tests/nixos: add more thorough nix-docker tests

2024-11-23 23:32:28 +00:00 · 2024-11-10 23:20:31 +00:00 · 2024-11-10 23:20:31 +00:00 · 11d3b017cf
commit 11d3b017cf
parent 1dda18ef0a
2 changed files with 64 additions and 3 deletions
--- a/tests/nixos/nix-docker-test.sh
+++ b/tests/nixos/nix-docker-test.sh
@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+# docker.nix test script. Runs inside a built docker.nix container.
+
+set -eEuo pipefail
+
+export NIX_CONFIG='substituters = http://cache:5000?trusted=1'
+
+cd /tmp
+
+# Test getting a fetched derivation
+test "$("$(nix-build -E '(import <nixpkgs> {}).hello')"/bin/hello)" = "Hello, world!"
+
+# Test building a simple derivation
+# shellcheck disable=SC2016
+nix-build -E '
+let
+  pkgs = import <nixpkgs> {};
+in
+builtins.derivation {
+  name = "test";
+  system = builtins.currentSystem;
+  builder = "${pkgs.bash}/bin/bash";
+  args = ["-c" "echo OK > $out"];
+}'
+test "$(cat result)" = OK
+
+# Ensure #!/bin/sh shebang works
+echo '#!/bin/sh' > ./shebang-test
+echo 'echo OK' >> ./shebang-test
+chmod +x ./shebang-test
+test "$(./shebang-test)" = OK
+
+# Ensure #!/usr/bin/env shebang works
+echo '#!/usr/bin/env bash' > ./shebang-test
+echo 'echo OK' >> ./shebang-test
+chmod +x ./shebang-test
+test "$(./shebang-test)" = OK
+
+# Test nix-shell
+{
+    echo '#!/usr/bin/env nix-shell'
+    echo '#! nix-shell -i bash'
+    echo '#! nix-shell -p hello'
+    echo 'hello'
+} > ./nix-shell-test
+chmod +x ./nix-shell-test
+test "$(./nix-shell-test)" = "Hello, world!"
--- a/tests/nixos/nix-docker.nix
+++ b/tests/nixos/nix-docker.nix
@ -17,23 +17,37 @@ let
    gname = "user";
  };

+  containerTestScript = ./nix-docker-test.sh;
+
 in {
  name = "nix-docker";

-  nodes.machine =
-    { config, lib, pkgs, ... }:
-    { virtualisation.diskSize = 4096;
+  nodes =
+    { machine =
+        { config, lib, pkgs, ... }:
+        { virtualisation.diskSize = 4096;
+        };
+      cache =
+        { config, lib, pkgs, ... }:
+        { virtualisation.additionalPaths = [ pkgs.stdenv pkgs.hello ];
+          services.harmonia.enable = true;
+          networking.firewall.allowedTCPPorts = [ 5000 ];
+        };
    };

  testScript = { nodes }: ''
+    cache.wait_for_unit("harmonia.service")
+
    machine.succeed("mkdir -p /etc/containers")
    machine.succeed("""echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json""")

    machine.succeed("${pkgs.podman}/bin/podman load -i ${nixImage}")
    machine.succeed("${pkgs.podman}/bin/podman run --rm nix nix --version")
+    machine.succeed("${pkgs.podman}/bin/podman run --rm -i nix < ${containerTestScript}")

    machine.succeed("${pkgs.podman}/bin/podman load -i ${nixUserImage}")
    machine.succeed("${pkgs.podman}/bin/podman run --rm nix-user nix --version")
+    machine.succeed("${pkgs.podman}/bin/podman run --rm -i nix-user < ${containerTestScript}")
    machine.succeed("[[ $(${pkgs.podman}/bin/podman run --rm nix-user stat -c %u /nix/store) = 1000 ]]")
  '';
 }