This will package up the closure of pkgs.hello in a tarball, and will later on verify machinectl pull-tar properly unpacked it, serving as a regression test for #108158. Closes #108158
@ -25,8 +25,15 @@ let
nspawnImages = (pkgs.runCommand "localhost" { buildInputs = [ pkgs.coreutils pkgs.gnupg ]; } ''
mkdir -p $out
cd $out
# produce a testimage.raw
dd if=/dev/urandom of=$out/testimage.raw bs=$((1024*1024+7)) count=5
sha256sum testimage.raw > SHA256SUMS
# produce a testimage2.tar.xz, containing the hello store path
tar cvJpf testimage2.tar.xz ${pkgs.hello}
# produce signature(s)
sha256sum testimage* > SHA256SUMS
export GNUPGHOME="$(mktemp -d)"
cp -R ${gpgKeyring}/* $GNUPGHOME
gpg --batch --sign --detach-sign --output SHA256SUMS.gpg SHA256SUMS
@ -56,5 +63,9 @@ in {
client.succeed(
"cmp /var/lib/machines/testimage.raw ${nspawnImages}/testimage.raw"
)
client.succeed("machinectl pull-tar --verify=signature http://server/testimage2.tar.xz")
"cmp /var/lib/machines/testimage2/${pkgs.hello}/bin/hello ${pkgs.hello}/bin/hello"
'';
})