contrib: add direct tests for agenix

These tests are MUCH faster than the NixOS tests.
This commit is contained in:
Ryan Mulligan 2023-02-21 20:35:56 -08:00
parent 564595d0ad
commit 097aa18b59
2 changed files with 49 additions and 25 deletions

View File

@ -9,7 +9,9 @@ jobs:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
extra_nix_config: |
system-features = nixos-test recursive-nix benchmark big-parallel kvm
extra-experimental-features = recursive-nix nix-command flakes
- run: nix build
- run: nix build .#doc
- run: nix fmt . -- --check
@ -20,7 +22,9 @@ jobs:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
extra_nix_config: |
system-features = nixos-test recursive-nix benchmark big-parallel kvm
extra-experimental-features = recursive-nix nix-command flakes
- run: nix build
- run: nix build .#doc
- run: nix fmt . -- --check

View File

@ -9,29 +9,49 @@
ageBin ? "${rage}/bin/rage",
stdenv.mkDerivation rec {
pname = "agenix";
version = "0.15.0";
src = substituteAll {
inherit ageBin version;
jqBin = "${jq}/bin/jq";
nixInstantiate = "${nix}/bin/nix-instantiate";
mktempBin = "${mktemp}/bin/mktemp";
diffBin = "${diffutils}/bin/diff";
src = ./;
dontUnpack = true;
}: let
bin = "${placeholder "out"}/bin/agenix";
stdenv.mkDerivation rec {
pname = "agenix";
version = "0.15.0";
src = substituteAll {
inherit ageBin version;
jqBin = "${jq}/bin/jq";
nixInstantiate = "${nix}/bin/nix-instantiate";
mktempBin = "${mktemp}/bin/mktemp";
diffBin = "${diffutils}/bin/diff";
src = ./;
dontUnpack = true;
doInstallCheck = true;
installCheckInputs = [shellcheck];
postInstallCheck = ''
shellcheck ${bin}
${bin} -h | grep ${version}
doCheck = true;
checkInputs = [shellcheck];
postCheck = ''
shellcheck $src
mkdir -p /tmp/home/.ssh
cp -r "${../example}" /tmp/home/secrets
chmod -R u+rw /tmp/home/secrets
export HOME=/tmp/home
umask u=rw,g=r,o=r
cp ${../example_keys/} $HOME/.ssh/
chown $UID $HOME/.ssh/
umask u=rw,g=,o=
cp ${../example_keys/user1} $HOME/.ssh/id_ed25519
chown $UID $HOME/.ssh/id_ed25519
installPhase = ''
install -D $src ${placeholder "out"}/bin/agenix
cd /tmp/home/secrets
test $(${bin} -d secret1.age) = "hello"
meta.description = "age-encrypted secrets for NixOS";
installPhase = ''
install -D $src ${bin}
meta.description = "age-encrypted secrets for NixOS";