diff options
| author | Jacek Galowicz <jacek.galowicz@cyberus-technology.de> | 2019-12-06 07:05:06 +0100 |
|---|---|---|
| committer | Jacek Galowicz <jacek.galowicz@cyberus-technology.de> | 2019-12-06 08:21:30 +0100 |
| commit | 86a9d80b45a1b9aed0c1b0f94fdbec614703ff4a (patch) | |
| tree | d2f5a17f600874ddc70c7d74b98c90b503fbca08 | |
| parent | 0fef5b45e7bd70f6f54c87a7e43cd109fb1b9f5c (diff) | |
| download | nixpkgs-86a9d80b45a1b9aed0c1b0f94fdbec614703ff4a.tar nixpkgs-86a9d80b45a1b9aed0c1b0f94fdbec614703ff4a.tar.gz nixpkgs-86a9d80b45a1b9aed0c1b0f94fdbec614703ff4a.tar.bz2 nixpkgs-86a9d80b45a1b9aed0c1b0f94fdbec614703ff4a.tar.lz nixpkgs-86a9d80b45a1b9aed0c1b0f94fdbec614703ff4a.tar.xz nixpkgs-86a9d80b45a1b9aed0c1b0f94fdbec614703ff4a.tar.zst nixpkgs-86a9d80b45a1b9aed0c1b0f94fdbec614703ff4a.zip | |
nixosTests.dhparams: Port to Python
| -rw-r--r-- | nixos/tests/dhparams.nix | 98 |
1 files changed, 48 insertions, 50 deletions
diff --git a/nixos/tests/dhparams.nix b/nixos/tests/dhparams.nix index d11dfeec5d0..a0de2911777 100644 --- a/nixos/tests/dhparams.nix +++ b/nixos/tests/dhparams.nix @@ -4,7 +4,7 @@ let environment.systemPackages = [ pkgs.openssl ]; }; -in import ./make-test.nix { +in import ./make-test-python.nix { name = "dhparams"; nodes.generation1 = { pkgs, config, ... }: { @@ -66,79 +66,77 @@ in import ./make-test.nix { node = "generation${toString gen}"; in nodes.${node}.config.security.dhparams.params.${name}.path; - assertParamBits = gen: name: bits: let - path = getParamPath gen name; - in '' - $machine->nest('check bit size of ${path}', sub { - my $out = $machine->succeed('openssl dhparam -in ${path} -text'); - $out =~ /^\s*DH Parameters:\s+\((\d+)\s+bit\)\s*$/m; - die "bit size should be ${toString bits} but it is $1 instead." - if $1 != ${toString bits}; - }); - ''; - switchToGeneration = gen: let node = "generation${toString gen}"; inherit (nodes.${node}.config.system.build) toplevel; switchCmd = "${toplevel}/bin/switch-to-configuration test"; in '' - $machine->nest('switch to generation ${toString gen}', sub { - $machine->succeed('${switchCmd}'); - $main::machine = ''$${node}; - }); + with machine.nested("switch to generation ${toString gen}"): + machine.succeed( + "${switchCmd}" + ) + machine = ${node} ''; in '' - my $machine = $generation1; + import re - $machine->waitForUnit('multi-user.target'); - subtest "verify startup order", sub { - $machine->succeed('systemctl is-active foo.service'); - }; + def assert_param_bits(path, bits): + with machine.nested(f"check bit size of {path}"): + output = machine.succeed(f"openssl dhparam -in {path} -text") + pattern = re.compile(r"^\s*DH Parameters:\s+\((\d+)\s+bit\)\s*$", re.M) + match = pattern.match(output) + if match is None: + raise Exception("bla") + if match[1] != str(bits): + raise Exception(f"bit size should be {bits} but it is {match[1]} instead.") - subtest "check bit sizes of dhparam files", sub { - ${assertParamBits 1 "foo" 16} - ${assertParamBits 1 "bar" 17} - }; + + machine = generation1 + + machine.wait_for_unit("multi-user.target") + + with subtest("verify startup order"): + machine.succeed("systemctl is-active foo.service") + + with subtest("check bit sizes of dhparam files"): + assert_param_bits("${getParamPath 1 "foo"}", 16) + assert_param_bits("${getParamPath 1 "bar"}", 17) ${switchToGeneration 2} - subtest "check whether bit size has changed", sub { - ${assertParamBits 2 "foo" 18} - }; + with subtest("check whether bit size has changed"): + assert_param_bits("${getParamPath 2 "foo"}", 18) - subtest "ensure that dhparams file for 'bar' was deleted", sub { - $machine->fail('test -e ${getParamPath 1 "bar"}'); - }; + with subtest("ensure that dhparams file for 'bar' was deleted"): + machine.fail("test -e ${getParamPath 1 "bar"}") ${switchToGeneration 3} - subtest "ensure that 'security.dhparams.path' has been deleted", sub { - $machine->fail( - 'test -e ${nodes.generation3.config.security.dhparams.path}' - ); - }; + with subtest("ensure that 'security.dhparams.path' has been deleted"): + machine.fail("test -e ${nodes.generation3.config.security.dhparams.path}") ${switchToGeneration 4} - subtest "check bit sizes dhparam files", sub { - ${assertParamBits 4 "foo2" 18} - ${assertParamBits 4 "bar2" 19} - }; + with subtest("check bit sizes dhparam files"): + assert_param_bits( + "${getParamPath 4 "foo2"}", 18 + ) + assert_param_bits( + "${getParamPath 4 "bar2"}", 19 + ) - subtest "check whether dhparam files are in the Nix store", sub { - $machine->succeed( - 'expr match ${getParamPath 4 "foo2"} ${builtins.storeDir}', - 'expr match ${getParamPath 4 "bar2"} ${builtins.storeDir}', - ); - }; + with subtest("check whether dhparam files are in the Nix store"): + machine.succeed( + "expr match ${getParamPath 4 "foo2"} ${builtins.storeDir}", + "expr match ${getParamPath 4 "bar2"} ${builtins.storeDir}", + ) ${switchToGeneration 5} - subtest "check whether defaultBitSize works as intended", sub { - ${assertParamBits 5 "foo3" 30} - ${assertParamBits 5 "bar3" 30} - }; + with subtest("check whether defaultBitSize works as intended"): + assert_param_bits("${getParamPath 5 "foo3"}", 30) + assert_param_bits("${getParamPath 5 "bar3"}", 30) ''; } |