From 86a9d80b45a1b9aed0c1b0f94fdbec614703ff4a Mon Sep 17 00:00:00 2001
From: Jacek Galowicz <jacek.galowicz@cyberus-technology.de>
Date: Fri, 6 Dec 2019 07:05:06 +0100
Subject: nixosTests.dhparams: Port to Python

---
 nixos/tests/dhparams.nix | 98 ++++++++++++++++++++++++------------------------
 1 file changed, 48 insertions(+), 50 deletions(-)

diff --git a/nixos/tests/dhparams.nix b/nixos/tests/dhparams.nix
index d11dfeec5d0..a0de2911777 100644
--- a/nixos/tests/dhparams.nix
+++ b/nixos/tests/dhparams.nix
@@ -4,7 +4,7 @@ let
     environment.systemPackages = [ pkgs.openssl ];
   };
 
-in import ./make-test.nix {
+in import ./make-test-python.nix {
   name = "dhparams";
 
   nodes.generation1 = { pkgs, config, ... }: {
@@ -66,79 +66,77 @@ in import ./make-test.nix {
       node = "generation${toString gen}";
     in nodes.${node}.config.security.dhparams.params.${name}.path;
 
-    assertParamBits = gen: name: bits: let
-      path = getParamPath gen name;
-    in ''
-      $machine->nest('check bit size of ${path}', sub {
-        my $out = $machine->succeed('openssl dhparam -in ${path} -text');
-        $out =~ /^\s*DH Parameters:\s+\((\d+)\s+bit\)\s*$/m;
-        die "bit size should be ${toString bits} but it is $1 instead."
-          if $1 != ${toString bits};
-      });
-    '';
-
     switchToGeneration = gen: let
       node = "generation${toString gen}";
       inherit (nodes.${node}.config.system.build) toplevel;
       switchCmd = "${toplevel}/bin/switch-to-configuration test";
     in ''
-      $machine->nest('switch to generation ${toString gen}', sub {
-        $machine->succeed('${switchCmd}');
-        $main::machine = ''$${node};
-      });
+      with machine.nested("switch to generation ${toString gen}"):
+          machine.succeed(
+              "${switchCmd}"
+          )
+          machine = ${node}
     '';
 
   in ''
-    my $machine = $generation1;
+    import re
 
-    $machine->waitForUnit('multi-user.target');
 
-    subtest "verify startup order", sub {
-      $machine->succeed('systemctl is-active foo.service');
-    };
+    def assert_param_bits(path, bits):
+        with machine.nested(f"check bit size of {path}"):
+            output = machine.succeed(f"openssl dhparam -in {path} -text")
+            pattern = re.compile(r"^\s*DH Parameters:\s+\((\d+)\s+bit\)\s*$", re.M)
+            match = pattern.match(output)
+            if match is None:
+                raise Exception("bla")
+            if match[1] != str(bits):
+                raise Exception(f"bit size should be {bits} but it is {match[1]} instead.")
 
-    subtest "check bit sizes of dhparam files", sub {
-      ${assertParamBits 1 "foo" 16}
-      ${assertParamBits 1 "bar" 17}
-    };
+
+    machine = generation1
+
+    machine.wait_for_unit("multi-user.target")
+
+    with subtest("verify startup order"):
+        machine.succeed("systemctl is-active foo.service")
+
+    with subtest("check bit sizes of dhparam files"):
+        assert_param_bits("${getParamPath 1 "foo"}", 16)
+        assert_param_bits("${getParamPath 1 "bar"}", 17)
 
     ${switchToGeneration 2}
 
-    subtest "check whether bit size has changed", sub {
-      ${assertParamBits 2 "foo" 18}
-    };
+    with subtest("check whether bit size has changed"):
+        assert_param_bits("${getParamPath 2 "foo"}", 18)
 
-    subtest "ensure that dhparams file for 'bar' was deleted", sub {
-      $machine->fail('test -e ${getParamPath 1 "bar"}');
-    };
+    with subtest("ensure that dhparams file for 'bar' was deleted"):
+        machine.fail("test -e ${getParamPath 1 "bar"}")
 
     ${switchToGeneration 3}
 
-    subtest "ensure that 'security.dhparams.path' has been deleted", sub {
-      $machine->fail(
-        'test -e ${nodes.generation3.config.security.dhparams.path}'
-      );
-    };
+    with subtest("ensure that 'security.dhparams.path' has been deleted"):
+        machine.fail("test -e ${nodes.generation3.config.security.dhparams.path}")
 
     ${switchToGeneration 4}
 
-    subtest "check bit sizes dhparam files", sub {
-      ${assertParamBits 4 "foo2" 18}
-      ${assertParamBits 4 "bar2" 19}
-    };
+    with subtest("check bit sizes dhparam files"):
+        assert_param_bits(
+            "${getParamPath 4 "foo2"}", 18
+        )
+        assert_param_bits(
+            "${getParamPath 4 "bar2"}", 19
+        )
 
-    subtest "check whether dhparam files are in the Nix store", sub {
-      $machine->succeed(
-        'expr match ${getParamPath 4 "foo2"} ${builtins.storeDir}',
-        'expr match ${getParamPath 4 "bar2"} ${builtins.storeDir}',
-      );
-    };
+    with subtest("check whether dhparam files are in the Nix store"):
+        machine.succeed(
+            "expr match ${getParamPath 4 "foo2"} ${builtins.storeDir}",
+            "expr match ${getParamPath 4 "bar2"} ${builtins.storeDir}",
+        )
 
     ${switchToGeneration 5}
 
-    subtest "check whether defaultBitSize works as intended", sub {
-      ${assertParamBits 5 "foo3" 30}
-      ${assertParamBits 5 "bar3" 30}
-    };
+    with subtest("check whether defaultBitSize works as intended"):
+        assert_param_bits("${getParamPath 5 "foo3"}", 30)
+        assert_param_bits("${getParamPath 5 "bar3"}", 30)
   '';
 }
-- 
cgit 1.4.1