1
0
Fork 0

refactor common test script

This commit is contained in:
ibizaman 2024-07-12 13:01:26 +02:00 committed by Pierre Penninckx
parent 308db5fe6b
commit 1b4247233b
10 changed files with 213 additions and 356 deletions

55
test/common.nix Normal file
View file

@ -0,0 +1,55 @@
{
lib,
}:
{
accessScript = {
fqdn
, hasSSL
, waitForServices ? s: []
, waitForPorts ? p: []
, waitForUnixSocket ? u: []
, extraScript ? {...}: ""
}: { nodes, ... }:
let
proto_fqdn = if hasSSL args then "https://${fqdn}" else "http://${fqdn}";
args = {
node.name = "server";
node.config = nodes.server;
inherit proto_fqdn;
};
in
''
import json
import os
import pathlib
start_all()
''
+ lib.strings.concatMapStrings (s: ''server.wait_for_unit("${s}")'' + "\n") (waitForServices args)
+ lib.strings.concatMapStrings (p: ''server.wait_for_open_port(${toString p})'' + "\n") (waitForPorts args)
+ lib.strings.concatMapStrings (u: ''server.wait_for_open_unix_socket("${u}")'' + "\n") (waitForUnixSocket args)
+ ''
if ${if hasSSL args then "True" else "False"}:
server.copy_from_vm("/etc/ssl/certs/ca-certificates.crt")
client.succeed("rm -r /etc/ssl/certs")
client.copy_from_host(str(pathlib.Path(os.environ.get("out", os.getcwd())) / "ca-certificates.crt"), "/etc/ssl/certs/ca-certificates.crt")
def curl(target, format, endpoint, succeed=True):
return json.loads(target.succeed(
"curl --fail-with-body --silent --show-error --output /dev/null --location"
+ " --cookie-jar /tmp/cookies"
+ " --connect-to ${fqdn}:443:server:443"
+ " --connect-to ${fqdn}:80:server:80"
+ f" --write-out '{format}'"
+ " " + endpoint
))
with subtest("access"):
response = curl(client, """{"code":%{response_code}}""", "${proto_fqdn}")
if response['code'] != 200:
raise Exception(f"Code is {response['code']}")
''
+ extraScript args;
}

View file

@ -1,44 +1,32 @@
{ pkgs, lib, ... }: { pkgs, lib, ... }:
let let
pkgs' = pkgs; pkgs' = pkgs;
# TODO: Test login
commonTestScript = appname: cfgPathFn: { nodes, ... }: domain = "example.com";
let
shbapp = nodes.server.shb.arr.${appname};
cfgPath = cfgPathFn shbapp;
apiKey = if (shbapp.settings ? ApiKey) then "01234567890123456789" else null;
hasSSL = !(isNull shbapp.ssl);
fqdn = if hasSSL then "https://${appname}.example.com" else "http://${appname}.example.com";
healthUrl = "/health"; healthUrl = "/health";
loginUrl = "/UI/Login"; loginUrl = "/UI/Login";
in
''
import json
import os
import pathlib
start_all() testLib = pkgs.callPackage ../common.nix {};
server.wait_for_unit("${appname}.service")
server.wait_for_unit("nginx.service")
server.wait_for_open_port(${builtins.toString shbapp.settings.Port})
if ${if hasSSL then "True" else "False"}:
server.copy_from_vm("/etc/ssl/certs/ca-certificates.crt")
client.succeed("rm -r /etc/ssl/certs")
client.copy_from_host(str(pathlib.Path(os.environ.get("out", os.getcwd())) / "ca-certificates.crt"), "/etc/ssl/certs/ca-certificates.crt")
def curl(target, format, endpoint, succeed=True):
return json.loads(target.succeed(
"curl -X GET --fail-with-body --silent --show-error --output /dev/null --location"
+ " --connect-to ${appname}.example.com:443:server:443"
+ " --connect-to ${appname}.example.com:80:server:80"
+ " --cookie-jar /tmp/cookies"
# Uncomment for debugging:
# + " -v"
+ f" --write-out '{format}'"
+ " " + endpoint
))
# TODO: Test login
commonTestScript = appname: cfgPathFn:
let
fqdn = "${appname}.${domain}";
in testLib.accessScript {
inherit fqdn;
hasSSL = { node, ... }: !(isNull node.config.shb.arr.${appname}.ssl);
waitForServices = { ... }: [
"${appname}.service"
"nginx.service"
];
waitForPorts = { node, ... }: [
node.config.shb.arr.${appname}.settings.Port
];
extraScript = { node, proto_fqdn, ... }: let
shbapp = node.config.shb.arr.${appname};
cfgPath = cfgPathFn shbapp;
apiKey = if (shbapp.settings ? ApiKey) then "01234567890123456789" else null;
in ''
with subtest("health"): with subtest("health"):
response = curl(client, """{"code":%{response_code}}""", "${fqdn}${healthUrl}") response = curl(client, """{"code":%{response_code}}""", "${fqdn}${healthUrl}")
@ -57,6 +45,7 @@ let
if "${apiKey}" not in config: if "${apiKey}" not in config:
raise Exception(f"Unexpected API Key. Want '${apiKey}', got '{config}'") raise Exception(f"Unexpected API Key. Want '${apiKey}', got '{config}'")
''; '';
};
basic = appname: cfgPathFn: pkgs.testers.runNixOSTest { basic = appname: cfgPathFn: pkgs.testers.runNixOSTest {
name = "arr-${appname}-basic"; name = "arr-${appname}-basic";
@ -78,7 +67,7 @@ let
shb.arr.${appname} = { shb.arr.${appname} = {
enable = true; enable = true;
domain = "example.com"; inherit domain;
subdomain = appname; subdomain = appname;
settings.ApiKey.source = pkgs.writeText "APIKey" "01234567890123456789"; # Needs to be >=20 characters. settings.ApiKey.source = pkgs.writeText "APIKey" "01234567890123456789"; # Needs to be >=20 characters.

View file

@ -2,46 +2,26 @@
let let
pkgs' = pkgs; pkgs' = pkgs;
testLib = pkgs.callPackage ../common.nix {};
subdomain = "a"; subdomain = "a";
domain = "example.com"; domain = "example.com";
fqdn = "${subdomain}.${domain}"; fqdn = "${subdomain}.${domain}";
commonTestScript = testLib.accessScript {
inherit fqdn;
hasSSL = { node, ... }: !(isNull node.config.shb.audiobookshelf.ssl);
waitForServices = { ... }: [
"audiobookshelf.service"
"nginx.service"
];
waitForPorts = { node, ... }: [
node.config.shb.audiobookshelf.webPort
];
# TODO: Test login # TODO: Test login
commonTestScript = { nodes, ... }: # extraScript = { ... }: ''
let # '';
hasSSL = !(isNull nodes.server.shb.audiobookshelf.ssl); };
proto_fqdn = if hasSSL then "https://${fqdn}" else "http://${fqdn}";
in
''
import json
import os
import pathlib
start_all()
server.wait_for_unit("audiobookshelf.service")
server.wait_for_unit("nginx.service")
server.wait_for_open_port(${builtins.toString nodes.server.shb.audiobookshelf.webPort})
if ${if hasSSL then "True" else "False"}:
server.copy_from_vm("/etc/ssl/certs/ca-certificates.crt")
client.succeed("rm -r /etc/ssl/certs")
client.copy_from_host(str(pathlib.Path(os.environ.get("out", os.getcwd())) / "ca-certificates.crt"), "/etc/ssl/certs/ca-certificates.crt")
def curl(target, format, endpoint, succeed=True):
return json.loads(target.succeed(
"curl --fail-with-body --silent --show-error --output /dev/null --location"
+ " --connect-to ${fqdn}:443:server:443"
+ " --connect-to ${fqdn}:80:server:80"
+ f" --write-out '{format}'"
+ " " + endpoint
))
with subtest("access"):
response = curl(client, """{"code":%{response_code}}""", "${proto_fqdn}")
if response['code'] != 200:
raise Exception(f"Code is {response['code']}")
'';
base = { base = {
imports = [ imports = [

View file

@ -6,47 +6,26 @@ let
domain = "example.com"; domain = "example.com";
fqdn = "${subdomain}.${domain}"; fqdn = "${subdomain}.${domain}";
commonTestScript = { nodes, ... }: testLib = pkgs.callPackage ../common.nix {};
let
hasSSL = !(isNull nodes.server.shb.deluge.ssl);
proto_fqdn = if hasSSL then "https://${fqdn}" else "http://${fqdn}";
in
''
import json
import os
import pathlib
start_all() commonTestScript = testLib.accessScript {
server.wait_for_unit("nginx.service") inherit fqdn;
server.wait_for_unit("deluged.service") hasSSL = { node, ... }: !(isNull node.config.shb.deluge.ssl);
server.wait_for_unit("delugeweb.service") waitForServices = { ... }: [
server.wait_for_open_port(${toString nodes.server.shb.deluge.daemonPort}) "nginx.service"
server.wait_for_open_port(${toString nodes.server.shb.deluge.webPort}) "deluged.service"
"delugeweb.service"
if ${if hasSSL then "True" else "False"}: ];
server.copy_from_vm("/etc/ssl/certs/ca-certificates.crt") waitForPorts = { node, ... }: [
client.succeed("rm -r /etc/ssl/certs") node.config.shb.deluge.daemonPort
client.copy_from_host(str(pathlib.Path(os.environ.get("out", os.getcwd())) / "ca-certificates.crt"), "/etc/ssl/certs/ca-certificates.crt") node.config.shb.deluge.webPort
];
def curl(target, format, endpoint, succeed=True): extraScript = { node, ... }: ''
return json.loads(target.succeed( print(${node.name}.succeed('journalctl -n100 -u deluged'))
"curl --fail-with-body --silent --show-error --output /dev/null --location" print(${node.name}.succeed('systemctl status deluged'))
+ " --connect-to ${fqdn}:443:server:443" print(${node.name}.succeed('systemctl status delugeweb'))
+ " --connect-to ${fqdn}:80:server:80"
+ f" --write-out '{format}'"
+ " " + endpoint
))
print(server.succeed('journalctl -n100 -u deluged'))
print(server.succeed('systemctl status deluged'))
print(server.succeed('systemctl status delugeweb'))
with subtest("access"):
response = curl(client, """{"code":%{response_code}}""", "${proto_fqdn}")
if response['code'] != 200:
raise Exception(f"Code is {response['code']}")
''; '';
};
# TODO: Test login directly to deluge daemon to exercise extraUsers # TODO: Test login directly to deluge daemon to exercise extraUsers
authTestScript = { nodes, ... }: authTestScript = { nodes, ... }:

View file

@ -2,46 +2,26 @@
let let
pkgs' = pkgs; pkgs' = pkgs;
testLib = pkgs.callPackage ../common.nix {};
subdomain = "g"; subdomain = "g";
domain = "example.com"; domain = "example.com";
fqdn = "${subdomain}.${domain}"; fqdn = "${subdomain}.${domain}";
commonTestScript = testLib.accessScript {
inherit fqdn;
hasSSL = { node, ... }: !(isNull node.config.shb.grocy.ssl);
waitForServices = { ... }: [
"phpfpm-grocy.service"
"nginx.service"
];
waitForUnixSocket = { node, ... }: [
node.config.services.phpfpm.pools.grocy.socket
];
# TODO: Test login # TODO: Test login
commonTestScript = { nodes, ... }: # extraScript = { ... }: ''
let # '';
hasSSL = !(isNull nodes.server.shb.grocy.ssl); };
proto_fqdn = if hasSSL then "https://${fqdn}" else "http://${fqdn}";
in
''
import json
import os
import pathlib
start_all()
server.wait_for_unit("phpfpm-grocy.service")
server.wait_for_unit("nginx.service")
server.wait_for_open_unix_socket("${nodes.server.services.phpfpm.pools.grocy.socket}")
if ${if hasSSL then "True" else "False"}:
server.copy_from_vm("/etc/ssl/certs/ca-certificates.crt")
client.succeed("rm -r /etc/ssl/certs")
client.copy_from_host(str(pathlib.Path(os.environ.get("out", os.getcwd())) / "ca-certificates.crt"), "/etc/ssl/certs/ca-certificates.crt")
def curl(target, format, endpoint, succeed=True):
return json.loads(target.succeed(
"curl --fail-with-body --silent --show-error --output /dev/null --location"
+ " --connect-to ${fqdn}:443:server:443"
+ " --connect-to ${fqdn}:80:server:80"
+ f" --write-out '{format}'"
+ " " + endpoint
))
with subtest("access"):
response = curl(client, """{"code":%{response_code}}""", "${proto_fqdn}")
if response['code'] != 200:
raise Exception(f"Code is {response['code']}")
'';
base = { base = {
imports = [ imports = [

View file

@ -2,46 +2,23 @@
let let
pkgs' = pkgs; pkgs' = pkgs;
testLib = pkgs.callPackage ../common.nix {};
subdomain = "ha"; subdomain = "ha";
domain = "example.com"; domain = "example.com";
fqdn = "${subdomain}.${domain}"; fqdn = "${subdomain}.${domain}";
# TODO: Test login commonTestScript = testLib.accessScript {
commonTestScript = { nodes, ... }: inherit fqdn;
let hasSSL = { node, ... }: !(isNull node.config.shb.home-assistant.ssl);
hasSSL = !(isNull nodes.server.shb.home-assistant.ssl); waitForServices = { ... }: [
proto_fqdn = if hasSSL then "https://${fqdn}" else "http://${fqdn}"; "home-assistant.service"
in "nginx.service"
'' ];
import json waitForPorts = { node, ... }: [
import os 8123
import pathlib ];
};
start_all()
server.wait_for_unit("home-assistant.service")
server.wait_for_unit("nginx.service")
server.wait_for_open_port(8123)
if ${if hasSSL then "True" else "False"}:
server.copy_from_vm("/etc/ssl/certs/ca-certificates.crt")
client.succeed("rm -r /etc/ssl/certs")
client.copy_from_host(str(pathlib.Path(os.environ.get("out", os.getcwd())) / "ca-certificates.crt"), "/etc/ssl/certs/ca-certificates.crt")
def curl(target, format, endpoint, succeed=True):
return json.loads(target.succeed(
"curl --fail-with-body --silent --show-error --output /dev/null --location"
+ " --connect-to ${fqdn}:443:server:443"
+ " --connect-to ${fqdn}:80:server:80"
+ f" --write-out '{format}'"
+ " " + endpoint
))
with subtest("access"):
response = curl(client, """{"code":%{response_code}}""", "${proto_fqdn}")
if response['code'] != 200:
raise Exception(f"Code is {response['code']}")
'';
base = { config, ... }: { base = { config, ... }: {
imports = [ imports = [

View file

@ -2,42 +2,23 @@
let let
pkgs' = pkgs; pkgs' = pkgs;
# TODO: Test login testLib = pkgs.callPackage ../common.nix {};
commonTestScript = { nodes, ... }:
let
hasSSL = !(isNull nodes.server.shb.jellyfin.ssl);
fqdn = if hasSSL then "https://j.example.com" else "http://j.example.com";
in
''
import json
import os
import pathlib
start_all() subdomain = "j";
server.wait_for_unit("jellyfin.service") domain = "example.com";
server.wait_for_unit("nginx.service") fqdn = "${subdomain}.${domain}";
server.wait_for_open_port(8096)
if ${if hasSSL then "True" else "False"}: commonTestScript = testLib.accessScript {
server.copy_from_vm("/etc/ssl/certs/ca-certificates.crt") inherit fqdn;
client.succeed("rm -r /etc/ssl/certs") hasSSL = { node, ... }: !(isNull node.config.shb.jellyfin.ssl);
client.copy_from_host(str(pathlib.Path(os.environ.get("out", os.getcwd())) / "ca-certificates.crt"), "/etc/ssl/certs/ca-certificates.crt") waitForServices = { ... }: [
"jellyfin.service"
def curl(target, format, endpoint, succeed=True): "nginx.service"
return json.loads(target.succeed( ];
"curl --fail-with-body --silent --show-error --output /dev/null --location" waitForPorts = { node, ... }: [
+ " --connect-to j.example.com:443:server:443" 8096
+ " --connect-to j.example.com:80:server:80" ];
+ f" --write-out '{format}'" };
+ " " + endpoint
))
with subtest("access"):
response = curl(client, """{"code":%{response_code}}""", "${fqdn}")
if response['code'] != 200:
raise Exception(f"Code is {response['code']}")
'';
in in
{ {
basic = pkgs.testers.runNixOSTest { basic = pkgs.testers.runNixOSTest {

View file

@ -2,65 +2,24 @@
let let
pkgs' = pkgs; pkgs' = pkgs;
testLib = pkgs.callPackage ../common.nix {};
subdomain = "grafana"; subdomain = "grafana";
domain = "example.com"; domain = "example.com";
fqdn = "${subdomain}.${domain}"; fqdn = "${subdomain}.${domain}";
password = "securepw"; password = "securepw";
commonTestScript = { nodes, ... }: commonTestScript = testLib.accessScript {
let inherit fqdn;
hasSSL = !(isNull nodes.server.shb.monitoring.ssl); hasSSL = { node, ... }: !(isNull node.config.shb.monitoring.ssl);
proto_fqdn = if hasSSL then "https://${fqdn}" else "http://${fqdn}"; waitForServices = { ... }: [
in "nginx.service"
'' ];
import base64 waitForPorts = { node, ... }: [
import json node.config.shb.monitoring.grafanaPort
import os ];
import pathlib };
start_all()
server.wait_for_unit("nginx.service")
server.wait_for_open_port(${toString nodes.server.shb.monitoring.grafanaPort})
if ${if hasSSL then "True" else "False"}:
server.copy_from_vm("/etc/ssl/certs/ca-certificates.crt")
client.succeed("rm -r /etc/ssl/certs")
client.copy_from_host(str(pathlib.Path(os.environ.get("out", os.getcwd())) / "ca-certificates.crt"), "/etc/ssl/certs/ca-certificates.crt")
def find_in_logs(unit, text):
return server.systemctl("status {}".format(unit))[1].find(text) != -1
def curl(target, format, endpoint, user = None):
errcode, r = target.execute(
"curl --fail-with-body --silent --show-error --location"
+ " --connect-to ${fqdn}:443:server:443"
+ " --connect-to ${fqdn}:80:server:80"
+ (f" --header \"Authorization: Basic {base64.b64encode(user).decode('utf-8')}\"" if user is not None else "")
+ (" --output /dev/null" if format != "" else "")
+ (f" --write-out '{format}'" if format != "" else "")
+ " " + endpoint
)
if format == "":
return r
return json.loads(r)
with subtest("access"):
response = curl(client, """{"code":%{response_code}}""", "${proto_fqdn}")
if response['code'] != 200:
raise Exception(f"Code is {response['code']}")
with subtest("api succeed"):
response = curl(client, """{"code":%{response_code}}""", "${proto_fqdn}/api/org", user=b"admin:${password}")
if response['code'] != 200:
raise Exception(f"Code is {response['code']}")
with subtest("api wrong code"):
response = curl(client, """{"code":%{response_code}}""", "${proto_fqdn}/api/org", user=b"admin:wrong")
if response['code'] != 401:
raise Exception(f"Code is {response['code']}")
'';
base = { base = {
imports = [ imports = [

View file

@ -8,45 +8,24 @@ let
domain = "example.com"; domain = "example.com";
fqdn = "${subdomain}.${domain}"; fqdn = "${subdomain}.${domain}";
commonTestScript = { nodes, ... }: testLib = pkgs.callPackage ../common.nix {};
let
hasSSL = !(isNull nodes.server.shb.nextcloud.ssl); commonTestScript = testLib.accessScript {
proto_fqdn = if hasSSL then "https://${fqdn}" else "http://${fqdn}"; inherit fqdn;
in hasSSL = { node, ... }: !(isNull node.config.shb.nextcloud.ssl);
'' waitForServices = { ... }: [
import json "phpfpm-nextcloud.service"
import os "nginx.service"
import pathlib ];
waitForUnixSocket = { node, ... }: [
node.config.services.phpfpm.pools.nextcloud.socket
];
extraScript = { node, proto_fqdn, ... }: ''
import time import time
start_all()
server.wait_for_unit("phpfpm-nextcloud.service")
server.wait_for_unit("nginx.service")
server.wait_for_open_unix_socket("${nodes.server.services.phpfpm.pools.nextcloud.socket}")
if ${if hasSSL then "True" else "False"}:
server.copy_from_vm("/etc/ssl/certs/ca-certificates.crt")
client.succeed("rm -r /etc/ssl/certs")
client.copy_from_host(str(pathlib.Path(os.environ.get("out", os.getcwd())) / "ca-certificates.crt"), "/etc/ssl/certs/ca-certificates.crt")
def find_in_logs(unit, text): def find_in_logs(unit, text):
return server.systemctl("status {}".format(unit))[1].find(text) != -1 return server.systemctl("status {}".format(unit))[1].find(text) != -1
def curl(target, format, endpoint, succeed=True):
return json.loads(target.succeed(
"curl --fail-with-body --silent --show-error --output /dev/null --location"
+ " --connect-to ${fqdn}:443:server:443"
+ " --connect-to ${fqdn}:80:server:80"
+ f" --write-out '{format}'"
+ " " + endpoint
))
with subtest("access"):
response = curl(client, """{"code":%{response_code}}""", "${proto_fqdn}")
if response['code'] != 200:
raise Exception(f"Code is {response['code']}")
with subtest("cron job succeeds"): with subtest("cron job succeeds"):
# This calls blocks until the service is done. # This calls blocks until the service is done.
server.systemctl("start nextcloud-cron.service") server.systemctl("start nextcloud-cron.service")
@ -133,6 +112,7 @@ let
if content != "hello\n": if content != "hello\n":
raise Exception("Got incorrect content for file, expected 'hello\n' but got:\n{}".format(content)) raise Exception("Got incorrect content for file, expected 'hello\n' but got:\n{}".format(content))
''; '';
};
base = { base = {
imports = [ imports = [

View file

@ -2,47 +2,24 @@
let let
pkgs' = pkgs; pkgs' = pkgs;
testLib = pkgs.callPackage ../common.nix {};
subdomain = "v"; subdomain = "v";
domain = "example.com"; domain = "example.com";
fqdn = "${subdomain}.${domain}"; fqdn = "${subdomain}.${domain}";
# TODO: Test login commonTestScript = testLib.accessScript {
commonTestScript = { nodes, ... }: inherit fqdn;
let hasSSL = { node, ... }: !(isNull node.config.shb.vaultwarden.ssl);
hasSSL = !(isNull nodes.server.shb.vaultwarden.ssl); waitForServices = { ... }: [
proto_fqdn = if hasSSL then "https://${fqdn}" else "http://${fqdn}"; "vaultwarden.service"
in "nginx.service"
'' ];
import json waitForPorts = { node, ... }: [
import os 8222
import pathlib 5432
];
start_all() };
server.wait_for_unit("vaultwarden.service")
server.wait_for_unit("nginx.service")
server.wait_for_open_port(8222)
server.wait_for_open_port(5432)
if ${if hasSSL then "True" else "False"}:
server.copy_from_vm("/etc/ssl/certs/ca-certificates.crt")
client.succeed("rm -r /etc/ssl/certs")
client.copy_from_host(str(pathlib.Path(os.environ.get("out", os.getcwd())) / "ca-certificates.crt"), "/etc/ssl/certs/ca-certificates.crt")
def curl(target, format, endpoint, succeed=True):
return json.loads(target.succeed(
"curl --fail-with-body --silent --show-error --output /dev/null --location"
+ " --connect-to ${fqdn}:443:server:443"
+ " --connect-to ${fqdn}:80:server:80"
+ f" --write-out '{format}'"
+ " " + endpoint
))
with subtest("access"):
response = curl(client, """{"code":%{response_code}}""", "${proto_fqdn}")
if response['code'] != 200:
raise Exception(f"Code is {response['code']}")
'';
base = { config, ... }: { base = { config, ... }: {
imports = [ imports = [