From 1c31f8db6ae8437da737ccc9276d9a95450f5d8a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= <mkg20001@gmail.com>
Date: Tue, 19 Oct 2021 17:27:01 +0200
Subject: [PATCH] nixosTest.lxdImage: add lxdImage test

---
 .../scripts/lxd/lxd-image-inner.nix           |  1 -
 nixos/maintainers/scripts/lxd/lxd-image.nix   |  7 +-
 .../modules/virtualisation/lxc-container.nix  |  1 +
 nixos/tests/all-tests.nix                     |  1 +
 nixos/tests/lxd-image.nix                     | 91 +++++++++++++++++++
 5 files changed, 94 insertions(+), 7 deletions(-)
 create mode 100644 nixos/tests/lxd-image.nix

diff --git a/nixos/maintainers/scripts/lxd/lxd-image-inner.nix b/nixos/maintainers/scripts/lxd/lxd-image-inner.nix
index f57cacfce5e6..74634fd1671c 100644
--- a/nixos/maintainers/scripts/lxd/lxd-image-inner.nix
+++ b/nixos/maintainers/scripts/lxd/lxd-image-inner.nix
@@ -9,7 +9,6 @@ with lib;
 {
   imports =
     [ # Include the default lxd configuration.
-      # <nixpkgs/nixos/modules/virtualisation/lxc-container.nix>
       ../../../modules/virtualisation/lxc-container.nix
       # Include the container-specific autogenerated configuration.
       ./lxd.nix
diff --git a/nixos/maintainers/scripts/lxd/lxd-image.nix b/nixos/maintainers/scripts/lxd/lxd-image.nix
index c09f9e3a9e25..c76b9fcc7f77 100644
--- a/nixos/maintainers/scripts/lxd/lxd-image.nix
+++ b/nixos/maintainers/scripts/lxd/lxd-image.nix
@@ -19,15 +19,10 @@ with lib;
     if [ ! -e /etc/nixos/configuration.nix ]; then
       mkdir -p /etc/nixos
       cat ${./lxd-image-inner.nix} > /etc/nixos/configuration.nix
+      sed 's|../../../modules/virtualisation/lxc-container.nix|<nixpkgs/nixos/modules/virtualisation/lxc-container.nix>|g' -i /etc/nixos/configuration.nix
     fi
   '';
 
-  # Make lxc exec work properly
-  system.activationScripts.bash = ''
-    mkdir -p /bin
-    ln -sf /run/current-system/sw/bin/bash /bin/bash
-  '';
-
   # Network
   networking.useDHCP = false;
   networking.interfaces.eth0.useDHCP = true;
diff --git a/nixos/modules/virtualisation/lxc-container.nix b/nixos/modules/virtualisation/lxc-container.nix
index fb0187aabccf..c7d5ee1fd117 100644
--- a/nixos/modules/virtualisation/lxc-container.nix
+++ b/nixos/modules/virtualisation/lxc-container.nix
@@ -124,6 +124,7 @@ in
       ] ++ templates.files;
     };
 
+    # TODO: build rootfs as squashfs for faster unpack
     system.build.tarball = pkgs.callPackage ../../lib/make-system-tarball.nix {
       extraArgs = "--owner=0";
 
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
index f4d6800aff60..659e2f9e5699 100644
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@@ -236,6 +236,7 @@ in
   login = handleTest ./login.nix {};
   loki = handleTest ./loki.nix {};
   lxd = handleTest ./lxd.nix {};
+  lxd-image = handleTest ./lxd-image.nix {};
   lxd-nftables = handleTest ./lxd-nftables.nix {};
   #logstash = handleTest ./logstash.nix {};
   lorri = handleTest ./lorri/default.nix {};
diff --git a/nixos/tests/lxd-image.nix b/nixos/tests/lxd-image.nix
new file mode 100644
index 000000000000..bc8274eebedd
--- /dev/null
+++ b/nixos/tests/lxd-image.nix
@@ -0,0 +1,91 @@
+# This test ensures that the nixOS lxd images builds and functions properly
+# It has been extracted from `lxd.nix` to seperate failures of just the image and the lxd software
+
+import ./make-test-python.nix ({ pkgs, ...} : let
+  release = import ../release.nix {
+    /* configuration = {
+      environment.systemPackages = with pkgs; [ stdenv ]; # inject stdenv so rebuild test works
+    }; */
+  };
+
+  metadata = release.lxdMeta.${pkgs.system};
+  image = release.lxdImage.${pkgs.system};
+
+  lxd-config = pkgs.writeText "config.yaml" ''
+    storage_pools:
+      - name: default
+        driver: dir
+        config:
+          source: /var/lxd-pool
+
+    networks:
+      - name: lxdbr0
+        type: bridge
+        config:
+          ipv4.address: auto
+          ipv6.address: none
+
+    profiles:
+      - name: default
+        devices:
+          eth0:
+            name: eth0
+            network: lxdbr0
+            type: nic
+          root:
+            path: /
+            pool: default
+            type: disk
+  '';
+in {
+  name = "lxd-image";
+
+  meta = with pkgs.lib.maintainers; {
+    maintainers = [ mkg20001 ];
+  };
+
+  machine = { lib, ... }: {
+    virtualisation = {
+      # OOMs otherwise
+      memorySize = 1024;
+      # disk full otherwise
+      diskSize = 2048;
+
+      lxc.lxcfs.enable = true;
+      lxd.enable = true;
+    };
+  };
+
+  testScript = ''
+    machine.wait_for_unit("sockets.target")
+    machine.wait_for_unit("lxd.service")
+    machine.wait_for_file("/var/lib/lxd/unix.socket")
+
+    # It takes additional second for lxd to settle
+    machine.sleep(1)
+
+    # lxd expects the pool's directory to already exist
+    machine.succeed("mkdir /var/lxd-pool")
+
+    machine.succeed(
+        "cat ${lxd-config} | lxd init --preseed"
+    )
+
+    # TODO: test custom built container aswell
+
+    with subtest("importing container works"):
+        machine.succeed("lxc image import ${metadata}/*/*.tar.xz ${image}/*/*.tar.xz --alias nixos")
+
+    with subtest("launching container works"):
+        machine.succeed("lxc launch nixos machine -c security.nesting=true")
+        # make sure machine boots up properly
+        machine.sleep(5)
+
+    with subtest("container shell works"):
+        machine.succeed("echo true | lxc exec machine /run/current-system/sw/bin/bash -")
+        machine.succeed("lxc exec machine /run/current-system/sw/bin/true")
+
+    # with subtest("rebuilding works"):
+    #     machine.succeed("lxc exec machine /run/current-system/sw/bin/nixos-rebuild switch")
+  '';
+})