pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / influxdb2.nix
at 25.11-pre 9.2 kB view raw
1import ./make-test-python.nix ( 2 { pkgs, ... }: 3 { 4 name = "influxdb2"; 5 meta = with pkgs.lib.maintainers; { 6 maintainers = [ offline ]; 7 }; 8 9 nodes.machine = 10 { lib, ... }: 11 { 12 environment.systemPackages = [ pkgs.influxdb2-cli ]; 13 # Make sure that the service is restarted immediately if tokens need to be rewritten 14 # without relying on any Restart=on-failure behavior 15 systemd.services.influxdb2.serviceConfig.RestartSec = 6000; 16 services.influxdb2.enable = true; 17 services.influxdb2.provision = { 18 enable = true; 19 initialSetup = { 20 organization = "default"; 21 bucket = "default"; 22 passwordFile = pkgs.writeText "admin-pw" "ExAmPl3PA55W0rD"; 23 tokenFile = pkgs.writeText "admin-token" "verysecureadmintoken"; 24 }; 25 organizations.someorg = { 26 buckets.somebucket = { }; 27 auths.sometoken = { 28 description = "some auth token"; 29 readBuckets = [ "somebucket" ]; 30 writeBuckets = [ "somebucket" ]; 31 }; 32 }; 33 users.someuser.passwordFile = pkgs.writeText "tmp-pw" "abcgoiuhaoga"; 34 }; 35 36 specialisation.withModifications.configuration = 37 { ... }: 38 { 39 services.influxdb2.provision = { 40 organizations.someorg.buckets.somebucket.present = false; 41 organizations.someorg.auths.sometoken.present = false; 42 users.someuser.present = false; 43 44 organizations.myorg = { 45 description = "Myorg description"; 46 buckets.mybucket = { 47 description = "Mybucket description"; 48 }; 49 auths.mytoken = { 50 operator = true; 51 description = "operator token"; 52 tokenFile = pkgs.writeText "tmp-tok" "someusertoken"; 53 }; 54 }; 55 users.myuser.passwordFile = pkgs.writeText "tmp-pw" "abcgoiuhaoga"; 56 }; 57 }; 58 59 specialisation.withParentDelete.configuration = 60 { ... }: 61 { 62 services.influxdb2.provision = { 63 organizations.someorg.present = false; 64 # Deleting the parent implies: 65 #organizations.someorg.buckets.somebucket.present = false; 66 #organizations.someorg.auths.sometoken.present = false; 67 }; 68 }; 69 70 specialisation.withNewTokens.configuration = 71 { ... }: 72 { 73 services.influxdb2.provision = { 74 organizations.default = { 75 auths.operator = { 76 operator = true; 77 description = "new optoken"; 78 tokenFile = pkgs.writeText "tmp-tok" "newoptoken"; 79 }; 80 auths.allaccess = { 81 operator = true; 82 description = "new allaccess"; 83 tokenFile = pkgs.writeText "tmp-tok" "newallaccess"; 84 }; 85 auths.specifics = { 86 description = "new specifics"; 87 readPermissions = [ 88 "users" 89 "tasks" 90 ]; 91 writePermissions = [ "tasks" ]; 92 tokenFile = pkgs.writeText "tmp-tok" "newspecificstoken"; 93 }; 94 }; 95 }; 96 }; 97 }; 98 99 testScript = 100 { nodes, ... }: 101 let 102 specialisations = "${nodes.machine.system.build.toplevel}/specialisation"; 103 tokenArg = "--token verysecureadmintoken"; 104 in 105 '' 106 def assert_contains(haystack, needle): 107 if needle not in haystack: 108 print("The haystack that will cause the following exception is:") 109 print("---") 110 print(haystack) 111 print("---") 112 raise Exception(f"Expected string '{needle}' was not found") 113 114 def assert_lacks(haystack, needle): 115 if needle in haystack: 116 print("The haystack that will cause the following exception is:") 117 print("---") 118 print(haystack, end="") 119 print("---") 120 raise Exception(f"Unexpected string '{needle}' was found") 121 122 machine.wait_for_unit("influxdb2.service") 123 124 machine.fail("curl --fail -X POST 'http://localhost:8086/api/v2/signin' -u admin:wrongpassword") 125 machine.succeed("curl --fail -X POST 'http://localhost:8086/api/v2/signin' -u admin:ExAmPl3PA55W0rD") 126 127 out = machine.succeed("influx org list ${tokenArg}") 128 assert_contains(out, "default") 129 assert_lacks(out, "myorg") 130 assert_contains(out, "someorg") 131 132 out = machine.succeed("influx bucket list ${tokenArg} --org default") 133 assert_contains(out, "default") 134 135 machine.fail("influx bucket list ${tokenArg} --org myorg") 136 137 out = machine.succeed("influx bucket list ${tokenArg} --org someorg") 138 assert_contains(out, "somebucket") 139 140 out = machine.succeed("influx user list ${tokenArg}") 141 assert_contains(out, "admin") 142 assert_lacks(out, "myuser") 143 assert_contains(out, "someuser") 144 145 out = machine.succeed("influx auth list ${tokenArg}") 146 assert_lacks(out, "operator token") 147 assert_contains(out, "some auth token") 148 149 with subtest("withModifications"): 150 machine.succeed('${specialisations}/withModifications/bin/switch-to-configuration test') 151 machine.wait_for_unit("influxdb2.service") 152 153 out = machine.succeed("influx org list ${tokenArg}") 154 assert_contains(out, "default") 155 assert_contains(out, "myorg") 156 assert_contains(out, "someorg") 157 158 out = machine.succeed("influx bucket list ${tokenArg} --org myorg") 159 assert_contains(out, "mybucket") 160 161 out = machine.succeed("influx bucket list ${tokenArg} --org someorg") 162 assert_lacks(out, "somebucket") 163 164 out = machine.succeed("influx user list ${tokenArg}") 165 assert_contains(out, "admin") 166 assert_contains(out, "myuser") 167 assert_lacks(out, "someuser") 168 169 out = machine.succeed("influx auth list ${tokenArg}") 170 assert_contains(out, "operator token") 171 assert_lacks(out, "some auth token") 172 173 # Make sure the user token is also usable 174 machine.succeed("influx auth list --token someusertoken") 175 176 with subtest("keepsUnrelated"): 177 machine.succeed('${nodes.machine.system.build.toplevel}/bin/switch-to-configuration test') 178 machine.wait_for_unit("influxdb2.service") 179 180 out = machine.succeed("influx org list ${tokenArg}") 181 assert_contains(out, "default") 182 assert_contains(out, "myorg") 183 assert_contains(out, "someorg") 184 185 out = machine.succeed("influx bucket list ${tokenArg} --org default") 186 assert_contains(out, "default") 187 188 out = machine.succeed("influx bucket list ${tokenArg} --org myorg") 189 assert_contains(out, "mybucket") 190 191 out = machine.succeed("influx bucket list ${tokenArg} --org someorg") 192 assert_contains(out, "somebucket") 193 194 out = machine.succeed("influx user list ${tokenArg}") 195 assert_contains(out, "admin") 196 assert_contains(out, "myuser") 197 assert_contains(out, "someuser") 198 199 out = machine.succeed("influx auth list ${tokenArg}") 200 assert_contains(out, "operator token") 201 assert_contains(out, "some auth token") 202 203 with subtest("withParentDelete"): 204 machine.succeed('${specialisations}/withParentDelete/bin/switch-to-configuration test') 205 machine.wait_for_unit("influxdb2.service") 206 207 out = machine.succeed("influx org list ${tokenArg}") 208 assert_contains(out, "default") 209 assert_contains(out, "myorg") 210 assert_lacks(out, "someorg") 211 212 out = machine.succeed("influx bucket list ${tokenArg} --org default") 213 assert_contains(out, "default") 214 215 out = machine.succeed("influx bucket list ${tokenArg} --org myorg") 216 assert_contains(out, "mybucket") 217 218 machine.fail("influx bucket list ${tokenArg} --org someorg") 219 220 out = machine.succeed("influx user list ${tokenArg}") 221 assert_contains(out, "admin") 222 assert_contains(out, "myuser") 223 assert_contains(out, "someuser") 224 225 out = machine.succeed("influx auth list ${tokenArg}") 226 assert_contains(out, "operator token") 227 assert_lacks(out, "some auth token") 228 229 with subtest("withNewTokens"): 230 machine.succeed('${specialisations}/withNewTokens/bin/switch-to-configuration test') 231 machine.wait_for_unit("influxdb2.service") 232 233 out = machine.succeed("influx auth list ${tokenArg}") 234 assert_contains(out, "operator token") 235 assert_contains(out, "some auth token") 236 assert_contains(out, "new optoken") 237 assert_contains(out, "new allaccess") 238 assert_contains(out, "new specifics") 239 ''; 240 } 241)