30dcc19d1f
I think it is bad for these reasons when `tests/` contains a mix of functional and integration tests - Concepts is harder to understand, the documentation makes a good unit vs functional vs integration distinction, but when the integration tests are just two subdirs within `tests/` this is not clear. - Source filtering in the `flake.nix` is more complex. We need to filter out some of the dirs from `tests/`, rather than simply pick the dirs we want and take all of them. This is a good sign the structure of what we are trying to do is not matching the structure of the files. With this change we have a clean: ```shell-session $ git show 'HEAD:tests' tree HEAD:tests functional/ installer/ nixos/ ``` (cherry picked from commit 68c81c737571794f7246db53fb4774e94fcf4b7e)
31 lines
803 B
Nix
31 lines
803 B
Nix
{ mode }:
|
|
|
|
with import ./config.nix;
|
|
|
|
mkDerivation (
|
|
{
|
|
name = "ssl-export";
|
|
buildCommand = ''
|
|
# Add some indirection, otherwise grepping into the debug output finds the string.
|
|
report () { echo CERT_$1_IN_SANDBOX; }
|
|
|
|
if [ -f /etc/ssl/certs/ca-certificates.crt ]; then
|
|
content=$(</etc/ssl/certs/ca-certificates.crt)
|
|
if [ "$content" == CERT_CONTENT ]; then
|
|
report present
|
|
fi
|
|
else
|
|
report missing
|
|
fi
|
|
|
|
# Always fail, because we do not want to bother with fixed-output
|
|
# derivations being cached, and do not want to compute the right hash.
|
|
false;
|
|
'';
|
|
} // {
|
|
fixed-output = { outputHash = "sha256:0000000000000000000000000000000000000000000000000000000000000000"; };
|
|
normal = { };
|
|
}.${mode}
|
|
)
|
|
|