Initial implementation of a test framework

2021-03-25 21:29:24 +01:00 · 2021-03-25 21:29:24 +01:00 · 219cd6d639
parent 368496f4a5
commit 219cd6d639
14 changed files with 416 additions and 0 deletions
--- a/nixproc/backends/disnix/test-module/default.nix
+++ b/nixproc/backends/disnix/test-module/default.nix
@ -0,0 +1,30 @@
+{profileSettings, exprFile, tools, pkgs, system}:
+
+let
+  executeDeploy = import ../../../test-driver/util/execute-deploy.nix {
+    inherit (pkgs) lib;
+  };
+
+  processesEnvSystem = import ../build-disnix-env.nix ({
+    inherit pkgs system exprFile;
+    disnixDataDir = "${pkgs.disnix}/share/disnix";
+  } // profileSettings.params);
+in
+{
+  nixosModules = [];
+
+  systemPackages = [
+    tools.disnix
+    pkgs.disnix
+  ];
+
+  pathsInNixDB = [ processesEnvSystem ];
+
+  deployProcessManager = "";
+
+  deploySystem = ''
+    machine.succeed(
+        "${executeDeploy { inherit profileSettings; processManager = "disnix"; processesEnv = processesEnvSystem; }}"
+    )
+  '';
+}
--- a/nixproc/backends/docker/test-module/default.nix
+++ b/nixproc/backends/docker/test-module/default.nix
@ -0,0 +1,40 @@
+{profileSettings, exprFile, tools, pkgs, system}:
+
+let
+  executeDeploy = import ../../../test-driver/util/execute-deploy.nix {
+    inherit (pkgs) lib;
+  };
+
+  processesEnvProcessManager = import ../../sysvinit/build-sysvinit-env.nix ({
+    inherit pkgs system;
+    exprFile = ../../../../tests/processes-docker.nix;
+  } // profileSettings.params);
+
+  processesEnvSystem = import ../build-docker-env.nix ({
+    inherit pkgs system exprFile;
+  } // profileSettings.params);
+in
+{
+  nixosModules = [];
+
+  systemPackages = [
+    tools.sysvinit
+    tools.docker
+    pkgs.docker
+  ];
+
+  pathsInNixDB = [ processesEnvProcessManager processesEnvSystem ];
+
+  deployProcessManager = ''
+    machine.succeed(
+        "${executeDeploy { inherit profileSettings; processManager = "sysvinit"; processesEnv = processesEnvProcessManager; }}"
+    )
+    machine.wait_for_file("${profileSettings.params.stateDir}/run/docker.sock")
+  '';
+
+  deploySystem = ''
+    machine.succeed(
+        "${executeDeploy { inherit profileSettings; processManager = "docker"; processesEnv = processesEnvSystem; }}"
+    )
+  '';
+}
--- a/nixproc/backends/s6-rc/test-module/default.nix
+++ b/nixproc/backends/s6-rc/test-module/default.nix
@ -0,0 +1,41 @@
+{profileSettings, exprFile, tools, pkgs, system}:
+
+let
+  executeDeploy = import ../../../test-driver/util/execute-deploy.nix {
+    inherit (pkgs) lib;
+  };
+
+  processesEnvProcessManager = import ../../sysvinit/build-sysvinit-env.nix ({
+    inherit pkgs system;
+    exprFile = ../../../../tests/processes-s6-svscan.nix;
+  } // profileSettings.params);
+
+  processesEnvSystem = import ../build-s6-rc-env.nix ({
+    inherit pkgs system exprFile;
+  } // profileSettings.params);
+in
+{
+  nixosModules = [];
+
+  systemPackages = [
+    tools.sysvinit
+    tools.s6-rc
+    pkgs.s6-rc
+  ];
+
+  pathsInNixDB = [ processesEnvProcessManager processesEnvSystem ];
+
+  # TODO: how to determine service readiness of s6?
+  deployProcessManager = ''
+    machine.succeed(
+        "${executeDeploy { inherit profileSettings; processManager = "sysvinit"; processesEnv = processesEnvProcessManager; }}"
+    )
+    machine.succeed("sleep 3")
+  '';
+
+  deploySystem = ''
+    machine.succeed(
+        "${executeDeploy { inherit profileSettings; processManager = "s6-rc"; processesEnv = processesEnvSystem; }}"
+    )
+  '';
+}
--- a/nixproc/backends/supervisord/test-module/default.nix
+++ b/nixproc/backends/supervisord/test-module/default.nix
@ -0,0 +1,40 @@
+{profileSettings, exprFile, tools, pkgs, system}:
+
+let
+  executeDeploy = import ../../../test-driver/util/execute-deploy.nix {
+    inherit (pkgs) lib;
+  };
+
+  processesEnvProcessManager = import ../../sysvinit/build-sysvinit-env.nix ({
+    inherit pkgs system;
+    exprFile = ../../../../tests/processes-supervisord.nix;
+  } // profileSettings.params);
+
+  processesEnvSystem = import ../build-supervisord-env.nix ({
+    inherit pkgs system exprFile;
+  } // profileSettings.params);
+in
+{
+  nixosModules = [];
+
+  systemPackages = [
+    tools.sysvinit
+    tools.supervisord
+    pkgs.pythonPackages.supervisor
+  ];
+
+  pathsInNixDB = [ processesEnvProcessManager processesEnvSystem ];
+
+  deployProcessManager = ''
+    machine.succeed(
+        "${executeDeploy { inherit profileSettings; processManager = "sysvinit"; processesEnv = processesEnvProcessManager; }}"
+    )
+    machine.wait_for_open_port(9001)
+  '';
+
+  deploySystem = ''
+    machine.succeed(
+        "${executeDeploy { inherit profileSettings; processManager = "supervisord"; envVars = [ "SUPERVISORD_CONF_DIR=${profileSettings.params.stateDir}/lib/supervisord" ]; processesEnv = processesEnvSystem; }}"
+    )
+  '';
+}
--- a/nixproc/backends/systemd/test-module/default.nix
+++ b/nixproc/backends/systemd/test-module/default.nix
@ -0,0 +1,37 @@
+{profileSettings, exprFile, tools, pkgs, system}:
+
+let
+  executeDeploy = import ../../../test-driver/util/execute-deploy.nix {
+    inherit (pkgs) lib;
+  };
+
+  processesEnvSystem = import ../build-systemd-env.nix ({
+    inherit pkgs system exprFile;
+  } // profileSettings.params);
+
+  deployEnv = if profileSettings.params.forceDisableUserChange
+    then "XDG_RUNTIME_DIR=/run/user/1000"
+    else "SYSTEMD_TARGET_DIR=/etc/systemd-mutable/system";
+in
+{
+  nixosModules = pkgs.lib.optional profileSettings.params.forceDisableUserChange ./xserver-autologin-module.nix;
+
+  systemPackages = [
+    tools.systemd
+  ];
+
+  pathsInNixDB = [ processesEnvSystem ];
+
+  deployProcessManager = ''
+    machine.succeed("mkdir -p /etc/systemd-mutable/system")
+  '' + pkgs.lib.optionalString profileSettings.params.forceDisableUserChange ''
+    machine.wait_for_unit("display-manager.service")
+    machine.wait_until_succeeds("pgrep -f 'systemd --user'")
+  '';
+
+  deploySystem = ''
+    machine.succeed(
+        "${executeDeploy { inherit profileSettings; processManager = "systemd"; envVars = [ deployEnv ]; extraDeployArgs = pkgs.lib.optionalString profileSettings.params.forceDisableUserChange [ "--user" ]; processesEnv = processesEnvSystem; }}"
+    )
+  '';
+}
--- a/nixproc/backends/systemd/test-module/xserver-autologin-module.nix
+++ b/nixproc/backends/systemd/test-module/xserver-autologin-module.nix
@ -0,0 +1,32 @@
+{lib, ...}:
+
+{
+  # Xserver + PAM only needed for unprivileged systemd deployments
+  services.xserver = {
+    enable = true;
+
+    displayManager.autoLogin = {
+      enable = true;
+      user = "unprivileged";
+    };
+
+    # Use IceWM as the window manager.
+    # Don't use a desktop manager.
+    displayManager.defaultSession = lib.mkDefault "none+icewm";
+    windowManager.icewm.enable = true;
+  };
+
+  # lightdm by default doesn't allow auto login for root, which is
+  # required by some nixos tests. Override it here.
+  security.pam.services.lightdm-autologin.text = lib.mkForce ''
+    auth     requisite pam_nologin.so
+    auth     required  pam_succeed_if.so quiet
+    auth     required  pam_permit.so
+
+    account  include   lightdm
+
+    password include   lightdm
+
+    session  include   lightdm
+  '';
+}
--- a/nixproc/backends/sysvinit/test-module/default.nix
+++ b/nixproc/backends/sysvinit/test-module/default.nix
@ -0,0 +1,28 @@
+{profileSettings, exprFile, tools, pkgs, system}:
+
+let
+  executeDeploy = import ../../../test-driver/util/execute-deploy.nix {
+    inherit (pkgs) lib;
+  };
+
+  processesEnvSystem = import ../build-sysvinit-env.nix ({
+    inherit pkgs system exprFile;
+  } // profileSettings.params);
+in
+{
+  nixosModules = [];
+
+  systemPackages = [
+    tools.sysvinit
+  ];
+
+  pathsInNixDB = [ processesEnvSystem ];
+
+  deployProcessManager = "";
+
+  deploySystem = ''
+    machine.succeed(
+        "${executeDeploy { inherit profileSettings; processManager = "sysvinit"; processesEnv = processesEnvSystem; }}"
+    )
+  '';
+}
--- a/nixproc/test-driver/agnostic.nix
+++ b/nixproc/test-driver/agnostic.nix
@ -0,0 +1,95 @@
+{ nixpkgs ? <nixpkgs>
+, system ? builtins.currentSystem
+, processManagerModules ? {}
+, profileSettingModules ? {}
+}:
+
+let
+  pkgs = import nixpkgs { inherit system; };
+
+  tools = import ../../tools {
+    inherit pkgs system;
+  };
+
+  testSystemVariantForProcessManager = {processManager, profileSettings, exprFile, nixosConfig ? null, systemPackages ? [], readiness, tests}:
+    let
+      processManagerModule = builtins.getAttr processManager processManagerModules;
+
+      processManagerSettings = import processManagerModule {
+        inherit profileSettings exprFile pkgs system tools;
+      };
+
+      processes = import exprFile ({
+        inherit pkgs system processManager;
+      } // profileSettings.params);
+    in
+    with import "${nixpkgs}/nixos/lib/testing-python.nix" { inherit system; };
+
+    makeTest {
+      machine =
+        {pkgs, lib, ...}:
+
+        {
+          imports =
+            profileSettings.nixosModules
+            ++ processManagerSettings.nixosModules
+            ++ lib.optional (nixosConfig != null) nixosConfig;
+
+          virtualisation.pathsInNixDB = processManagerSettings.pathsInNixDB;
+
+          nix.extraOptions = ''
+            substitute = false
+          '';
+
+          environment.systemPackages = [
+            pkgs.dysnomia
+            tools.common
+          ]
+          ++ processManagerSettings.systemPackages
+          ++ systemPackages;
+        };
+
+      testScript =
+        ''
+          start_all()
+        ''
+        + processManagerSettings.deployProcessManager
+        + processManagerSettings.deploySystem
+
+        # Execute readiness check for all process instances
+        + pkgs.lib.concatMapStrings (instanceName:
+          let
+            instance = builtins.getAttr instanceName processes;
+          in
+          readiness ({ inherit instanceName instance; } // profileSettings.params)
+        ) (builtins.attrNames processes)
+
+        # Execute tests for all process instances
+        + pkgs.lib.concatMapStrings (instanceName:
+          let
+            instance = builtins.getAttr instanceName processes;
+          in
+          tests ({ inherit instanceName instance; } // profileSettings.params)
+        ) (builtins.attrNames processes);
+    };
+in
+{ processManagers
+, profiles
+, exprFile
+, nixosConfig ? null
+, systemPackages ? []
+, readiness
+, tests
+}:
+
+pkgs.lib.genAttrs profiles (profile:
+  let
+    profileSettingsModule = builtins.getAttr profile profileSettingModules;
+    profileSettings = import profileSettingsModule;
+  in
+  pkgs.lib.genAttrs processManagers (processManager:
+    testSystemVariantForProcessManager {
+      inherit processManager profileSettings exprFile nixosConfig systemPackages readiness tests;
+    }
+  )
+)
--- a/nixproc/test-driver/profiles/privileged.nix
+++ b/nixproc/test-driver/profiles/privileged.nix
@ -0,0 +1,11 @@
+{
+  params = rec {
+    stateDir = "/var";
+    runtimeDir = "${stateDir}/run";
+    forceDisableUserChange = false;
+  };
+
+  deployArgs = "";
+
+  nixosModules = [];
+}
--- a/nixproc/test-driver/profiles/unprivileged-user-module.nix
+++ b/nixproc/test-driver/profiles/unprivileged-user-module.nix
@ -0,0 +1,12 @@
+{
+  users.extraUsers = {
+    unprivileged = {
+      uid = 1000;
+      group = "users";
+      shell = "/bin/sh";
+      description = "Unprivileged user";
+      home = "/home/unprivileged";
+      createHome = true;
+    };
+  };
+}
--- a/nixproc/test-driver/profiles/unprivileged.nix
+++ b/nixproc/test-driver/profiles/unprivileged.nix
@ -0,0 +1,11 @@
+{
+  params = rec {
+    stateDir = "/home/unprivileged/var";
+    runtimeDir = "${stateDir}/run";
+    forceDisableUserChange = true;
+  };
+
+  deployArgs = [ "--state-dir" "/home/unprivileged/var" "--force-disable-user-change" ];
+
+  nixosModules = [ ./unprivileged-user-module.nix ];
+}
--- a/nixproc/test-driver/universal.nix
+++ b/nixproc/test-driver/universal.nix
@ -0,0 +1,21 @@
+{ nixpkgs ? <nixpkgs>
+, system ? builtins.currentSystem
+}:
+
+import ./agnostic.nix {
+  inherit nixpkgs system;
+
+  processManagerModules = {
+    disnix = ../backends/disnix/test-module;
+    docker = ../backends/docker/test-module;
+    s6-rc = ../backends/s6-rc/test-module;
+    supervisord = ../backends/supervisord/test-module;
+    systemd = ../backends/systemd/test-module;
+    sysvinit = ../backends/sysvinit/test-module;
+  };
+
+  profileSettingModules = {
+    privileged = ./profiles/privileged.nix;
+    unprivileged = ./profiles/unprivileged.nix;
+  };
+}
--- a/nixproc/test-driver/util/execute-command.nix
+++ b/nixproc/test-driver/util/execute-command.nix
@ -0,0 +1,6 @@
+{lib}:
+{forceDisableUserChange, command}:
+
+lib.optionalString forceDisableUserChange "su - unprivileged -c '"
+ command
+ lib.optionalString forceDisableUserChange "'"
--- a/nixproc/test-driver/util/execute-deploy.nix
+++ b/nixproc/test-driver/util/execute-deploy.nix
@ -0,0 +1,12 @@
+{lib}:
+{processManager, profileSettings, envVars ? [], extraDeployArgs ? [], processesEnv}:
+
+let
+  executeCommand = import ./execute-command.nix {
+    inherit lib;
+  };
+in
+executeCommand {
+  inherit (profileSettings.params) forceDisableUserChange;
+  command = "${toString envVars} nixproc-${processManager}-deploy ${toString profileSettings.deployArgs} ${toString extraDeployArgs} ${processesEnv}";
+}