nixosTests.forgejo: fork from nixosTests.gitea
This commit is contained in:
parent
8d374cebcd
commit
02601e17a5
@ -280,7 +280,7 @@ in {
|
||||
fluentd = handleTest ./fluentd.nix {};
|
||||
fluidd = handleTest ./fluidd.nix {};
|
||||
fontconfig-default-fonts = handleTest ./fontconfig-default-fonts.nix {};
|
||||
forgejo = handleTest ./gitea.nix { giteaPackage = pkgs.forgejo; };
|
||||
forgejo = handleTest ./forgejo.nix { };
|
||||
freenet = handleTest ./freenet.nix {};
|
||||
freeswitch = handleTest ./freeswitch.nix {};
|
||||
freshrss-sqlite = handleTest ./freshrss-sqlite.nix {};
|
||||
|
157
nixos/tests/forgejo.nix
Normal file
157
nixos/tests/forgejo.nix
Normal file
@ -0,0 +1,157 @@
|
||||
{ system ? builtins.currentSystem
|
||||
, config ? { }
|
||||
, pkgs ? import ../.. { inherit system config; }
|
||||
}:
|
||||
|
||||
with import ../lib/testing-python.nix { inherit system pkgs; };
|
||||
with pkgs.lib;
|
||||
|
||||
let
|
||||
## gpg --faked-system-time='20230301T010000!' --quick-generate-key snakeoil ed25519 sign
|
||||
signingPrivateKey = ''
|
||||
-----BEGIN PGP PRIVATE KEY BLOCK-----
|
||||
|
||||
lFgEY/6jkBYJKwYBBAHaRw8BAQdADXiZRV8RJUyC9g0LH04wLMaJL9WTc+szbMi7
|
||||
5fw4yP8AAQCl8EwGfzSLm/P6fCBfA3I9znFb3MEHGCCJhJ6VtKYyRw7ktAhzbmFr
|
||||
ZW9pbIiUBBMWCgA8FiEE+wUM6VW/NLtAdSixTWQt6LZ4x50FAmP+o5ACGwMFCQPC
|
||||
ZwAECwkIBwQVCgkIBRYCAwEAAh4FAheAAAoJEE1kLei2eMedFTgBAKQs1oGFZrCI
|
||||
TZP42hmBTKxGAI1wg7VSdDEWTZxut/2JAQDGgo2sa4VHMfj0aqYGxrIwfP2B7JHO
|
||||
GCqGCRf9O/hzBA==
|
||||
=9Uy3
|
||||
-----END PGP PRIVATE KEY BLOCK-----
|
||||
'';
|
||||
signingPrivateKeyId = "4D642DE8B678C79D";
|
||||
|
||||
supportedDbTypes = [ "mysql" "postgres" "sqlite3" ];
|
||||
makeGForgejoTest = type: nameValuePair type (makeTest {
|
||||
name = "forgejo-${type}";
|
||||
meta.maintainers = with maintainers; [ bendlas emilylange ];
|
||||
|
||||
nodes = {
|
||||
server = { config, pkgs, ... }: {
|
||||
virtualisation.memorySize = 2047;
|
||||
services.forgejo = {
|
||||
enable = true;
|
||||
database = { inherit type; };
|
||||
settings.service.DISABLE_REGISTRATION = true;
|
||||
settings."repository.signing".SIGNING_KEY = signingPrivateKeyId;
|
||||
settings.actions.ENABLED = true;
|
||||
};
|
||||
environment.systemPackages = [ config.services.forgejo.package pkgs.gnupg pkgs.jq ];
|
||||
services.openssh.enable = true;
|
||||
|
||||
specialisation.runner = {
|
||||
inheritParentConfig = true;
|
||||
configuration.services.gitea-actions-runner.instances."test" = {
|
||||
enable = true;
|
||||
name = "ci";
|
||||
url = "http://localhost:3000";
|
||||
labels = [
|
||||
# don't require docker/podman
|
||||
"native:host"
|
||||
];
|
||||
tokenFile = "/var/lib/forgejo/runner_token";
|
||||
};
|
||||
};
|
||||
};
|
||||
client1 = { config, pkgs, ... }: {
|
||||
environment.systemPackages = [ pkgs.git ];
|
||||
};
|
||||
client2 = { config, pkgs, ... }: {
|
||||
environment.systemPackages = [ pkgs.git ];
|
||||
};
|
||||
};
|
||||
|
||||
testScript = { nodes, ... }:
|
||||
let
|
||||
inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey;
|
||||
serverSystem = nodes.server.system.build.toplevel;
|
||||
in
|
||||
''
|
||||
GIT_SSH_COMMAND = "ssh -i $HOME/.ssh/privk -o StrictHostKeyChecking=no"
|
||||
REPO = "forgejo@server:test/repo"
|
||||
PRIVK = "${snakeOilPrivateKey}"
|
||||
|
||||
start_all()
|
||||
|
||||
client1.succeed("mkdir /tmp/repo")
|
||||
client1.succeed("mkdir -p $HOME/.ssh")
|
||||
client1.succeed(f"cat {PRIVK} > $HOME/.ssh/privk")
|
||||
client1.succeed("chmod 0400 $HOME/.ssh/privk")
|
||||
client1.succeed("git -C /tmp/repo init")
|
||||
client1.succeed("echo hello world > /tmp/repo/testfile")
|
||||
client1.succeed("git -C /tmp/repo add .")
|
||||
client1.succeed("git config --global user.email test@localhost")
|
||||
client1.succeed("git config --global user.name test")
|
||||
client1.succeed("git -C /tmp/repo commit -m 'Initial import'")
|
||||
client1.succeed(f"git -C /tmp/repo remote add origin {REPO}")
|
||||
|
||||
server.wait_for_unit("forgejo.service")
|
||||
server.wait_for_open_port(3000)
|
||||
server.wait_for_open_port(22)
|
||||
server.succeed("curl --fail http://localhost:3000/")
|
||||
|
||||
server.succeed(
|
||||
"su -l forgejo -c 'gpg --homedir /var/lib/forgejo/data/home/.gnupg "
|
||||
+ "--import ${toString (pkgs.writeText "forgejo.key" signingPrivateKey)}'"
|
||||
)
|
||||
|
||||
assert "BEGIN PGP PUBLIC KEY BLOCK" in server.succeed("curl http://localhost:3000/api/v1/signing-key.gpg")
|
||||
|
||||
server.succeed(
|
||||
"curl --fail http://localhost:3000/user/sign_up | grep 'Registration is disabled. "
|
||||
+ "Please contact your site administrator.'"
|
||||
)
|
||||
server.succeed(
|
||||
"su -l forgejo -c 'GITEA_WORK_DIR=/var/lib/forgejo gitea admin user create "
|
||||
+ "--username test --password totallysafe --email test@localhost'"
|
||||
)
|
||||
|
||||
api_token = server.succeed(
|
||||
"curl --fail -X POST http://test:totallysafe@localhost:3000/api/v1/users/test/tokens "
|
||||
+ "-H 'Accept: application/json' -H 'Content-Type: application/json' -d "
|
||||
+ "'{\"name\":\"token\",\"scopes\":[\"all\"]}' | jq '.sha1' | xargs echo -n"
|
||||
)
|
||||
|
||||
server.succeed(
|
||||
"curl --fail -X POST http://localhost:3000/api/v1/user/repos "
|
||||
+ "-H 'Accept: application/json' -H 'Content-Type: application/json' "
|
||||
+ f"-H 'Authorization: token {api_token}'"
|
||||
+ ' -d \'{"auto_init":false, "description":"string", "license":"mit", "name":"repo", "private":false}\'''
|
||||
)
|
||||
|
||||
server.succeed(
|
||||
"curl --fail -X POST http://localhost:3000/api/v1/user/keys "
|
||||
+ "-H 'Accept: application/json' -H 'Content-Type: application/json' "
|
||||
+ f"-H 'Authorization: token {api_token}'"
|
||||
+ ' -d \'{"key":"${snakeOilPublicKey}","read_only":true,"title":"SSH"}\'''
|
||||
)
|
||||
|
||||
client1.succeed(
|
||||
f"GIT_SSH_COMMAND='{GIT_SSH_COMMAND}' git -C /tmp/repo push origin master"
|
||||
)
|
||||
|
||||
client2.succeed("mkdir -p $HOME/.ssh")
|
||||
client2.succeed(f"cat {PRIVK} > $HOME/.ssh/privk")
|
||||
client2.succeed("chmod 0400 $HOME/.ssh/privk")
|
||||
client2.succeed(f"GIT_SSH_COMMAND='{GIT_SSH_COMMAND}' git clone {REPO}")
|
||||
client2.succeed('test "$(cat repo/testfile | xargs echo -n)" = "hello world"')
|
||||
|
||||
server.wait_until_succeeds(
|
||||
'test "$(curl http://localhost:3000/api/v1/repos/test/repo/commits '
|
||||
+ '-H "Accept: application/json" | jq length)" = "1"',
|
||||
timeout=10
|
||||
)
|
||||
|
||||
with subtest("Testing runner registration"):
|
||||
server.succeed(
|
||||
"su -l forgejo -c 'GITEA_WORK_DIR=/var/lib/forgejo gitea actions generate-runner-token' | sed 's/^/TOKEN=/' | tee /var/lib/forgejo/runner_token"
|
||||
)
|
||||
server.succeed("${serverSystem}/specialisation/runner/bin/switch-to-configuration test")
|
||||
server.wait_for_unit("gitea-runner-test.service")
|
||||
server.succeed("journalctl -o cat -u gitea-runner-test.service | grep -q 'Runner registered successfully'")
|
||||
'';
|
||||
});
|
||||
in
|
||||
|
||||
listToAttrs (map makeGForgejoTest supportedDbTypes)
|
Loading…
Reference in New Issue
Block a user