nix-community/home-manager
1
0
Fork 0
mirror of https://github.com/nix-community/home-manager.git synced 2025-11-08 19:46:05 +01:00
Code Activity

rclone: modularize subtests

Browse source
This commit is contained in:
Jess 2025-08-15 01:29:10 +12:00 committed by Austin Horstman
parent e6422763eb
commit 56b8749987
9 changed files with 290 additions and 233 deletions
Download patch file Download diff file Expand all files Collapse all files

215
tests/integration/standalone/rclone/default.nix
View file

@ -1,13 +1,13 @@
{ pkgs, ... }: {
pkgs,
lib,
config,
...
}:
let let
sshKeys = import "${pkgs.path}/nixos/tests/ssh-keys.nix" pkgs; baseMachine = {
imports = [ "${pkgs.path}/nixos/modules/installer/cd-dvd/channel.nix" ];
baseMachine = extend: {
imports = [
"${pkgs.path}/nixos/modules/installer/cd-dvd/channel.nix"
extend
];
virtualisation.memorySize = 2048; virtualisation.memorySize = 2048;
users.users.alice = { users.users.alice = {
isNormalUser = true; isNormalUser = true;
@ -18,169 +18,74 @@ let
}; };
in in
{ {
name = "rclone"; imports = [
./no-secrets.nix
./with-secrets-in-store.nix
./secrets-with-whitespace.nix
./no-type.nix
./mount.nix
];
nodes = { options.script = lib.mkOption {
machine = baseMachine { }; type = lib.types.lines;
remote = baseMachine {
services.openssh.enable = true;
users.users.alice.openssh.authorizedKeys.keys = [
sshKeys.snakeOilEd25519PublicKey
];
};
}; };
testScript = '' config = {
start_all() name = "rclone";
machine.wait_for_unit("network.target")
machine.wait_for_unit("multi-user.target")
home_manager = "${../../../..}" nodes = {
machine = baseMachine;
remote = baseMachine;
};
def login_as_alice(): testScript = ''
machine.wait_until_tty_matches("1", "login: ") start_all()
machine.send_chars("alice\n") machine.wait_for_unit("network.target")
machine.wait_until_tty_matches("1", "Password: ") machine.wait_for_unit("multi-user.target")
machine.send_chars("foobar\n")
machine.wait_until_tty_matches("1", "alice\\@machine")
def logout_alice(): home_manager = "${../../../..}"
machine.send_chars("exit\n")
def alice_cmd(cmd): def login_as_alice():
return f"su -l alice --shell /bin/sh -c $'export XDG_RUNTIME_DIR=/run/user/$UID ; {cmd}'" machine.wait_until_tty_matches("1", "login: ")
machine.send_chars("alice\n")
machine.wait_until_tty_matches("1", "Password: ")
machine.send_chars("foobar\n")
machine.wait_until_tty_matches("1", "alice\\@machine")
def succeed_as_alice(*cmds, box=machine): def logout_alice():
return box.succeed(*map(alice_cmd,cmds)) machine.send_chars("exit\n")
def systemctl_succeed_as_alice(cmd): def alice_cmd(cmd):
status, out = machine.systemctl(cmd, "alice") return f"su -l alice --shell /bin/sh -c $'export XDG_RUNTIME_DIR=/run/user/$UID ; {cmd}'"
assert status == 0, f"failed to run systemctl {cmd}"
return out
def fail_as_alice(*cmds): def succeed_as_alice(*cmds, box=machine):
return machine.fail(*map(alice_cmd,cmds)) return box.succeed(*map(alice_cmd,cmds))
# Create a persistent login so that Alice has a systemd session. def systemctl_succeed_as_alice(cmd):
login_as_alice() status, out = machine.systemctl(cmd, "alice")
assert status == 0, f"failed to run systemctl {cmd}"
return out
# Set up a home-manager channel. def fail_as_alice(*cmds):
succeed_as_alice(" ; ".join([ return machine.fail(*map(alice_cmd,cmds))
"mkdir -p /home/alice/.nix-defexpr/channels",
f"ln -s {home_manager} /home/alice/.nix-defexpr/channels/home-manager"
]))
with subtest("Home Manager installation"): # Create a persistent login so that Alice has a systemd session.
succeed_as_alice("nix-shell \"<home-manager>\" -A install") login_as_alice()
succeed_as_alice("cp ${./home.nix} /home/alice/.config/home-manager/home.nix") # Set up a home-manager channel.
succeed_as_alice(" ; ".join([
"mkdir -p /home/alice/.nix-defexpr/channels",
f"ln -s {home_manager} /home/alice/.nix-defexpr/channels/home-manager"
]))
with subtest("Generate with no secrets"): with subtest("Home Manager installation"):
succeed_as_alice("install -m644 ${./no-secrets.nix} /home/alice/.config/home-manager/test-remote.nix") succeed_as_alice("nix-shell \"<home-manager>\" -A install")
actual = succeed_as_alice("home-manager switch") succeed_as_alice("cp ${./home.nix} /home/alice/.config/home-manager/home.nix")
expected = "Activating createRcloneConfig"
assert expected in actual, \
f"expected home-manager switch to contain {expected}, but got {actual}"
succeed_as_alice("diff -u ${./no-secrets.conf} /home/alice/.config/rclone/rclone.conf") ${config.script}
with subtest("Generate with secrets from store"): logout_alice()
succeed_as_alice("install -m644 ${./with-secrets-in-store.nix} /home/alice/.config/home-manager/test-remote.nix") '';
};
actual = succeed_as_alice("home-manager switch")
expected = "Activating createRcloneConfig"
assert expected in actual, \
f"expected home-manager switch to contain {expected}, but got {actual}"
succeed_as_alice("diff -u ${./with-secrets-in-store.conf} /home/alice/.config/rclone/rclone.conf")
with subtest("Secrets with spaces"):
succeed_as_alice("install -m644 ${./secrets-with-whitespace.nix} /home/alice/.config/home-manager/test-remote.nix")
actual = succeed_as_alice("home-manager switch")
expected = "Activating createRcloneConfig"
assert expected in actual, \
f"expected home-manager switch to contain {expected}, but got {actual}"
succeed_as_alice("diff -u ${./secrets-with-whitespace.conf} /home/alice/.config/rclone/rclone.conf")
with subtest("Un-typed remote"):
succeed_as_alice("install -m644 ${./no-type.nix} /home/alice/.config/home-manager/test-remote.nix")
actual = fail_as_alice("home-manager switch")
expected = "Activating createRcloneConfig"
assert expected not in actual, \
f"expected home-manager switch to contain {expected}, but got {actual}"
expected = "An attribute set containing a remote type and options."
assert expected not in actual, \
f"expected home-manager switch to contain {expected}, but got {actual}"
# TODO: verify correct activation order with the agenix and sops hm modules
remote.wait_for_unit("network.target")
remote.wait_for_unit("multi-user.target")
with subtest("Mount a remote (sftp)"):
# https://rclone.org/commands/rclone_mount/#vfs-directory-cache
# Sending a SIGHUP evicts every dcache entry
def clear_vfs_dcache():
svc_name = "rclone-mount:.home.alice.files@alices-sftp-remote.service"
succeed_as_alice(f"kill -s HUP $(systemctl --user show -p MainPID --value {svc_name})")
succeed_as_alice(
"sync",
"sleep 5",
box=remote
)
succeed_as_alice(
"mkdir -p /home/alice/.ssh",
"install -m644 ${./mount.nix} /home/alice/.config/home-manager/test-remote.nix"
)
actual = succeed_as_alice("home-manager switch")
expected = "Activating createRcloneConfig"
assert expected in actual, \
f"expected home-manager switch to contain {expected}, but got {actual}"
# remote -> machine
succeed_as_alice(
"mkdir /home/alice/files",
"touch /home/alice/files/test",
"echo started > /home/alice/files/log",
box=remote
)
succeed_as_alice("ls /home/alice/remote-files/test")
test_log = succeed_as_alice("cat /home/alice/remote-files/log")
expected = "started";
assert expected in test_log, \
f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
# machine -> remote
succeed_as_alice(
"touch /home/alice/remote-files/new-file",
"echo testing this works both ways! >> /home/alice/remote-files/log",
)
clear_vfs_dcache()
succeed_as_alice("ls /home/alice/files/new-file", box=remote)
test_log = succeed_as_alice("cat /home/alice/files/log", box=remote)
expected = "testing this works both ways!"
assert expected in test_log, \
f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
expected = "started"
assert expected in test_log, \
f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
logout_alice()
'';
} }

115
tests/integration/standalone/rclone/mount.nix
View file

@ -1,27 +1,102 @@
{ pkgs, lib, ... }: { pkgs, lib, ... }:
let let
sshKeys = import "${pkgs.path}/nixos/tests/ssh-keys.nix" pkgs; sshKeys = import "${pkgs.path}/nixos/tests/ssh-keys.nix" pkgs;
in
{ # https://rclone.org/sftp/#ssh-authentication
programs.rclone.remotes = { keyPem = lib.pipe sshKeys.snakeOilEd25519PrivateKey.text [
alices-sftp-remote = { lib.trim
config = { (lib.replaceStrings [ "\n" ] [ "\\\\n" ])
type = "sftp"; ];
host = "remote";
user = "alice"; module = pkgs.writeText "mount-module" ''
# https://rclone.org/sftp/#ssh-authentication { pkgs, lib, ... }: {
key_pem = lib.pipe sshKeys.snakeOilEd25519PrivateKey.text [ programs.rclone.remotes = {
lib.trim alices-sftp-remote = {
(lib.replaceStrings [ "\n" ] [ "\\n" ]) config = {
]; type = "sftp";
known_hosts = sshKeys.snakeOilEd25519PublicKey; host = "remote";
}; user = "alice";
mounts = { key_pem = "${keyPem}";
"/home/alice/files" = { known_hosts = "${sshKeys.snakeOilEd25519PublicKey}";
enable = true; };
mountPoint = "/home/alice/remote-files"; mounts = {
"/home/alice/files" = {
enable = true;
mountPoint = "/home/alice/remote-files";
};
};
}; };
}; };
}; }
'';
in
{
nodes.remote = {
services.openssh.enable = true;
users.users.alice.openssh.authorizedKeys.keys = [
sshKeys.snakeOilEd25519PublicKey
];
}; };
script = ''
remote.wait_for_unit("network.target")
remote.wait_for_unit("multi-user.target")
with subtest("Mount a remote (sftp)"):
# https://rclone.org/commands/rclone_mount/#vfs-directory-cache
# Sending a SIGHUP evicts every dcache entry
def clear_vfs_dcache():
svc_name = "rclone-mount:.home.alice.files@alices-sftp-remote.service"
succeed_as_alice(f"kill -s HUP $(systemctl --user show -p MainPID --value {svc_name})")
succeed_as_alice(
"sync",
"sleep 5",
box=remote
)
succeed_as_alice(
"mkdir -p /home/alice/.ssh",
"install -m644 ${module} /home/alice/.config/home-manager/test-remote.nix"
)
actual = succeed_as_alice("home-manager switch")
expected = "Activating createRcloneConfig"
assert expected in actual, \
f"expected home-manager switch to contain {expected}, but got {actual}"
# remote -> machine
succeed_as_alice(
"mkdir /home/alice/files",
"touch /home/alice/files/test",
"echo started > /home/alice/files/log",
box=remote
)
succeed_as_alice("ls /home/alice/remote-files/test")
test_log = succeed_as_alice("cat /home/alice/remote-files/log")
expected = "started";
assert expected in test_log, \
f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
# machine -> remote
succeed_as_alice(
"touch /home/alice/remote-files/new-file",
"echo testing this works both ways! >> /home/alice/remote-files/log",
)
clear_vfs_dcache()
succeed_as_alice("ls /home/alice/files/new-file", box=remote)
test_log = succeed_as_alice("cat /home/alice/files/log", box=remote)
expected = "testing this works both ways!"
assert expected in test_log, \
f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
expected = "started"
assert expected in test_log, \
f"Mounted file does not have expected contents. Expected {test_log} to contain \"{expected}\""
'';
} }

5
tests/integration/standalone/rclone/no-secrets.conf
View file

@ -1,5 +0,0 @@
[alices-cool-remote]
host=backup-server
key_file=/key/path/foo
type=sftp
user=alice

42
tests/integration/standalone/rclone/no-secrets.nix
View file

@ -1,10 +1,36 @@
{ pkgs, ... }:
let
module = pkgs.writeText "no-secrets-module" ''
{
programs.rclone.remotes = {
alices-cool-remote.config = {
type = "sftp";
host = "backup-server";
user = "alice";
key_file = "/key/path/foo";
};
};
}
'';
expected = pkgs.writeText "no-secrets-expected" ''
[alices-cool-remote]
host=backup-server
key_file=/key/path/foo
type=sftp
user=alice
'';
in
{ {
programs.rclone.remotes = { script = ''
alices-cool-remote.config = { with subtest("Generate with no secrets"):
type = "sftp"; succeed_as_alice("install -m644 ${module} /home/alice/.config/home-manager/test-remote.nix")
host = "backup-server";
user = "alice"; actual = succeed_as_alice("home-manager switch")
key_file = "/key/path/foo"; expected = "Activating createRcloneConfig"
}; assert expected in actual, \
}; f"expected home-manager switch to contain {expected}, but got {actual}"
succeed_as_alice("diff -u ${expected} /home/alice/.config/rclone/rclone.conf")
'';
} }

34
tests/integration/standalone/rclone/no-type.nix
View file

@ -1,9 +1,29 @@
{ pkgs, ... }:
let
module = pkgs.writeText "no-type-module" ''
{
programs.rclone.remotes = {
alices-cool-remote-v4.config = {
description = "this value does not have a type";
some-key = "value pairs";
another-key-value = "pair";
};
};
}
'';
in
{ {
programs.rclone.remotes = { script = ''
alices-cool-remote-v4.config = { with subtest("Un-typed remote"):
description = "this value does not have a type"; succeed_as_alice("install -m644 ${module} /home/alice/.config/home-manager/test-remote.nix")
some-key = "value pairs";
another-key-value = "pair"; actual = fail_as_alice("home-manager switch")
}; expected = "Activating createRcloneConfig"
}; assert expected not in actual, \
f"expected home-manager switch to contain {expected}, but got {actual}"
expected = "An attribute set containing a remote type and options."
assert expected not in actual, \
f"expected home-manager switch to contain {expected}, but got {actual}"
'';
} }

5
tests/integration/standalone/rclone/secrets-with-whitespace.conf
View file

@ -1,5 +0,0 @@
[alices-cool-remote-v3]
description = alices speeedy remote
type = memory
spaces-secret = This is a secret with spaces, it has single spaces, and lots of spaces :3

47
tests/integration/standalone/rclone/secrets-with-whitespace.nix
View file

@ -1,14 +1,39 @@
{ pkgs, ... }: { pkgs, ... }:
{ let
programs.rclone.remotes = { module = pkgs.writeText "secrets-with-whitespace-module" ''
alices-cool-remote-v3 = { {
config = { programs.rclone.remotes = {
type = "memory"; alices-cool-remote-v3 = {
description = "alices speeedy remote"; config = {
type = "memory";
description = "alices speeedy remote";
};
secrets.spaces-secret = "${pkgs.writeText "secret" ''
This is a secret with spaces, it has single spaces, and lots of spaces :3
''}";
};
}; };
secrets.spaces-secret = "${pkgs.writeText "secret" '' }
This is a secret with spaces, it has single spaces, and lots of spaces :3 '';
''}";
}; expected = pkgs.writeText "secrets-with-whitespace-expected" ''
}; [alices-cool-remote-v3]
description = alices speeedy remote
type = memory
spaces-secret = This is a secret with spaces, it has single spaces, and lots of spaces :3
'';
in
{
script = ''
with subtest("Secrets with spaces"):
succeed_as_alice("install -m644 ${module} /home/alice/.config/home-manager/test-remote.nix")
actual = succeed_as_alice("home-manager switch")
expected = "Activating createRcloneConfig"
assert expected in actual, \
f"expected home-manager switch to contain {expected}, but got {actual}"
succeed_as_alice("diff -u ${expected} /home/alice/.config/rclone/rclone.conf")
'';
} }

6
tests/integration/standalone/rclone/with-secrets-in-store.conf
View file

@ -1,6 +0,0 @@
[alices-cool-remote-v2]
hard_delete = true
type = b2
account = super-secret-account-id
key = api-key-from-file

54
tests/integration/standalone/rclone/with-secrets-in-store.nix
View file

@ -1,19 +1,41 @@
{ pkgs, ... }: { pkgs, ... }:
let
module = pkgs.writeText "with-secrets-in-store-module" ''
{
programs.rclone.remotes = {
alices-cool-remote-v2 = {
config = {
type = "b2";
hard_delete = true;
};
secrets = {
account = "${pkgs.writeText "acc" "super-secret-account-id"}";
key = "${pkgs.writeText "key" "api-key-from-file"}";
};
};
};
}
'';
expected = pkgs.writeText "with-secrets-in-store-expected" ''
[alices-cool-remote-v2]
hard_delete = true
type = b2
account = super-secret-account-id
key = api-key-from-file
'';
in
{ {
programs.rclone.remotes = { script = ''
alices-cool-remote-v2 = { with subtest("Generate with secrets from store"):
config = { succeed_as_alice("install -m644 ${module} /home/alice/.config/home-manager/test-remote.nix")
type = "b2";
hard_delete = true; actual = succeed_as_alice("home-manager switch")
}; expected = "Activating createRcloneConfig"
secrets = { assert expected in actual, \
account = "${pkgs.writeText "acc" '' f"expected home-manager switch to contain {expected}, but got {actual}"
super-secret-account-id
''}"; succeed_as_alice("diff -u ${expected} /home/alice/.config/rclone/rclone.conf")
key = "${pkgs.writeText "key" '' '';
api-key-from-file
''}";
};
};
};
} }