nixosTests.nix-required-mounts: init

2024-11-22 15:03:28 +00:00 · 2023-10-17 15:25:17 +03:00 · 2023-10-17 15:25:17 +03:00 · 340b41815d
commit 340b41815d
parent b422dafc89
4 changed files with 70 additions and 0 deletions
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@ -649,6 +649,7 @@ in {
  nix-config = handleTest ./nix-config.nix {};
  nix-ld = handleTest ./nix-ld.nix {};
  nix-misc = handleTest ./nix/misc.nix {};
+  nix-required-mounts = runTest ./nix-required-mounts;
  nix-serve = handleTest ./nix-serve.nix {};
  nix-serve-ssh = handleTest ./nix-serve-ssh.nix {};
  nixops = handleTest ./nixops/default.nix {};
--- a/nixos/tests/nix-required-mounts/default.nix
+++ b/nixos/tests/nix-required-mounts/default.nix
@ -0,0 +1,44 @@
+{ pkgs
+, ...
+}:
+
+let
+  inherit (pkgs) lib;
+in
+
+{
+  name = "nix-required-mounts";
+  meta.maintainers = with lib.maintainers; [ SomeoneSerge ];
+  nodes.machine = { config, pkgs, ... }: {
+    virtualisation.writableStore = true;
+    system.extraDependencies = [ (pkgs.runCommand "deps" { } "mkdir $out").inputDerivation ];
+    nix.nixPath = [ "nixpkgs=${../../..}" ];
+    nix.settings.substituters = lib.mkForce [ ];
+    nix.settings.system-features = [ "supported-feature" ]; nix.settings.experimental-features = [ "nix-command" ];
+    programs.nix-required-mounts.enable = true;
+    programs.nix-required-mounts.allowedPatterns.supported-feature = {
+      onFeatures = [ "supported-feature" ];
+      paths = [ "/supported-feature-files" ];
+    };
+    users.users.person.isNormalUser = true;
+    virtualisation.fileSystems."/supported-feature-files".fsType = "tmpfs";
+  };
+  testScript = ''
+    import shlex
+
+    def person_do(cmd, succeed=True):
+        cmd = shlex.quote(cmd)
+        cmd = f"su person -l -c {cmd} &>/dev/console"
+
+        if succeed:
+            return machine.succeed(cmd)
+        else:
+            return machine.fail(cmd)
+
+    start_all()
+
+    person_do("nix-build ${./ensure-path-not-present.nix} --argstr feature supported-feature")
+    person_do("nix-build ${./test-require-feature.nix} --argstr feature supported-feature")
+    person_do("nix-build ${./test-require-feature.nix} --argstr feature unsupported-feature", succeed=False)
+  '';
+}
--- a/nixos/tests/nix-required-mounts/ensure-path-not-present.nix
+++ b/nixos/tests/nix-required-mounts/ensure-path-not-present.nix
@ -0,0 +1,13 @@
+{ pkgs ? import <nixpkgs> { }, feature }:
+
+pkgs.runCommandNoCC "${feature}-not-present"
+{
+} ''
+  if [[ -e /${feature}-files ]]; then
+    echo "No ${feature} in requiredSystemFeatures, but /${feature}-files was mounted anyway"
+    exit 1
+  else
+    touch $out
+  fi
+''
+
--- a/nixos/tests/nix-required-mounts/test-require-feature.nix
+++ b/nixos/tests/nix-required-mounts/test-require-feature.nix
@ -0,0 +1,12 @@
+{ pkgs ? import <nixpkgs> { }, feature }:
+
+pkgs.runCommandNoCC "${feature}-present"
+{
+  requiredSystemFeatures = [ feature ];
+} ''
+  if [[ -e /${feature}-files ]]; then
+    touch $out
+  else
+    echo "The host declares ${feature} support, but doesn't expose /${feature}-files" >&2
+  fi
+''