diff --git a/flake.nix b/flake.nix index ae615d97..3becf22a 100644 --- a/flake.nix +++ b/flake.nix @@ -16,7 +16,8 @@ # NixOS configuration used for VM tests. hydraServer = { config, pkgs, ... }: - { imports = [ self.nixosModules.hydraTest ]; + { + imports = [ self.nixosModules.hydraTest ]; virtualisation.memorySize = 1024; virtualisation.writableStore = true; @@ -26,11 +27,12 @@ nix = { # Without this nix tries to fetch packages from the default # cache.nixos.org which is not reachable from this sandboxed NixOS test. - binaryCaches = []; + binaryCaches = [ ]; }; }; - in rec { + in + rec { # A Nixpkgs overlay that provides a 'hydra' package. overlay = final: prev: { @@ -215,17 +217,17 @@ }; TieHashMethod = final.buildPerlPackage { - pname = "Tie-Hash-Method"; - version = "0.02"; - src = final.fetchurl { - url = "mirror://cpan/authors/id/Y/YV/YVES/Tie-Hash-Method-0.02.tar.gz"; - sha256 = "d513fbb51413f7ca1e64a1bdce6194df7ec6076dea55066d67b950191eec32a9"; - }; - meta = { - description = "Tied hash with specific methods overriden by callbacks"; - license = with final.lib.licenses; [ artistic1 ]; - }; + pname = "Tie-Hash-Method"; + version = "0.02"; + src = final.fetchurl { + url = "mirror://cpan/authors/id/Y/YV/YVES/Tie-Hash-Method-0.02.tar.gz"; + sha256 = "d513fbb51413f7ca1e64a1bdce6194df7ec6076dea55066d67b950191eec32a9"; }; + meta = { + description = "Tied hash with specific methods overriden by callbacks"; + license = with final.lib.licenses; [ artistic1 ]; + }; + }; Test2Harness = final.buildPerlPackage { pname = "Test2-Harness"; @@ -326,7 +328,7 @@ sha256 = "1mnnpkmj8kpb7qw50sm8h4sd8py37ssy2xi5hhxzr5whcx0cvhm8"; }; meta = { - description= "Active Directory Security Identifier manipulation"; + description = "Active Directory Security Identifier manipulation"; license = with final.lib.licenses; [ artistic2 ]; }; }; @@ -340,7 +342,7 @@ }; propagatedBuildInputs = with final.perlPackages; [ NetLDAP NetLDAPServer TestMore DataDump NetLDAPSID ]; meta = { - description= "test Net::LDAP code"; + description = "test Net::LDAP code"; license = with final.lib.licenses; [ artistic1 ]; }; }; @@ -355,7 +357,7 @@ propagatedBuildInputs = with final.perlPackages; [ NetLDAP CatalystPluginAuthentication ClassAccessorFast ]; buildInputs = with final.perlPackages; [ TestMore TestMockObject TestException NetLDAPServerTest ]; meta = { - description= "Authentication from an LDAP Directory"; + description = "Authentication from an LDAP Directory"; license = with final.lib.licenses; [ artistic1 ]; }; }; @@ -522,31 +524,72 @@ ]; }; - in stdenv.mkDerivation { + in + stdenv.mkDerivation { name = "hydra-${version}"; src = self; buildInputs = - [ makeWrapper autoconf automake libtool unzip nukeReferences pkgconfig libpqxx - gitAndTools.topGit mercurial darcs subversion breezy openssl bzip2 libxslt - final.nix perlDeps perl mdbook pixz + [ + makeWrapper + autoconf + automake + libtool + unzip + nukeReferences + pkgconfig + libpqxx + gitAndTools.topGit + mercurial + darcs + subversion + breezy + openssl + bzip2 + libxslt + final.nix + perlDeps + perl + mdbook + pixz boost postgresql_13 (if lib.versionAtLeast lib.version "20.03pre" - then nlohmann_json - else nlohmann_json.override { multipleHeaders = true; }) + then nlohmann_json + else nlohmann_json.override { multipleHeaders = true; }) ]; checkInputs = [ - foreman python3 netcat-openbsd glibcLocales cacert + cacert + foreman + glibcLocales + netcat-openbsd + python3 ]; hydraPath = lib.makeBinPath ( - [ subversion openssh final.nix coreutils findutils pixz - gzip bzip2 lzma gnutar unzip git gitAndTools.topGit mercurial darcs gnused breezy - ] ++ lib.optionals stdenv.isLinux [ rpm dpkg cdrkit ] ); + [ + subversion + openssh + final.nix + coreutils + findutils + pixz + gzip + bzip2 + lzma + gnutar + unzip + git + gitAndTools.topGit + mercurial + darcs + gnused + breezy + ] ++ lib.optionals stdenv.isLinux [ rpm dpkg cdrkit ] + ); shellHook = '' pushd $(git rev-parse --show-toplevel) >/dev/null @@ -603,14 +646,14 @@ build.x86_64-linux = packages.x86_64-linux.hydra; manual = - pkgs.runCommand "hydra-manual-${version}" {} - '' - mkdir -p $out/share - cp -prvd ${pkgs.hydra}/share/doc $out/share/ + pkgs.runCommand "hydra-manual-${version}" { } + '' + mkdir -p $out/share + cp -prvd ${pkgs.hydra}/share/doc $out/share/ - mkdir $out/nix-support - echo "doc manual $out/share/doc/hydra" >> $out/nix-support/hydra-build-products - ''; + mkdir $out/nix-support + echo "doc manual $out/share/doc/hydra" >> $out/nix-support/hydra-build-products + ''; tests.install.x86_64-linux = with import (nixpkgs + "/nixos/lib/testing-python.nix") { system = "x86_64-linux"; }; @@ -682,7 +725,7 @@ + "--data-urlencode 'q=SELECT * FROM hydra_build_status' | grep success" ) ''; - }; + }; tests.gitea.x86_64-linux = with import (nixpkgs + "/nixos/lib/testing-python.nix") { system = "x86_64-linux"; }; @@ -700,7 +743,7 @@ hostName = "localhost"; systems = [ "x86_64-linux" ]; }]; - binaryCaches = []; + binaryCaches = [ ]; }; services.gitea = { enable = true; @@ -713,168 +756,170 @@ networking.firewall.allowedTCPPorts = [ 3000 ]; }; skipLint = true; - testScript = let - scripts.mktoken = pkgs.writeText "token.sql" '' - INSERT INTO access_token (id, uid, name, created_unix, updated_unix, token_hash, token_salt, token_last_eight) VALUES (1, 1, 'hydra', 1617107360, 1617107360, 'a930f319ca362d7b49a4040ac0af74521c3a3c3303a86f327b01994430672d33b6ec53e4ea774253208686c712495e12a486', 'XRjWE9YW0g', '31d3a9c7'); - ''; - - scripts.git-setup = pkgs.writeShellScript "setup.sh" '' - set -x - mkdir -p /tmp/repo $HOME/.ssh - cat ${snakeoilKeypair.privkey} > $HOME/.ssh/privk - chmod 0400 $HOME/.ssh/privk - git -C /tmp/repo init - cp ${smallDrv} /tmp/repo/jobset.nix - git -C /tmp/repo add . - git config --global user.email test@localhost - git config --global user.name test - git -C /tmp/repo commit -m 'Initial import' - git -C /tmp/repo remote add origin gitea@machine:root/repo - GIT_SSH_COMMAND='ssh -i $HOME/.ssh/privk -o StrictHostKeyChecking=no' \ - git -C /tmp/repo push origin master - git -C /tmp/repo log >&2 - ''; - - scripts.hydra-setup = pkgs.writeShellScript "hydra.sh" '' - set -x - su -l hydra -c "hydra-create-user root --email-address \ - 'alice@example.org' --password foobar --role admin" - - URL=http://localhost:3000 - USERNAME="root" - PASSWORD="foobar" - PROJECT_NAME="trivial" - JOBSET_NAME="trivial" - mycurl() { - curl --referer $URL -H "Accept: application/json" \ - -H "Content-Type: application/json" $@ - } - - cat >data.json <data.json <data.json < $HOME/.ssh/privk + chmod 0400 $HOME/.ssh/privk + git -C /tmp/repo init + cp ${smallDrv} /tmp/repo/jobset.nix + git -C /tmp/repo add . + git config --global user.email test@localhost + git config --global user.name test + git -C /tmp/repo commit -m 'Initial import' + git -C /tmp/repo remote add origin gitea@machine:root/repo + GIT_SSH_COMMAND='ssh -i $HOME/.ssh/privk -o StrictHostKeyChecking=no' \ + git -C /tmp/repo push origin master + git -C /tmp/repo log >&2 + ''; - smallDrv = pkgs.writeText "jobset.nix" '' - { trivial = builtins.derivation { - name = "trivial"; - system = "x86_64-linux"; - builder = "/bin/sh"; - allowSubstitutes = false; - preferLocalBuild = true; - args = ["-c" "echo success > $out; exit 0"]; - }; - } + scripts.hydra-setup = pkgs.writeShellScript "hydra.sh" '' + set -x + su -l hydra -c "hydra-create-user root --email-address \ + 'alice@example.org' --password foobar --role admin" + + URL=http://localhost:3000 + USERNAME="root" + PASSWORD="foobar" + PROJECT_NAME="trivial" + JOBSET_NAME="trivial" + mycurl() { + curl --referer $URL -H "Accept: application/json" \ + -H "Content-Type: application/json" $@ + } + + cat >data.json <data.json <data.json < $out; exit 0"]; + }; + } + ''; + in + '' + import json + + machine.start() + machine.wait_for_unit("multi-user.target") + machine.wait_for_open_port(3000) + machine.wait_for_open_port(3001) + + machine.succeed( + "su -l gitea -c 'GITEA_WORK_DIR=/var/lib/gitea gitea admin user create " + + "--username root --password root --email test@localhost'" + ) + machine.succeed("su -l postgres -c 'psql gitea < ${scripts.mktoken}'") + + machine.succeed( + "curl --fail -X POST http://localhost:3001/api/v1/user/repos " + + "-H 'Accept: application/json' -H 'Content-Type: application/json' " + + f"-H 'Authorization: token ${api_token}'" + + ' -d \'{"auto_init":false, "description":"string", "license":"mit", "name":"repo", "private":false}\''' + ) + + machine.succeed( + "curl --fail -X POST http://localhost:3001/api/v1/user/keys " + + "-H 'Accept: application/json' -H 'Content-Type: application/json' " + + f"-H 'Authorization: token ${api_token}'" + + ' -d \'{"key":"${snakeoilKeypair.pubkey}","read_only":true,"title":"SSH"}\''' + ) + + machine.succeed( + "${scripts.git-setup}" + ) + + machine.succeed( + "${scripts.hydra-setup}" + ) + + machine.wait_until_succeeds( + 'curl -Lf -s http://localhost:3000/build/1 -H "Accept: application/json" ' + + '| jq .buildstatus | xargs test 0 -eq' + ) + + data = machine.succeed( + 'curl -Lf -s "http://localhost:3001/api/v1/repos/root/repo/statuses/$(cd /tmp/repo && git show | head -n1 | awk "{print \\$2}")" ' + + "-H 'Accept: application/json' -H 'Content-Type: application/json' " + + f"-H 'Authorization: token ${api_token}'" + ) + + response = json.loads(data) + + assert len(response) == 2, "Expected exactly two status updates for latest commit!" + assert response[0]['status'] == "success", "Expected latest status to be success!" + assert response[1]['status'] == "pending", "Expected first status to be pending!" + + machine.shutdown() ''; - in '' - import json - - machine.start() - machine.wait_for_unit("multi-user.target") - machine.wait_for_open_port(3000) - machine.wait_for_open_port(3001) - - machine.succeed( - "su -l gitea -c 'GITEA_WORK_DIR=/var/lib/gitea gitea admin user create " - + "--username root --password root --email test@localhost'" - ) - machine.succeed("su -l postgres -c 'psql gitea < ${scripts.mktoken}'") - - machine.succeed( - "curl --fail -X POST http://localhost:3001/api/v1/user/repos " - + "-H 'Accept: application/json' -H 'Content-Type: application/json' " - + f"-H 'Authorization: token ${api_token}'" - + ' -d \'{"auto_init":false, "description":"string", "license":"mit", "name":"repo", "private":false}\''' - ) - - machine.succeed( - "curl --fail -X POST http://localhost:3001/api/v1/user/keys " - + "-H 'Accept: application/json' -H 'Content-Type: application/json' " - + f"-H 'Authorization: token ${api_token}'" - + ' -d \'{"key":"${snakeoilKeypair.pubkey}","read_only":true,"title":"SSH"}\''' - ) - - machine.succeed( - "${scripts.git-setup}" - ) - - machine.succeed( - "${scripts.hydra-setup}" - ) - - machine.wait_until_succeeds( - 'curl -Lf -s http://localhost:3000/build/1 -H "Accept: application/json" ' - + '| jq .buildstatus | xargs test 0 -eq' - ) - - data = machine.succeed( - 'curl -Lf -s "http://localhost:3001/api/v1/repos/root/repo/statuses/$(cd /tmp/repo && git show | head -n1 | awk "{print \\$2}")" ' - + "-H 'Accept: application/json' -H 'Content-Type: application/json' " - + f"-H 'Authorization: token ${api_token}'" - ) - - response = json.loads(data) - - assert len(response) == 2, "Expected exactly two status updates for latest commit!" - assert response[0]['status'] == "success", "Expected latest status to be success!" - assert response[1]['status'] == "pending", "Expected first status to be pending!" - - machine.shutdown() - ''; }; tests.ldap.x86_64-linux = @@ -912,6 +957,7 @@ objectClass: dcObject objectClass: organization + dn: ou=users,dc=example ou: users description: All users @@ -1114,9 +1160,11 @@ nixosConfigurations.container = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = - [ self.nixosModules.hydraTest + [ + self.nixosModules.hydraTest self.nixosModules.hydraProxy - { system.configurationRevision = self.rev; + { + system.configurationRevision = self.rev; boot.isContainer = true; networking.useDHCP = false;