From 2d379b5a3884e1b3ffbc9a8be69788810340506e Mon Sep 17 00:00:00 2001
From: Ophestra <cat@gensokyo.uk>
Date: Sun, 23 Mar 2025 15:00:59 +0900
Subject: [PATCH] test/sandbox: pass want file as argument

This avoids building the check program multiple times.

Signed-off-by: Ophestra <cat@gensokyo.uk>
---
 test/sandbox/assert.nix       | 24 +++++++++---------------
 test/sandbox/case/default.nix |  7 +++----
 test/sandbox/default.nix      |  7 ++++---
 3 files changed, 16 insertions(+), 22 deletions(-)

diff --git a/test/sandbox/assert.nix b/test/sandbox/assert.nix
index d45e4cb..2ab075f 100644
--- a/test/sandbox/assert.nix
+++ b/test/sandbox/assert.nix
@@ -3,22 +3,9 @@
   buildGoModule,
 
   version,
-  name,
-  want,
 }:
-let
-  wantFile = writeText "fortify-${name}-want.json" (builtins.toJSON want);
-  mainFile = writeText "main.go" ''
-    package main
-
-    import "os"
-    import "git.gensokyo.uk/security/fortify/test/sandbox"
-
-    func main() { (&sandbox.T{FS: os.DirFS("/"), PMountsPath: "/.fortify/mounts"}).MustCheckFile("${wantFile}") }
-  '';
-in
 buildGoModule {
-  pname = "fortify-${name}-check-sandbox";
+  pname = "check-sandbox";
   inherit version;
 
   src = ../.;
@@ -26,6 +13,13 @@ buildGoModule {
 
   preBuild = ''
     go mod init git.gensokyo.uk/security/fortify/test >& /dev/null
-    cp ${mainFile} main.go
+    cp ${writeText "main.go" ''
+      package main
+
+      import "os"
+      import "git.gensokyo.uk/security/fortify/test/sandbox"
+
+      func main() { (&sandbox.T{FS: os.DirFS("/"), PMountsPath: "/.fortify/mounts"}).MustCheckFile(os.Args[1]) }
+    ''} main.go
   '';
 }
diff --git a/test/sandbox/case/default.nix b/test/sandbox/case/default.nix
index b65b6ed..0f0c24d 100644
--- a/test/sandbox/case/default.nix
+++ b/test/sandbox/case/default.nix
@@ -25,6 +25,8 @@ let
       ;
   };
 
+  checkSandbox = callPackage ../. { inherit version; };
+
   callTestCase =
     path:
     let
@@ -40,10 +42,7 @@ let
       verbose = true;
       share = foot;
       packages = [ ];
-      command = "${callPackage ../. {
-        inherit (tc) name want;
-        inherit version;
-      }}";
+      command = builtins.toString (checkSandbox tc.name tc.want);
       extraPaths = [
         {
           src = "/proc/mounts";
diff --git a/test/sandbox/default.nix b/test/sandbox/default.nix
index 9e7f12b..9014ebb 100644
--- a/test/sandbox/default.nix
+++ b/test/sandbox/default.nix
@@ -1,13 +1,14 @@
 {
   writeShellScript,
+  writeText,
   callPackage,
 
-  name,
   version,
-  want,
 }:
+name: want:
 writeShellScript "fortify-${name}-check-sandbox-script" ''
   set -e
-  ${callPackage ./assert.nix { inherit name version want; }}/bin/test
+  ${callPackage ./assert.nix { inherit version; }}/bin/test \
+    ${writeText "fortify-${name}-want.json" (builtins.toJSON want)}
   touch /tmp/sandbox-ok
 ''