64 lines
2 KiB
Nix
64 lines
2 KiB
Nix
{ pkgs, lib, ... }:
|
|
let
|
|
pkgs' = pkgs;
|
|
|
|
testLib = pkgs.callPackage ../../../test/common.nix {};
|
|
|
|
inherit (lib) getAttrFromPath setAttrByPath;
|
|
inherit (lib) mkIf;
|
|
in
|
|
{ name,
|
|
configRoot,
|
|
createContent, # config to create a secret with value "secretA".
|
|
modules ? [],
|
|
owner ? "root",
|
|
group ? "root",
|
|
mode ? "0400",
|
|
restartUnits ? [ "myunit.service" ],
|
|
}: pkgs.testers.runNixOSTest {
|
|
name = "secret_${name}_${owner}_${group}_${mode}";
|
|
|
|
nodes.machine = { config, ... }: {
|
|
imports = ( testLib.baseImports pkgs' ) ++ modules;
|
|
config = lib.mkMerge [
|
|
(setAttrByPath configRoot {
|
|
A = {
|
|
inherit owner group mode restartUnits;
|
|
} // createContent;
|
|
})
|
|
(mkIf (owner != "root") {
|
|
users.users.${owner}.isNormalUser = true;
|
|
})
|
|
(mkIf (group != "root") {
|
|
users.groups.${group} = {};
|
|
})
|
|
];
|
|
};
|
|
|
|
testScript = { nodes, ... }:
|
|
let
|
|
cfg = (getAttrFromPath configRoot nodes.machine)."A";
|
|
in
|
|
''
|
|
owner = machine.succeed("stat -c '%U' ${cfg.path}").strip()
|
|
print(f"Got owner {owner}")
|
|
if owner != "${owner}":
|
|
raise Exception(f"Owner should be '${owner}' but got '{owner}'")
|
|
|
|
group = machine.succeed("stat -c '%G' ${cfg.path}").strip()
|
|
print(f"Got group {group}")
|
|
if group != "${group}":
|
|
raise Exception(f"Group should be '${group}' but got '{group}'")
|
|
|
|
mode = str(int(machine.succeed("stat -c '%a' ${cfg.path}").strip()))
|
|
print(f"Got mode {mode}")
|
|
wantedMode = str(int("${mode}"))
|
|
if mode != wantedMode:
|
|
raise Exception(f"Mode should be '{wantedMode}' but got '{mode}'")
|
|
|
|
content = machine.succeed("cat ${cfg.path}").strip()
|
|
print(f"Got content {content}")
|
|
if content != "secretA":
|
|
raise Exception(f"Content should be 'secretA' but got '{content}'")
|
|
'';
|
|
}
|