nixpkgs/nixos/tests/chromium.nix

import ./make-test.nix ({ pkgs, ... }: rec {
  name = "chromium";

  machine.imports = [ ./common/x11.nix ];

  startupHTML = pkgs.writeText "chromium-startup.html" ''
    <!DOCTYPE html>
    <html>
    <head>
    <meta charset="UTF-8">
    <title>Chromium startup notifier</title>
    </head>
    <body onload="javascript:document.title='startup done'">
      <img src="file://${pkgs.fetchurl {
        url = "http://nixos.org/logo/nixos.svg";
        sha256 = "0p2iaqcx2cj24xqycfw1pi4i5461gnn0034lafpi99ph435x6z68";
      }}" />
    </body>
    </html>
  '';

  testScript = let
    xdo = name: text: let
      xdoScript = pkgs.writeText "${name}.xdo" text;
    in "${pkgs.xdotool}/bin/xdotool '${xdoScript}'";
  in ''
    sub createNewWin {
      $machine->nest("creating a new Chromium window", sub {
        $machine->execute("${xdo "new-window" ''
          search --onlyvisible --name "startup done"
          windowfocus --sync
          windowactivate --sync
          key Ctrl+n
        ''}");
      });
    }

    sub closeWin {
      Machine::retry sub {
        $machine->execute("${xdo "close-window" ''
          search --onlyvisible --name "new tab"
          windowfocus --sync
          windowactivate --sync
          key Ctrl+w
        ''}");
        for (1..20) {
          my ($status, $out) = $machine->execute("${xdo "wait-for-close" ''
            search --onlyvisible --name "new tab"
          ''}");
          return 1 if $status != 0;
          $machine->sleep(1);
        }
      }
    }

    sub waitForNewWin {
      my $ret = 0;
      $machine->nest("waiting for new Chromium window to appear", sub {
        for (1..20) {
          my ($status, $out) = $machine->execute("${xdo "wait-for-window" ''
            search --onlyvisible --name "new tab"
            windowfocus --sync
            windowactivate --sync
          ''}");
          if ($status == 0) {
            $ret = 1;
            last;
          }
          $machine->sleep(1);
        }
      });
      return $ret;
    }

    sub createAndWaitForNewWin {
      for (1..3) {
        createNewWin;
        return 1 if waitForNewWin;
      }
      die "new window didn't appear within 60 seconds";
    }

    sub testNewWin {
      my ($desc, $code) = @_;
      createAndWaitForNewWin;
      subtest($desc, $code);
      closeWin;
    }

    sub chromiumTest {
      my ($channel, $pkg, $code) = @_;
      $machine->waitForX;

      my $url = "file://${startupHTML}";
      my $args = "--user-data-dir=/tmp/chromium-$channel";
      $machine->execute(
        "ulimit -c unlimited; ".
        "$pkg/bin/chromium $args \"$url\" & disown"
      );
      $machine->waitUntilSucceeds("${xdo "check-startup" ''
        search --sync --onlyvisible --name "startup done"
        # close first start help popup
        key Escape
        windowfocus --sync
        windowactivate --sync
      ''}");

      createAndWaitForNewWin;
      $machine->screenshot($channel."_emptywin");
      closeWin;

      $machine->screenshot($channel."_startup_done");

      subtest("Chromium $channel", $code);

      $machine->shutdown;
    }

    for (
      ["stable", "${pkgs.chromium}"],
      ["beta",   "${pkgs.chromiumBeta}"],
      ["dev",    "${pkgs.chromiumDev}"]
    ) {
      my ($channel, $pkg) = @$_;
      chromiumTest $channel, $pkg, sub {
        testNewWin "check sandbox", sub {
          $machine->succeed("${xdo "type-url" ''
            search --sync --onlyvisible --name "new tab"
            windowfocus --sync
            type --delay 1000 "chrome://sandbox"
          ''}");

          $machine->succeed("${xdo "submit-url" ''
            search --sync --onlyvisible --name "new tab"
            windowfocus --sync
            key --delay 1000 Return
          ''}");

          $machine->screenshot($channel."_sandbox");

          $machine->succeed("${xdo "submit-url" ''
            search --sync --onlyvisible --name "sandbox status"
            windowfocus --sync
            key --delay 1000 Ctrl+a Ctrl+c
          ''}");

          my $clipboard = $machine->succeed("${pkgs.xclip}/bin/xclip -o");
          die "sandbox not working properly: $clipboard"
          unless $clipboard =~ /suid sandbox.*yes/mi
              && $clipboard =~ /pid namespaces.*yes/mi
              && $clipboard =~ /network namespaces.*yes/mi
              && $clipboard =~ /seccomp.*sandbox.*yes/mi;
        };
      };
    }
  '';
})
nixos: Add rudimentary VM tests for Chromium. Currently, the test is only for testing the user namespace sandbox and even that isn't very representative, because we're running the tests as root. But apart from that, we should have functionality for opening/closing windows and the main goal here is to get them as deterministic as possible, because Chromium usually isn't very nice to chained xdotool keystrokes. And of course, the most important "test" we have here: We know at least whether Chromium works _at_all_. Signed-off-by: aszlig <aszlig@redmoonstudios.org> 2014-11-18 17:41:56 +00:00			`import ./make-test.nix ({ pkgs, ... }: rec {`
			`name = "chromium";`

			`machine.imports = [ ./common/x11.nix ];`

			`startupHTML = pkgs.writeText "chromium-startup.html" ''`
			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<meta charset="UTF-8">`
			`<title>Chromium startup notifier</title>`
			`</head>`
			`<body onload="javascript:document.title='startup done'">`
			`<img src="file://${pkgs.fetchurl {`
			`url = "http://nixos.org/logo/nixos.svg";`
			`sha256 = "0p2iaqcx2cj24xqycfw1pi4i5461gnn0034lafpi99ph435x6z68";`
			`}}" />`
			`</body>`
			`</html>`
			`'';`

			`testScript = let`
			`xdo = name: text: let`
			`xdoScript = pkgs.writeText "${name}.xdo" text;`
			`in "${pkgs.xdotool}/bin/xdotool '${xdoScript}'";`
			`in ''`
			`sub createNewWin {`
			`$machine->nest("creating a new Chromium window", sub {`
			`$machine->execute("${xdo "new-window" ''`
			`search --onlyvisible --name "startup done"`
			`windowfocus --sync`
			`windowactivate --sync`
			`key Ctrl+n`
			`''}");`
			`});`
			`}`

			`sub closeWin {`
			`Machine::retry sub {`
			`$machine->execute("${xdo "close-window" ''`
			`search --onlyvisible --name "new tab"`
			`windowfocus --sync`
			`windowactivate --sync`
			`key Ctrl+w`
			`''}");`
			`for (1..20) {`
			`my ($status, $out) = $machine->execute("${xdo "wait-for-close" ''`
			`search --onlyvisible --name "new tab"`
			`''}");`
			`return 1 if $status != 0;`
			`$machine->sleep(1);`
			`}`
			`}`
			`}`

			`sub waitForNewWin {`
			`my $ret = 0;`
			`$machine->nest("waiting for new Chromium window to appear", sub {`
			`for (1..20) {`
			`my ($status, $out) = $machine->execute("${xdo "wait-for-window" ''`
			`search --onlyvisible --name "new tab"`
			`windowfocus --sync`
			`windowactivate --sync`
			`''}");`
			`if ($status == 0) {`
			`$ret = 1;`
			`last;`
			`}`
			`$machine->sleep(1);`
			`}`
			`});`
			`return $ret;`
			`}`

			`sub createAndWaitForNewWin {`
			`for (1..3) {`
			`createNewWin;`
			`return 1 if waitForNewWin;`
			`}`
			`die "new window didn't appear within 60 seconds";`
			`}`

			`sub testNewWin {`
			`my ($desc, $code) = @_;`
			`createAndWaitForNewWin;`
			`subtest($desc, $code);`
			`closeWin;`
			`}`

			`sub chromiumTest {`
			`my ($channel, $pkg, $code) = @_;`
			`$machine->waitForX;`

			`my $url = "file://${startupHTML}";`
			`my $args = "--user-data-dir=/tmp/chromium-$channel";`
			`$machine->execute(`
			`"ulimit -c unlimited; ".`
			`"$pkg/bin/chromium $args \"$url\" & disown"`
			`);`
			`$machine->waitUntilSucceeds("${xdo "check-startup" ''`
			`search --sync --onlyvisible --name "startup done"`
			`# close first start help popup`
			`key Escape`
			`windowfocus --sync`
			`windowactivate --sync`
			`''}");`

			`createAndWaitForNewWin;`
			`$machine->screenshot($channel."_emptywin");`
			`closeWin;`

			`$machine->screenshot($channel."_startup_done");`

			`subtest("Chromium $channel", $code);`

			`$machine->shutdown;`
			`}`

			`for (`
			`["stable", "${pkgs.chromium}"],`
			`["beta", "${pkgs.chromiumBeta}"],`
			`["dev", "${pkgs.chromiumDev}"]`
			`) {`
			`my ($channel, $pkg) = @$_;`
			`chromiumTest $channel, $pkg, sub {`
			`testNewWin "check sandbox", sub {`
			`$machine->succeed("${xdo "type-url" ''`
			`search --sync --onlyvisible --name "new tab"`
			`windowfocus --sync`
			`type --delay 1000 "chrome://sandbox"`
			`''}");`

			`$machine->succeed("${xdo "submit-url" ''`
			`search --sync --onlyvisible --name "new tab"`
			`windowfocus --sync`
			`key --delay 1000 Return`
			`''}");`

			`$machine->screenshot($channel."_sandbox");`

			`$machine->succeed("${xdo "submit-url" ''`
			`search --sync --onlyvisible --name "sandbox status"`
			`windowfocus --sync`
			`key --delay 1000 Ctrl+a Ctrl+c`
			`''}");`

			`my $clipboard = $machine->succeed("${pkgs.xclip}/bin/xclip -o");`
			`die "sandbox not working properly: $clipboard"`
			`unless $clipboard =~ /suid sandbox.*yes/mi`
			`&& $clipboard =~ /pid namespaces.*yes/mi`
			`&& $clipboard =~ /network namespaces.*yes/mi`
			`&& $clipboard =~ /seccomp.sandbox.yes/mi;`
			`};`
			`};`
			`}`
			`'';`
			`})`