Fix the EC2 test
This commit is contained in:
parent
640dff2918
commit
412477e914
1 changed files with 34 additions and 24 deletions
|
@ -9,9 +9,11 @@ let
|
|||
(import ../lib/eval-config.nix {
|
||||
inherit system;
|
||||
modules = [
|
||||
../maintainers/scripts/ec2/amazon-hvm-config.nix
|
||||
../maintainers/scripts/ec2/amazon-image.nix
|
||||
../../nixos/modules/testing/test-instrumentation.nix
|
||||
{ boot.initrd.kernelModules = [ "virtio" "virtio_blk" "virtio_pci" "virtio_ring" ]; }
|
||||
{ boot.initrd.kernelModules = [ "virtio" "virtio_blk" "virtio_pci" "virtio_ring" ];
|
||||
ec2.hvm = true;
|
||||
}
|
||||
];
|
||||
}).config.system.build.amazonImage;
|
||||
|
||||
|
@ -34,41 +36,48 @@ let
|
|||
nodes = {};
|
||||
testScript =
|
||||
''
|
||||
use File::Temp qw/ tempfile /;
|
||||
my ($fh, $filename) = tempfile();
|
||||
my $imageDir = ($ENV{'TMPDIR'} // "/tmp") . "/vm-state-machine";
|
||||
mkdir $imageDir, 0700;
|
||||
my $diskImage = "$imageDir/machine.qcow2";
|
||||
system("qemu-img create -f qcow2 -o backing_file=${image}/nixos.img $diskImage") == 0 or die;
|
||||
|
||||
`qemu-img create -f qcow2 -o backing_file=${image}/nixos.img $filename`;
|
||||
|
||||
my $startCommand = "qemu-kvm -m 768 -net nic -net 'user,net=169.254.0.0/16,guestfwd=tcp:169.254.169.254:80-cmd:${pkgs.micro-httpd}/bin/micro_httpd ${metaData}'";
|
||||
$startCommand .= " -drive file=" . Cwd::abs_path($filename) . ",if=virtio,werror=report";
|
||||
# Note: we use net=169.0.0.0/8 rather than
|
||||
# net=169.254.0.0/16 to prevent dhcpcd from getting horribly
|
||||
# confused. (It would get a DHCP lease in the 169.254.*
|
||||
# range, which it would then configure and prompty delete
|
||||
# again when it deletes link-local addresses.) Ideally we'd
|
||||
# turn off the DHCP server, but qemu does not have an option
|
||||
# to do that.
|
||||
my $startCommand = "qemu-kvm -m 768 -net nic -net 'user,net=169.0.0.0/8,guestfwd=tcp:169.254.169.254:80-cmd:${pkgs.micro-httpd}/bin/micro_httpd ${metaData}'";
|
||||
$startCommand .= " -drive file=$diskImage,if=virtio,werror=report";
|
||||
$startCommand .= " \$QEMU_OPTS";
|
||||
|
||||
my $machine = createMachine({ startCommand => $startCommand });
|
||||
|
||||
${script}
|
||||
'';
|
||||
};
|
||||
|
||||
snakeOilPrivateKey = [
|
||||
"-----BEGIN EC PRIVATE KEY-----"
|
||||
"MHcCAQEEIHQf/khLvYrQ8IOika5yqtWvI0oquHlpRLTZiJy5dRJmoAoGCCqGSM49"
|
||||
"AwEHoUQDQgAEKF0DYGbBwbj06tA3fd/+yP44cvmwmHBWXZCKbS+RQlAKvLXMWkpN"
|
||||
"r1lwMyJZoSGgBHoUahoYjTh9/sJL7XLJtA=="
|
||||
"-----END EC PRIVATE KEY-----"
|
||||
];
|
||||
snakeOilPrivateKey = ''
|
||||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
|
||||
QyNTUxOQAAACDEPmwZv5dDPrMUaq0dDP+6eBTTe+QNrz14KBEIdhHd1QAAAJDufJ4S7nye
|
||||
EgAAAAtzc2gtZWQyNTUxOQAAACDEPmwZv5dDPrMUaq0dDP+6eBTTe+QNrz14KBEIdhHd1Q
|
||||
AAAECgwbDlYATM5/jypuptb0GF/+zWZcJfoVIFBG3LQeRyGsQ+bBm/l0M+sxRqrR0M/7p4
|
||||
FNN75A2vPXgoEQh2Ed3VAAAADEVDMiB0ZXN0IGtleQE=
|
||||
-----END OPENSSH PRIVATE KEY-----
|
||||
'';
|
||||
|
||||
snakeOilPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMQ+bBm/l0M+sxRqrR0M/7p4FNN75A2vPXgoEQh2Ed3V EC2 test key";
|
||||
|
||||
snakeOilPublicKey = pkgs.lib.concatStrings [
|
||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHA"
|
||||
"yNTYAAABBBChdA2BmwcG49OrQN33f/sj+OHL5sJhwVl2Qim0vkUJQCry1zFpKTa"
|
||||
"9ZcDMiWaEhoAR6FGoaGI04ff7CS+1yybQ= snakeoil"
|
||||
];
|
||||
in {
|
||||
boot-ec2-nixops = makeEc2Test {
|
||||
name = "nixops-userdata";
|
||||
sshPublicKey = snakeOilPublicKey; # That's right folks! My user's key is also the host key!
|
||||
|
||||
userData = ''
|
||||
SSH_HOST_DSA_KEY_PUB:${snakeOilPublicKey}
|
||||
SSH_HOST_DSA_KEY:${pkgs.lib.concatStringsSep "|" snakeOilPrivateKey}
|
||||
SSH_HOST_ED25519_KEY_PUB:${snakeOilPublicKey}
|
||||
SSH_HOST_ED25519_KEY:${replaceStrings ["\n"] ["|"] snakeOilPrivateKey}
|
||||
'';
|
||||
script = ''
|
||||
$machine->start;
|
||||
|
@ -80,8 +89,9 @@ in {
|
|||
|
||||
# Let's install our client private key
|
||||
$machine->succeed("mkdir -p ~/.ssh");
|
||||
${concatMapStrings (s: "$machine->succeed('echo ${s} >> ~/.ssh/id_ecdsa');") snakeOilPrivateKey}
|
||||
$machine->succeed("chmod 600 ~/.ssh/id_ecdsa");
|
||||
|
||||
$machine->succeed("echo '${snakeOilPrivateKey}' > ~/.ssh/id_ed25519");
|
||||
$machine->succeed("chmod 600 ~/.ssh/id_ed25519");
|
||||
|
||||
# We haven't configured the host key yet, so this should still fail
|
||||
$machine->fail("ssh -o BatchMode=yes localhost exit");
|
||||
|
|
Loading…
Reference in a new issue