From f10183033983fd758effb671b73f70021db2b2ae Mon Sep 17 00:00:00 2001 From: NotAShelf Date: Sun, 22 Dec 2024 15:49:14 +0300 Subject: [PATCH 1/2] flake: groundwork for VM tests Removes basic check packages in favor of proper VM testing infrastructure. --- .gitignore | 3 +++ checks/default.nix | 38 -------------------------------- flake.nix | 15 ++++++++++--- tests/basic.nix | 55 ++++++++++++++++++++++++++++++++++++++++++++++ tests/lib.nix | 17 ++++++++++++++ 5 files changed, 87 insertions(+), 41 deletions(-) create mode 100644 .gitignore delete mode 100644 checks/default.nix create mode 100644 tests/basic.nix create mode 100644 tests/lib.nix diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5d3aff6 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +# Nix build/test artifacts +.nixos-test-history +result* diff --git a/checks/default.nix b/checks/default.nix deleted file mode 100644 index 991580a..0000000 --- a/checks/default.nix +++ /dev/null @@ -1,38 +0,0 @@ -{inputs, ...}: let - inherit (inputs) self nixpkgs; - systems = ["x86_64-linux" "aarch64-linux"]; - forEachSystem = inputs.nixpkgs.lib.genAttrs systems; -in - forEachSystem (system: let - pkgs = nixpkgs.legacyPackages.${system}; - baseSystem = nixpkgs.lib.nixosSystem { - modules = [ - ({modulesPath, ...}: { - imports = [ - # Minimal profile - "${modulesPath}/profiles/minimal.nix" - - # Hjem NixOS module - self.nixosModules.hjem - ]; - - boot.loader.grub.enable = false; - fileSystems."/".device = "nodev"; - nixpkgs.hostPlatform = system; - system.stateVersion = "24.11"; - - # Hjem setup - users.groups.alice = {}; - users.users.alice.isNormalUser = true; - homes = { - alice = { - files.".config/foo".text = "Hello world!"; - packages = [pkgs.hello]; - }; - }; - }) - ]; - }; - in { - default = baseSystem.config.system.build.toplevel; - }) diff --git a/flake.nix b/flake.nix index a390f8d..41dfc6b 100644 --- a/flake.nix +++ b/flake.nix @@ -5,14 +5,23 @@ self, nixpkgs, ... - } @ inputs: { + }: let + forAllSystems = nixpkgs.lib.genAttrs ["x86_64-linux" "aarch64-linux"]; + in { nixosModules = { hjem = ./modules/nixos.nix; default = self.nixosModules.hjem; }; - checks = import ./checks {inherit inputs;}; + checks = forAllSystems (system: let + checkArgs = { + inherit self; + pkgs = nixpkgs.legacyPackages.${system}; + }; + in { + hjem-basic = import ./tests/basic.nix checkArgs; + }); - formatter = nixpkgs.lib.genAttrs ["x86_64-linux" "aarch64-linux"] (system: nixpkgs.legacyPackages.${system}.alejandra); + formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra); }; } diff --git a/tests/basic.nix b/tests/basic.nix new file mode 100644 index 0000000..bbb24a8 --- /dev/null +++ b/tests/basic.nix @@ -0,0 +1,55 @@ +let + userHome = "/home/alice"; +in + (import ./lib.nix) { + name = "hjem-basic"; + nodes = { + node1 = { + self, + pkgs, + ... + }: { + imports = [self.nixosModules.hjem]; + + users.groups.alice = {}; + users.users.alice = { + isNormalUser = true; + home = userHome; + password = ""; + }; + + homes = { + alice = { + enable = true; + packages = [pkgs.hello]; + files.".config/foo" = { + text = "Hello world!"; + }; + }; + }; + + # Also test systemd-tmpfiles internally + systemd.user.tmpfiles = { + rules = [ + "d %h/user_tmpfiles_created" + ]; + + users.alice.rules = [ + "d %h/only_alice" + ]; + }; + }; + }; + + testScript = '' + machine.succeed("loginctl enable-linger alice") + machine.wait_until_succeeds("systemctl --user --machine=alice@ is-active systemd-tmpfiles-setup.service") + + # Test file created by Hjem + machine.succeed("[ -L ~alice/.config/foo ]") + + # Test regular files, created by systemd-tmpfiles + machine.succeed("[ -d ~alice/user_tmpfiles_created ]") + machine.succeed("[ -d ~alice/only_alice ]") + ''; + } diff --git a/tests/lib.nix b/tests/lib.nix new file mode 100644 index 0000000..8413ea5 --- /dev/null +++ b/tests/lib.nix @@ -0,0 +1,17 @@ +# The first argument to this function is the test module itself +test: { + pkgs, + self, +}: let + inherit (pkgs) lib; + nixos-lib = import (pkgs.path + "/nixos/lib") {}; +in + (nixos-lib.runTest { + hostPkgs = pkgs; + defaults.documentation.enable = lib.mkDefault false; + + node.specialArgs = {inherit self;}; + imports = [test]; + }) + .config + .result From f2748235a1d9fd9b7d8b09d086dc88e11549a30b Mon Sep 17 00:00:00 2001 From: NotAShelf Date: Mon, 23 Dec 2024 12:00:05 +0300 Subject: [PATCH 2/2] ci: build checks for each change targeting main --- .github/dependabot.yml | 11 +++++++++ .github/workflows/vm-tests.yml | 41 ++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/vm-tests.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..162fed0 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,11 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: "/" + schedule: + interval: daily + open-pull-requests-limit: 15 + reviewers: + - NotAShelf + assignees: + - NotAShelf diff --git a/.github/workflows/vm-tests.yml b/.github/workflows/vm-tests.yml new file mode 100644 index 0000000..5020c61 --- /dev/null +++ b/.github/workflows/vm-tests.yml @@ -0,0 +1,41 @@ +name: Run VM tests + +on: + workflow_call: + pull_request: + push: + branches: + - main +jobs: + nix: + strategy: + matrix: + system: + - x86_64-linux + - aarch64-linux + + runs-on: ubuntu-latest + steps: + - name: "Set up QEMU support" + uses: docker/setup-qemu-action@v3 + with: + platforms: arm64 + + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@main + with: + diagnostic-endpoint: "" # no personalized self-merges tyvm. + logger: pretty + extra-conf: | + experimental-features = nix-command flakes + allow-import-from-derivation = false + extra-platforms = aarch64-linux + + - name: Checkout + uses: actions/checkout@v4 + + # For now, only a basic test exists and thus we only build that. In the future + # we may consider chaining matrix.system and matrix.check to build more tests + # for each individual system. + - name: Build packages + run: nix build -L .#checks.${{ matrix.system }}.hjem-basic -v