diff options
author | Florian Klink <flokli@flokli.de> | 2020-01-21 14:21:57 +0100 |
---|---|---|
committer | zimbatm <zimbatm@zimbatm.com> | 2020-01-21 13:21:57 +0000 |
commit | 0daae2e08c1b5c0d4141f6655d38bac7b70569e7 (patch) | |
tree | fdab1abb43cc201313ca0b4d28f8091c54e50d7d /nixos/tests/buildkite-agent.nix | |
parent | ab10bac1b177832b5e6b883ba95bf35f87229267 (diff) | |
download | nixpkgs-0daae2e08c1b5c0d4141f6655d38bac7b70569e7.tar nixpkgs-0daae2e08c1b5c0d4141f6655d38bac7b70569e7.tar.gz nixpkgs-0daae2e08c1b5c0d4141f6655d38bac7b70569e7.tar.bz2 nixpkgs-0daae2e08c1b5c0d4141f6655d38bac7b70569e7.tar.lz nixpkgs-0daae2e08c1b5c0d4141f6655d38bac7b70569e7.tar.xz nixpkgs-0daae2e08c1b5c0d4141f6655d38bac7b70569e7.tar.zst nixpkgs-0daae2e08c1b5c0d4141f6655d38bac7b70569e7.zip |
nixos/buildkite: drop user option (#78160)
* nixos/buildkite: drop user option This reverts 8c6b1c3eaaa8b555bddaced3ab6f02695bef1541. Turns out, buildkite-agent has logic to write .ssh/known_hosts files and only really works when $HOME and the user homedir are in sync. On top of that, we provision ssh keys in /var/lib/buildkite-agent, which doesn't work if that other users' homedir points elsewhere (we can cheat by setting $HOME, but then getent and $HOME provide conflicting results). So after all, it's better to only run the system-wide buildkite agent as the "buildkite-agent" user only - if one wants to run buildkite as different users, systemd user services might be a better fit. * nixosTests.buildkite-agent: add node with separate user and no ssh key
Diffstat (limited to 'nixos/tests/buildkite-agent.nix')
-rw-r--r-- | nixos/tests/buildkite-agent.nix | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/nixos/tests/buildkite-agent.nix b/nixos/tests/buildkite-agent.nix index 042ce389eb8..3c824c9aedf 100644 --- a/nixos/tests/buildkite-agent.nix +++ b/nixos/tests/buildkite-agent.nix @@ -6,18 +6,31 @@ import ./make-test-python.nix ({ pkgs, ... }: maintainers = [ flokli ]; }; - machine = { pkgs, ... }: { - services.buildkite-agent = { - enable = true; - privateSshKeyPath = (import ./ssh-keys.nix pkgs).snakeOilPrivateKey; - tokenPath = (pkgs.writeText "my-token" "5678"); + nodes = { + node1 = { pkgs, ... }: { + services.buildkite-agent = { + enable = true; + privateSshKeyPath = (import ./ssh-keys.nix pkgs).snakeOilPrivateKey; + tokenPath = (pkgs.writeText "my-token" "5678"); + }; + }; + # don't configure ssh key, run as a separate user + node2 = { pkgs, ...}: { + services.buildkite-agent = { + enable = true; + tokenPath = (pkgs.writeText "my-token" "1234"); + }; }; }; testScript = '' + start_all() # we can't wait on the unit to start up, as we obviously can't connect to buildkite, # but we can look whether files are set up correctly - machine.wait_for_file("/var/lib/buildkite-agent/buildkite-agent.cfg") - machine.wait_for_file("/var/lib/buildkite-agent/.ssh/id_rsa") + + node1.wait_for_file("/var/lib/buildkite-agent/buildkite-agent.cfg") + node1.wait_for_file("/var/lib/buildkite-agent/.ssh/id_rsa") + + node2.wait_for_file("/var/lib/buildkite-agent/buildkite-agent.cfg") ''; }) |