commit 4460cda6b5807ea19b97e34c1dfcbba57b137118 · pyrox.dev/nixpkgs

+1 -2

nixos/tests/all-tests.nix

···

       86
        
         documize = handleTest ./documize.nix {};

     

       87
        
         dokuwiki = handleTest ./dokuwiki.nix {};

     

       88
        
         dovecot = handleTest ./dovecot.nix {};

     

       89
       -
         # ec2-config doesn't work in a sandbox as the simulated ec2 instance needs network access

     

       90
       -
         #ec2-config = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-config or {};

     

       91
        
         ec2-nixops = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-nixops or {};

     

       92
        
         ecryptfs = handleTest ./ecryptfs.nix {};

     

       93
        
         ejabberd = handleTest ./xmpp/ejabberd.nix {};

···

       86
        
         documize = handleTest ./documize.nix {};

     

       87
        
         dokuwiki = handleTest ./dokuwiki.nix {};

     

       88
        
         dovecot = handleTest ./dovecot.nix {};

     

       89
       +
         ec2-config = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-config or {};

     

       0
        
       
     

       90
        
         ec2-nixops = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-nixops or {};

     

       91
        
         ecryptfs = handleTest ./ecryptfs.nix {};

     

       92
        
         ejabberd = handleTest ./xmpp/ejabberd.nix {};

+36 -22

nixos/tests/common/ec2.nix

···

       20
        
           in makeTest {

     

       21
        
             name = "ec2-" + name;

     

       22
        
             nodes = {};

     

       23
       -
             testScript =

     

       24
       -
               ''

     

       25
       -
                 my $imageDir = ($ENV{'TMPDIR'} // "/tmp") . "/vm-state-machine";

     

       26
       -
                 mkdir $imageDir, 0700;

     

       27
       -
                 my $diskImage = "$imageDir/machine.qcow2";

     

       28
       -
                 system("qemu-img create -f qcow2 -o backing_file=${image} $diskImage") == 0 or die;

     

       29
       -
                 system("qemu-img resize $diskImage 10G") == 0 or die;

     

       30
        
       

     

       31
       -
                 # Note: we use net=169.0.0.0/8 rather than

     

       32
       -
                 # net=169.254.0.0/16 to prevent dhcpcd from getting horribly

     

       33
       -
                 # confused. (It would get a DHCP lease in the 169.254.*

     

       34
       -
                 # range, which it would then configure and prompty delete

     

       35
       -
                 # again when it deletes link-local addresses.) Ideally we'd

     

       36
       -
                 # turn off the DHCP server, but qemu does not have an option

     

       37
       -
                 # to do that.

     

       38
       -
                 my $startCommand = "qemu-kvm -m 1024";

     

       39
       -
                 $startCommand .= " -device virtio-net-pci,netdev=vlan0";

     

       40
       -
                 $startCommand .= " -netdev 'user,id=vlan0,net=169.0.0.0/8,guestfwd=tcp:169.254.169.254:80-cmd:${pkgs.micro-httpd}/bin/micro_httpd ${metaData}'";

     

       41
       -
                 $startCommand .= " -drive file=$diskImage,if=virtio,werror=report";

     

       42
       -
                 $startCommand .= " \$QEMU_OPTS";

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       43
        
       

     

       44
       -
                 my $machine = createMachine({ startCommand => $startCommand });

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       45
        
       

     

       46
       -
                 ${script}

     

       47
       -
               '';

     

       48
        
           };

     

       49
        
       }

···

       20
        
           in makeTest {

     

       21
        
             name = "ec2-" + name;

     

       22
        
             nodes = {};

     

       23
       +
             testScript = ''

     

       24
       +
               import os

     

       25
       +
               import subprocess

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       26
        
       

     

       27
       +
               image_dir = os.path.join(

     

       28
       +
                   os.environ.get("TMPDIR", tempfile.gettempdir()), "tmp", "vm-state-machine"

     

       29
       +
               )

     

       30
       +
               os.makedirs(image_dir, mode=0o700, exist_ok=True)

     

       31
       +
               disk_image = os.path.join(image_dir, "machine.qcow2")

     

       32
       +
               subprocess.check_call(

     

       33
       +
                   [

     

       34
       +
                       "qemu-img",

     

       35
       +
                       "create",

     

       36
       +
                       "-f",

     

       37
       +
                       "qcow2",

     

       38
       +
                       "-o",

     

       39
       +
                       "backing_file=${image}",

     

       40
       +
                       disk_image,

     

       41
       +
                   ]

     

       42
       +
               )

     

       43
       +
               subprocess.check_call(["qemu-img", "resize", disk_image, "10G"])

     

       44
        
       

     

       45
       +
               # Note: we use net=169.0.0.0/8 rather than

     

       46
       +
               # net=169.254.0.0/16 to prevent dhcpcd from getting horribly

     

       47
       +
               # confused. (It would get a DHCP lease in the 169.254.*

     

       48
       +
               # range, which it would then configure and prompty delete

     

       49
       +
               # again when it deletes link-local addresses.) Ideally we'd

     

       50
       +
               # turn off the DHCP server, but qemu does not have an option

     

       51
       +
               # to do that.

     

       52
       +
               start_command = (

     

       53
       +
                   "qemu-kvm -m 1024"

     

       54
       +
                   + " -device virtio-net-pci,netdev=vlan0"

     

       55
       +
                   + " -netdev 'user,id=vlan0,net=169.0.0.0/8,guestfwd=tcp:169.254.169.254:80-cmd:${pkgs.micro-httpd}/bin/micro_httpd ${metaData}'"

     

       56
       +
                   + f" -drive file={disk_image},if=virtio,werror=report"

     

       57
       +
                   + " $QEMU_OPTS"

     

       58
       +
               )

     

       59
        
       

     

       60
       +
               machine = create_machine({"startCommand": start_command})

     

       61
       +
             '' + script;

     

       62
        
           };

     

       63
        
       }

+69 -65

nixos/tests/ec2.nix

···

       3
        
         pkgs ? import ../.. { inherit system config; }

     

       4
        
       }:

     

       5
        
       

     

       6
       -
       with import ../lib/testing.nix { inherit system pkgs; };

     

       7
        
       with pkgs.lib;

     

       8
        
       

     

       9
        
       with import common/ec2.nix { inherit makeTest pkgs; };

     

       10
        
       

     

       11
        
       let

     

       12
       -
         imageCfg =

     

       13
       -
           (import ../lib/eval-config.nix {

     

       14
       -
             inherit system;

     

       15
       -
             modules = [

     

       16
       -
               ../maintainers/scripts/ec2/amazon-image.nix

     

       17
       -
               ../modules/testing/test-instrumentation.nix

     

       18
       -
               ../modules/profiles/qemu-guest.nix

     

       19
       -
               { ec2.hvm = true;

     

       20
        
       

     

       21
       -
                 # Hack to make the partition resizing work in QEMU.

     

       22
       -
                 boot.initrd.postDeviceCommands = mkBefore

     

       23
       -
                   ''

     

       24
       -
                     ln -s vda /dev/xvda

     

       25
       -
                     ln -s vda1 /dev/xvda1

     

       26
       -
                   '';

     

       27
        
       

     

       28
       -
                 # Needed by nixos-rebuild due to the lack of network

     

       29
       -
                 # access. Determined by trial and error.

     

       30
       -
                 system.extraDependencies =

     

       31
       -
                   with pkgs; (

     

       32
       -
                     [

     

       33
       -
                       # Needed for a nixos-rebuild.

     

       34
       -
                       busybox

     

       35
       -
                       stdenv

     

       36
       -
                       stdenvNoCC

     

       37
       -
                       mkinitcpio-nfs-utils

     

       38
       -
                       unionfs-fuse

     

       39
       -
                       cloud-utils

     

       40
       -
                       desktop-file-utils

     

       41
       -
                       texinfo

     

       42
       -
                       libxslt.bin

     

       43
       -
                       xorg.lndir

     

       44
        
       

     

       45
       -
                       # These are used in the configure-from-userdata tests

     

       46
       -
                       # for EC2. Httpd and valgrind are requested by the

     

       47
       -
                       # configuration.

     

       48
       -
                       apacheHttpd apacheHttpd.doc apacheHttpd.man valgrind.doc

     

       49
       -
                     ]

     

       50
       -
                   );

     

       51
       -
               }

     

       52
       -
             ];

     

       53
       -
           }).config;

     

       0
        
       
     

       0
        
       
     

       54
        
         image = "${imageCfg.system.build.amazonImage}/${imageCfg.amazonImage.name}.vhd";

     

       55
        
       

     

       56
        
         sshKeys = import ./ssh-keys.nix pkgs;

     

       57
        
         snakeOilPrivateKey = sshKeys.snakeOilPrivateKey.text;

     

       0
        
       
     

       58
        
         snakeOilPublicKey = sshKeys.snakeOilPublicKey;

     

       59
        
       

     

       60
        
       in {

     
···

       68
        
             SSH_HOST_ED25519_KEY:${replaceStrings ["\n"] ["|"] snakeOilPrivateKey}

     

       69
        
           '';

     

       70
        
           script = ''

     

       71
       -
             $machine->start;

     

       72
       -
             $machine->waitForFile("/etc/ec2-metadata/user-data");

     

       73
       -
             $machine->waitForUnit("sshd.service");

     

       74
        
       

     

       75
       -
             $machine->succeed("grep unknown /etc/ec2-metadata/ami-manifest-path");

     

       76
        
       

     

       77
        
             # We have no keys configured on the client side yet, so this should fail

     

       78
       -
             $machine->fail("ssh -o BatchMode=yes localhost exit");

     

       79
        
       

     

       80
        
             # Let's install our client private key

     

       81
       -
             $machine->succeed("mkdir -p ~/.ssh");

     

       82
        
       

     

       83
       -
             $machine->succeed("echo '${snakeOilPrivateKey}' > ~/.ssh/id_ed25519");

     

       84
       -
             $machine->succeed("chmod 600 ~/.ssh/id_ed25519");

     

       0
        
       
     

       0
        
       
     

       85
        
       

     

       86
        
             # We haven't configured the host key yet, so this should still fail

     

       87
       -
             $machine->fail("ssh -o BatchMode=yes localhost exit");

     

       88
        
       

     

       89
        
             # Add the host key; ssh should finally succeed

     

       90
       -
             $machine->succeed("echo localhost,127.0.0.1 ${snakeOilPublicKey} > ~/.ssh/known_hosts");

     

       91
       -
             $machine->succeed("ssh -o BatchMode=yes localhost exit");

     

       0
        
       
     

       0
        
       
     

       92
        
       

     

       93
        
             # Test whether the root disk was resized.

     

       94
       -
             my $blocks = $machine->succeed("stat -c %b -f /");

     

       95
       -
             my $bsize = $machine->succeed("stat -c %S -f /");

     

       96
       -
             my $size = $blocks * $bsize;

     

       97
       -
             die "wrong free space $size" if $size < 9.7 * 1024 * 1024 * 1024 || $size > 10 * 1024 * 1024 * 1024;

     

       98
        
       

     

       99
        
             # Just to make sure resizing is idempotent.

     

       100
       -
             $machine->shutdown;

     

       101
       -
             $machine->start;

     

       102
       -
             $machine->waitForFile("/etc/ec2-metadata/user-data");

     

       103
        
           '';

     

       104
        
         };

     

       105
        
       

     

       106
        
         boot-ec2-config = makeEc2Test {

     

       107
        
           name         = "config-userdata";

     

       0
        
       
     

       108
        
           inherit image;

     

       109
        
           sshPublicKey = snakeOilPublicKey;

     

       110
        
       

     
···

       133
        
             }

     

       134
        
           '';

     

       135
        
           script = ''

     

       136
       -
             $machine->start;

     

       137
        
       

     

       138
        
             # amazon-init must succeed. if it fails, make the test fail

     

       139
       -
             # immediately instead of timing out in waitForFile.

     

       140
       -
             $machine->waitForUnit('amazon-init.service');

     

       141
        
       

     

       142
       -
             $machine->waitForFile("/etc/testFile");

     

       143
       -
             $machine->succeed("cat /etc/testFile | grep -q 'whoa'");

     

       144
        
       

     

       145
       -
             $machine->waitForUnit("httpd.service");

     

       146
       -
             $machine->succeed("curl http://localhost | grep Valgrind");

     

       147
        
           '';

     

       148
        
         };

     

       149
        
       }

···

       3
        
         pkgs ? import ../.. { inherit system config; }

     

       4
        
       }:

     

       5
        
       

     

       6
       +
       with import ../lib/testing-python.nix { inherit system pkgs; };

     

       7
        
       with pkgs.lib;

     

       8
        
       

     

       9
        
       with import common/ec2.nix { inherit makeTest pkgs; };

     

       10
        
       

     

       11
        
       let

     

       12
       +
         imageCfg = (import ../lib/eval-config.nix {

     

       13
       +
           inherit system;

     

       14
       +
           modules = [

     

       15
       +
             ../maintainers/scripts/ec2/amazon-image.nix

     

       16
       +
             ../modules/testing/test-instrumentation.nix

     

       17
       +
             ../modules/profiles/qemu-guest.nix

     

       18
       +
             {

     

       19
       +
               ec2.hvm = true;

     

       20
        
       

     

       21
       +
               # Hack to make the partition resizing work in QEMU.

     

       22
       +
               boot.initrd.postDeviceCommands = mkBefore ''

     

       23
       +
                 ln -s vda /dev/xvda

     

       24
       +
                 ln -s vda1 /dev/xvda1

     

       25
       +
               '';

     

       0
        
       
     

       26
        
       

     

       27
       +
               # Needed by nixos-rebuild due to the lack of network

     

       28
       +
               # access. Determined by trial and error.

     

       29
       +
               system.extraDependencies = with pkgs; ( [

     

       30
       +
                 # Needed for a nixos-rebuild.

     

       31
       +
                 busybox

     

       32
       +
                 cloud-utils

     

       33
       +
                 desktop-file-utils

     

       34
       +
                 libxslt.bin

     

       35
       +
                 mkinitcpio-nfs-utils

     

       36
       +
                 stdenv

     

       37
       +
                 stdenvNoCC

     

       38
       +
                 texinfo

     

       39
       +
                 unionfs-fuse

     

       40
       +
                 xorg.lndir

     

       0
        
       
     

       0
        
       
     

       41
        
       

     

       42
       +
                 # These are used in the configure-from-userdata tests

     

       43
       +
                 # for EC2. Httpd and valgrind are requested by the

     

       44
       +
                 # configuration.

     

       45
       +
                 apacheHttpd

     

       46
       +
                 apacheHttpd.doc

     

       47
       +
                 apacheHttpd.man

     

       48
       +
                 valgrind.doc

     

       49
       +
               ]);

     

       50
       +
             }

     

       51
       +
           ];

     

       52
       +
         }).config;

     

       53
        
         image = "${imageCfg.system.build.amazonImage}/${imageCfg.amazonImage.name}.vhd";

     

       54
        
       

     

       55
        
         sshKeys = import ./ssh-keys.nix pkgs;

     

       56
        
         snakeOilPrivateKey = sshKeys.snakeOilPrivateKey.text;

     

       57
       +
         snakeOilPrivateKeyFile = pkgs.writeText "private-key" snakeOilPrivateKey;

     

       58
        
         snakeOilPublicKey = sshKeys.snakeOilPublicKey;

     

       59
        
       

     

       60
        
       in {

     
···

       68
        
             SSH_HOST_ED25519_KEY:${replaceStrings ["\n"] ["|"] snakeOilPrivateKey}

     

       69
        
           '';

     

       70
        
           script = ''

     

       71
       +
             machine.start()

     

       72
       +
             machine.wait_for_file("/etc/ec2-metadata/user-data")

     

       73
       +
             machine.wait_for_unit("sshd.service")

     

       74
        
       

     

       75
       +
             machine.succeed("grep unknown /etc/ec2-metadata/ami-manifest-path")

     

       76
        
       

     

       77
        
             # We have no keys configured on the client side yet, so this should fail

     

       78
       +
             machine.fail("ssh -o BatchMode=yes localhost exit")

     

       79
        
       

     

       80
        
             # Let's install our client private key

     

       81
       +
             machine.succeed("mkdir -p ~/.ssh")

     

       82
        
       

     

       83
       +
             machine.copy_from_host_via_shell(

     

       84
       +
                 "${snakeOilPrivateKeyFile}", "~/.ssh/id_ed25519"

     

       85
       +
             )

     

       86
       +
             machine.succeed("chmod 600 ~/.ssh/id_ed25519")

     

       87
        
       

     

       88
        
             # We haven't configured the host key yet, so this should still fail

     

       89
       +
             machine.fail("ssh -o BatchMode=yes localhost exit")

     

       90
        
       

     

       91
        
             # Add the host key; ssh should finally succeed

     

       92
       +
             machine.succeed(

     

       93
       +
                 "echo localhost,127.0.0.1 ${snakeOilPublicKey} > ~/.ssh/known_hosts"

     

       94
       +
             )

     

       95
       +
             machine.succeed("ssh -o BatchMode=yes localhost exit")

     

       96
        
       

     

       97
        
             # Test whether the root disk was resized.

     

       98
       +
             blocks, block_size = map(int, machine.succeed("stat -c %b:%S -f /").split(":"))

     

       99
       +
             GB = 1024 ** 3

     

       100
       +
             assert 9.7 * GB <= blocks * block_size <= 10 * GB

     

       0
        
       
     

       101
        
       

     

       102
        
             # Just to make sure resizing is idempotent.

     

       103
       +
             machine.shutdown()

     

       104
       +
             machine.start()

     

       105
       +
             machine.wait_for_file("/etc/ec2-metadata/user-data")

     

       106
        
           '';

     

       107
        
         };

     

       108
        
       

     

       109
        
         boot-ec2-config = makeEc2Test {

     

       110
        
           name         = "config-userdata";

     

       111
       +
           meta.broken = true; # amazon-init wants to download from the internet while building the system

     

       112
        
           inherit image;

     

       113
        
           sshPublicKey = snakeOilPublicKey;

     

       114
        
       

     
···

       137
        
             }

     

       138
        
           '';

     

       139
        
           script = ''

     

       140
       +
             machine.start()

     

       141
        
       

     

       142
        
             # amazon-init must succeed. if it fails, make the test fail

     

       143
       +
             # immediately instead of timing out in wait_for_file.

     

       144
       +
             machine.wait_for_unit("amazon-init.service")

     

       145
        
       

     

       146
       +
             machine.wait_for_file("/etc/testFile")

     

       147
       +
             assert "whoa" in machine.succeed("cat /etc/testFile")

     

       148
        
       

     

       149
       +
             machine.wait_for_unit("httpd.service")

     

       150
       +
             assert "Valgrind" in machine.succeed("curl http://localhost")

     

       151
        
           '';

     

       152
        
         };

     

       153
        
       }

+37 -33

nixos/tests/openstack-image.nix

···

       3
        
         pkgs ? import ../.. { inherit system config; }

     

       4
        
       }:

     

       5
        
       

     

       6
       -
       with import ../lib/testing.nix { inherit system pkgs; };

     

       7
        
       with pkgs.lib;

     

       8
        
       

     

       9
        
       with import common/ec2.nix { inherit makeTest pkgs; };

     

       10
        
       

     

       11
        
       let

     

       12
       -
         image =

     

       13
       -
           (import ../lib/eval-config.nix {

     

       14
       -
             inherit system;

     

       15
       -
             modules = [

     

       16
       -
               ../maintainers/scripts/openstack/openstack-image.nix

     

       17
       -
               ../modules/testing/test-instrumentation.nix

     

       18
       -
               ../modules/profiles/qemu-guest.nix

     

       19
       -
               {

     

       20
       -
                 # Needed by nixos-rebuild due to lack of network access.

     

       21
       -
                 system.extraDependencies = with pkgs; [

     

       22
       -
                   stdenv

     

       23
       -
                 ];

     

       24
       -
               }

     

       25
       -
             ];

     

       26
       -
           }).config.system.build.openstackImage + "/nixos.qcow2";

     

       27
        
       

     

       28
        
         sshKeys = import ./ssh-keys.nix pkgs;

     

       29
        
         snakeOilPrivateKey = sshKeys.snakeOilPrivateKey.text;

     

       0
        
       
     

       30
        
         snakeOilPublicKey = sshKeys.snakeOilPublicKey;

     

       31
        
       

     

       32
        
       in {

     
···

       39
        
             SSH_HOST_ED25519_KEY:${replaceStrings ["\n"] ["|"] snakeOilPrivateKey}

     

       40
        
           '';

     

       41
        
           script = ''

     

       42
       -
             $machine->start;

     

       43
       -
             $machine->waitForFile("/etc/ec2-metadata/user-data");

     

       44
       -
             $machine->waitForUnit("sshd.service");

     

       45
        
       

     

       46
       -
             $machine->succeed("grep unknown /etc/ec2-metadata/ami-manifest-path");

     

       47
        
       

     

       48
        
             # We have no keys configured on the client side yet, so this should fail

     

       49
       -
             $machine->fail("ssh -o BatchMode=yes localhost exit");

     

       50
        
       

     

       51
        
             # Let's install our client private key

     

       52
       -
             $machine->succeed("mkdir -p ~/.ssh");

     

       53
        
       

     

       54
       -
             $machine->succeed("echo '${snakeOilPrivateKey}' > ~/.ssh/id_ed25519");

     

       55
       -
             $machine->succeed("chmod 600 ~/.ssh/id_ed25519");

     

       0
        
       
     

       0
        
       
     

       56
        
       

     

       57
        
             # We haven't configured the host key yet, so this should still fail

     

       58
       -
             $machine->fail("ssh -o BatchMode=yes localhost exit");

     

       59
        
       

     

       60
        
             # Add the host key; ssh should finally succeed

     

       61
       -
             $machine->succeed("echo localhost,127.0.0.1 ${snakeOilPublicKey} > ~/.ssh/known_hosts");

     

       62
       -
             $machine->succeed("ssh -o BatchMode=yes localhost exit");

     

       0
        
       
     

       0
        
       
     

       63
        
       

     

       64
        
             # Just to make sure resizing is idempotent.

     

       65
       -
             $machine->shutdown;

     

       66
       -
             $machine->start;

     

       67
       -
             $machine->waitForFile("/etc/ec2-metadata/user-data");

     

       68
        
           '';

     

       69
        
         };

     

       70
        
       

     
···

       86
        
             }

     

       87
        
           '';

     

       88
        
           script = ''

     

       89
       -
             $machine->start;

     

       90
       -
             $machine->waitForFile("/etc/testFile");

     

       91
       -
             $machine->succeed("cat /etc/testFile | grep -q 'whoa'");

     

       92
        
           '';

     

       93
        
         };

     

       94
        
       }

···

       3
        
         pkgs ? import ../.. { inherit system config; }

     

       4
        
       }:

     

       5
        
       

     

       6
       +
       with import ../lib/testing-python.nix { inherit system pkgs; };

     

       7
        
       with pkgs.lib;

     

       8
        
       

     

       9
        
       with import common/ec2.nix { inherit makeTest pkgs; };

     

       10
        
       

     

       11
        
       let

     

       12
       +
         image = (import ../lib/eval-config.nix {

     

       13
       +
           inherit system;

     

       14
       +
           modules = [

     

       15
       +
             ../maintainers/scripts/openstack/openstack-image.nix

     

       16
       +
             ../modules/testing/test-instrumentation.nix

     

       17
       +
             ../modules/profiles/qemu-guest.nix

     

       18
       +
             {

     

       19
       +
               # Needed by nixos-rebuild due to lack of network access.

     

       20
       +
               system.extraDependencies = with pkgs; [

     

       21
       +
                 stdenv

     

       22
       +
               ];

     

       23
       +
             }

     

       24
       +
           ];

     

       25
       +
         }).config.system.build.openstackImage + "/nixos.qcow2";

     

       0
        
       
     

       26
        
       

     

       27
        
         sshKeys = import ./ssh-keys.nix pkgs;

     

       28
        
         snakeOilPrivateKey = sshKeys.snakeOilPrivateKey.text;

     

       29
       +
         snakeOilPrivateKeyFile = pkgs.writeText "private-key" snakeOilPrivateKey;

     

       30
        
         snakeOilPublicKey = sshKeys.snakeOilPublicKey;

     

       31
        
       

     

       32
        
       in {

     
···

       39
        
             SSH_HOST_ED25519_KEY:${replaceStrings ["\n"] ["|"] snakeOilPrivateKey}

     

       40
        
           '';

     

       41
        
           script = ''

     

       42
       +
             machine.start()

     

       43
       +
             machine.wait_for_file("/etc/ec2-metadata/user-data")

     

       44
       +
             machine.wait_for_unit("sshd.service")

     

       45
        
       

     

       46
       +
             machine.succeed("grep unknown /etc/ec2-metadata/ami-manifest-path")

     

       47
        
       

     

       48
        
             # We have no keys configured on the client side yet, so this should fail

     

       49
       +
             machine.fail("ssh -o BatchMode=yes localhost exit")

     

       50
        
       

     

       51
        
             # Let's install our client private key

     

       52
       +
             machine.succeed("mkdir -p ~/.ssh")

     

       53
        
       

     

       54
       +
             machine.copy_from_host_via_shell(

     

       55
       +
                 "${snakeOilPrivateKeyFile}", "~/.ssh/id_ed25519"

     

       56
       +
             )

     

       57
       +
             machine.succeed("chmod 600 ~/.ssh/id_ed25519")

     

       58
        
       

     

       59
        
             # We haven't configured the host key yet, so this should still fail

     

       60
       +
             machine.fail("ssh -o BatchMode=yes localhost exit")

     

       61
        
       

     

       62
        
             # Add the host key; ssh should finally succeed

     

       63
       +
             machine.succeed(

     

       64
       +
                 "echo localhost,127.0.0.1 ${snakeOilPublicKey} > ~/.ssh/known_hosts"

     

       65
       +
             )

     

       66
       +
             machine.succeed("ssh -o BatchMode=yes localhost exit")

     

       67
        
       

     

       68
        
             # Just to make sure resizing is idempotent.

     

       69
       +
             machine.shutdown()

     

       70
       +
             machine.start()

     

       71
       +
             machine.wait_for_file("/etc/ec2-metadata/user-data")

     

       72
        
           '';

     

       73
        
         };

     

       74
        
       

     
···

       90
        
             }

     

       91
        
           '';

     

       92
        
           script = ''

     

       93
       +
             machine.start()

     

       94
       +
             machine.wait_for_file("/etc/testFile")

     

       95
       +
             assert "whoa" in machine.succeed("cat /etc/testFile")

     

       96
        
           '';

     

       97
        
         };

     

       98
        
       }