689cf84bbf
* Enable deleting users and groups on Mac * Scaffold user change * Add a warning if it doesn't work in situations we expect it to not work * Scaffold out doing group member ship -- maybe we need an AddGroup action * AddUserToGroup action * Update plans * Improve messaging * Nit in error message * Repair some review nits
291 lines
9.9 KiB
Nix
291 lines
9.9 KiB
Nix
# Largely derived from https://github.com/NixOS/nix/blob/14f7dae3e4eb0c34192d0077383a7f2a2d630129/tests/installer/default.nix
|
|
{ forSystem, binaryTarball }:
|
|
|
|
let
|
|
|
|
installScripts = {
|
|
install-default = {
|
|
install = ''
|
|
NIX_PATH=$(readlink -f nix.tar.xz)
|
|
RUST_BACKTRACE="full" ./nix-installer install --logger pretty --log-directive nix_installer=trace --channel --nix-package-url "file://$NIX_PATH" --no-confirm
|
|
'';
|
|
check = ''
|
|
set -ex
|
|
|
|
nix-env --version
|
|
nix --extra-experimental-features nix-command store ping
|
|
|
|
out=$(nix-build --no-substitute -E 'derivation { name = "foo"; system = "x86_64-linux"; builder = "/bin/sh"; args = ["-c" "echo foobar > $out"]; }')
|
|
[[ $(cat $out) = foobar ]]
|
|
'';
|
|
};
|
|
install-no-start-daemon = {
|
|
install = ''
|
|
NIX_PATH=$(readlink -f nix.tar.xz)
|
|
RUST_BACKTRACE="full" ./nix-installer install linux --no-start-daemon --logger pretty --log-directive nix_installer=trace --channel --nix-package-url "file://$NIX_PATH" --no-confirm
|
|
'';
|
|
check = ''
|
|
set -ex
|
|
|
|
if systemctl is-active nix-daemon.socket; then
|
|
echo "nix-daemon.socket was running, should not be"
|
|
exit 1
|
|
fi
|
|
if systemctl is-active nix-daemon.service; then
|
|
echo "nix-daemon.service was running, should not be"
|
|
exit 1
|
|
fi
|
|
|
|
sudo systemctl start nix-daemon.socket
|
|
|
|
nix-env --version
|
|
nix --extra-experimental-features nix-command store ping
|
|
|
|
out=$(nix-build --no-substitute -E 'derivation { name = "foo"; system = "x86_64-linux"; builder = "/bin/sh"; args = ["-c" "echo foobar > $out"]; }')
|
|
[[ $(cat $out) = foobar ]]
|
|
'';
|
|
};
|
|
install-daemonless = {
|
|
install = ''
|
|
NIX_PATH=$(readlink -f nix.tar.xz)
|
|
RUST_BACKTRACE="full" ./nix-installer install linux --init none --logger pretty --log-directive nix_installer=trace --channel --nix-package-url "file://$NIX_PATH" --no-confirm
|
|
'';
|
|
check = ''
|
|
set -ex
|
|
|
|
sudo -i nix-env --version
|
|
sudo -i nix --extra-experimental-features nix-command store ping
|
|
|
|
echo 'derivation { name = "foo"; system = "x86_64-linux"; builder = "/bin/sh"; args = ["-c" "echo foobar > $out"]; }' | sudo tee -a /drv
|
|
out=$(sudo -i nix-build --no-substitute /drv)
|
|
[[ $(cat $out) = foobar ]]
|
|
'';
|
|
};
|
|
};
|
|
|
|
disableSELinux = "sudo setenforce 0";
|
|
|
|
images = {
|
|
|
|
# End of standard support https://wiki.ubuntu.com/Releases
|
|
# No systemd
|
|
/*
|
|
"ubuntu-v14_04" = {
|
|
image = import <nix/fetchurl.nix> {
|
|
url = "https://app.vagrantup.com/ubuntu/boxes/trusty64/versions/20190514.0.0/providers/virtualbox.box";
|
|
hash = "sha256-iUUXyRY8iW7DGirb0zwGgf1fRbLA7wimTJKgP7l/OQ8=";
|
|
};
|
|
rootDisk = "box-disk1.vmdk";
|
|
system = "x86_64-linux";
|
|
};
|
|
*/
|
|
|
|
# End of standard support https://wiki.ubuntu.com/Releases
|
|
"ubuntu-v16_04" = {
|
|
image = import <nix/fetchurl.nix> {
|
|
url = "https://app.vagrantup.com/generic/boxes/ubuntu1604/versions/4.1.12/providers/libvirt.box";
|
|
hash = "sha256-lO4oYQR2tCh5auxAYe6bPOgEqOgv3Y3GC1QM1tEEEU8=";
|
|
};
|
|
rootDisk = "box.img";
|
|
system = "x86_64-linux";
|
|
};
|
|
|
|
"ubuntu-v22_04" = {
|
|
image = import <nix/fetchurl.nix> {
|
|
url = "https://app.vagrantup.com/generic/boxes/ubuntu2204/versions/4.1.12/providers/libvirt.box";
|
|
hash = "sha256-HNll0Qikw/xGIcogni5lz01vUv+R3o8xowP2EtqjuUQ=";
|
|
};
|
|
rootDisk = "box.img";
|
|
system = "x86_64-linux";
|
|
};
|
|
|
|
"fedora-v36" = {
|
|
image = import <nix/fetchurl.nix> {
|
|
url = "https://app.vagrantup.com/generic/boxes/fedora36/versions/4.1.12/providers/libvirt.box";
|
|
hash = "sha256-rxPgnDnFkTDwvdqn2CV3ZUo3re9AdPtSZ9SvOHNvaks=";
|
|
};
|
|
rootDisk = "box.img";
|
|
system = "x86_64-linux";
|
|
postBoot = disableSELinux;
|
|
};
|
|
|
|
# Currently fails with 'error while loading shared libraries:
|
|
# libsodium.so.23: cannot stat shared object: Invalid argument'.
|
|
/*
|
|
"rhel-v6" = {
|
|
image = import <nix/fetchurl.nix> {
|
|
url = "https://app.vagrantup.com/generic/boxes/rhel6/versions/4.1.12/providers/libvirt.box";
|
|
hash = "sha256-QwzbvRoRRGqUCQptM7X/InRWFSP2sqwRt2HaaO6zBGM=";
|
|
};
|
|
rootDisk = "box.img";
|
|
postBoot = disableSELinux;
|
|
system = "x86_64-linux";
|
|
};
|
|
*/
|
|
|
|
"rhel-v7" = {
|
|
image = import <nix/fetchurl.nix> {
|
|
url = "https://app.vagrantup.com/generic/boxes/rhel7/versions/4.1.12/providers/libvirt.box";
|
|
hash = "sha256-b4afnqKCO9oWXgYHb9DeQ2berSwOjS27rSd9TxXDc/U=";
|
|
};
|
|
rootDisk = "box.img";
|
|
postBoot = disableSELinux;
|
|
system = "x86_64-linux";
|
|
};
|
|
|
|
"rhel-v8" = {
|
|
image = import <nix/fetchurl.nix> {
|
|
url = "https://app.vagrantup.com/generic/boxes/rhel8/versions/4.1.12/providers/libvirt.box";
|
|
hash = "sha256-zFOPjSputy1dPgrQRixBXmlyN88cAKjJ21VvjSWUCUY=";
|
|
};
|
|
rootDisk = "box.img";
|
|
system = "x86_64-linux";
|
|
postBoot = disableSELinux;
|
|
};
|
|
|
|
"rhel-v9" = {
|
|
image = import <nix/fetchurl.nix> {
|
|
url = "https://app.vagrantup.com/generic/boxes/rhel9/versions/4.1.12/providers/libvirt.box";
|
|
hash = "sha256-vL/FbB3kK1rcSaR627nWmScYGKGk4seSmAdq6N5diMg=";
|
|
};
|
|
rootDisk = "box.img";
|
|
system = "x86_64-linux";
|
|
postBoot = disableSELinux;
|
|
extraQemuOpts = "-cpu Westmere-v2";
|
|
};
|
|
|
|
};
|
|
|
|
makeTest = imageName: testName:
|
|
let image = images.${imageName}; in
|
|
with (forSystem image.system ({ system, pkgs, ... }: pkgs));
|
|
runCommand
|
|
"installer-test-${imageName}-${testName}"
|
|
{
|
|
buildInputs = [ qemu_kvm openssh ];
|
|
image = image.image;
|
|
postBoot = image.postBoot or "";
|
|
installScript = installScripts.${testName}.install;
|
|
checkScript = installScripts.${testName}.check;
|
|
installer = nix-installer-static;
|
|
binaryTarball = binaryTarball.${system};
|
|
}
|
|
''
|
|
shopt -s nullglob
|
|
|
|
echo "Unpacking Vagrant box $image..."
|
|
tar xvf $image
|
|
|
|
image_type=$(qemu-img info ${image.rootDisk} | sed 's/file format: \(.*\)/\1/; t; d')
|
|
|
|
qemu-img create -b ./${image.rootDisk} -F "$image_type" -f qcow2 ./disk.qcow2
|
|
|
|
extra_qemu_opts="${image.extraQemuOpts or ""}"
|
|
|
|
# Add the config disk, required by the Ubuntu images.
|
|
config_drive=$(echo *configdrive.vmdk || true)
|
|
if [[ -n $config_drive ]]; then
|
|
extra_qemu_opts+=" -drive id=disk2,file=$config_drive,if=virtio"
|
|
fi
|
|
|
|
echo "Starting qemu..."
|
|
qemu-kvm -m 4096 -nographic \
|
|
-drive id=disk1,file=./disk.qcow2,if=virtio \
|
|
-netdev user,id=net0,restrict=yes,hostfwd=tcp::20022-:22 -device virtio-net-pci,netdev=net0 \
|
|
$extra_qemu_opts &
|
|
qemu_pid=$!
|
|
trap "kill $qemu_pid" EXIT
|
|
|
|
if ! [ -e ./vagrant_insecure_key ]; then
|
|
cp ${./vagrant_insecure_key} vagrant_insecure_key
|
|
fi
|
|
|
|
chmod 0400 ./vagrant_insecure_key
|
|
|
|
ssh_opts="-o StrictHostKeyChecking=no -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa -i ./vagrant_insecure_key"
|
|
ssh="ssh -p 20022 -q $ssh_opts vagrant@localhost"
|
|
|
|
echo "Waiting for SSH..."
|
|
for ((i = 0; i < 120; i++)); do
|
|
echo "[ssh] Trying to connect..."
|
|
if $ssh -- true; then
|
|
echo "[ssh] Connected!"
|
|
break
|
|
fi
|
|
if ! kill -0 $qemu_pid; then
|
|
echo "qemu died unexpectedly"
|
|
exit 1
|
|
fi
|
|
sleep 1
|
|
done
|
|
|
|
if [[ -n $postBoot ]]; then
|
|
echo "Running post-boot commands..."
|
|
$ssh "set -ex; $postBoot"
|
|
fi
|
|
|
|
echo "Copying installer..."
|
|
scp -P 20022 $ssh_opts $installer/bin/nix-installer vagrant@localhost:nix-installer
|
|
|
|
echo "Copying nix tarball..."
|
|
scp -P 20022 $ssh_opts $binaryTarball/nix-*.tar.xz vagrant@localhost:nix.tar.xz
|
|
|
|
echo "Running installer..."
|
|
$ssh "set -eux; $installScript"
|
|
|
|
echo "Testing Nix installation..."
|
|
$ssh "set -eux; $checkScript"
|
|
|
|
echo "Testing Nix installation..."
|
|
$ssh "set -eux; /nix/nix-installer uninstall --no-confirm"
|
|
|
|
echo "Done!"
|
|
touch $out
|
|
'';
|
|
|
|
vm-tests = builtins.mapAttrs
|
|
(imageName: image:
|
|
rec {
|
|
${image.system} = (builtins.mapAttrs
|
|
(testName: test:
|
|
makeTest imageName testName
|
|
)
|
|
installScripts) // {
|
|
all = (with (forSystem "x86_64-linux" ({ system, pkgs, ... }: pkgs)); pkgs.releaseTools.aggregate {
|
|
name = "all";
|
|
constituents = (
|
|
pkgs.lib.mapAttrsToList
|
|
(testName: test:
|
|
makeTest imageName testName
|
|
)
|
|
installScripts
|
|
);
|
|
});
|
|
};
|
|
}
|
|
)
|
|
images;
|
|
|
|
in
|
|
vm-tests // rec {
|
|
all."x86_64-linux".install-default = (with (forSystem "x86_64-linux" ({ system, pkgs, ... }: pkgs)); pkgs.releaseTools.aggregate {
|
|
name = "all";
|
|
constituents = pkgs.lib.mapAttrsToList (name: value: value."x86_64-linux".install-default) vm-tests;
|
|
});
|
|
all."x86_64-linux".install-no-start-daemon = (with (forSystem "x86_64-linux" ({ system, pkgs, ... }: pkgs)); pkgs.releaseTools.aggregate {
|
|
name = "all";
|
|
constituents = pkgs.lib.mapAttrsToList (name: value: value."x86_64-linux".install-default) vm-tests;
|
|
});
|
|
all."x86_64-linux".install-daemonless = (with (forSystem "x86_64-linux" ({ system, pkgs, ... }: pkgs)); pkgs.releaseTools.aggregate {
|
|
name = "all";
|
|
constituents = pkgs.lib.mapAttrsToList (name: value: value."x86_64-linux".install-daemonless) vm-tests;
|
|
});
|
|
all."x86_64-linux".all = (with (forSystem "x86_64-linux" ({ system, pkgs, ... }: pkgs)); pkgs.releaseTools.aggregate {
|
|
name = "all";
|
|
constituents = [
|
|
all."x86_64-linux".install-default
|
|
all."x86_64-linux".install-no-start-daemon
|
|
all."x86_64-linux".install-daemonless
|
|
];
|
|
});
|
|
}
|