Add Disnix testcases, fix loading unprivileged daemons
This commit is contained in:
parent
30e217945a
commit
3570dbd7f7
|
@ -31,14 +31,14 @@ let
|
|||
_path = basePackages ++ [ daemonPkg ] ++ path;
|
||||
|
||||
_environment = {
|
||||
PATH = builtins.concatStringsSep ":" (map(package: "${package}/bin" ) _path);
|
||||
PATH = builtins.concatStringsSep ":" (map (package: "${package}/bin") _path) + ":$PATH";
|
||||
} // environment;
|
||||
|
||||
_pidFile =
|
||||
if pidFile == null
|
||||
then if instanceName == null
|
||||
then null
|
||||
else if user == null || user == "root" || forceDisableUserChange
|
||||
else if user == null || user == "root"
|
||||
then "${runtimeDir}/${instanceName}.pid"
|
||||
else "${tmpDir}/${instanceName}.pid"
|
||||
else pidFile;
|
||||
|
@ -59,7 +59,7 @@ createProcessScript (stdenv.lib.recursiveUpdate ({
|
|||
value = builtins.getAttr name _environment;
|
||||
in
|
||||
''
|
||||
export ${name}=${stdenv.lib.escapeShellArg value}
|
||||
export ${name}=${if name == "PATH" then value else stdenv.lib.escapeShellArg value}
|
||||
''
|
||||
) (builtins.attrNames _environment)
|
||||
+ stdenv.lib.optionalString (umask != null) ''
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
, tmpDir ? (if stateDir == "/var" then "/tmp" else "${stateDir}/tmp")
|
||||
, forceDisableUserChange ? false
|
||||
, clientInterface ? (if builtins.getEnv "DISNIX_CLIENT_INTERFACE" == "" then "disnix-run-activity" else builtins.getEnv "DISNIX_CLIENT_INTERFACE")
|
||||
, disnixPath ? (if builtins.getEnv "DISNIX_PATH" == "" then throw "Set DISNIX_PATH to the data directory of Disnix" else builtins.getEnv "DISNIX_PATH")
|
||||
, disnixDataDir ? (if builtins.getEnv "DISNIX_DATA_DIR" == "" then throw "Set DISNIX_DATA_DIR to the data directory of Disnix" else builtins.getEnv "DISNIX_DATA_DIR")
|
||||
, extraParams ? {}
|
||||
, exprFile
|
||||
}@args:
|
||||
|
@ -46,7 +46,7 @@ let
|
|||
inherit services;
|
||||
};
|
||||
|
||||
manifest = import "${disnixPath}/manifest.nix";
|
||||
manifest = import "${disnixDataDir}/manifest.nix";
|
||||
in
|
||||
manifest.generateManifestFromArchitectureFun {
|
||||
inherit pkgs clientInterface architectureFun;
|
||||
|
|
|
@ -0,0 +1,173 @@
|
|||
{nixpkgs ? <nixpkgs>}:
|
||||
|
||||
with import "${nixpkgs}/nixos/lib/testing-python.nix" { system = builtins.currentSystem; };
|
||||
|
||||
let
|
||||
disnixDataDir = "${pkgs.disnix}/share/disnix";
|
||||
|
||||
processesEnvForeground = import ../nixproc/create-managed-process/disnix/build-disnix-env.nix {
|
||||
inherit disnixDataDir;
|
||||
exprFile = ../examples/webapps-agnostic/processes.nix;
|
||||
extraParams = {
|
||||
webappMode = "foreground";
|
||||
};
|
||||
};
|
||||
|
||||
processesEnvDaemon = import ../nixproc/create-managed-process/disnix/build-disnix-env.nix {
|
||||
inherit disnixDataDir;
|
||||
exprFile = ../examples/webapps-agnostic/processes.nix;
|
||||
extraParams = {
|
||||
webappMode = "daemon";
|
||||
};
|
||||
};
|
||||
|
||||
processesEnvAuto = import ../nixproc/create-managed-process/disnix/build-disnix-env.nix {
|
||||
inherit disnixDataDir;
|
||||
exprFile = ../examples/webapps-agnostic/processes.nix;
|
||||
};
|
||||
|
||||
processesEnvAdvanced = import ../nixproc/create-managed-process/disnix/build-disnix-env.nix {
|
||||
inherit disnixDataDir;
|
||||
exprFile = ../examples/webapps-agnostic/processes-advanced.nix;
|
||||
};
|
||||
|
||||
processesEnvNoUserChange = import ../nixproc/create-managed-process/disnix/build-disnix-env.nix {
|
||||
inherit disnixDataDir;
|
||||
exprFile = ../examples/webapps-agnostic/processes.nix;
|
||||
forceDisableUserChange = true;
|
||||
};
|
||||
|
||||
processesEnvEmpty = import ../nixproc/create-managed-process/disnix/build-disnix-env.nix {
|
||||
inherit disnixDataDir;
|
||||
exprFile = ../examples/webapps-agnostic/processes-empty.nix;
|
||||
};
|
||||
|
||||
tools = import ../tools {};
|
||||
|
||||
nix-processmgmt = ./..;
|
||||
|
||||
env = "NIX_PATH=nixpkgs=${nixpkgs} DISNIX_DATA_DIR=${disnixDataDir}";
|
||||
in
|
||||
makeTest {
|
||||
machine =
|
||||
{pkgs, ...}:
|
||||
|
||||
{
|
||||
virtualisation.pathsInNixDB = [ pkgs.stdenv ] ++ pkgs.coreutils.all ++ [ processesEnvForeground processesEnvDaemon processesEnvAuto processesEnvAdvanced processesEnvNoUserChange processesEnvEmpty ];
|
||||
virtualisation.writableStore = true;
|
||||
virtualisation.memorySize = 1024;
|
||||
|
||||
users.extraUsers = {
|
||||
unprivileged = {
|
||||
uid = 1000;
|
||||
group = "users";
|
||||
shell = "/bin/sh";
|
||||
description = "Unprivileged user";
|
||||
home = "/home/unprivileged";
|
||||
createHome = true;
|
||||
};
|
||||
};
|
||||
|
||||
# We can't download any substitutes in a test environment. To make tests
|
||||
# faster, we disable substitutes so that Nix does not waste any time by
|
||||
# attempting to download them.
|
||||
nix.extraOptions = ''
|
||||
substitute = false
|
||||
'';
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.stdenv
|
||||
pkgs.dysnomia
|
||||
pkgs.disnix
|
||||
tools.build
|
||||
tools.systemd
|
||||
tools.disnix
|
||||
];
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
def check_nginx_redirection():
|
||||
machine.succeed(
|
||||
"curl --fail -H 'Host: webapp.local' http://localhost:8080 | grep 'listening on port: 5000'"
|
||||
)
|
||||
|
||||
|
||||
def check_system_unavailable():
|
||||
machine.fail("curl --fail http://localhost:8080")
|
||||
machine.fail("pgrep -f '/bin/webapp'")
|
||||
|
||||
|
||||
def check_nginx_multi_instance_redirection():
|
||||
machine.succeed(
|
||||
"curl --fail -H 'Host: webapp1.local' http://localhost:8080 | grep 'listening on port: 5000'"
|
||||
)
|
||||
machine.succeed(
|
||||
"curl --fail -H 'Host: webapp5.local' http://localhost:8081 | grep 'listening on port: 6002'"
|
||||
)
|
||||
|
||||
|
||||
start_all()
|
||||
|
||||
# Deploy the system with foreground webapp processes
|
||||
|
||||
machine.succeed(
|
||||
'${env} nixproc-disnix-switch ${nix-processmgmt}/examples/webapps-agnostic/processes.nix --extra-params \'{ "webappMode" = "foreground"; }\'${""}'
|
||||
)
|
||||
|
||||
machine.succeed("sleep 1")
|
||||
machine.succeed("pgrep -u webapp -f '/bin/webapp$'")
|
||||
|
||||
check_nginx_redirection()
|
||||
|
||||
# Deploy the system with daemon webapp processes
|
||||
|
||||
machine.succeed(
|
||||
'${env} nixproc-disnix-switch ${nix-processmgmt}/examples/webapps-agnostic/processes.nix --extra-params \'{ "webappMode" = "daemon"; }\'${""}'
|
||||
)
|
||||
|
||||
machine.succeed("sleep 1")
|
||||
machine.succeed("pgrep -u webapp -f '/bin/webapp -D$'")
|
||||
|
||||
check_nginx_redirection()
|
||||
|
||||
# Deploy the entire system in auto mode. Should result in daemon webapp processes
|
||||
|
||||
machine.succeed(
|
||||
"${env} nixproc-disnix-switch ${nix-processmgmt}/examples/webapps-agnostic/processes.nix"
|
||||
)
|
||||
|
||||
machine.succeed("sleep 1")
|
||||
machine.succeed("pgrep -u webapp -f '/bin/webapp -D$'")
|
||||
|
||||
check_nginx_redirection()
|
||||
|
||||
# Deploy the advanced example with multiple instances and see if it works
|
||||
|
||||
machine.succeed(
|
||||
"${env} nixproc-disnix-switch ${nix-processmgmt}/examples/webapps-agnostic/processes-advanced.nix"
|
||||
)
|
||||
|
||||
machine.succeed("sleep 1")
|
||||
|
||||
check_nginx_multi_instance_redirection()
|
||||
|
||||
# Deploy an instance without changing user privileges
|
||||
|
||||
machine.succeed(
|
||||
"${env} nixproc-disnix-switch ${nix-processmgmt}/examples/webapps-agnostic/processes.nix --force-disable-user-change"
|
||||
)
|
||||
|
||||
machine.succeed("sleep 1")
|
||||
machine.succeed("pgrep -u root -f '/bin/webapp -D$'")
|
||||
|
||||
check_nginx_redirection()
|
||||
|
||||
# Undeploy the system
|
||||
|
||||
machine.succeed(
|
||||
"${env} nixproc-disnix-switch ${nix-processmgmt}/examples/webapps-agnostic/processes-empty.nix"
|
||||
)
|
||||
|
||||
check_system_unavailable()
|
||||
'';
|
||||
}
|
|
@ -107,7 +107,7 @@ checkNixStateDir
|
|||
checkProfile
|
||||
|
||||
# Determine the Disnix data directory from the executable
|
||||
export DISNIX_PATH="$(readlink -f "$(dirname $(readlink -f $(type -p disnix-deploy)))/../share/disnix")"
|
||||
export DISNIX_DATA_DIR="$(readlink -f "$(dirname $(readlink -f $(type -p disnix-deploy)))/../share/disnix")"
|
||||
|
||||
# Build the environment resulting in a Disnix manifest file
|
||||
buildProfile disnix
|
||||
|
|
Loading…
Reference in New Issue