nixos/tests/vault-dev.nix at 23.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / tests / vault-dev.nix

at 23.05-pre 1.1 kB view raw

 1import ./make-test-python.nix ({ pkgs, ... }:
 2{
 3  name = "vault-dev";
 4  meta = with pkgs.lib.maintainers; {
 5    maintainers = [ lnl7 mic92 ];
 6  };
 7  nodes.machine = { pkgs, config, ... }: {
 8    environment.systemPackages = [ pkgs.vault ];
 9    environment.variables.VAULT_ADDR = "http://127.0.0.1:8200";
10    environment.variables.VAULT_TOKEN = "phony-secret";
11
12    services.vault = {
13      enable = true;
14      dev = true;
15      devRootTokenID = config.environment.variables.VAULT_TOKEN;
16    };
17  };
18
19  testScript = ''
20    import json
21    start_all()
22    machine.wait_for_unit("multi-user.target")
23    machine.wait_for_unit("vault.service")
24    machine.wait_for_open_port(8200)
25    out = machine.succeed("vault status -format=json")
26    print(out)
27    status = json.loads(out)
28    assert status.get("initialized") == True
29    machine.succeed("vault kv put secret/foo bar=baz")
30    out = machine.succeed("vault kv get -format=json secret/foo")
31    print(out)
32    status = json.loads(out)
33    assert status.get("data", {}).get("data", {}).get("bar") == "baz"
34  '';
35})