rclone: modularize subtests

tests/integration/standalone/rclone/default.nix

@@ -1,13 +1,13 @@
-{ pkgs, ... }:
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}:
 
 let
-  sshKeys = import "${pkgs.path}/nixos/tests/ssh-keys.nix" pkgs;
+  baseMachine = {
-
+    imports = [ "${pkgs.path}/nixos/modules/installer/cd-dvd/channel.nix" ];
-  baseMachine = extend: {
-    imports = [
-      "${pkgs.path}/nixos/modules/installer/cd-dvd/channel.nix"
-      extend
-    ];
     virtualisation.memorySize = 2048;
     users.users.alice = {
       isNormalUser = true;
@@ -18,18 +18,24 @@ let
   };
 in
 {
+  imports = [
+    ./no-secrets.nix
+    ./with-secrets-in-store.nix
+    ./secrets-with-whitespace.nix
+    ./no-type.nix
+    ./mount.nix
+  ];
+
+  options.script = lib.mkOption {
+    type = lib.types.lines;
+  };
+
+  config = {
     name = "rclone";
 
     nodes = {
-    machine = baseMachine { };
+      machine = baseMachine;
-
+      remote = baseMachine;
-    remote = baseMachine {
-      services.openssh.enable = true;
-
-      users.users.alice.openssh.authorizedKeys.keys = [
-        sshKeys.snakeOilEd25519PublicKey
-      ];
-    };
     };
 
     testScript = ''
@@ -77,110 +83,9 @@ in
 
       succeed_as_alice("cp ${./home.nix} /home/alice/.config/home-manager/home.nix")
 
-    with subtest("Generate with no secrets"):
+      ${config.script}
-      succeed_as_alice("install -m644 ${./no-secrets.nix} /home/alice/.config/home-manager/test-remote.nix")
-
-      actual = succeed_as_alice("home-manager switch")
-      expected = "Activating createRcloneConfig"
-      assert expected in actual, \
-        f"expected home-manager switch to contain {expected}, but got {actual}"
-
-      succeed_as_alice("diff -u ${./no-secrets.conf} /home/alice/.config/rclone/rclone.conf")
-
-    with subtest("Generate with secrets from store"):
-      succeed_as_alice("install -m644 ${./with-secrets-in-store.nix} /home/alice/.config/home-manager/test-remote.nix")
-
-      actual = succeed_as_alice("home-manager switch")
-      expected = "Activating createRcloneConfig"
-      assert expected in actual, \
-        f"expected home-manager switch to contain {expected}, but got {actual}"
-
-      succeed_as_alice("diff -u ${./with-secrets-in-store.conf} /home/alice/.config/rclone/rclone.conf")
-
-    with subtest("Secrets with spaces"):
-      succeed_as_alice("install -m644 ${./secrets-with-whitespace.nix} /home/alice/.config/home-manager/test-remote.nix")
-
-      actual = succeed_as_alice("home-manager switch")
-      expected = "Activating createRcloneConfig"
-      assert expected in actual, \
-        f"expected home-manager switch to contain {expected}, but got {actual}"
-
-      succeed_as_alice("diff -u ${./secrets-with-whitespace.conf} /home/alice/.config/rclone/rclone.conf")
-
-    with subtest("Un-typed remote"):
-      succeed_as_alice("install -m644 ${./no-type.nix} /home/alice/.config/home-manager/test-remote.nix")
-
-      actual = fail_as_alice("home-manager switch")
-      expected = "Activating createRcloneConfig"
-      assert expected not in actual, \
-        f"expected home-manager switch to contain {expected}, but got {actual}"
-
-      expected = "An attribute set containing a remote type and options."
-      assert expected not in actual, \
-        f"expected home-manager switch to contain {expected}, but got {actual}"
-
-
-    # TODO: verify correct activation order with the agenix and sops hm modules
-
-    remote.wait_for_unit("network.target")
-    remote.wait_for_unit("multi-user.target")
-
-    with subtest("Mount a remote (sftp)"):
-      # https://rclone.org/commands/rclone_mount/#vfs-directory-cache
-      # Sending a SIGHUP evicts every dcache entry
-      def clear_vfs_dcache():
-        svc_name = "rclone-mount:.home.alice.files@alices-sftp-remote.service"
-        succeed_as_alice(f"kill -s HUP $(systemctl --user show -p MainPID --value {svc_name})")
-        succeed_as_alice(
-          "sync",
-          "sleep 5",
-          box=remote
-        )
-
-      succeed_as_alice(
-        "mkdir -p /home/alice/.ssh",
-        "install -m644 ${./mount.nix} /home/alice/.config/home-manager/test-remote.nix"
-      )
-
-      actual = succeed_as_alice("home-manager switch")
-      expected = "Activating createRcloneConfig"
-      assert expected in actual, \
-        f"expected home-manager switch to contain {expected}, but got {actual}"
-
-      # remote -> machine
-      succeed_as_alice(
-        "mkdir /home/alice/files",
-        "touch /home/alice/files/test",
-        "echo started > /home/alice/files/log",
-        box=remote
-      )
-
-      succeed_as_alice("ls /home/alice/remote-files/test")
-
-      test_log = succeed_as_alice("cat /home/alice/remote-files/log")
-      expected = "started";
-      assert expected in test_log, \
-        f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
-
-      # machine -> remote
-      succeed_as_alice(
-        "touch /home/alice/remote-files/new-file",
-        "echo testing this works both ways! >> /home/alice/remote-files/log",
-      )
-
-      clear_vfs_dcache()
-
-      succeed_as_alice("ls /home/alice/files/new-file", box=remote)
-
-      test_log = succeed_as_alice("cat /home/alice/files/log", box=remote)
-      expected = "testing this works both ways!"
-      assert expected in test_log, \
-        f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
-
-      expected = "started"
-      assert expected in test_log, \
-        f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
 
       logout_alice()
     '';
+  };
 }

tests/integration/standalone/rclone/mount.nix

@@ -1,20 +1,23 @@
 { pkgs, lib, ... }:
 let
   sshKeys = import "${pkgs.path}/nixos/tests/ssh-keys.nix" pkgs;
-in
+
-{
+  # https://rclone.org/sftp/#ssh-authentication
+  keyPem = lib.pipe sshKeys.snakeOilEd25519PrivateKey.text [
+    lib.trim
+    (lib.replaceStrings [ "\n" ] [ "\\\\n" ])
+  ];
+
+  module = pkgs.writeText "mount-module" ''
+    { pkgs, lib, ... }: {
       programs.rclone.remotes = {
         alices-sftp-remote = {
           config = {
             type = "sftp";
             host = "remote";
             user = "alice";
-        # https://rclone.org/sftp/#ssh-authentication
+            key_pem = "${keyPem}";
-        key_pem = lib.pipe sshKeys.snakeOilEd25519PrivateKey.text [
+            known_hosts = "${sshKeys.snakeOilEd25519PublicKey}";
-          lib.trim
-          (lib.replaceStrings [ "\n" ] [ "\\n" ])
-        ];
-        known_hosts = sshKeys.snakeOilEd25519PublicKey;
           };
           mounts = {
             "/home/alice/files" = {
@@ -25,3 +28,75 @@ in
         };
       };
     }
+  '';
+in
+{
+  nodes.remote = {
+    services.openssh.enable = true;
+
+    users.users.alice.openssh.authorizedKeys.keys = [
+      sshKeys.snakeOilEd25519PublicKey
+    ];
+  };
+
+  script = ''
+    remote.wait_for_unit("network.target")
+    remote.wait_for_unit("multi-user.target")
+
+    with subtest("Mount a remote (sftp)"):
+      # https://rclone.org/commands/rclone_mount/#vfs-directory-cache
+      # Sending a SIGHUP evicts every dcache entry
+      def clear_vfs_dcache():
+        svc_name = "rclone-mount:.home.alice.files@alices-sftp-remote.service"
+        succeed_as_alice(f"kill -s HUP $(systemctl --user show -p MainPID --value {svc_name})")
+        succeed_as_alice(
+          "sync",
+          "sleep 5",
+          box=remote
+        )
+
+      succeed_as_alice(
+        "mkdir -p /home/alice/.ssh",
+        "install -m644 ${module} /home/alice/.config/home-manager/test-remote.nix"
+      )
+
+      actual = succeed_as_alice("home-manager switch")
+      expected = "Activating createRcloneConfig"
+      assert expected in actual, \
+        f"expected home-manager switch to contain {expected}, but got {actual}"
+
+      # remote -> machine
+      succeed_as_alice(
+        "mkdir /home/alice/files",
+        "touch /home/alice/files/test",
+        "echo started > /home/alice/files/log",
+        box=remote
+      )
+
+      succeed_as_alice("ls /home/alice/remote-files/test")
+
+      test_log = succeed_as_alice("cat /home/alice/remote-files/log")
+      expected = "started";
+      assert expected in test_log, \
+        f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
+
+      # machine -> remote
+      succeed_as_alice(
+        "touch /home/alice/remote-files/new-file",
+        "echo testing this works both ways! >> /home/alice/remote-files/log",
+      )
+
+      clear_vfs_dcache()
+
+      succeed_as_alice("ls /home/alice/files/new-file", box=remote)
+
+      test_log = succeed_as_alice("cat /home/alice/files/log", box=remote)
+      expected = "testing this works both ways!"
+      assert expected in test_log, \
+        f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
+
+      expected = "started"
+      assert expected in test_log, \
+        f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
+  '';
+}

tests/integration/standalone/rclone/no-secrets.conf

@@ -1,5 +0,0 @@
-[alices-cool-remote]
-host=backup-server
-key_file=/key/path/foo
-type=sftp
-user=alice

tests/integration/standalone/rclone/no-secrets.nix

@@ -1,3 +1,6 @@
+{ pkgs, ... }:
+let
+  module = pkgs.writeText "no-secrets-module" ''
     {
       programs.rclone.remotes = {
         alices-cool-remote.config = {
@@ -8,3 +11,26 @@
         };
       };
     }
+  '';
+
+  expected = pkgs.writeText "no-secrets-expected" ''
+    [alices-cool-remote]
+    host=backup-server
+    key_file=/key/path/foo
+    type=sftp
+    user=alice
+  '';
+in
+{
+  script = ''
+    with subtest("Generate with no secrets"):
+      succeed_as_alice("install -m644 ${module} /home/alice/.config/home-manager/test-remote.nix")
+
+      actual = succeed_as_alice("home-manager switch")
+      expected = "Activating createRcloneConfig"
+      assert expected in actual, \
+        f"expected home-manager switch to contain {expected}, but got {actual}"
+
+      succeed_as_alice("diff -u ${expected} /home/alice/.config/rclone/rclone.conf")
+  '';
+}

tests/integration/standalone/rclone/no-type.nix

@@ -1,3 +1,6 @@
+{ pkgs, ... }:
+let
+  module = pkgs.writeText "no-type-module" ''
     {
       programs.rclone.remotes = {
         alices-cool-remote-v4.config = {
@@ -7,3 +10,20 @@
         };
       };
     }
+  '';
+in
+{
+  script = ''
+    with subtest("Un-typed remote"):
+      succeed_as_alice("install -m644 ${module} /home/alice/.config/home-manager/test-remote.nix")
+
+      actual = fail_as_alice("home-manager switch")
+      expected = "Activating createRcloneConfig"
+      assert expected not in actual, \
+        f"expected home-manager switch to contain {expected}, but got {actual}"
+
+      expected = "An attribute set containing a remote type and options."
+      assert expected not in actual, \
+        f"expected home-manager switch to contain {expected}, but got {actual}"
+  '';
+}

tests/integration/standalone/rclone/secrets-with-whitespace.conf

@@ -1,5 +0,0 @@
-[alices-cool-remote-v3]
-description = alices speeedy remote
-type = memory
-spaces-secret = This is a secret with spaces, it has single spaces,                  and lots of spaces :3
-

tests/integration/standalone/rclone/secrets-with-whitespace.nix

@@ -1,4 +1,6 @@
 { pkgs, ... }:
+let
+  module = pkgs.writeText "secrets-with-whitespace-module" ''
     {
       programs.rclone.remotes = {
         alices-cool-remote-v3 = {
@@ -12,3 +14,26 @@
         };
       };
     }
+  '';
+
+  expected = pkgs.writeText "secrets-with-whitespace-expected" ''
+    [alices-cool-remote-v3]
+    description = alices speeedy remote
+    type = memory
+    spaces-secret = This is a secret with spaces, it has single spaces,        and lots of spaces :3
+
+  '';
+in
+{
+  script = ''
+    with subtest("Secrets with spaces"):
+      succeed_as_alice("install -m644 ${module} /home/alice/.config/home-manager/test-remote.nix")
+
+      actual = succeed_as_alice("home-manager switch")
+      expected = "Activating createRcloneConfig"
+      assert expected in actual, \
+        f"expected home-manager switch to contain {expected}, but got {actual}"
+
+      succeed_as_alice("diff -u ${expected} /home/alice/.config/rclone/rclone.conf")
+  '';
+}

tests/integration/standalone/rclone/with-secrets-in-store.conf

@@ -1,6 +0,0 @@
-[alices-cool-remote-v2]
-hard_delete = true
-type = b2
-account = super-secret-account-id
-key = api-key-from-file
-

tests/integration/standalone/rclone/with-secrets-in-store.nix

@@ -1,4 +1,6 @@
 { pkgs, ... }:
+let
+  module = pkgs.writeText "with-secrets-in-store-module" ''
     {
       programs.rclone.remotes = {
         alices-cool-remote-v2 = {
@@ -7,13 +9,33 @@
             hard_delete = true;
           };
           secrets = {
-        account = "${pkgs.writeText "acc" ''
+            account = "${pkgs.writeText "acc" "super-secret-account-id"}";
-          super-secret-account-id
+            key = "${pkgs.writeText "key" "api-key-from-file"}";
-        ''}";
-        key = "${pkgs.writeText "key" ''
-          api-key-from-file
-        ''}";
           };
         };
       };
     }
+  '';
+
+  expected = pkgs.writeText "with-secrets-in-store-expected" ''
+    [alices-cool-remote-v2]
+    hard_delete = true
+    type = b2
+    account = super-secret-account-id
+    key = api-key-from-file
+
+  '';
+in
+{
+  script = ''
+    with subtest("Generate with secrets from store"):
+      succeed_as_alice("install -m644 ${module} /home/alice/.config/home-manager/test-remote.nix")
+
+      actual = succeed_as_alice("home-manager switch")
+      expected = "Activating createRcloneConfig"
+      assert expected in actual, \
+        f"expected home-manager switch to contain {expected}, but got {actual}"
+
+      succeed_as_alice("diff -u ${expected} /home/alice/.config/rclone/rclone.conf")
+  '';
+}