contrib: add direct tests for agenix
These tests are MUCH faster than the NixOS tests.
This commit is contained in:
parent
564595d0ad
commit
097aa18b59
2 changed files with 49 additions and 25 deletions
8
.github/workflows/ci.yaml
vendored
8
.github/workflows/ci.yaml
vendored
|
@ -9,7 +9,9 @@ jobs:
|
|||
- uses: actions/checkout@v3
|
||||
- uses: cachix/install-nix-action@v22
|
||||
with:
|
||||
extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
|
||||
extra_nix_config: |
|
||||
system-features = nixos-test recursive-nix benchmark big-parallel kvm
|
||||
extra-experimental-features = recursive-nix nix-command flakes
|
||||
- run: nix build
|
||||
- run: nix build .#doc
|
||||
- run: nix fmt . -- --check
|
||||
|
@ -20,7 +22,9 @@ jobs:
|
|||
- uses: actions/checkout@v3
|
||||
- uses: cachix/install-nix-action@v22
|
||||
with:
|
||||
extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
|
||||
extra_nix_config: |
|
||||
system-features = nixos-test recursive-nix benchmark big-parallel kvm
|
||||
extra-experimental-features = recursive-nix nix-command flakes
|
||||
- run: nix build
|
||||
- run: nix build .#doc
|
||||
- run: nix fmt . -- --check
|
||||
|
|
|
@ -9,29 +9,49 @@
|
|||
substituteAll,
|
||||
ageBin ? "${rage}/bin/rage",
|
||||
shellcheck,
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "agenix";
|
||||
version = "0.15.0";
|
||||
src = substituteAll {
|
||||
inherit ageBin version;
|
||||
jqBin = "${jq}/bin/jq";
|
||||
nixInstantiate = "${nix}/bin/nix-instantiate";
|
||||
mktempBin = "${mktemp}/bin/mktemp";
|
||||
diffBin = "${diffutils}/bin/diff";
|
||||
src = ./agenix.sh;
|
||||
};
|
||||
dontUnpack = true;
|
||||
}: let
|
||||
bin = "${placeholder "out"}/bin/agenix";
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "agenix";
|
||||
version = "0.15.0";
|
||||
src = substituteAll {
|
||||
inherit ageBin version;
|
||||
jqBin = "${jq}/bin/jq";
|
||||
nixInstantiate = "${nix}/bin/nix-instantiate";
|
||||
mktempBin = "${mktemp}/bin/mktemp";
|
||||
diffBin = "${diffutils}/bin/diff";
|
||||
src = ./agenix.sh;
|
||||
};
|
||||
dontUnpack = true;
|
||||
doInstallCheck = true;
|
||||
installCheckInputs = [shellcheck];
|
||||
postInstallCheck = ''
|
||||
shellcheck ${bin}
|
||||
${bin} -h | grep ${version}
|
||||
|
||||
doCheck = true;
|
||||
checkInputs = [shellcheck];
|
||||
postCheck = ''
|
||||
shellcheck $src
|
||||
'';
|
||||
mkdir -p /tmp/home/.ssh
|
||||
cp -r "${../example}" /tmp/home/secrets
|
||||
chmod -R u+rw /tmp/home/secrets
|
||||
export HOME=/tmp/home
|
||||
(
|
||||
umask u=rw,g=r,o=r
|
||||
cp ${../example_keys/user1.pub} $HOME/.ssh/id_ed25519.pub
|
||||
chown $UID $HOME/.ssh/id_ed25519.pub
|
||||
)
|
||||
(
|
||||
umask u=rw,g=,o=
|
||||
cp ${../example_keys/user1} $HOME/.ssh/id_ed25519
|
||||
chown $UID $HOME/.ssh/id_ed25519
|
||||
)
|
||||
|
||||
installPhase = ''
|
||||
install -D $src ${placeholder "out"}/bin/agenix
|
||||
'';
|
||||
cd /tmp/home/secrets
|
||||
test $(${bin} -d secret1.age) = "hello"
|
||||
'';
|
||||
|
||||
meta.description = "age-encrypted secrets for NixOS";
|
||||
}
|
||||
installPhase = ''
|
||||
install -D $src ${bin}
|
||||
'';
|
||||
|
||||
meta.description = "age-encrypted secrets for NixOS";
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue