ pkgs, ...} : { testScript = '' - startAll; - $machine->waitForUnit("transmission"); - $machine->shutdown; + start_all() + machine.wait_for_unit("transmission") + machine.shutdown() ''; }) diff --git a/nixpkgs/nixos/tests/trezord.nix b/nixpkgs/nixos/tests/trezord.nix index 1c85bf53934..8d908a52249 100644 --- a/nixpkgs/nixos/tests/trezord.nix +++ b/nixpkgs/nixos/tests/trezord.nix @@ -1,7 +1,7 @@ -import ./make-test.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: { name = "trezord"; meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ mmahut ]; + maintainers = [ mmahut "1000101" ]; }; nodes = { @@ -12,9 +12,9 @@ import ./make-test.nix ({ pkgs, ... }: { }; testScript = '' - startAll; - $machine->waitForUnit("trezord.service"); - $machine->waitForOpenPort(21325); - $machine->waitUntilSucceeds("curl -L http://localhost:21325/status/ | grep Version"); + start_all() + machine.wait_for_unit("trezord.service") + machine.wait_for_open_port(21325) + machine.wait_until_succeeds("curl -L http://localhost:21325/status/ | grep Version") ''; }) diff --git a/nixpkgs/nixos/tests/trickster.nix b/nixpkgs/nixos/tests/trickster.nix new file mode 100644 index 00000000000..e2ca00980d5 --- /dev/null +++ b/nixpkgs/nixos/tests/trickster.nix @@ -0,0 +1,37 @@ +import ./make-test-python.nix ({ pkgs, ... }: { + name = "trickster"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ "1000101" ]; + }; + + nodes = { + prometheus = { ... }: { + services.prometheus.enable = true; + networking.firewall.allowedTCPPorts = [ 9090 ]; + }; + trickster = { ... }: { + services.trickster.enable = true; + }; + }; + + testScript = '' + start_all() + prometheus.wait_for_unit("prometheus.service") + prometheus.wait_for_open_port(9090) + prometheus.wait_until_succeeds( + "curl -L http://localhost:9090/metrics | grep 'promhttp_metric_handler_requests_total{code=\"500\"} 0'" + ) + trickster.wait_for_unit("trickster.service") + trickster.wait_for_open_port(8082) + trickster.wait_for_open_port(9090) + trickster.wait_until_succeeds( + "curl -L http://localhost:8082/metrics | grep 'promhttp_metric_handler_requests_total{code=\"500\"} 0'" + ) + trickster.wait_until_succeeds( + "curl -L http://prometheus:9090/metrics | grep 'promhttp_metric_handler_requests_total{code=\"500\"} 0'" + ) + trickster.wait_until_succeeds( + "curl -L http://localhost:9090/metrics | grep 'promhttp_metric_handler_requests_total{code=\"500\"} 0'" + ) + ''; +})
\ No newline at end of file diff --git a/nixpkgs/nixos/tests/udisks2.nix b/nixpkgs/nixos/tests/udisks2.nix index dcf869908d8..0cbfa0c4c7b 100644 --- a/nixpkgs/nixos/tests/udisks2.nix +++ b/nixpkgs/nixos/tests/udisks2.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: let @@ -30,32 +30,40 @@ in testScript = '' - my $stick = $machine->stateDir . "/usbstick.img"; - system("xz -d < ${stick} > $stick") == 0 or die; + import lzma - $machine->succeed("udisksctl info -b /dev/vda >&2"); - $machine->fail("udisksctl info -b /dev/sda1"); + with lzma.open( + "${stick}" + ) as data, open(machine.state_dir + "/usbstick.img", "wb") as stick: + stick.write(data.read()) + + machine.succeed("udisksctl info -b /dev/vda >&2") + machine.fail("udisksctl info -b /dev/sda1") # Attach a USB stick and wait for it to show up. - $machine->sendMonitorCommand("drive_add 0 id=stick,if=none,file=$stick,format=raw"); - $machine->sendMonitorCommand("device_add usb-storage,id=stick,drive=stick"); - $machine->waitUntilSucceeds("udisksctl info -b /dev/sda1"); - $machine->succeed("udisksctl info -b /dev/sda1 | grep 'IdLabel:.*USBSTICK'"); + machine.send_monitor_command( + f"drive_add 0 id=stick,if=none,file={stick.name},format=raw" + ) + machine.send_monitor_command("device_add usb-storage,id=stick,drive=stick") + machine.wait_until_succeeds("udisksctl info -b /dev/sda1") + machine.succeed("udisksctl info -b /dev/sda1 | grep 'IdLabel:.*USBSTICK'") # Mount the stick as a non-root user and do some stuff with it. - $machine->succeed("su - alice -c 'udisksctl info -b /dev/sda1'"); - $machine->succeed("su - alice -c 'udisksctl mount -b /dev/sda1'"); - $machine->succeed("su - alice -c 'cat /run/media/alice/USBSTICK/test.txt'") =~ /Hello World/ or die; - $machine->succeed("su - alice -c 'echo foo > /run/media/alice/USBSTICK/bar.txt'"); + machine.succeed("su - alice -c 'udisksctl info -b /dev/sda1'") + machine.succeed("su - alice -c 'udisksctl mount -b /dev/sda1'") + machine.succeed( + "su - alice -c 'cat /run/media/alice/USBSTICK/test.txt' | grep -q 'Hello World'" + ) + machine.succeed("su - alice -c 'echo foo > /run/media/alice/USBSTICK/bar.txt'") # Unmounting the stick should make the mountpoint disappear. - $machine->succeed("su - alice -c 'udisksctl unmount -b /dev/sda1'"); - $machine->fail("[ -d /run/media/alice/USBSTICK ]"); + machine.succeed("su - alice -c 'udisksctl unmount -b /dev/sda1'") + machine.fail("[ -d /run/media/alice/USBSTICK ]") # Remove the USB stick. - $machine->sendMonitorCommand("device_del stick"); - $machine->waitUntilFails("udisksctl info -b /dev/sda1"); - $machine->fail("[ -e /dev/sda ]"); + machine.send_monitor_command("device_del stick") + machine.wait_until_fails("udisksctl info -b /dev/sda1") + machine.fail("[ -e /dev/sda ]") ''; }) diff --git a/nixpkgs/nixos/tests/upnp.nix b/nixpkgs/nixos/tests/upnp.nix index 98344aee3ef..d2e7fdd4fbe 100644 --- a/nixpkgs/nixos/tests/upnp.nix +++ b/nixpkgs/nixos/tests/upnp.nix @@ -5,7 +5,7 @@ # this succeeds an external client will try to connect to the port # mapping. -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: let internalRouterAddress = "192.168.3.1"; @@ -75,20 +75,20 @@ in testScript = { nodes, ... }: '' - startAll; + start_all() # Wait for network and miniupnpd. - $router->waitForUnit("network-online.target"); - # $router->waitForUnit("nat"); - $router->waitForUnit("firewall.service"); - $router->waitForUnit("miniupnpd"); + router.wait_for_unit("network-online.target") + # $router.wait_for_unit("nat") + router.wait_for_unit("firewall.service") + router.wait_for_unit("miniupnpd") - $client1->waitForUnit("network-online.target"); + client1.wait_for_unit("network-online.target") - $client1->succeed("upnpc -a ${internalClient1Address} 9000 9000 TCP"); + client1.succeed("upnpc -a ${internalClient1Address} 9000 9000 TCP") - $client1->waitForUnit("httpd"); - $client2->waitUntilSucceeds("curl http://${externalRouterAddress}:9000/"); + client1.wait_for_unit("httpd") + client2.wait_until_succeeds("curl http://${externalRouterAddress}:9000/") ''; }) diff --git a/nixpkgs/nixos/tests/uwsgi.nix b/nixpkgs/nixos/tests/uwsgi.nix index afc03e74ed7..78a87147f55 100644 --- a/nixpkgs/nixos/tests/uwsgi.nix +++ b/nixpkgs/nixos/tests/uwsgi.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: { name = "uwsgi"; meta = with pkgs.stdenv.lib.maintainers; { @@ -30,9 +30,9 @@ import ./make-test.nix ({ pkgs, ... }: testScript = '' - $machine->waitForUnit('multi-user.target'); - $machine->waitForUnit('uwsgi.service'); - $machine->waitForOpenPort(8000); - $machine->succeed('curl -v 127.0.0.1:8000 | grep "Hello World!"'); + machine.wait_for_unit("multi-user.target") + machine.wait_for_unit("uwsgi.service") + machine.wait_for_open_port(8000) + assert "Hello World" in machine.succeed("curl -v 127.0.0.1:8000") ''; }) diff --git a/nixpkgs/nixos/tests/vault.nix b/nixpkgs/nixos/tests/vault.nix index caf0cbb2abf..ac8cf0703da 100644 --- a/nixpkgs/nixos/tests/vault.nix +++ b/nixpkgs/nixos/tests/vault.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: { name = "vault"; meta = with pkgs.stdenv.lib.maintainers; { @@ -12,12 +12,12 @@ import ./make-test.nix ({ pkgs, ... }: testScript = '' - startAll; + start_all() - $machine->waitForUnit('multi-user.target'); - $machine->waitForUnit('vault.service'); - $machine->waitForOpenPort(8200); - $machine->succeed('vault operator init'); - $machine->succeed('vault status | grep Sealed | grep true'); + machine.wait_for_unit("multi-user.target") + machine.wait_for_unit("vault.service") + machine.wait_for_open_port(8200) + machine.succeed("vault operator init") + machine.succeed("vault status | grep Sealed | grep true") ''; }) diff --git a/nixpkgs/nixos/tests/wireguard/default.nix b/nixpkgs/nixos/tests/wireguard/default.nix index b0797b96323..8206823a918 100644 --- a/nixpkgs/nixos/tests/wireguard/default.nix +++ b/nixpkgs/nixos/tests/wireguard/default.nix @@ -2,7 +2,7 @@ let wg-snakeoil-keys = import ./snakeoil-keys.nix; in -import ../make-test.nix ({ pkgs, ...} : { +import ../make-test-python.nix ({ pkgs, ...} : { name = "wireguard"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ ma27 ]; @@ -86,12 +86,12 @@ import ../make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all() - $peer0->waitForUnit("wireguard-wg0.service"); - $peer1->waitForUnit("wireguard-wg0.service"); + peer0.wait_for_unit("wireguard-wg0.service") + peer1.wait_for_unit("wireguard-wg0.service") - $peer1->succeed("ping -c5 fc00::1"); - $peer1->succeed("ping -c5 10.23.42.1") + peer1.succeed("ping -c5 fc00::1") + peer1.succeed("ping -c5 10.23.42.1") ''; }) diff --git a/nixpkgs/nixos/tests/wireguard/generated.nix b/nixpkgs/nixos/tests/wireguard/generated.nix index 897feafe3ff..a29afd2d466 100644 --- a/nixpkgs/nixos/tests/wireguard/generated.nix +++ b/nixpkgs/nixos/tests/wireguard/generated.nix @@ -1,4 +1,4 @@ -import ../make-test.nix ({ pkgs, ...} : { +import ../make-test-python.nix ({ pkgs, ...} : { name = "wireguard-generated"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ ma27 grahamc ]; @@ -28,30 +28,34 @@ import ../make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; - - $peer1->waitForUnit("wireguard-wg0.service"); - $peer2->waitForUnit("wireguard-wg0.service"); - - my ($retcode, $peer1pubkey) = $peer1->execute("wg pubkey < /etc/wireguard/private"); - $peer1pubkey =~ s/\s+$//; - if ($retcode != 0) { - die "Could not read public key from peer1"; - } - - my ($retcode, $peer2pubkey) = $peer2->execute("wg pubkey < /etc/wireguard/private"); - $peer2pubkey =~ s/\s+$//; - if ($retcode != 0) { - die "Could not read public key from peer2"; - } - - $peer1->succeed("wg set wg0 peer $peer2pubkey allowed-ips 10.10.10.2/32 endpoint 192.168.1.2:12345 persistent-keepalive 1"); - $peer1->succeed("ip route replace 10.10.10.2/32 dev wg0 table main"); - - $peer2->succeed("wg set wg0 peer $peer1pubkey allowed-ips 10.10.10.1/32 endpoint 192.168.1.1:12345 persistent-keepalive 1"); - $peer2->succeed("ip route replace 10.10.10.1/32 dev wg0 table main"); - - $peer1->succeed("ping -c1 10.10.10.2"); - $peer2->succeed("ping -c1 10.10.10.1"); + start_all() + + peer1.wait_for_unit("wireguard-wg0.service") + peer2.wait_for_unit("wireguard-wg0.service") + + retcode, peer1pubkey = peer1.execute("wg pubkey < /etc/wireguard/private") + if retcode != 0: + raise Exception("Could not read public key from peer1") + + retcode, peer2pubkey = peer2.execute("wg pubkey < /etc/wireguard/private") + if retcode != 0: + raise Exception("Could not read public key from peer2") + + peer1.succeed( + "wg set wg0 peer {} allowed-ips 10.10.10.2/32 endpoint 192.168.1.2:12345 persistent-keepalive 1".format( + peer2pubkey.strip() + ) + ) + peer1.succeed("ip route replace 10.10.10.2/32 dev wg0 table main") + + peer2.succeed( + "wg set wg0 peer {} allowed-ips 10.10.10.1/32 endpoint 192.168.1.1:12345 persistent-keepalive 1".format( + peer1pubkey.strip() + ) + ) + peer2.succeed("ip route replace 10.10.10.1/32 dev wg0 table main") + + peer1.succeed("ping -c1 10.10.10.2") + peer2.succeed("ping -c1 10.10.10.1") ''; }) diff --git a/nixpkgs/nixos/tests/wireguard/namespaces.nix b/nixpkgs/nixos/tests/wireguard/namespaces.nix new file mode 100644 index 00000000000..94f993d9475 --- /dev/null +++ b/nixpkgs/nixos/tests/wireguard/namespaces.nix @@ -0,0 +1,80 @@ +let + listenPort = 12345; + socketNamespace = "foo"; + interfaceNamespace = "bar"; + node = { + networking.wireguard.interfaces.wg0 = { + listenPort = listenPort; + ips = [ "10.10.10.1/24" ]; + privateKeyFile = "/etc/wireguard/private"; + generatePrivateKeyFile = true; + }; + }; + +in + +import ../make-test.nix ({ pkgs, ...} : { + name = "wireguard-with-namespaces"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ asymmetric ]; + }; + + nodes = { + # interface should be created in the socketNamespace + # and not moved from there + peer0 = pkgs.lib.attrsets.recursiveUpdate node { + networking.wireguard.interfaces.wg0 = { + preSetup = '' + ip netns add ${socketNamespace} + ''; + inherit socketNamespace; + }; + }; + # interface should be created in the init namespace + # and moved to the interfaceNamespace + peer1 = pkgs.lib.attrsets.recursiveUpdate node { + networking.wireguard.interfaces.wg0 = { + preSetup = '' + ip netns add ${interfaceNamespace} + ''; + inherit interfaceNamespace; + }; + }; + # interface should be created in the socketNamespace + # and moved to the interfaceNamespace + peer2 = pkgs.lib.attrsets.recursiveUpdate node { + networking.wireguard.interfaces.wg0 = { + preSetup = '' + ip netns add ${socketNamespace} + ip netns add ${interfaceNamespace} + ''; + inherit socketNamespace interfaceNamespace; + }; + }; + # interface should be created in the socketNamespace + # and moved to the init namespace + peer3 = pkgs.lib.attrsets.recursiveUpdate node { + networking.wireguard.interfaces.wg0 = { + preSetup = '' + ip netns add ${socketNamespace} + ''; + inherit socketNamespace; + interfaceNamespace = "init"; + }; + }; + }; + + testScript = '' + startAll(); + + $peer0->waitForUnit("wireguard-wg0.service"); + $peer1->waitForUnit("wireguard-wg0.service"); + $peer2->waitForUnit("wireguard-wg0.service"); + $peer3->waitForUnit("wireguard-wg0.service"); + + $peer0->succeed("ip -n ${socketNamespace} link show wg0"); + $peer1->succeed("ip -n ${interfaceNamespace} link show wg0"); + $peer2->succeed("ip -n ${interfaceNamespace} link show wg0"); + $peer3->succeed("ip link show wg0"); + ''; +}) diff --git a/nixpkgs/nixos/tests/wordpress.nix b/nixpkgs/nixos/tests/wordpress.nix index c6acfa6c1f3..b7449859f7e 100644 --- a/nixpkgs/nixos/tests/wordpress.nix +++ b/nixpkgs/nixos/tests/wordpress.nix @@ -1,9 +1,13 @@ -import ./make-test.nix ({ pkgs, ... }: +import ./make-test-python.nix ({ pkgs, ... }: { name = "wordpress"; meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ grahamc ]; # under duress! + maintainers = [ + flokli + grahamc # under duress! + mmilata + ]; }; machine = @@ -23,19 +27,31 @@ import ./make-test.nix ({ pkgs, ... }: }; testScript = '' - startAll; + import re - $machine->waitForUnit("httpd"); - $machine->waitForUnit("phpfpm-wordpress-site1.local"); - $machine->waitForUnit("phpfpm-wordpress-site2.local"); + start_all() - $machine->succeed("curl -L site1.local | grep 'Welcome to the famous'"); - $machine->succeed("curl -L site2.local | grep 'Welcome to the famous'"); + machine.wait_for_unit("httpd") - $machine->succeed("systemctl --no-pager show wordpress-init-site1.local.service | grep 'ExecStart=.*status=0'"); - $machine->succeed("systemctl --no-pager show wordpress-init-site2.local.service | grep 'ExecStart=.*status=0'"); - $machine->succeed("grep -E '^define.*NONCE_SALT.{64,};\$' /var/lib/wordpress/site1.local/secret-keys.php"); - $machine->succeed("grep -E '^define.*NONCE_SALT.{64,};\$' /var/lib/wordpress/site2.local/secret-keys.php"); - ''; + machine.wait_for_unit("phpfpm-wordpress-site1.local") + machine.wait_for_unit("phpfpm-wordpress-site2.local") + + site_names = ["site1.local", "site2.local"] + + with subtest("website returns welcome screen"): + for site_name in site_names: + assert "Welcome to the famous" in machine.succeed(f"curl -L {site_name}") + with subtest("wordpress-init went through"): + for site_name in site_names: + info = machine.get_unit_info(f"wordpress-init-{site_name}") + assert info["Result"] == "success" + + with subtest("secret keys are set"): + pattern = re.compile(r"^define.*NONCE_SALT.{64,};$", re.MULTILINE) + for site_name in site_names: + assert pattern.search( + machine.succeed(f"cat /var/lib/wordpress/{site_name}/secret-keys.php") + ) + ''; }) diff --git a/nixpkgs/nixos/tests/xautolock.nix b/nixpkgs/nixos/tests/xautolock.nix index ee46d9e05b0..10e92b40e95 100644 --- a/nixpkgs/nixos/tests/xautolock.nix +++ b/nixpkgs/nixos/tests/xautolock.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: with lib; @@ -15,10 +15,10 @@ with lib; }; testScript = '' - $machine->start; - $machine->waitForX; - $machine->mustFail("pgrep xlock"); - $machine->sleep(120); - $machine->mustSucceed("pgrep xlock"); + machine.start() + machine.wait_for_x() + machine.fail("pgrep xlock") + machine.sleep(120) + machine.succeed("pgrep xlock") ''; }) diff --git a/nixpkgs/nixos/tests/xdg-desktop-portal.nix b/nixpkgs/nixos/tests/xdg-desktop-portal.nix deleted file mode 100644 index 79ebb83c49a..00000000000 --- a/nixpkgs/nixos/tests/xdg-desktop-portal.nix +++ /dev/null @@ -1,17 +0,0 @@ -# run installed tests -import ./make-test.nix ({ pkgs, ... }: - -{ - name = "xdg-desktop-portal"; - meta = { - maintainers = pkgs.xdg-desktop-portal.meta.maintainers; - }; - - machine = { pkgs, ... }: { - environment.systemPackages = with pkgs; [ gnome-desktop-testing ]; - }; - - testScript = '' - $machine->succeed("gnome-desktop-testing-runner -d '${pkgs.xdg-desktop-portal.installedTests}/share'"); - ''; -}) diff --git a/nixpkgs/nixos/tests/xfce.nix b/nixpkgs/nixos/tests/xfce.nix index 7ff623062d9..3ea96b38363 100644 --- a/nixpkgs/nixos/tests/xfce.nix +++ b/nixpkgs/nixos/tests/xfce.nix @@ -1,8 +1,5 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "xfce"; - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ eelco shlevy ]; - }; machine = { pkgs, ... }: @@ -16,31 +13,26 @@ import ./make-test.nix ({ pkgs, ...} : { services.xserver.desktopManager.xfce.enable = true; - environment.systemPackages = [ pkgs.xorg.xmessage ]; - hardware.pulseaudio.enable = true; # needed for the factl test, /dev/snd/* exists without them but udev doesn't care then virtualisation.memorySize = 1024; }; - testScript = - '' - $machine->waitForX; - $machine->waitForFile("/home/alice/.Xauthority"); - $machine->succeed("xauth merge ~alice/.Xauthority"); - $machine->waitForWindow(qr/xfce4-panel/); - $machine->sleep(10); + testScript = { nodes, ... }: let + user = nodes.machine.config.users.users.alice; + in '' + machine.wait_for_x() + machine.wait_for_file("${user.home}/.Xauthority") + machine.succeed("xauth merge ${user.home}/.Xauthority") + machine.wait_for_window("xfce4-panel") + machine.sleep(10) # Check that logging in has given the user ownership of devices. - $machine->succeed("getfacl -p /dev/snd/timer | grep -q alice"); - - $machine->succeed("su - alice -c 'DISPLAY=:0.0 xfce4-terminal &'"); - $machine->waitForWindow(qr/Terminal/); - $machine->sleep(10); - $machine->screenshot("screen"); + machine.succeed("getfacl -p /dev/snd/timer | grep -q ${user.name}") - # Ensure that the X server does proper access control. - $machine->mustFail("su - bob -c 'DISPLAY=:0.0 xmessage Foo'"); - $machine->mustFail("su - bob -c 'DISPLAY=:0 xmessage Foo'"); + machine.succeed("su - ${user.name} -c 'DISPLAY=:0.0 xfce4-terminal &'") + machine.wait_for_window("Terminal") + machine.sleep(10) + machine.screenshot("screen") ''; }) diff --git a/nixpkgs/nixos/tests/xfce4-14.nix b/nixpkgs/nixos/tests/xfce4-14.nix deleted file mode 100644 index d9b87b08437..00000000000 --- a/nixpkgs/nixos/tests/xfce4-14.nix +++ /dev/null @@ -1,37 +0,0 @@ -import ./make-test.nix ({ pkgs, ...} : { - name = "xfce4-14"; - - machine = - { pkgs, ... }: - - { imports = [ ./common/user-account.nix ]; - - services.xserver.enable = true; - - services.xserver.displayManager.auto.enable = true; - services.xserver.displayManager.auto.user = "alice"; - - services.xserver.desktopManager.xfce4-14.enable = true; - - hardware.pulseaudio.enable = true; # needed for the factl test, /dev/snd/* exists without them but udev doesn't care then - - virtualisation.memorySize = 1024; - }; - - testScript = - '' - $machine->waitForX; - $machine->waitForFile("/home/alice/.Xauthority"); - $machine->succeed("xauth merge ~alice/.Xauthority"); - $machine->waitForWindow(qr/xfce4-panel/); - $machine->sleep(10); - - # Check that logging in has given the user ownership of devices. - $machine->succeed("getfacl -p /dev/snd/timer | grep -q alice"); - - $machine->succeed("su - alice -c 'DISPLAY=:0.0 xfce4-terminal &'"); - $machine->waitForWindow(qr/Terminal/); - $machine->sleep(10); - $machine->screenshot("screen"); - ''; -}) diff --git a/nixpkgs/nixos/tests/xmonad.nix b/nixpkgs/nixos/tests/xmonad.nix index 79c15ccffec..c2e5ba60d7b 100644 --- a/nixpkgs/nixos/tests/xmonad.nix +++ b/nixpkgs/nixos/tests/xmonad.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "xmonad"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ nequissimus ]; @@ -21,19 +21,21 @@ import ./make-test.nix ({ pkgs, ...} : { }; }; - testScript = { ... }: '' - $machine->waitForX; - $machine->waitForFile("/home/alice/.Xauthority"); - $machine->succeed("xauth merge ~alice/.Xauthority"); - $machine->sendKeys("alt-ctrl-x"); - $machine->waitForWindow(qr/alice.*machine/); - $machine->sleep(1); - $machine->screenshot("terminal"); - $machine->waitUntilSucceeds("xmonad --restart"); - $machine->sleep(3); - $machine->sendKeys("alt-shift-ret"); - $machine->waitForWindow(qr/alice.*machine/); - $machine->sleep(1); - $machine->screenshot("terminal"); + testScript = { nodes, ... }: let + user = nodes.machine.config.users.users.alice; + in '' + machine.wait_for_x() + machine.wait_for_file("${user.home}/.Xauthority") + machine.succeed("xauth merge ${user.home}/.Xauthority") + machine.send_chars("alt-ctrl-x") + machine.wait_for_window("${user.name}.*machine") + machine.sleep(1) + machine.screenshot("terminal") + machine.wait_until_succeeds("xmonad --restart") + machine.sleep(3) + machine.send_chars("alt-shift-ret") + machine.wait_for_window("${user.name}.*machine") + machine.sleep(1) + machine.screenshot("terminal") ''; }) diff --git a/nixpkgs/nixos/tests/xmpp/ejabberd.nix b/nixpkgs/nixos/tests/xmpp/ejabberd.nix index 196a04aca30..1518aaacc8a 100644 --- a/nixpkgs/nixos/tests/xmpp/ejabberd.nix +++ b/nixpkgs/nixos/tests/xmpp/ejabberd.nix @@ -1,4 +1,4 @@ -import ../make-test.nix ({ pkgs, ... }: { +import ../make-test-python.nix ({ pkgs, ... }: { name = "ejabberd"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ ajs124 ]; @@ -248,13 +248,21 @@ import ../make-test.nix ({ pkgs, ... }: { }; testScript = { nodes, ... }: '' - $server->waitForUnit('ejabberd.service'); - $server->succeed('su ejabberd -s $(which ejabberdctl) status|grep started') =~ /ejabberd is running/; - $server->succeed('su ejabberd -s $(which ejabberdctl) register azurediamond example.com hunter2'); - $server->succeed('su ejabberd -s $(which ejabberdctl) register cthon98 example.com nothunter2'); - $server->fail('su ejabberd -s $(which ejabberdctl) register asdf wrong.domain'); - $client->succeed('send-message'); - $server->succeed('su ejabberd -s $(which ejabberdctl) unregister cthon98 example.com'); - $server->succeed('su ejabberd -s $(which ejabberdctl) unregister azurediamond example.com'); + ejabberd_prefix = "su ejabberd -s $(which ejabberdctl) " + + server.wait_for_unit("ejabberd.service") + + assert "status: started" in server.succeed(ejabberd_prefix + "status") + + server.succeed( + ejabberd_prefix + "register azurediamond example.com hunter2", + ejabberd_prefix + "register cthon98 example.com nothunter2", + ) + server.fail(ejabberd_prefix + "register asdf wrong.domain") + client.succeed("send-message") + server.succeed( + ejabberd_prefix + "unregister cthon98 example.com", + ejabberd_prefix + "unregister azurediamond example.com", + ) ''; }) diff --git a/nixpkgs/nixos/tests/xmpp/prosody-mysql.nix b/nixpkgs/nixos/tests/xmpp/prosody-mysql.nix index 62b4a17421e..0507227021b 100644 --- a/nixpkgs/nixos/tests/xmpp/prosody-mysql.nix +++ b/nixpkgs/nixos/tests/xmpp/prosody-mysql.nix @@ -1,4 +1,4 @@ -import ../make-test.nix { +import ../make-test-python.nix { name = "prosody-mysql"; nodes = { @@ -57,21 +57,21 @@ import ../make-test.nix { }; testScript = { nodes, ... }: '' - $mysql->waitForUnit('mysql.service'); - $server->waitForUnit('prosody.service'); - $server->succeed('prosodyctl status') =~ /Prosody is running/; + mysql.wait_for_unit("mysql.service") + server.wait_for_unit("prosody.service") + server.succeed('prosodyctl status | grep "Prosody is running"') # set password to 'nothunter2' (it's asked twice) - $server->succeed('yes nothunter2 | prosodyctl adduser cthon98@example.com'); + server.succeed("yes nothunter2 | prosodyctl adduser cthon98@example.com") # set password to 'y' - $server->succeed('yes | prosodyctl adduser azurediamond@example.com'); + server.succeed("yes | prosodyctl adduser azurediamond@example.com") # correct password to 'hunter2' - $server->succeed('yes hunter2 | prosodyctl passwd azurediamond@example.com'); + server.succeed("yes hunter2 | prosodyctl passwd azurediamond@example.com") - $client->succeed("send-message"); + client.succeed("send-message") - $server->succeed('prosodyctl deluser cthon98@example.com'); - $server->succeed('prosodyctl deluser azurediamond@example.com'); + server.succeed("prosodyctl deluser cthon98@example.com") + server.succeed("prosodyctl deluser azurediamond@example.com") ''; } diff --git a/nixpkgs/nixos/tests/xmpp/prosody.nix b/nixpkgs/nixos/tests/xmpp/prosody.nix index 8331c7b6d33..9d1374bff6b 100644 --- a/nixpkgs/nixos/tests/xmpp/prosody.nix +++ b/nixpkgs/nixos/tests/xmpp/prosody.nix @@ -1,4 +1,4 @@ -import ../make-test.nix { +import ../make-test-python.nix { name = "prosody"; nodes = { @@ -28,19 +28,19 @@ import ../make-test.nix { }; testScript = { nodes, ... }: '' - $server->waitForUnit('prosody.service'); - $server->succeed('prosodyctl status') =~ /Prosody is running/; + server.wait_for_unit("prosody.service") + server.succeed('prosodyctl status | grep "Prosody is running"') # set password to 'nothunter2' (it's asked twice) - $server->succeed('yes nothunter2 | prosodyctl adduser cthon98@example.com'); + server.succeed("yes nothunter2 | prosodyctl adduser cthon98@example.com") # set password to 'y' - $server->succeed('yes | prosodyctl adduser azurediamond@example.com'); - # correct password to 'hunter2' - $server->succeed('yes hunter2 | prosodyctl passwd azurediamond@example.com'); + server.succeed("yes | prosodyctl adduser azurediamond@example.com") + # correct password to "hunter2" + server.succeed("yes hunter2 | prosodyctl passwd azurediamond@example.com") - $client->succeed("send-message"); + client.succeed("send-message") - $server->succeed('prosodyctl deluser cthon98@example.com'); - $server->succeed('prosodyctl deluser azurediamond@example.com'); + server.succeed("prosodyctl deluser cthon98@example.com") + server.succeed("prosodyctl deluser azurediamond@example.com") ''; } diff --git a/nixpkgs/nixos/tests/xss-lock.nix b/nixpkgs/nixos/tests/xss-lock.nix index 0d757e8cef3..3a7dea07d53 100644 --- a/nixpkgs/nixos/tests/xss-lock.nix +++ b/nixpkgs/nixos/tests/xss-lock.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: with lib; @@ -26,15 +26,19 @@ with lib; }; testScript = '' - startAll; - - ${concatStringsSep "\n" (mapAttrsToList (name: lockCmd: '' - ${"$"+name}->start; - ${"$"+name}->waitForX; - ${"$"+name}->waitForUnit("xss-lock.service", "alice"); - ${"$"+name}->fail("pgrep ${lockCmd}"); - ${"$"+name}->succeed("su -l alice -c 'xset dpms force standby'"); - ${"$"+name}->waitUntilSucceeds("pgrep ${lockCmd}"); - '') { simple = "i3lock"; custom_lockcmd = "xlock"; })} + def perform_xsslock_test(machine, lockCmd): + machine.start() + machine.wait_for_x() + machine.wait_for_unit("xss-lock.service", "alice") + machine.fail(f"pgrep {lockCmd}") + machine.succeed("su -l alice -c 'xset dpms force standby'") + machine.wait_until_succeeds(f"pgrep {lockCmd}") + + + with subtest("simple"): + perform_xsslock_test(simple, "i3lock") + + with subtest("custom_cmd"): + perform_xsslock_test(custom_lockcmd, "xlock") ''; }) diff --git a/nixpkgs/nixos/tests/yabar.nix b/nixpkgs/nixos/tests/yabar.nix index bbc0cf4c7dd..9108004d4df 100644 --- a/nixpkgs/nixos/tests/yabar.nix +++ b/nixpkgs/nixos/tests/yabar.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, lib, ... }: +import ./make-test-python.nix ({ pkgs, lib, ... }: with lib; @@ -20,14 +20,14 @@ with lib; }; testScript = '' - $machine->start; - $machine->waitForX; + machine.start() + machine.wait_for_x() # confirm proper startup - $machine->waitForUnit("yabar.service", "bob"); - $machine->sleep(10); - $machine->waitForUnit("yabar.service", "bob"); + machine.wait_for_unit("yabar.service", "bob") + machine.sleep(10) + machine.wait_for_unit("yabar.service", "bob") - $machine->screenshot("top_bar"); + machine.screenshot("top_bar") ''; }) diff --git a/nixpkgs/nixos/tests/yggdrasil.nix b/nixpkgs/nixos/tests/yggdrasil.nix new file mode 100644 index 00000000000..468fcf67127 --- /dev/null +++ b/nixpkgs/nixos/tests/yggdrasil.nix @@ -0,0 +1,125 @@ +let + aliceIp6 = "200:3b91:b2d8:e708:fbf3:f06:fdd5:90d0"; + aliceKeys = { + EncryptionPublicKey = "13e23986fe76bc3966b42453f479bc563348b7ff76633b7efcb76e185ec7652f"; + EncryptionPrivateKey = "9f86947b15e86f9badac095517a1982e39a2db37ca726357f95987b898d82208"; + SigningPublicKey = "e2c43349083bc1e998e4ec4535b4c6a8f44ca9a5a8e07336561267253b2be5f4"; + SigningPrivateKey = "fe3add8da35316c05f6d90d3ca79bd2801e6ccab6d37e5339fef4152589398abe2c43349083bc1e998e4ec4535b4c6a8f44ca9a5a8e07336561267253b2be5f4"; + }; + bobIp6 = "201:ebbd:bde9:f138:c302:4afa:1fb6:a19a"; + bobConfig = { + InterfacePeers = { + eth1 = [ "tcp://192.168.1.200:12345" ]; + }; + MulticastInterfaces = [ "eth1" ]; + LinkLocalTCPPort = 54321; + EncryptionPublicKey = "c99d6830111e12d1b004c52fe9e5a2eef0f6aefca167aca14589a370b7373279"; + EncryptionPrivateKey = "2e698a53d3fdce5962d2ff37de0fe77742a5c8b56cd8259f5da6aa792f6e8ba3"; + SigningPublicKey = "de111da0ec781e45bf6c63ecb45a78c24d7d4655abfaeea83b26c36eb5c0fd5b"; + SigningPrivateKey = "2a6c21550f3fca0331df50668ffab66b6dce8237bcd5728e571e8033b363e247de111da0ec781e45bf6c63ecb45a78c24d7d4655abfaeea83b26c36eb5c0fd5b"; + }; + +in import ./make-test-python.nix ({ pkgs, ...} : { + name = "yggdrasil"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ gazally ]; + }; + + nodes = rec { + # Alice is listening for peerings on a specified port, + # but has multicast peering disabled. Alice has part of her + # yggdrasil config in Nix and part of it in a file. + alice = + { ... }: + { + networking = { + interfaces.eth1.ipv4.addresses = [{ + address = "192.168.1.200"; + prefixLength = 24; + }]; + firewall.allowedTCPPorts = [ 80 12345 ]; + }; + services.httpd.enable = true; + services.httpd.adminAddr = "foo@example.org"; + + services.yggdrasil = { + enable = true; + config = { + Listen = ["tcp://0.0.0.0:12345"]; + MulticastInterfaces = [ ]; + }; + configFile = toString (pkgs.writeTextFile { + name = "yggdrasil-alice-conf"; + text = builtins.toJSON aliceKeys; + }); + }; + }; + + # Bob is set up to peer with Alice, and also to do local multicast + # peering. Bob's yggdrasil config is in a file. + bob = + { ... }: + { + networking.firewall.allowedTCPPorts = [ 54321 ]; + services.yggdrasil = { + enable = true; + openMulticastPort = true; + configFile = toString (pkgs.writeTextFile { + name = "yggdrasil-bob-conf"; + text = builtins.toJSON bobConfig; + }); + }; + }; + + # Carol only does local peering. Carol's yggdrasil config is all Nix. + carol = + { ... }: + { + networking.firewall.allowedTCPPorts = [ 43210 ]; + services.yggdrasil = { + enable = true; + denyDhcpcdInterfaces = [ "ygg0" ]; + config = { + IfTAPMode = true; + IfName = "ygg0"; + MulticastInterfaces = [ "eth1" ]; + LinkLocalTCPPort = 43210; + }; + }; + }; + }; + + testScript = + '' + import re + + # Give Alice a head start so she is ready when Bob calls. + alice.start() + alice.wait_for_unit("yggdrasil.service") + + bob.start() + carol.start() + bob.wait_for_unit("yggdrasil.service") + carol.wait_for_unit("yggdrasil.service") + + ip_addr_show = "ip -o -6 addr show dev ygg0 scope global" + carol.wait_until_succeeds(f"[ `{ip_addr_show} | grep -v tentative | wc -l` -ge 1 ]") + carol_ip6 = re.split(" +|/", carol.succeed(ip_addr_show))[3] + + # If Alice can talk to Carol, then Bob's outbound peering and Carol's + # local peering have succeeded and everybody is connected. + alice.wait_until_succeeds(f"ping -c 1 {carol_ip6}") + alice.succeed(f"ping -c 1 ${bobIp6}") + + bob.succeed("ping -c 1 ${aliceIp6}") + bob.succeed(f"ping -c 1 {carol_ip6}") + + carol.succeed("ping -c 1 ${aliceIp6}") + carol.succeed("ping -c 1 ${bobIp6}") + + carol.fail("journalctl -u dhcpcd | grep ygg0") + + alice.wait_for_unit("httpd.service") + carol.succeed("curl --fail -g http://[${aliceIp6}]") + ''; +}) diff --git a/nixpkgs/nixos/tests/zfs.nix b/nixpkgs/nixos/tests/zfs.nix index d7a08268e98..8f844aca416 100644 --- a/nixpkgs/nixos/tests/zfs.nix +++ b/nixpkgs/nixos/tests/zfs.nix @@ -7,7 +7,7 @@ with import ../lib/testing.nix { inherit system pkgs; }; let - makeTest = import ./make-test.nix; + makeTest = import ./make-test-python.nix; makeZfsTest = name: { kernelPackage ? pkgs.linuxPackages_latest @@ -34,12 +34,12 @@ let }; testScript = '' - $machine->succeed("modprobe zfs"); - $machine->succeed("zpool status"); + machine.succeed("modprobe zfs") + machine.succeed("zpool status") - $machine->succeed("ls /dev"); + machine.succeed("ls /dev") - $machine->succeed( + machine.succeed( "mkdir /tmp/mnt", "udevadm settle", @@ -55,9 +55,7 @@ let "umount /tmp/mnt", "zpool destroy rpool", "udevadm settle" - - ); - + ) '' + extraTest; }; @@ -70,8 +68,8 @@ in { unstable = makeZfsTest "unstable" { enableUnstable = true; extraTest = '' - $machine->succeed( - "echo password | zpool create -o altroot='/tmp/mnt' -O encryption=aes-256-gcm -O keyformat=passphrase rpool /dev/vdb1", + machine.succeed( + "echo password | zpool create -o altroot=\"/tmp/mnt\" -O encryption=aes-256-gcm -O keyformat=passphrase rpool /dev/vdb1", "zfs create -o mountpoint=legacy rpool/root", "mount -t zfs rpool/root /tmp/mnt", "udevadm settle", @@ -79,7 +77,7 @@ in { "umount /tmp/mnt", "zpool destroy rpool", "udevadm settle" - ); + ) ''; }; diff --git a/nixpkgs/nixos/tests/zookeeper.nix b/nixpkgs/nixos/tests/zookeeper.nix index f343ebd39e4..42cf20b39c5 100644 --- a/nixpkgs/nixos/tests/zookeeper.nix +++ b/nixpkgs/nixos/tests/zookeeper.nix @@ -1,4 +1,4 @@ -import ./make-test.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ...} : { name = "zookeeper"; meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ nequissimus ]; @@ -15,14 +15,20 @@ import ./make-test.nix ({ pkgs, ...} : { }; testScript = '' - startAll; + start_all() - $server->waitForUnit("zookeeper"); - $server->waitForUnit("network.target"); - $server->waitForOpenPort(2181); + server.wait_for_unit("zookeeper") + server.wait_for_unit("network.target") + server.wait_for_open_port(2181) - $server->waitUntilSucceeds("${pkgs.zookeeper}/bin/zkCli.sh -server localhost:2181 create /foo bar"); - $server->waitUntilSucceeds("${pkgs.zookeeper}/bin/zkCli.sh -server localhost:2181 set /foo hello"); - $server->waitUntilSucceeds("${pkgs.zookeeper}/bin/zkCli.sh -server localhost:2181 get /foo | grep hello"); + server.wait_until_succeeds( + "${pkgs.zookeeper}/bin/zkCli.sh -server localhost:2181 create /foo bar" + ) + server.wait_until_succeeds( + "${pkgs.zookeeper}/bin/zkCli.sh -server localhost:2181 set /foo hello" + ) + server.wait_until_succeeds( + "${pkgs.zookeeper}/bin/zkCli.sh -server localhost:2181 get /foo | grep hello" + ) ''; }) |