diff options
Diffstat (limited to 'nixos/tests')
-rw-r--r-- | nixos/tests/3proxy.nix | 8 | ||||
-rw-r--r-- | nixos/tests/acme.nix | 14 | ||||
-rw-r--r-- | nixos/tests/adguardhome.nix | 2 | ||||
-rw-r--r-- | nixos/tests/aesmd.nix | 4 | ||||
-rw-r--r-- | nixos/tests/all-tests.nix | 57 | ||||
-rw-r--r-- | nixos/tests/common/acme/client/default.nix | 4 | ||||
-rw-r--r-- | nixos/tests/common/acme/server/default.nix | 6 | ||||
-rw-r--r-- | nixos/tests/corerad.nix | 1 | ||||
-rw-r--r-- | nixos/tests/cri-o.nix | 2 | ||||
-rw-r--r-- | nixos/tests/ghostunnel.nix | 1 | ||||
-rw-r--r-- | nixos/tests/installed-tests/default.nix | 2 | ||||
-rw-r--r-- | nixos/tests/installer.nix | 10 | ||||
-rw-r--r-- | nixos/tests/lorri/default.nix | 2 | ||||
-rw-r--r-- | nixos/tests/matomo.nix | 2 | ||||
-rw-r--r-- | nixos/tests/matrix/conduit.nix | 2 | ||||
-rw-r--r-- | nixos/tests/nixops/default.nix | 1 | ||||
-rw-r--r-- | nixos/tests/pam/pam-file-contents.nix | 1 | ||||
-rw-r--r-- | nixos/tests/pppd.nix | 2 | ||||
-rw-r--r-- | nixos/tests/rabbitmq.nix | 36 | ||||
-rw-r--r-- | nixos/tests/systemd-oomd.nix | 37 | ||||
-rw-r--r-- | nixos/tests/thelounge.nix | 2 | ||||
-rw-r--r-- | nixos/tests/web-servers/agate.nix | 46 | ||||
-rw-r--r-- | nixos/tests/zrepl.nix | 2 |
23 files changed, 189 insertions, 55 deletions
diff --git a/nixos/tests/3proxy.nix b/nixos/tests/3proxy.nix index 8127438fabd..647d9d57c7f 100644 --- a/nixos/tests/3proxy.nix +++ b/nixos/tests/3proxy.nix @@ -1,6 +1,6 @@ -import ./make-test-python.nix ({ pkgs, ...} : { +{ lib, pkgs, ... }: { name = "3proxy"; - meta = with pkgs.lib.maintainers; { + meta = with lib.maintainers; { maintainers = [ misuzu ]; }; @@ -92,7 +92,7 @@ import ./make-test-python.nix ({ pkgs, ...} : { networking.firewall.allowedTCPPorts = [ 3128 9999 ]; }; - peer3 = { lib, ... }: { + peer3 = { lib, pkgs, ... }: { networking.useDHCP = false; networking.interfaces.eth1 = { ipv4.addresses = [ @@ -186,4 +186,4 @@ import ./make-test-python.nix ({ pkgs, ...} : { "${pkgs.wget}/bin/wget -e use_proxy=yes -e http_proxy=http://192.168.0.4:3128 -S -O /dev/null http://127.0.0.1:9999" ) ''; -}) +} diff --git a/nixos/tests/acme.nix b/nixos/tests/acme.nix index c07f99c5db3..d3a436080eb 100644 --- a/nixos/tests/acme.nix +++ b/nixos/tests/acme.nix @@ -1,7 +1,7 @@ -import ./make-test-python.nix ({ pkgs, lib, ... }: let +{ pkgs, lib, ... }: let commonConfig = ./common/acme/client; - dnsServerIP = nodes: nodes.dnsserver.config.networking.primaryIPAddress; + dnsServerIP = nodes: nodes.dnsserver.networking.primaryIPAddress; dnsScript = nodes: let dnsAddress = dnsServerIP nodes; @@ -153,7 +153,7 @@ in { description = "Pebble ACME challenge test server"; wantedBy = [ "network.target" ]; serviceConfig = { - ExecStart = "${pkgs.pebble}/bin/pebble-challtestsrv -dns01 ':53' -defaultIPv6 '' -defaultIPv4 '${nodes.webserver.config.networking.primaryIPAddress}'"; + ExecStart = "${pkgs.pebble}/bin/pebble-challtestsrv -dns01 ':53' -defaultIPv6 '' -defaultIPv4 '${nodes.webserver.networking.primaryIPAddress}'"; # Required to bind on privileged ports. AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; }; @@ -175,7 +175,7 @@ in { specialisation = { # First derivation used to test general ACME features general.configuration = { ... }: let - caDomain = nodes.acme.config.test-support.acme.caDomain; + caDomain = nodes.acme.test-support.acme.caDomain; email = config.security.acme.defaults.email; # Exit 99 to make it easier to track if this is the reason a renew failed accountCreateTester = '' @@ -316,7 +316,7 @@ in { testScript = { nodes, ... }: let - caDomain = nodes.acme.config.test-support.acme.caDomain; + caDomain = nodes.acme.test-support.acme.caDomain; newServerSystem = nodes.webserver.config.system.build.toplevel; switchToNewServer = "${newServerSystem}/bin/switch-to-configuration test"; in @@ -438,7 +438,7 @@ in { client.wait_for_unit("default.target") client.succeed( - 'curl --data \'{"host": "${caDomain}", "addresses": ["${nodes.acme.config.networking.primaryIPAddress}"]}\' http://${dnsServerIP nodes}:8055/add-a' + 'curl --data \'{"host": "${caDomain}", "addresses": ["${nodes.acme.networking.primaryIPAddress}"]}\' http://${dnsServerIP nodes}:8055/add-a' ) acme.wait_for_unit("network-online.target") @@ -594,4 +594,4 @@ in { wait_for_server() check_connection_key_bits(client, test_domain, "384") ''; -}) +} diff --git a/nixos/tests/adguardhome.nix b/nixos/tests/adguardhome.nix index ddbe8ff9c11..1a220f99699 100644 --- a/nixos/tests/adguardhome.nix +++ b/nixos/tests/adguardhome.nix @@ -1,4 +1,4 @@ -import ./make-test-python.nix { +{ name = "adguardhome"; nodes = { diff --git a/nixos/tests/aesmd.nix b/nixos/tests/aesmd.nix index 9f07426be8d..5da661afd54 100644 --- a/nixos/tests/aesmd.nix +++ b/nixos/tests/aesmd.nix @@ -1,4 +1,4 @@ -import ./make-test-python.nix ({ pkgs, lib, ... }: { +{ pkgs, lib, ... }: { name = "aesmd"; meta = { maintainers = with lib.maintainers; [ veehaitch ]; @@ -59,4 +59,4 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { assert aesmd_config == "whitelist url = http://nixos.org\nproxy type = direct\ndefault quoting type = ecdsa_256\n", "aesmd.conf differs" ''; -}) +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 6d90d0112a0..403ddd4cd1c 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -1,4 +1,11 @@ -{ system, pkgs, callTest }: +{ system, + pkgs, + + # Projects the test configuration into a the desired value; usually + # the test runner: `config: config.test`. + callTest, + +}: # The return value of this function will be an attrset with arbitrary depth and # the `anything` returned by callTest at its test leafs. # The tests not supported by `system` will be replaced with `{}`, so that @@ -11,9 +18,18 @@ with pkgs.lib; let discoverTests = val: - if !isAttrs val then val - else if hasAttr "test" val then callTest val - else mapAttrs (n: s: discoverTests s) val; + if isAttrs val + then + if hasAttr "test" val then callTest val + else mapAttrs (n: s: discoverTests s) val + else if isFunction val + then + # Tests based on make-test-python.nix will return the second lambda + # in that file, which are then forwarded to the test definition + # following the `import make-test-python.nix` expression + # (if it is a function). + discoverTests (val { inherit system pkgs; }) + else val; handleTest = path: args: discoverTests (import path ({ inherit system pkgs; } // args)); handleTestOn = systems: path: args: @@ -27,12 +43,34 @@ let }; evalMinimalConfig = module: nixosLib.evalModules { modules = [ module ]; }; + inherit + (rec { + doRunTest = arg: (import ../lib/testing-python.nix { inherit system pkgs; }).runTest { + imports = [ arg { inherit callTest; } ]; + }; + findTests = tree: + if tree?recurseForDerivations && tree.recurseForDerivations + then + mapAttrs + (k: findTests) + (builtins.removeAttrs tree ["recurseForDerivations"]) + else callTest tree; + + runTest = arg: let r = doRunTest arg; in findTests r; + runTestOn = systems: arg: + if elem system systems then runTest arg + else {}; + }) + runTest + runTestOn + ; + in { - _3proxy = handleTest ./3proxy.nix {}; - acme = handleTest ./acme.nix {}; - adguardhome = handleTest ./adguardhome.nix {}; - aesmd = handleTest ./aesmd.nix {}; - agate = handleTest ./web-servers/agate.nix {}; + _3proxy = runTest ./3proxy.nix; + acme = runTest ./acme.nix; + adguardhome = runTest ./adguardhome.nix; + aesmd = runTest ./aesmd.nix; + agate = runTest ./web-servers/agate.nix; agda = handleTest ./agda.nix {}; airsonic = handleTest ./airsonic.nix {}; allTerminfo = handleTest ./all-terminfo.nix {}; @@ -568,6 +606,7 @@ in { systemd-networkd-ipv6-prefix-delegation = handleTest ./systemd-networkd-ipv6-prefix-delegation.nix {}; systemd-networkd-vrf = handleTest ./systemd-networkd-vrf.nix {}; systemd-nspawn = handleTest ./systemd-nspawn.nix {}; + systemd-oomd = handleTest ./systemd-oomd.nix {}; systemd-shutdown = handleTest ./systemd-shutdown.nix {}; systemd-timesyncd = handleTest ./systemd-timesyncd.nix {}; systemd-misc = handleTest ./systemd-misc.nix {}; diff --git a/nixos/tests/common/acme/client/default.nix b/nixos/tests/common/acme/client/default.nix index 9dbe345e7a0..503e610d1ac 100644 --- a/nixos/tests/common/acme/client/default.nix +++ b/nixos/tests/common/acme/client/default.nix @@ -1,7 +1,7 @@ { lib, nodes, pkgs, ... }: let - caCert = nodes.acme.config.test-support.acme.caCert; - caDomain = nodes.acme.config.test-support.acme.caDomain; + caCert = nodes.acme.test-support.acme.caCert; + caDomain = nodes.acme.test-support.acme.caDomain; in { security.acme = { diff --git a/nixos/tests/common/acme/server/default.nix b/nixos/tests/common/acme/server/default.nix index fa1b9b545d0..b81f860125c 100644 --- a/nixos/tests/common/acme/server/default.nix +++ b/nixos/tests/common/acme/server/default.nix @@ -18,10 +18,10 @@ # # example = { nodes, ... }: { # networking.nameservers = [ -# nodes.acme.config.networking.primaryIPAddress +# nodes.acme.networking.primaryIPAddress # ]; # security.pki.certificateFiles = [ -# nodes.acme.config.test-support.acme.caCert +# nodes.acme.test-support.acme.caCert # ]; # }; # } @@ -36,7 +36,7 @@ # acme = { nodes, lib, ... }: { # imports = [ ./common/acme/server ]; # networking.nameservers = lib.mkForce [ -# nodes.myresolver.config.networking.primaryIPAddress +# nodes.myresolver.networking.primaryIPAddress # ]; # }; # diff --git a/nixos/tests/corerad.nix b/nixos/tests/corerad.nix index 638010f92f4..b6f5d7fc6f7 100644 --- a/nixos/tests/corerad.nix +++ b/nixos/tests/corerad.nix @@ -1,5 +1,6 @@ import ./make-test-python.nix ( { + name = "corerad"; nodes = { router = {config, pkgs, ...}: { config = { diff --git a/nixos/tests/cri-o.nix b/nixos/tests/cri-o.nix index d3a8713d6a9..08e1e8f36b0 100644 --- a/nixos/tests/cri-o.nix +++ b/nixos/tests/cri-o.nix @@ -1,7 +1,7 @@ # This test runs CRI-O and verifies via critest import ./make-test-python.nix ({ pkgs, ... }: { name = "cri-o"; - meta.maintainers = with pkgs.lib.maintainers; teams.podman.members; + meta.maintainers = with pkgs.lib; teams.podman.members; nodes = { crio = { diff --git a/nixos/tests/ghostunnel.nix b/nixos/tests/ghostunnel.nix index 8bea6485402..91a7b7085f6 100644 --- a/nixos/tests/ghostunnel.nix +++ b/nixos/tests/ghostunnel.nix @@ -1,4 +1,5 @@ import ./make-test-python.nix ({ pkgs, ... }: { + name = "ghostunnel"; nodes = { backend = { pkgs, ... }: { services.nginx.enable = true; diff --git a/nixos/tests/installed-tests/default.nix b/nixos/tests/installed-tests/default.nix index 3bb678d3678..b2c1b43f90e 100644 --- a/nixos/tests/installed-tests/default.nix +++ b/nixos/tests/installed-tests/default.nix @@ -40,7 +40,7 @@ let name = tested.name; meta = { - maintainers = tested.meta.maintainers; + maintainers = tested.meta.maintainers or []; }; nodes.machine = { ... }: { diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index 8bef4fad3dd..d9f64a781c5 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -324,6 +324,9 @@ let desktop-file-utils docbook5 docbook_xsl_ns + (docbook-xsl-ns.override { + withManOptDedupPatch = true; + }) kmod.dev libarchive.dev libxml2.bin @@ -333,6 +336,13 @@ let perlPackages.ListCompare perlPackages.XMLLibXML python3Minimal + # make-options-doc/default.nix + (let + self = (pkgs.python3Minimal.override { + inherit self; + includeSiteCustomize = true; + }); + in self.withPackages (p: [ p.mistune ])) shared-mime-info sudo texinfo diff --git a/nixos/tests/lorri/default.nix b/nixos/tests/lorri/default.nix index 209b87f9f26..a4bdc92490c 100644 --- a/nixos/tests/lorri/default.nix +++ b/nixos/tests/lorri/default.nix @@ -1,4 +1,6 @@ import ../make-test-python.nix { + name = "lorri"; + nodes.machine = { pkgs, ... }: { imports = [ ../../modules/profiles/minimal.nix ]; environment.systemPackages = [ pkgs.lorri ]; diff --git a/nixos/tests/matomo.nix b/nixos/tests/matomo.nix index 526a24fc4db..0e09ad295f9 100644 --- a/nixos/tests/matomo.nix +++ b/nixos/tests/matomo.nix @@ -7,6 +7,8 @@ with pkgs.lib; let matomoTest = package: makeTest { + name = "matomo"; + nodes.machine = { config, pkgs, ... }: { services.matomo = { package = package; diff --git a/nixos/tests/matrix/conduit.nix b/nixos/tests/matrix/conduit.nix index 780837f962f..2b81c23598e 100644 --- a/nixos/tests/matrix/conduit.nix +++ b/nixos/tests/matrix/conduit.nix @@ -3,6 +3,8 @@ import ../make-test-python.nix ({ pkgs, ... }: name = "conduit"; in { + name = "matrix-conduit"; + nodes = { conduit = args: { services.matrix-conduit = { diff --git a/nixos/tests/nixops/default.nix b/nixos/tests/nixops/default.nix index 227b3881507..b77ac247639 100644 --- a/nixos/tests/nixops/default.nix +++ b/nixos/tests/nixops/default.nix @@ -19,6 +19,7 @@ let }); testLegacyNetwork = { nixopsPkg }: pkgs.nixosTest ({ + name = "nixops-legacy-network"; nodes = { deployer = { config, lib, nodes, pkgs, ... }: { imports = [ ../../modules/installer/cd-dvd/channel.nix ]; diff --git a/nixos/tests/pam/pam-file-contents.nix b/nixos/tests/pam/pam-file-contents.nix index 86c61003aeb..2bafd90618e 100644 --- a/nixos/tests/pam/pam-file-contents.nix +++ b/nixos/tests/pam/pam-file-contents.nix @@ -2,6 +2,7 @@ let name = "pam"; in import ../make-test-python.nix ({ pkgs, ... }: { + name = "pam-file-contents"; nodes.machine = { ... }: { imports = [ ../../modules/profiles/minimal.nix ]; diff --git a/nixos/tests/pppd.nix b/nixos/tests/pppd.nix index bda0aa75bb5..e714a6c21a6 100644 --- a/nixos/tests/pppd.nix +++ b/nixos/tests/pppd.nix @@ -5,6 +5,8 @@ import ./make-test-python.nix ( mode = "0640"; }; in { + name = "pppd"; + nodes = { server = {config, pkgs, ...}: { config = { diff --git a/nixos/tests/rabbitmq.nix b/nixos/tests/rabbitmq.nix index f8e8e61c47d..040679e68d9 100644 --- a/nixos/tests/rabbitmq.nix +++ b/nixos/tests/rabbitmq.nix @@ -1,6 +1,12 @@ # This test runs rabbitmq and checks if rabbitmq is up and running. -import ./make-test-python.nix ({ pkgs, ... }: { +import ./make-test-python.nix ({ pkgs, ... }: +let + # in real life, you would keep this out of your repo and deploy it to a safe + # location using safe means. + configKeyPath = pkgs.writeText "fake-config-key" "hOjWzSEn2Z7cHzKOcf6i183O2NdjurSuoMDIIv01"; +in +{ name = "rabbitmq"; meta = with pkgs.lib.maintainers; { maintainers = [ eelco offline ]; @@ -10,6 +16,29 @@ import ./make-test-python.nix ({ pkgs, ... }: { services.rabbitmq = { enable = true; managementPlugin.enable = true; + + # To encrypt: + # rabbitmqctl --quiet encode --cipher blowfish_cfb64 --hash sha256 \ + # --iterations 10000 '<<"dJT8isYu6t0Xb6u56rPglSj1vK51SlNVlXfwsRxw">>' \ + # "hOjWzSEn2Z7cHzKOcf6i183O2NdjurSuoMDIIv01" ; + config = '' + [ { rabbit + , [ {default_user, <<"alice">>} + , { default_pass + , {encrypted,<<"oKKxyTze9PYmsEfl6FG1MxIUhxY7WPQL7HBoMPRC/1ZOdOZbtr9+DxjWW3e1D5SL48n3D9QOsGD0cOgYG7Qdvb7Txrepw8w=">>} + } + , {config_entry_decoder + , [ {passphrase, {file, <<"${configKeyPath}">>}} + , {cipher, blowfish_cfb64} + , {hash, sha256} + , {iterations, 10000} + ] + } + % , {rabbitmq_management, [{path_prefix, "/_queues"}]} + ] + } + ]. + ''; }; # Ensure there is sufficient extra disk space for rabbitmq to be happy virtualisation.diskSize = 1024; @@ -23,5 +52,10 @@ import ./make-test-python.nix ({ pkgs, ... }: { 'su -s ${pkgs.runtimeShell} rabbitmq -c "rabbitmqctl status"' ) machine.wait_for_open_port(15672) + + # The password is the plaintext that was encrypted with rabbitmqctl encode above. + machine.wait_until_succeeds( + '${pkgs.rabbitmq-java-client}/bin/PerfTest --time 10 --uri amqp://alice:dJT8isYu6t0Xb6u56rPglSj1vK51SlNVlXfwsRxw@localhost' + ) ''; }) diff --git a/nixos/tests/systemd-oomd.nix b/nixos/tests/systemd-oomd.nix new file mode 100644 index 00000000000..f0b5a5f8e01 --- /dev/null +++ b/nixos/tests/systemd-oomd.nix @@ -0,0 +1,37 @@ +import ./make-test-python.nix ({ pkgs, ... }: + +{ + name = "systemd-oomd"; + + nodes.machine = { pkgs, ... }: { + systemd.oomd.extraConfig.DefaultMemoryPressureDurationSec = "1s"; # makes the test faster + # Kill cgroups when more than 1% pressure is encountered + systemd.slices."-".sliceConfig = { + ManagedOOMMemoryPressure = "kill"; + ManagedOOMMemoryPressureLimit = "1%"; + }; + # A service to bring the system under memory pressure + systemd.services.testservice = { + serviceConfig.ExecStart = "${pkgs.coreutils}/bin/tail /dev/zero"; + }; + # Do not kill the backdoor + systemd.services.backdoor.serviceConfig.ManagedOOMMemoryPressure = "auto"; + + virtualisation.memorySize = 1024; + }; + + testScript = '' + # Start the system + machine.wait_for_unit("multi-user.target") + machine.succeed("oomctl") + + # Bring the system into memory pressure + machine.succeed("echo 0 > /proc/sys/vm/panic_on_oom") # NixOS tests kill the VM when the OOM killer is invoked - override this + machine.succeed("systemctl start testservice") + + # Wait for oomd to kill something + # Matches these lines: + # systemd-oomd[508]: Killed /system.slice/systemd-udevd.service due to memory pressure for / being 3.26% > 1.00% for > 1s with reclaim activity + machine.wait_until_succeeds("journalctl -b | grep -q 'due to memory pressure for'") + ''; +}) diff --git a/nixos/tests/thelounge.nix b/nixos/tests/thelounge.nix index e9b85685bf2..8d5a37d46c4 100644 --- a/nixos/tests/thelounge.nix +++ b/nixos/tests/thelounge.nix @@ -1,4 +1,6 @@ import ./make-test-python.nix { + name = "thelounge"; + nodes = { private = { config, pkgs, ... }: { services.thelounge = { diff --git a/nixos/tests/web-servers/agate.nix b/nixos/tests/web-servers/agate.nix index e364e134cfd..e8d789a9ca4 100644 --- a/nixos/tests/web-servers/agate.nix +++ b/nixos/tests/web-servers/agate.nix @@ -1,29 +1,27 @@ -import ../make-test-python.nix ( - { pkgs, lib, ... }: - { - name = "agate"; - meta = with lib.maintainers; { maintainers = [ jk ]; }; +{ pkgs, lib, ... }: +{ + name = "agate"; + meta = with lib.maintainers; { maintainers = [ jk ]; }; - nodes = { - geminiserver = { pkgs, ... }: { - services.agate = { - enable = true; - hostnames = [ "localhost" ]; - contentDir = pkgs.writeTextDir "index.gmi" '' - # Hello NixOS! - ''; - }; + nodes = { + geminiserver = { pkgs, ... }: { + services.agate = { + enable = true; + hostnames = [ "localhost" ]; + contentDir = pkgs.writeTextDir "index.gmi" '' + # Hello NixOS! + ''; }; }; + }; - testScript = { nodes, ... }: '' - geminiserver.wait_for_unit("agate") - geminiserver.wait_for_open_port(1965) + testScript = { nodes, ... }: '' + geminiserver.wait_for_unit("agate") + geminiserver.wait_for_open_port(1965) - with subtest("check is serving over gemini"): - response = geminiserver.succeed("${pkgs.gmni}/bin/gmni -j once -i -N gemini://localhost:1965") - print(response) - assert "Hello NixOS!" in response - ''; - } -) + with subtest("check is serving over gemini"): + response = geminiserver.succeed("${pkgs.gmni}/bin/gmni -j once -i -N gemini://localhost:1965") + print(response) + assert "Hello NixOS!" in response + ''; +} diff --git a/nixos/tests/zrepl.nix b/nixos/tests/zrepl.nix index 85dd834a6aa..0ed73fea34b 100644 --- a/nixos/tests/zrepl.nix +++ b/nixos/tests/zrepl.nix @@ -1,5 +1,7 @@ import ./make-test-python.nix ( { + name = "zrepl"; + nodes.host = {config, pkgs, ...}: { config = { # Prerequisites for ZFS and tests. |