diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 6b5ee429f9a2..a33247ba7dbc 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -649,6 +649,7 @@ in { nix-config = handleTest ./nix-config.nix {}; nix-ld = handleTest ./nix-ld.nix {}; nix-misc = handleTest ./nix/misc.nix {}; + nix-required-mounts = runTest ./nix-required-mounts; nix-serve = handleTest ./nix-serve.nix {}; nix-serve-ssh = handleTest ./nix-serve-ssh.nix {}; nixops = handleTest ./nixops/default.nix {}; diff --git a/nixos/tests/nix-required-mounts/default.nix b/nixos/tests/nix-required-mounts/default.nix new file mode 100644 index 000000000000..ee6f7db5ee98 --- /dev/null +++ b/nixos/tests/nix-required-mounts/default.nix @@ -0,0 +1,44 @@ +{ pkgs +, ... +}: + +let + inherit (pkgs) lib; +in + +{ + name = "nix-required-mounts"; + meta.maintainers = with lib.maintainers; [ SomeoneSerge ]; + nodes.machine = { config, pkgs, ... }: { + virtualisation.writableStore = true; + system.extraDependencies = [ (pkgs.runCommand "deps" { } "mkdir $out").inputDerivation ]; + nix.nixPath = [ "nixpkgs=${../../..}" ]; + nix.settings.substituters = lib.mkForce [ ]; + nix.settings.system-features = [ "supported-feature" ]; nix.settings.experimental-features = [ "nix-command" ]; + programs.nix-required-mounts.enable = true; + programs.nix-required-mounts.allowedPatterns.supported-feature = { + onFeatures = [ "supported-feature" ]; + paths = [ "/supported-feature-files" ]; + }; + users.users.person.isNormalUser = true; + virtualisation.fileSystems."/supported-feature-files".fsType = "tmpfs"; + }; + testScript = '' + import shlex + + def person_do(cmd, succeed=True): + cmd = shlex.quote(cmd) + cmd = f"su person -l -c {cmd} &>/dev/console" + + if succeed: + return machine.succeed(cmd) + else: + return machine.fail(cmd) + + start_all() + + person_do("nix-build ${./ensure-path-not-present.nix} --argstr feature supported-feature") + person_do("nix-build ${./test-require-feature.nix} --argstr feature supported-feature") + person_do("nix-build ${./test-require-feature.nix} --argstr feature unsupported-feature", succeed=False) + ''; +} diff --git a/nixos/tests/nix-required-mounts/ensure-path-not-present.nix b/nixos/tests/nix-required-mounts/ensure-path-not-present.nix new file mode 100644 index 000000000000..871f336ee9bd --- /dev/null +++ b/nixos/tests/nix-required-mounts/ensure-path-not-present.nix @@ -0,0 +1,13 @@ +{ pkgs ? import { }, feature }: + +pkgs.runCommandNoCC "${feature}-not-present" +{ +} '' + if [[ -e /${feature}-files ]]; then + echo "No ${feature} in requiredSystemFeatures, but /${feature}-files was mounted anyway" + exit 1 + else + touch $out + fi +'' + diff --git a/nixos/tests/nix-required-mounts/test-require-feature.nix b/nixos/tests/nix-required-mounts/test-require-feature.nix new file mode 100644 index 000000000000..ddfd068b87fc --- /dev/null +++ b/nixos/tests/nix-required-mounts/test-require-feature.nix @@ -0,0 +1,12 @@ +{ pkgs ? import { }, feature }: + +pkgs.runCommandNoCC "${feature}-present" +{ + requiredSystemFeatures = [ feature ]; +} '' + if [[ -e /${feature}-files ]]; then + touch $out + else + echo "The host declares ${feature} support, but doesn't expose /${feature}-files" >&2 + fi +''