2024-05-28 19:43:04 +03:00
#!/usr/bin/env bash
2022-03-23 00:19:21 +02:00
source common.sh
2022-03-24 22:33:20 +02:00
enableFeatures "fetch-closure"
2022-03-23 00:19:21 +02:00
2024-06-16 13:51:46 +03:00
TODO_NixOS
2022-03-23 00:19:21 +02:00
clearStore
clearCacheCache
2023-05-24 16:35:46 +03:00
# Old daemons don't properly zero out the self-references when
# calculating the CA hashes, so this breaks `nix store
# make-content-addressed` which expects the client and the daemon to
# compute the same hash
requireDaemonNewerThan "2.16.0pre20230524"
2022-03-23 00:19:21 +02:00
# Initialize binary cache.
2022-05-02 10:38:51 +03:00
nonCaPath = $( nix build --json --file ./dependencies.nix --no-link | jq -r .[ ] .outputs.out)
2022-03-23 00:19:21 +02:00
caPath = $( nix store make-content-addressed --json $nonCaPath | jq -r '.rewrites | map(.) | .[]' )
nix copy --to file://$cacheDir $nonCaPath
# Test basic fetchClosure rewriting from non-CA to CA.
clearStore
[ ! -e $nonCaPath ]
[ ! -e $caPath ]
[ [ $( nix eval -v --raw --expr "
builtins.fetchClosure {
fromStore = \" file://$cacheDir \" ;
fromPath = $nonCaPath ;
toPath = $caPath ;
}
" ) = $caPath ]]
[ ! -e $nonCaPath ]
[ -e $caPath ]
2023-06-20 00:22:37 +03:00
clearStore
# The daemon will reject input addressed paths unless configured to trust the
# cache key or the user. This behavior should be covered by another test, so we
# skip this part when using the daemon.
2022-12-01 17:29:09 +02:00
if [ [ " $NIX_REMOTE " != "daemon" ] ] ; then
2023-06-20 00:22:37 +03:00
# If we want to return a non-CA path, we have to be explicit about it.
expectStderr 1 nix eval --raw --no-require-sigs --expr "
2022-12-01 17:29:09 +02:00
builtins.fetchClosure {
fromStore = \" file://$cacheDir \" ;
fromPath = $nonCaPath ;
}
2023-06-20 00:22:37 +03:00
" | grepQuiet -E " The .fromPath. value .* is input-addressed, but .inputAddressed. is set to .false."
2022-12-01 17:29:09 +02:00
2023-06-20 00:22:37 +03:00
# TODO: Should the closure be rejected, despite single user mode?
# [ ! -e $nonCaPath ]
2022-03-23 00:19:21 +02:00
2023-06-20 00:22:37 +03:00
[ ! -e $caPath ]
# We can use non-CA paths when we ask explicitly.
[ [ $( nix eval --raw --no-require-sigs --expr "
2023-05-19 11:48:53 +03:00
builtins.fetchClosure {
fromStore = \" file://$cacheDir \" ;
fromPath = $nonCaPath ;
2023-06-20 00:22:37 +03:00
inputAddressed = true;
2023-05-19 11:48:53 +03:00
}
2023-06-20 00:22:37 +03:00
" ) = $nonCaPath ]]
2023-05-19 11:48:53 +03:00
[ -e $nonCaPath ]
2023-06-20 00:22:37 +03:00
[ ! -e $caPath ]
2023-05-19 11:48:53 +03:00
2022-12-01 17:29:09 +02:00
fi
2022-03-23 00:19:21 +02:00
2023-06-20 00:22:37 +03:00
[ ! -e $caPath ]
2022-03-23 00:19:21 +02:00
# 'toPath' set to empty string should fail but print the expected path.
2021-12-09 17:26:46 +02:00
expectStderr 1 nix eval -v --json --expr "
2022-03-23 00:19:21 +02:00
builtins.fetchClosure {
fromStore = \" file://$cacheDir \" ;
fromPath = $nonCaPath ;
toPath = \" \" ;
}
2021-12-09 17:26:46 +02:00
" | grep " error: rewriting.*$nonCaPath .*yielded.*$caPath "
2022-03-23 00:19:21 +02:00
# If fromPath is CA, then toPath isn't needed.
nix copy --to file://$cacheDir $caPath
2023-06-20 00:22:37 +03:00
clearStore
[ ! -e $caPath ]
2022-03-23 00:19:21 +02:00
[ [ $( nix eval -v --raw --expr "
builtins.fetchClosure {
fromStore = \" file://$cacheDir \" ;
fromPath = $caPath ;
}
" ) = $caPath ]]
2022-04-06 12:52:51 +03:00
2023-06-20 00:22:37 +03:00
[ -e $caPath ]
2022-04-06 12:52:51 +03:00
# Check that URL query parameters aren't allowed.
clearStore
narCache = $TEST_ROOT /nar-cache
rm -rf $narCache
( ! nix eval -v --raw --expr "
builtins.fetchClosure {
fromStore = \" file://$cacheDir ?local-nar-cache= $narCache \" ;
fromPath = $caPath ;
}
" )
( ! [ -e $narCache ] )
2023-06-20 00:22:37 +03:00
# If toPath is specified but wrong, we check it (only) when the path is missing.
clearStore
badPath = $( echo $caPath | sed -e 's!/store/................................-!/store/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-!' )
[ ! -e $badPath ]
expectStderr 1 nix eval -v --raw --expr "
builtins.fetchClosure {
fromStore = \" file://$cacheDir \" ;
fromPath = $nonCaPath ;
toPath = $badPath ;
}
" | grep " error: rewriting.*$nonCaPath .*yielded.*$caPath .*while.*$badPath .*was expected"
[ ! -e $badPath ]
# We only check it when missing, as a performance optimization similar to what we do for fixed output derivations. So if it's already there, we don't check it.
# It would be nice for this to fail, but checking it would be too(?) slow.
[ -e $caPath ]
[ [ $( nix eval -v --raw --expr "
builtins.fetchClosure {
fromStore = \" file://$cacheDir \" ;
fromPath = $badPath ;
toPath = $caPath ;
}
" ) = $caPath ]]
# However, if the output address is unexpected, we can report it
expectStderr 1 nix eval -v --raw --expr "
builtins.fetchClosure {
fromStore = \" file://$cacheDir \" ;
fromPath = $caPath ;
inputAddressed = true;
}
" | grepQuiet 'error.*The store object referred to by.*fromPath.* at .* is not input-addressed, but .*inputAddressed.* is set to .*true.*'