pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / tests / vault-dev.nix
at master 1.1 kB view raw
1{ pkgs, ... }: 2{ 3 name = "vault-dev"; 4 meta = with pkgs.lib.maintainers; { 5 maintainers = [ 6 lnl7 7 mic92 8 ]; 9 }; 10 nodes.machine = 11 { pkgs, config, ... }: 12 { 13 environment.systemPackages = [ pkgs.vault ]; 14 environment.variables.VAULT_ADDR = "http://127.0.0.1:8200"; 15 environment.variables.VAULT_TOKEN = "phony-secret"; 16 17 services.vault = { 18 enable = true; 19 dev = true; 20 devRootTokenID = config.environment.variables.VAULT_TOKEN; 21 }; 22 }; 23 24 testScript = '' 25 import json 26 start_all() 27 machine.wait_for_unit("multi-user.target") 28 machine.wait_for_unit("vault.service") 29 machine.wait_for_open_port(8200) 30 out = machine.succeed("vault status -format=json") 31 print(out) 32 status = json.loads(out) 33 assert status.get("initialized") == True 34 machine.succeed("vault kv put secret/foo bar=baz") 35 out = machine.succeed("vault kv get -format=json secret/foo") 36 print(out) 37 status = json.loads(out) 38 assert status.get("data", {}).get("data", {}).get("bar") == "baz" 39 ''; 40}