nixpkgs-suyu/nixos/tests/hockeypuck.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

64 lines
1.9 KiB
Nix
Raw Normal View History

2021-07-18 09:51:49 +02:00
import ./make-test-python.nix ({ lib, pkgs, ... }:
let
gpgKeyring = (pkgs.runCommand "gpg-keyring" { buildInputs = [ pkgs.gnupg ]; } ''
2021-07-18 09:51:49 +02:00
mkdir -p $out
export GNUPGHOME=$out
cat > foo <<EOF
%echo Generating a basic OpenPGP key
%no-protection
Key-Type: DSA
Key-Length: 1024
Subkey-Type: ELG-E
Subkey-Length: 1024
Name-Real: Foo Example
Name-Email: foo@example.org
Expire-Date: 0
# Do a commit here, so that we can later print "done"
%commit
%echo done
EOF
gpg --batch --generate-key foo
rm $out/S.gpg-agent $out/S.gpg-agent.*
'');
in {
name = "hockeypuck";
meta.maintainers = with lib.maintainers; [ etu ];
machine = { ... }: {
# Used for test
environment.systemPackages = [ pkgs.gnupg ];
services.hockeypuck.enable = true;
services.postgresql = {
enable = true;
ensureDatabases = [ "hockeypuck" ];
ensureUsers = [{
name = "hockeypuck";
ensurePermissions."DATABASE hockeypuck" = "ALL PRIVILEGES";
}];
};
};
testScript = ''
machine.wait_for_unit("hockeypuck.service")
machine.wait_for_open_port(11371)
response = machine.succeed("curl -vvv -s http://127.0.0.1:11371/")
assert "<title>OpenPGP Keyserver</title>" in response, "HTML title not found"
# Copy the keyring
machine.succeed("cp -R ${gpgKeyring} /tmp/GNUPGHOME")
# Extract our GPG key id
keyId = machine.succeed("GNUPGHOME=/tmp/GNUPGHOME gpg --list-keys | grep dsa1024 --after-context=1 | grep -v dsa1024").strip()
# Send the key to our local keyserver
machine.succeed("GNUPGHOME=/tmp/GNUPGHOME gpg --keyserver hkp://127.0.0.1:11371 --send-keys " + keyId)
# Recieve the key from our local keyserver to a separate directory
machine.succeed("GNUPGHOME=$(mktemp -d) gpg --keyserver hkp://127.0.0.1:11371 --recv-keys " + keyId)
'';
})