nixos/tests/systemd-nspawn: add test for machinectl pull-tar

This will package up the closure of pkgs.hello in a tarball, and will later on verify machinectl pull-tar properly unpacked it, serving as a regression test for #108158. Closes #108158
2 years ago · dbf2b9152f
parent 17c252aab1
commit dbf2b9152f
1 changed files with 12 additions and 1 deletions
--- a/nixos/tests/systemd-nspawn.nix
+++ b/nixos/tests/systemd-nspawn.nix
@ -25,8 +25,15 @@ let
  nspawnImages = (pkgs.runCommand "localhost" { buildInputs = [ pkgs.coreutils pkgs.gnupg ]; } ''
    mkdir -p $out
    cd $out
+
+    # produce a testimage.raw
    dd if=/dev/urandom of=$out/testimage.raw bs=$((1024*1024+7)) count=5
-    sha256sum testimage.raw > SHA256SUMS
+
+    # produce a testimage2.tar.xz, containing the hello store path
+    tar cvJpf testimage2.tar.xz ${pkgs.hello}
+
+    # produce signature(s)
+    sha256sum testimage* > SHA256SUMS
    export GNUPGHOME="$(mktemp -d)"
    cp -R ${gpgKeyring}/* $GNUPGHOME
    gpg --batch --sign --detach-sign --output SHA256SUMS.gpg SHA256SUMS
@ -56,5 +63,9 @@ in {
    client.succeed(
        "cmp /var/lib/machines/testimage.raw ${nspawnImages}/testimage.raw"
    )
+    client.succeed("machinectl pull-tar --verify=signature http://server/testimage2.tar.xz")
+    client.succeed(
+        "cmp /var/lib/machines/testimage2/${pkgs.hello}/bin/hello ${pkgs.hello}/bin/hello"
+    )
  '';
 })