summaryrefslogtreecommitdiffstats
path: root/krebs/0tests
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-05-09 11:11:50 +0200
committertv <tv@krebsco.de>2018-05-09 11:43:08 +0200
commit47c0b0261eabdf230bfc7a375a3a008a04b61c4a (patch)
tree5f63540493553f877ce823c4465dd2cf561765af /krebs/0tests
parent3f3c12dcd06ba211a484aabf011880a83e5832fd (diff)
krebs: 6tests -> 0tests
Diffstat (limited to 'krebs/0tests')
-rw-r--r--krebs/0tests/data/secrets/grafana_security.nix1
-rw-r--r--krebs/0tests/data/secrets/hashedPasswords.nix1
-rw-r--r--krebs/0tests/data/secrets/retiolum.rsa_key.priv0
-rw-r--r--krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix1
-rw-r--r--krebs/0tests/data/secrets/ssh.id_ed255190
-rw-r--r--krebs/0tests/data/test-config.nix22
-rw-r--r--krebs/0tests/data/test-source.nix12
-rw-r--r--krebs/0tests/default.nix6
-rw-r--r--krebs/0tests/deploy.nix106
9 files changed, 149 insertions, 0 deletions
diff --git a/krebs/0tests/data/secrets/grafana_security.nix b/krebs/0tests/data/secrets/grafana_security.nix
new file mode 100644
index 000000000..0967ef424
--- /dev/null
+++ b/krebs/0tests/data/secrets/grafana_security.nix
@@ -0,0 +1 @@
+{}
diff --git a/krebs/0tests/data/secrets/hashedPasswords.nix b/krebs/0tests/data/secrets/hashedPasswords.nix
new file mode 100644
index 000000000..0967ef424
--- /dev/null
+++ b/krebs/0tests/data/secrets/hashedPasswords.nix
@@ -0,0 +1 @@
+{}
diff --git a/krebs/0tests/data/secrets/retiolum.rsa_key.priv b/krebs/0tests/data/secrets/retiolum.rsa_key.priv
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/krebs/0tests/data/secrets/retiolum.rsa_key.priv
diff --git a/krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix b/krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix
new file mode 100644
index 000000000..963e6db8b
--- /dev/null
+++ b/krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix
@@ -0,0 +1 @@
+"lol"
diff --git a/krebs/0tests/data/secrets/ssh.id_ed25519 b/krebs/0tests/data/secrets/ssh.id_ed25519
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/krebs/0tests/data/secrets/ssh.id_ed25519
diff --git a/krebs/0tests/data/test-config.nix b/krebs/0tests/data/test-config.nix
new file mode 100644
index 000000000..f0927ddd9
--- /dev/null
+++ b/krebs/0tests/data/test-config.nix
@@ -0,0 +1,22 @@
+{ config, lib, pkgs, ... }:
+
+{
+ imports = [
+ <stockholm/krebs>
+ <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
+ <nixpkgs/nixos/modules/testing/test-instrumentation.nix>
+ ];
+
+ krebs.hosts.minimal = {
+ cores = 1;
+ secure = false;
+ };
+
+ boot.loader.grub.enable = false;
+ boot.loader.systemd-boot.enable = true;
+
+ krebs.build = {
+ host = config.krebs.hosts.minimal;
+ user = config.krebs.users.krebs;
+ };
+}
diff --git a/krebs/0tests/data/test-source.nix b/krebs/0tests/data/test-source.nix
new file mode 100644
index 000000000..dfc6b3297
--- /dev/null
+++ b/krebs/0tests/data/test-source.nix
@@ -0,0 +1,12 @@
+with import <stockholm/lib>;
+evalSource "" [{
+ nixos-config = {
+ symlink.target = toString ./test-config;
+ };
+ nixpkgs = {
+ symlink.target = toString <nixpkgs>;
+ };
+ stockholm = {
+ symlink.target = toString <stockholm>;
+ };
+}]
diff --git a/krebs/0tests/default.nix b/krebs/0tests/default.nix
new file mode 100644
index 000000000..c0ca00296
--- /dev/null
+++ b/krebs/0tests/default.nix
@@ -0,0 +1,6 @@
+with import <stockholm/lib>;
+{ ... }:
+
+{
+ deploy = import ./deploy.nix;
+}
diff --git a/krebs/0tests/deploy.nix b/krebs/0tests/deploy.nix
new file mode 100644
index 000000000..d96963500
--- /dev/null
+++ b/krebs/0tests/deploy.nix
@@ -0,0 +1,106 @@
+with import <stockholm/lib>;
+import <nixpkgs/nixos/tests/make-test.nix> ({ ... }:
+
+let
+ pkgs = import <nixpkgs> { overlays = [(import ../5pkgs)]; };
+ test-config = <stockholm/krebs/0tests/data/test-config.nix>;
+ privKey = ''
+ -----BEGIN OPENSSH PRIVATE KEY-----
+ b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+ QyNTUxOQAAACD1tYD8r6Fcd7bq3Z0nvo5483nXQ8c4LFh0fcw8rOCQtQAAAJBTNHK6UzRy
+ ugAAAAtzc2gtZWQyNTUxOQAAACD1tYD8r6Fcd7bq3Z0nvo5483nXQ8c4LFh0fcw8rOCQtQ
+ AAAECK2ZlEIofZyGbh7rXlUq5lUsUyotamtp9QrlvoS3qgePW1gPyvoVx3turdnSe+jnjz
+ eddDxzgsWHR9zDys4JC1AAAACWxhc3NAbW9ycwECAwQ=
+ -----END OPENSSH PRIVATE KEY-----
+ '';
+ pubKey = ''
+ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPW1gPyvoVx3turdnSe+jnjzeddDxzgsWHR9zDys4JC1
+ '';
+
+ ssh-config = pkgs.writeText "ssh-config" ''
+ Host server
+ StrictHostKeyChecking no
+ UserKnownHostsFile=/dev/null
+ '';
+
+ populate-source = {
+ nixos-config = {
+ symlink.target = test-config;
+ type = "symlink";
+ };
+ nixpkgs = {
+ symlink.target = <nixpkgs>;
+ type = "symlink";
+ };
+ stockholm = {
+ symlink.target = <stockholm>;
+ type = "symlink";
+ };
+ };
+
+ test-deploy = pkgs.writeDash "test-deploy" ''
+ cd ${<stockholm>}
+ export NIX_PATH=stockholm=${<stockholm>}:nixpkgs=${<nixpkgs>}:$NIX_PATH
+ exec >&2
+ source=${pkgs.writeJSON "source.json" populate-source}
+ LOGNAME=krebs ${pkgs.populate}/bin/populate --force root@server:22/var/src/ < "$source"
+ # TODO: make deploy work
+ #LOGNAME=krebs ${pkgs.stockholm}/bin/deploy \
+ # --force-populate \
+ # --source=${./data/test-source.nix} \
+ # --system=server \
+ '';
+ minimalSystem = (import <nixpkgs/nixos/lib/eval-config.nix> {
+ modules = [
+ test-config
+ ];
+ }).config.system.build.toplevel;
+
+in {
+ name = "deploy";
+
+ nodes = {
+
+ server =
+ { config, pkgs, ... }:
+
+ {
+ imports = [ test-config ];
+ environment.variables = {
+ NIX_PATH = mkForce "nixpkgs=${<nixpkgs>}";
+ };
+ services.openssh.enable = true;
+ users.extraUsers.root.openssh.authorizedKeys.keys = [
+ pubKey
+ ];
+ virtualisation.pathsInNixDB = [
+ minimalSystem
+ ];
+ environment.systemPackages = [ pkgs.git ];
+ };
+
+ client =
+ { config, pkgs, ... }:
+ { };
+ };
+
+ testScript = ''
+ startAll;
+
+ $server->waitForUnit("sshd");
+
+ $client->succeed("mkdir -p -m 700 /root/.ssh");
+ $client->succeed("echo '${privKey}' > /root/.ssh/id_ed25519");
+ $client->succeed("cp ${ssh-config} /root/.ssh/config");
+ $client->succeed("chmod 600 /root/.ssh/id_ed25519");
+
+ $server->waitForUnit("network.target");
+ $server->succeed("ip route show 1>&2");
+ $client->waitForUnit("network.target");
+ $client->succeed("${test-deploy}");
+ $server->succeed("nixos-rebuild -I /var/src switch");
+
+ $client->shutdown;
+ $server->shutdown;
+ '';
+})