mirror of
https://github.com/NixOS/nix.git
synced 2024-11-22 06:42:28 +00:00
nix-testing
-> daemon-trust-override
And only enable in the tests that need it. This makes it less of a sledgehammer.
This commit is contained in:
parent
b1343e8ad1
commit
e95db8f2b9
@ -190,12 +190,13 @@ constexpr std::array<ExperimentalFeatureDetails, 12> xpFeatureDetails = {{
|
||||
)",
|
||||
},
|
||||
{
|
||||
.tag = Xp::NixTesting,
|
||||
.name = "nix-testing",
|
||||
.tag = Xp::DaemonTrustOverride,
|
||||
.name = "daemon-trust-override",
|
||||
.description = R"(
|
||||
A "permanent" experimental feature for extra features we just need
|
||||
for testing. Not actually an "experiment" in the sense of being
|
||||
prospective functionality for regular users.
|
||||
Allow forcing trusting or not trusting clients with
|
||||
`nix-daemon`. This is useful for testing, but possibly also
|
||||
useful for various experiments with `nix-daemon --stdio`
|
||||
networking.
|
||||
)",
|
||||
},
|
||||
}};
|
||||
|
@ -28,7 +28,7 @@ enum struct ExperimentalFeature
|
||||
AutoAllocateUids,
|
||||
Cgroups,
|
||||
DiscardReferences,
|
||||
NixTesting,
|
||||
DaemonTrustOverride,
|
||||
};
|
||||
|
||||
/**
|
||||
|
@ -472,13 +472,13 @@ static int main_nix_daemon(int argc, char * * argv)
|
||||
else if (*arg == "--stdio")
|
||||
stdio = true;
|
||||
else if (*arg == "--force-trusted") {
|
||||
experimentalFeatureSettings.require(Xp::NixTesting);
|
||||
experimentalFeatureSettings.require(Xp::DaemonTrustOverride);
|
||||
isTrustedOpt = Trusted;
|
||||
} else if (*arg == "--force-untrusted") {
|
||||
experimentalFeatureSettings.require(Xp::NixTesting);
|
||||
experimentalFeatureSettings.require(Xp::DaemonTrustOverride);
|
||||
isTrustedOpt = NotTrusted;
|
||||
} else if (*arg == "--default-trust") {
|
||||
experimentalFeatureSettings.require(Xp::NixTesting);
|
||||
experimentalFeatureSettings.require(Xp::DaemonTrustOverride);
|
||||
isTrustedOpt = std::nullopt;
|
||||
} else return false;
|
||||
return true;
|
||||
|
@ -1,5 +1,9 @@
|
||||
source common.sh
|
||||
|
||||
enableFeatures "daemon-trust-override"
|
||||
|
||||
restartDaemon
|
||||
|
||||
[[ $busybox =~ busybox ]] || skipTest "no busybox"
|
||||
|
||||
unset NIX_STORE_DIR
|
||||
|
@ -1,5 +1,9 @@
|
||||
source common.sh
|
||||
|
||||
enableFeatures "daemon-trust-override"
|
||||
|
||||
restartDaemon
|
||||
|
||||
# Remote doesn't trust us
|
||||
file=build-hook.nix
|
||||
prog=$(readlink -e ./nix-daemon-untrusting.sh)
|
||||
|
@ -1,5 +1,9 @@
|
||||
source common.sh
|
||||
|
||||
enableFeatures "daemon-trust-override"
|
||||
|
||||
restartDaemon
|
||||
|
||||
# Remote doesn't trusts us, but this is fine because we are only
|
||||
# building (fixed) CA derivations.
|
||||
file=build-hook-ca-fixed.nix
|
||||
|
@ -20,7 +20,7 @@ cat > "$NIX_CONF_DIR"/nix.conf <<EOF
|
||||
build-users-group =
|
||||
keep-derivations = false
|
||||
sandbox = false
|
||||
experimental-features = nix-command flakes nix-testing
|
||||
experimental-features = nix-command flakes
|
||||
gc-reserved-space = 0
|
||||
substituters =
|
||||
flake-registry = $TEST_ROOT/registry.json
|
||||
|
Loading…
Reference in New Issue
Block a user