From 7b6052a47340d706ede8cc08b331f02de832e462 Mon Sep 17 00:00:00 2001 From: Ophestra Umiker Date: Tue, 17 Dec 2024 21:16:55 +0900 Subject: [PATCH] nix: run Go tests in nixos Nix build environment does not support ACLs in any filesystem. This allows acl tests to run. Signed-off-by: Ophestra Umiker --- flake.nix | 22 +++++++++++++++++++++- test.nix | 15 ++++++++++++--- 2 files changed, 33 insertions(+), 4 deletions(-) diff --git a/flake.nix b/flake.nix index 624a060..60611a0 100644 --- a/flake.nix +++ b/flake.nix @@ -74,7 +74,7 @@ touch $out ''; - nixos-tests = callPackage ./test.nix { inherit self home-manager; }; + nixos-tests = callPackage ./test.nix { inherit system self home-manager; }; } ); @@ -95,6 +95,26 @@ buildInputs = with nixpkgsFor.${system}; self.packages.${system}.fortify.buildInputs; }; + fhs = nixpkgsFor.${system}.buildFHSEnv { + pname = "fortify-fhs"; + inherit (self.packages.${system}.fortify) version; + targetPkgs = + pkgs: with pkgs; [ + go + gcc + pkg-config + acl + wayland + wayland-scanner + wayland-protocols + xorg.libxcb + ]; + extraOutputsToInstall = [ "dev" ]; + profile = '' + export PKG_CONFIG_PATH="/usr/share/pkgconfig:$PKG_CONFIG_PATH" + ''; + }; + withPackage = nixpkgsFor.${system}.mkShell { buildInputs = with nixpkgsFor.${system}; diff --git a/test.nix b/test.nix index d2c1a5e..22f6f14 100644 --- a/test.nix +++ b/test.nix @@ -1,4 +1,5 @@ { + system, self, home-manager, nixosTest, @@ -31,11 +32,14 @@ nixosTest { services.getty.autologinUser = "alice"; environment = { - # For glinfo and wayland-info: systemPackages = with pkgs; [ + # For glinfo and wayland-info: mesa-demos wayland-utils alacritty + + # For go tests: + self.devShells.${system}.fhs ]; variables = { @@ -139,7 +143,11 @@ nixosTest { start_all() machine.wait_for_unit("multi-user.target") - # To check the version: + # Run fortify Go tests outside of nix build: + machine.succeed("rm -rf /tmp/src && cp -a '${self.packages.${system}.fortify.src}' /tmp/src") + print(machine.succeed("fortify-fhs -c '(cd /tmp/src && go generate ./... && go test ./...)'")) + + # To check sway's version: print(machine.succeed("sway --version")) # Wait for Sway to complete startup: @@ -185,7 +193,8 @@ nixosTest { machine.send_chars("glinfo && touch /tmp/success-client-x11\n") machine.wait_for_file("/tmp/fortify.1000/tmpdir/0/success-client-x11") machine.screenshot("alacritty_x11_permissive") - machine.succeed("pkill alacritty") + machine.send_chars("exit\n") + machine.wait_until_fails("pgrep alacritty") # Exit Sway and verify process exit status 0: swaymsg("exit", succeed=False)