diff --git a/.gitignore b/.gitignore index 9e92574..900f5b8 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ result* /.direnv /book /.sops.yaml +/.nixos-test-history diff --git a/SUMMARY.md b/SUMMARY.md index 11fabb0..fdbf4d1 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -1,6 +1,7 @@ # Summary - [Repository README](README.md) +- [Testing](checks/README.md) - [Deployment](deploy/README.md) --- diff --git a/checks/README.md b/checks/README.md new file mode 100644 index 0000000..9cd9539 --- /dev/null +++ b/checks/README.md @@ -0,0 +1,18 @@ +# Tests + +## Module Tests + +We test our nixos modules with [NixOS tests](https://nixos.org/manual/nixos/stable/index.html#sec-nixos-tests). +Running nixos tests requires QEMU virtualisation, so make sure you have KVM virtualisation support enabled. + +Run all: `nix build .#checks.x86_64-linux.nixos-modules` +Run single test: `nix build .#checks.x86_64-linux.nixos-modules.entries.vm-test-run-testNameAsInDerivationName` + +### Run Test Interactively + +See [upstream documentation](https://nixos.org/manual/nixos/stable/#sec-running-nixos-tests-interactively) for more details. + +```bash +nix build .#checks.x86_64-linux.nixos-modules.entries.vm-test-run-testNameAsInDerivationName.driverInteractive +./result/bin/nixos-test-driver +``` diff --git a/checks/default.nix b/checks/default.nix index ae33fc0..66d5b0b 100644 --- a/checks/default.nix +++ b/checks/default.nix @@ -4,7 +4,7 @@ pkgs, deployPkgs, ... -}@inputs: +}: { ${system} = { @@ -16,6 +16,10 @@ mkdir $out ''; + nixos-modules = pkgs.callPackage ./nixos-modules { + inherit (self.lib) getSubDirs isFolderWithFile; + }; + #TODO(#29): Integration/System tests # Import deploy-rs tests diff --git a/checks/nixos-modules/default.nix b/checks/nixos-modules/default.nix new file mode 100644 index 0000000..74e8a25 --- /dev/null +++ b/checks/nixos-modules/default.nix @@ -0,0 +1,60 @@ +{ + linkFarmFromDrvs, + isFolderWithFile, + getSubDirs, + lib, + testers, +}: +let + inherit (lib) + filter + path + mkDefault + readFile + attrNames + concatStringsSep + pipe + ; + modulesBaseDir = ../../nixos-modules; + mkTest = + name: + let + getFilePath = file: path.append modulesBaseDir "./${name}/${file}"; + in + testers.runNixOSTest { + inherit name; + imports = [ + (import (getFilePath "test.nix") { + inherit name; + inherit lib; + }) + ]; + + defaults.imports = [ (getFilePath "default.nix") ]; + + # Calls a `test(...)` python function in the test's python file with the list of nodes and helper functions. + # Helper symbols may be added as function args when needed and can be found in: + # https://github.com/NixOS/nixpkgs/blob/master/nixos/lib/test-driver/src/test_driver/driver.py#L121 + testScript = mkDefault ( + { nodes, ... }: + let + script = readFile (getFilePath "test.py"); + nodeArgs = pipe nodes [ + attrNames + (map (val: "${val}=${val}")) + (concatStringsSep ", ") + ]; + in + '' + ${script} + test(${nodeArgs}, subtest=subtest) + '' + ); + }; +in +pipe modulesBaseDir [ + getSubDirs + (filter (isFolderWithFile "test.nix" modulesBaseDir)) + (map mkTest) + (linkFarmFromDrvs "nixos-modules") +] diff --git a/lib/default.nix b/lib/default.nix index 404d93e..e4cd3ee 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,18 +1,26 @@ { pkgs, ... }: let - lib = pkgs.lib; - foldersWithNix = - path: - let - folders = lib.attrNames (lib.filterAttrs (n: t: t == "directory") (builtins.readDir path)); - isFolderWithDefaultNix = folder: lib.pathExists (lib.path.append path "./${folder}/default.nix"); - in - lib.filter isFolderWithDefaultNix folders; + inherit (pkgs.lib) + attrNames + filterAttrs + filter + pathExists + path + ; + # Get a list of all subdirectories of a directory. + getSubDirs = base: attrNames (filterAttrs (n: t: t == "directory") (builtins.readDir base)); + # Check if a folder with a base path and folder name contains a file with a specific name + isFolderWithFile = + fileName: basePath: folderName: + (pathExists (path.append basePath "./${folderName}/${fileName}")); + # Get a list of subfolders that contain a default.nix file. + foldersWithNix = base: filter (isFolderWithFile "default.nix" base) (getSubDirs base); in { - inherit foldersWithNix; + inherit getSubDirs isFolderWithFile foldersWithNix; + # Get a list of default.nix files that are nix submodules of the current folder. loadSubmodulesFrom = - path: map (folder: lib.path.append path "./${folder}/default.nix") (foldersWithNix path); + basePath: map (folder: path.append basePath "./${folder}/default.nix") (foldersWithNix basePath); } diff --git a/nixos-modules/static-page/default-pages.nix b/nixos-modules/static-page/default-pages.nix index 765d092..5a8b718 100644 --- a/nixos-modules/static-page/default-pages.nix +++ b/nixos-modules/static-page/default-pages.nix @@ -1,12 +1,10 @@ { - config, - pkgs, lib, ... }: { - qois.static-page.pages = { + qois.static-page.pages = lib.mkDefault { "fabianhauser.ch" = { domainAliases = [ "www.fabianhauser.ch" diff --git a/nixos-modules/static-page/default.nix b/nixos-modules/static-page/default.nix index 8ee20a0..25859b1 100644 --- a/nixos-modules/static-page/default.nix +++ b/nixos-modules/static-page/default.nix @@ -1,6 +1,5 @@ { config, - pkgs, lib, ... }: diff --git a/nixos-modules/static-page/test.nix b/nixos-modules/static-page/test.nix new file mode 100644 index 0000000..9d82a01 --- /dev/null +++ b/nixos-modules/static-page/test.nix @@ -0,0 +1,31 @@ +{ + ... +}: +{ + # Note: This extends the default configuration from ${self}/checks/nixos-modules + nodes.webserver = + { pkgs, lib, ... }: + let + inherit (pkgs) curl gnugrep; + inherit (lib) mkForce genAttrs const; + in + { + # Setup simple localhost page with an example.com redirect + qois.static-page = { + enable = true; + pages."localhost".domainAliases = [ "example.com" ]; + }; + + # Disable TLS services + services.nginx.virtualHosts = genAttrs [ "localhost" "example.com" ] (const { + forceSSL = mkForce false; + enableACME = mkForce false; + }); + + # Test environment + environment.systemPackages = [ + curl + gnugrep + ]; + }; +} diff --git a/nixos-modules/static-page/test.py b/nixos-modules/static-page/test.py new file mode 100644 index 0000000..16e2b28 --- /dev/null +++ b/nixos-modules/static-page/test.py @@ -0,0 +1,46 @@ +def test(subtest, webserver): + webserver.wait_for_unit("nginx") + webserver.wait_for_open_port(80) + + # Preparations + webserverRoot = "/var/lib/nginx-localhost/root" + indexContent = "It works!" + webserver.succeed(f"mkdir {webserverRoot}") + webserver.succeed(f"echo '{indexContent}' > {webserverRoot}/index.html") + webserver.succeed(f"chown -R nginx-localhost\: {webserverRoot}") + + # Helpers + def curl_variable_test(node, variable, expected, url): + value = node.succeed( + f"curl -s --no-location -o /dev/null -w '%{{{variable}}}' '{url}'") + assert value == expected, \ + f"expected {variable} to be '{expected}' but got '{value}'" + + def expect_http_code(node, code, url): + curl_variable_test(node, "http_code", code, url) + + def expect_http_location(node, location, url): + curl_variable_test(node, "redirect_url", location, url) + + def expect_http_content(node, expectedContent, url): + content = node.succeed(f"curl --no-location --silent '{url}'") + assert content.strip() == expectedContent.strip(), f''' + expected content: + {expectedContent} + at {url} but got following content: + {content} + ''' + + # Tests + with subtest("website is successfully served on localhost"): + expect_http_code(webserver, "200", "http://localhost/index.html") + expect_http_content(webserver, indexContent, + "http://localhost/index.html") + + with subtest("example.com is in hosts file and a redirect to localhost"): + webserver.succeed("grep example.com /etc/hosts") + + url = "http://example.com/index.html" + expect_http_code(webserver, "301", url) + expect_http_location( + webserver, "http://localhost/index.html", url)