From 1fe7725039725c7bf9d198cf0136edac9e7a85a1 Mon Sep 17 00:00:00 2001 From: Sizhe Zhao Date: Sat, 7 Jun 2025 19:40:09 +0800 Subject: [PATCH] nixosTests.cfssl: handleTest -> runTest --- nixos/tests/all-tests.nix | 2 +- nixos/tests/cfssl.nix | 166 +++++++++++++++++++------------------- 2 files changed, 83 insertions(+), 85 deletions(-) diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 75614efdd4c3..6ca347f8bc31 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -306,7 +306,7 @@ in "x86_64-linux" ] ./ceph-single-node-bluestore-dmcrypt.nix; certmgr = import ./certmgr.nix { inherit pkgs runTest; }; - cfssl = handleTestOn [ "aarch64-linux" "x86_64-linux" ] ./cfssl.nix { }; + cfssl = runTestOn [ "aarch64-linux" "x86_64-linux" ] ./cfssl.nix; cgit = runTest ./cgit.nix; charliecloud = runTest ./charliecloud.nix; chromadb = runTest ./chromadb.nix; diff --git a/nixos/tests/cfssl.nix b/nixos/tests/cfssl.nix index fa81a241f812..fc407ba67f0b 100644 --- a/nixos/tests/cfssl.nix +++ b/nixos/tests/cfssl.nix @@ -1,89 +1,87 @@ -import ./make-test-python.nix ( - { pkgs, ... }: - { - name = "cfssl"; +{ pkgs, ... }: +{ + name = "cfssl"; - nodes.machine = - { - config, - lib, - pkgs, - ... - }: - { - networking.firewall.allowedTCPPorts = [ config.services.cfssl.port ]; + nodes.machine = + { + config, + lib, + pkgs, + ... + }: + { + networking.firewall.allowedTCPPorts = [ config.services.cfssl.port ]; - services.cfssl.enable = true; - systemd.services.cfssl.after = [ "cfssl-init.service" ]; + services.cfssl.enable = true; + systemd.services.cfssl.after = [ "cfssl-init.service" ]; - systemd.services.cfssl-init = { - description = "Initialize the cfssl CA"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - User = "cfssl"; - Type = "oneshot"; - WorkingDirectory = config.services.cfssl.dataDir; - }; - script = with pkgs; '' - ${cfssl}/bin/cfssl genkey -initca ${ - pkgs.writeText "ca.json" ( - builtins.toJSON { - hosts = [ "ca.example.com" ]; - key = { - algo = "rsa"; - size = 4096; - }; - names = [ - { - C = "US"; - L = "San Francisco"; - O = "Internet Widgets, LLC"; - OU = "Certificate Authority"; - ST = "California"; - } - ]; - } - ) - } | ${cfssl}/bin/cfssljson -bare ca - ''; + systemd.services.cfssl-init = { + description = "Initialize the cfssl CA"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "cfssl"; + Type = "oneshot"; + WorkingDirectory = config.services.cfssl.dataDir; }; - }; - - testScript = - let - cfsslrequest = - with pkgs; - writeScript "cfsslrequest" '' - curl -f -X POST -H "Content-Type: application/json" -d @${csr} \ - http://localhost:8888/api/v1/cfssl/newkey | ${cfssl}/bin/cfssljson /tmp/certificate - ''; - csr = pkgs.writeText "csr.json" ( - builtins.toJSON { - CN = "www.example.com"; - hosts = [ - "example.com" - "www.example.com" - ]; - key = { - algo = "rsa"; - size = 2048; - }; - names = [ - { - C = "US"; - L = "San Francisco"; - O = "Example Company, LLC"; - OU = "Operations"; - ST = "California"; + script = with pkgs; '' + ${cfssl}/bin/cfssl genkey -initca ${ + pkgs.writeText "ca.json" ( + builtins.toJSON { + hosts = [ "ca.example.com" ]; + key = { + algo = "rsa"; + size = 4096; + }; + names = [ + { + C = "US"; + L = "San Francisco"; + O = "Internet Widgets, LLC"; + OU = "Certificate Authority"; + ST = "California"; + } + ]; } - ]; - } - ); - in - '' - machine.wait_for_unit("cfssl.service") - machine.wait_until_succeeds("${cfsslrequest}") - machine.succeed("ls /tmp/certificate-key.pem") - ''; - } -) + ) + } | ${cfssl}/bin/cfssljson -bare ca + ''; + }; + }; + + testScript = + let + cfsslrequest = + with pkgs; + writeScript "cfsslrequest" '' + curl -f -X POST -H "Content-Type: application/json" -d @${csr} \ + http://localhost:8888/api/v1/cfssl/newkey | ${cfssl}/bin/cfssljson /tmp/certificate + ''; + csr = pkgs.writeText "csr.json" ( + builtins.toJSON { + CN = "www.example.com"; + hosts = [ + "example.com" + "www.example.com" + ]; + key = { + algo = "rsa"; + size = 2048; + }; + names = [ + { + C = "US"; + L = "San Francisco"; + O = "Example Company, LLC"; + OU = "Operations"; + ST = "California"; + } + ]; + } + ); + in + '' + machine.wait_for_unit("cfssl.service") + machine.wait_until_succeeds("${cfsslrequest}") + machine.succeed("ls /tmp/certificate-key.pem") + ''; +}