nix-super/tests/nixos/default.nix

{ lib, nixpkgs, nixpkgsFor, self }:

let

  nixos-lib = import (nixpkgs + "/nixos/lib") { };

  noTests = pkg: pkg.overrideAttrs (
            finalAttrs: prevAttrs: {
              doCheck = false;
              doInstallCheck = false;
            });

  # https://nixos.org/manual/nixos/unstable/index.html#sec-calling-nixos-tests
  runNixOSTestFor = system: test:
    (nixos-lib.runTest {
      imports = [
        test
      ];

      hostPkgs = nixpkgsFor.${system}.native;
      defaults = {
        nixpkgs.pkgs = nixpkgsFor.${system}.native;
        nix.checkAllErrors = false;
        # TODO: decide which packaging stage to use. `nix-cli` is efficient, but not the same as the user-facing `everything.nix` package (`default`). Perhaps a good compromise is `everything.nix` + `noTests` defined above?
        nix.package = nixpkgsFor.${system}.native.nixComponents.nix-cli;
      };
      _module.args.nixpkgs = nixpkgs;
      _module.args.system = system;
    })
    // {
      # allow running tests against older nix versions via `nix eval --apply`
      # Example:
      #   nix build "$(nix eval --raw --impure .#hydraJobs.tests.fetch-git --apply 't: (t.forNix "2.19.2").drvPath')^*"
      forNix = nixVersion: runNixOSTestFor system {
        imports = [test];
        defaults.nixpkgs.overlays = [(curr: prev: {
          nix = let
            packages = (builtins.getFlake "nix/${nixVersion}").packages.${system};
          in packages.nix-cli or packages.nix;
        })];
      };
    };

  # Checks that a NixOS configuration does not contain any references to our
  # locally defined Nix version.
  checkOverrideNixVersion = { pkgs, lib, ... }: {
    # pkgs.nix: The new Nix in this repo
    # We disallow it, to make sure we don't accidentally use it.
    system.forbiddenDependenciesRegexes = [
      (lib.strings.escapeRegex "nix-${pkgs.nix.version}")
    ];
  };

  otherNixes.nix_2_3.setNixPackage = { lib, pkgs, ... }: {
    imports = [ checkOverrideNixVersion ];
    nix.package = lib.mkForce pkgs.nixVersions.nix_2_3;
  };

  otherNixes.nix_2_13.setNixPackage = { lib, pkgs, ... }: {
    imports = [ checkOverrideNixVersion ];
    nix.package = lib.mkForce (
      self.inputs.nixpkgs-23-11.legacyPackages.${pkgs.stdenv.hostPlatform.system}.nixVersions.nix_2_13.overrideAttrs (o: {
        meta = o.meta // { knownVulnerabilities = []; };
      })
    );
  };

  otherNixes.nix_2_18.setNixPackage = { lib, pkgs, ... }: {
    imports = [ checkOverrideNixVersion ];
    nix.package = lib.mkForce pkgs.nixVersions.nix_2_18;
  };

in

{
  authorization = runNixOSTestFor "x86_64-linux" ./authorization.nix;

  remoteBuilds = runNixOSTestFor "x86_64-linux" ./remote-builds.nix;

  remoteBuildsSshNg = runNixOSTestFor "x86_64-linux" ./remote-builds-ssh-ng.nix;

}
// lib.concatMapAttrs (
  nixVersion: { setNixPackage, ... }:
  {
    "remoteBuilds_remote_${nixVersion}" = runNixOSTestFor "x86_64-linux" {
      name = "remoteBuilds_remote_${nixVersion}";
      imports = [ ./remote-builds.nix ];
      builders.config = { lib, pkgs, ... }: {
        imports = [ setNixPackage ];
      };
    };

    "remoteBuilds_local_${nixVersion}" = runNixOSTestFor "x86_64-linux" {
      name = "remoteBuilds_local_${nixVersion}";
      imports = [ ./remote-builds.nix ];
      nodes.client = { lib, pkgs, ... }: {
        imports = [ setNixPackage ];
      };
    };

    "remoteBuildsSshNg_remote_${nixVersion}" = runNixOSTestFor "x86_64-linux" {
      name = "remoteBuildsSshNg_remote_${nixVersion}";
      imports = [ ./remote-builds-ssh-ng.nix ];
      builders.config = { lib, pkgs, ... }: {
        imports = [ setNixPackage ];
      };
    };

    # FIXME: these tests don't work yet

    # "remoteBuildsSshNg_local_${nixVersion}" = runNixOSTestFor "x86_64-linux" {
    #   name = "remoteBuildsSshNg_local_${nixVersion}";
    #   imports = [ ./remote-builds-ssh-ng.nix ];
    #   nodes.client = { lib, pkgs, ... }: {
    #     imports = [ overridingModule ];
    #   };
    # };
  }
) otherNixes
// {

  nix-copy-closure = runNixOSTestFor "x86_64-linux" ./nix-copy-closure.nix;

  nix-copy = runNixOSTestFor "x86_64-linux" ./nix-copy.nix;

  nssPreload = runNixOSTestFor "x86_64-linux" ./nss-preload.nix;

  githubFlakes = runNixOSTestFor "x86_64-linux" ./github-flakes.nix;

  gitSubmodules = runNixOSTestFor "x86_64-linux" ./git-submodules.nix;

  sourcehutFlakes = runNixOSTestFor "x86_64-linux" ./sourcehut-flakes.nix;

  tarballFlakes = runNixOSTestFor "x86_64-linux" ./tarball-flakes.nix;

  containers = runNixOSTestFor "x86_64-linux" ./containers/containers.nix;

  setuid = lib.genAttrs
    ["x86_64-linux"]
    (system: runNixOSTestFor system ./setuid.nix);

  fetch-git = runNixOSTestFor "x86_64-linux" ./fetch-git;

  ca-fd-leak = runNixOSTestFor "x86_64-linux" ./ca-fd-leak;

  gzip-content-encoding = runNixOSTestFor "x86_64-linux" ./gzip-content-encoding.nix;

  functional_user = runNixOSTestFor "x86_64-linux" ./functional/as-user.nix;

  functional_trusted = runNixOSTestFor "x86_64-linux" ./functional/as-trusted-user.nix;

  functional_root = runNixOSTestFor "x86_64-linux" ./functional/as-root.nix;

  user-sandboxing = runNixOSTestFor "x86_64-linux" ./user-sandboxing;

  s3-binary-cache-store = runNixOSTestFor "x86_64-linux" ./s3-binary-cache-store.nix;

  fsync = runNixOSTestFor "x86_64-linux" ./fsync.nix;

  cgroups = runNixOSTestFor "x86_64-linux" ./cgroups;

  fetchurl = runNixOSTestFor "x86_64-linux" ./fetchurl.nix;

  chrootStore = runNixOSTestFor "x86_64-linux" ./chroot-store.nix;
}
Fix eval remoteBuilds_*_2_13 2024-06-03 18:00:48 +03:00			`{ lib, nixpkgs, nixpkgsFor, self }:`
Define NixOS tests in `tests/nixos/default.nix` rather than `flake.nix` I think the our `flake.nix` is currently too large and too scary looking. I think this matters --- if Nix cannot dog-food itself in a way that is elegant, why should other people have confidence that their own code can be elegant and easy to maintain? We could do this at many points in time, but I think around now, when we are thinking about stabilizing parts of Flakes, is an especially good time. This is a first step to make the `flake.nix` smaller, and make individual components responsible for their own packaging. I hope we can do this many more follow-ups like it, until the top-level `flake.nix` is very small and just coordinates between other things. 2023-10-06 17:53:01 +03:00
			`let`

			`nixos-lib = import (nixpkgs + "/nixos/lib") { };`

Use nixosTest.quickBuild behavior by default This wasn't the default behaviour because: > We don't enable this by default to avoid the mostly unnecessary work of > performing an additional build of the package in cases where we build > the package normally anyway, such as in our pre-merge CI. Since we have a componentized build, we've solved the duplication. In the new situation, building both with and without unit tests isn't any slow than just a build with unit tests, so there's no point in using the unit-tested build anymore. By using the otherwise untested build, we reduce the minimum build time towards the NixOS test, at no cost. If you want to run all tests, build all attributes. 2024-08-15 00:19:22 +03:00			`noTests = pkg: pkg.overrideAttrs (`
			`finalAttrs: prevAttrs: {`
			`doCheck = false;`
			`doInstallCheck = false;`
			`});`

Define NixOS tests in `tests/nixos/default.nix` rather than `flake.nix` I think the our `flake.nix` is currently too large and too scary looking. I think this matters --- if Nix cannot dog-food itself in a way that is elegant, why should other people have confidence that their own code can be elegant and easy to maintain? We could do this at many points in time, but I think around now, when we are thinking about stabilizing parts of Flakes, is an especially good time. This is a first step to make the `flake.nix` smaller, and make individual components responsible for their own packaging. I hope we can do this many more follow-ups like it, until the top-level `flake.nix` is very small and just coordinates between other things. 2023-10-06 17:53:01 +03:00			`# https://nixos.org/manual/nixos/unstable/index.html#sec-calling-nixos-tests`
initialize test suite for git fetchers solves #9388 This utilizes nixos vm tests to allow: - writing tests for fetchTree and fetchGit involving actual networking. - writing small independent test cases by automating local and remote repository setup per test case. This adds: - a gitea module setting up a gitea server - a setup module that simplifies writing test cases by automating the repo setup. - a simple git http test case Other improvements: For all nixos tests, add capability of overriding the nix version to test against. This should make it easier to prevent regressions. If a new test is added it can simply be ran against any older nix version without having to backport the test. For example, for running the container tests against nix 2.12.0: `nix build "$(nix eval --raw .#hydraJobs.tests.containers --impure --apply 't: (t.forNix "2.12.0").drvPath')^*" -L` 2023-12-29 10:15:16 +02:00			`runNixOSTestFor = system: test:`
			`(nixos-lib.runTest {`
tests: Add quickBuild to all VM tests 2024-06-16 17:40:20 +03:00			`imports = [`
			`test`
			`];`

initialize test suite for git fetchers solves #9388 This utilizes nixos vm tests to allow: - writing tests for fetchTree and fetchGit involving actual networking. - writing small independent test cases by automating local and remote repository setup per test case. This adds: - a gitea module setting up a gitea server - a setup module that simplifies writing test cases by automating the repo setup. - a simple git http test case Other improvements: For all nixos tests, add capability of overriding the nix version to test against. This should make it easier to prevent regressions. If a new test is added it can simply be ran against any older nix version without having to backport the test. For example, for running the container tests against nix 2.12.0: `nix build "$(nix eval --raw .#hydraJobs.tests.containers --impure --apply 't: (t.forNix "2.12.0").drvPath')^*" -L` 2023-12-29 10:15:16 +02:00			`hostPkgs = nixpkgsFor.${system}.native;`
			`defaults = {`
			`nixpkgs.pkgs = nixpkgsFor.${system}.native;`
			`nix.checkAllErrors = false;`
Make functional tests on NixOS use Meson not Make Co-authored-by: Robert Hensing <roberth@users.noreply.github.com> 2024-11-04 00:10:34 +02:00			# TODO: decide which packaging stage to use. `nix-cli` is efficient, but not the same as the user-facing `everything.nix` package (`default`). Perhaps a good compromise is `everything.nix` + `noTests` defined above?
			`nix.package = nixpkgsFor.${system}.native.nixComponents.nix-cli;`
initialize test suite for git fetchers solves #9388 This utilizes nixos vm tests to allow: - writing tests for fetchTree and fetchGit involving actual networking. - writing small independent test cases by automating local and remote repository setup per test case. This adds: - a gitea module setting up a gitea server - a setup module that simplifies writing test cases by automating the repo setup. - a simple git http test case Other improvements: For all nixos tests, add capability of overriding the nix version to test against. This should make it easier to prevent regressions. If a new test is added it can simply be ran against any older nix version without having to backport the test. For example, for running the container tests against nix 2.12.0: `nix build "$(nix eval --raw .#hydraJobs.tests.containers --impure --apply 't: (t.forNix "2.12.0").drvPath')^*" -L` 2023-12-29 10:15:16 +02:00			`};`
			`_module.args.nixpkgs = nixpkgs;`
			`_module.args.system = system;`
			`})`
			`// {`
			# allow running tests against older nix versions via `nix eval --apply`
			`# Example:`
			`# nix build "$(nix eval --raw --impure .#hydraJobs.tests.fetch-git --apply 't: (t.forNix "2.19.2").drvPath')^*"`
			`forNix = nixVersion: runNixOSTestFor system {`
			`imports = [test];`
			`defaults.nixpkgs.overlays = [(curr: prev: {`
Make functional tests on NixOS use Meson not Make Co-authored-by: Robert Hensing <roberth@users.noreply.github.com> 2024-11-04 00:10:34 +02:00			`nix = let`
			`packages = (builtins.getFlake "nix/${nixVersion}").packages.${system};`
			`in packages.nix-cli or packages.nix;`
initialize test suite for git fetchers solves #9388 This utilizes nixos vm tests to allow: - writing tests for fetchTree and fetchGit involving actual networking. - writing small independent test cases by automating local and remote repository setup per test case. This adds: - a gitea module setting up a gitea server - a setup module that simplifies writing test cases by automating the repo setup. - a simple git http test case Other improvements: For all nixos tests, add capability of overriding the nix version to test against. This should make it easier to prevent regressions. If a new test is added it can simply be ran against any older nix version without having to backport the test. For example, for running the container tests against nix 2.12.0: `nix build "$(nix eval --raw .#hydraJobs.tests.containers --impure --apply 't: (t.forNix "2.12.0").drvPath')^*" -L` 2023-12-29 10:15:16 +02:00			`})];`
			`};`
Define NixOS tests in `tests/nixos/default.nix` rather than `flake.nix` I think the our `flake.nix` is currently too large and too scary looking. I think this matters --- if Nix cannot dog-food itself in a way that is elegant, why should other people have confidence that their own code can be elegant and easy to maintain? We could do this at many points in time, but I think around now, when we are thinking about stabilizing parts of Flakes, is an especially good time. This is a first step to make the `flake.nix` smaller, and make individual components responsible for their own packaging. I hope we can do this many more follow-ups like it, until the top-level `flake.nix` is very small and just coordinates between other things. 2023-10-06 17:53:01 +03:00			`};`

tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00			`# Checks that a NixOS configuration does not contain any references to our`
			`# locally defined Nix version.`
			`checkOverrideNixVersion = { pkgs, lib, ... }: {`
			`# pkgs.nix: The new Nix in this repo`
			`# We disallow it, to make sure we don't accidentally use it.`
Change checkOverrideNixVersion for NixOS 24.05 2024-06-03 17:42:11 +03:00			`system.forbiddenDependenciesRegexes = [`
			`(lib.strings.escapeRegex "nix-${pkgs.nix.version}")`
			`];`
tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00			`};`

Refactor hydraJobs.tests.remoteBuilds_*_2_18 2024-06-03 18:26:16 +03:00			`otherNixes.nix_2_3.setNixPackage = { lib, pkgs, ... }: {`
			`imports = [ checkOverrideNixVersion ];`
			`nix.package = lib.mkForce pkgs.nixVersions.nix_2_3;`
tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00			`};`

Refactor hydraJobs.tests.remoteBuilds_*_2_18 2024-06-03 18:26:16 +03:00			`otherNixes.nix_2_13.setNixPackage = { lib, pkgs, ... }: {`
			`imports = [ checkOverrideNixVersion ];`
			`nix.package = lib.mkForce (`
			`self.inputs.nixpkgs-23-11.legacyPackages.${pkgs.stdenv.hostPlatform.system}.nixVersions.nix_2_13.overrideAttrs (o: {`
			`meta = o.meta // { knownVulnerabilities = []; };`
			`})`
			`);`
			`};`
tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00
Add tests.remoteBuilds_*_2_18 2024-06-03 18:33:38 +03:00			`otherNixes.nix_2_18.setNixPackage = { lib, pkgs, ... }: {`
			`imports = [ checkOverrideNixVersion ];`
			`nix.package = lib.mkForce pkgs.nixVersions.nix_2_18;`
			`};`

Refactor hydraJobs.tests.remoteBuilds_*_2_18 2024-06-03 18:26:16 +03:00			`in`
tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00
Refactor hydraJobs.tests.remoteBuilds_*_2_18 2024-06-03 18:26:16 +03:00			`{`
			`authorization = runNixOSTestFor "x86_64-linux" ./authorization.nix;`
tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00
Refactor hydraJobs.tests.remoteBuilds_*_2_18 2024-06-03 18:26:16 +03:00			`remoteBuilds = runNixOSTestFor "x86_64-linux" ./remote-builds.nix;`
tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00
libstore/ssh-ng: Fix phase reporting in log files. When doing local builds, we get phase reporting lines in the log file, they look like '@nix {"action":"setPhase","phase":"unpackPhase"}'. With the ssh-ng protocol, we do have access to these messages, but since we are only including messages of type resBuildLogLine in the logs, the phase information does not end up in the log file. The phase reporting could probably be improved altoghether (it looks like it is kind of accidental that these JSON messages for phase reporting show up but others don't, just because they are actually emitted by nixpkgs' stdenv), but as a first step I propose to make ssh-ng behave in the same way as local builds do. 2023-10-31 18:32:09 +02:00			`remoteBuildsSshNg = runNixOSTestFor "x86_64-linux" ./remote-builds-ssh-ng.nix;`

Refactor hydraJobs.tests.remoteBuilds_*_2_18 2024-06-03 18:26:16 +03:00			`}`
			`// lib.concatMapAttrs (`
			`nixVersion: { setNixPackage, ... }:`
			`{`
			`"remoteBuilds_remote_${nixVersion}" = runNixOSTestFor "x86_64-linux" {`
			`name = "remoteBuilds_remote_${nixVersion}";`
			`imports = [ ./remote-builds.nix ];`
			`builders.config = { lib, pkgs, ... }: {`
			`imports = [ setNixPackage ];`
			`};`
tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00			`};`

Refactor hydraJobs.tests.remoteBuilds_*_2_18 2024-06-03 18:26:16 +03:00			`"remoteBuilds_local_${nixVersion}" = runNixOSTestFor "x86_64-linux" {`
			`name = "remoteBuilds_local_${nixVersion}";`
			`imports = [ ./remote-builds.nix ];`
			`nodes.client = { lib, pkgs, ... }: {`
			`imports = [ setNixPackage ];`
			`};`
tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00			`};`

Refactor hydraJobs.tests.remoteBuilds_*_2_18 2024-06-03 18:26:16 +03:00			`"remoteBuildsSshNg_remote_${nixVersion}" = runNixOSTestFor "x86_64-linux" {`
			`name = "remoteBuildsSshNg_remote_${nixVersion}";`
			`imports = [ ./remote-builds-ssh-ng.nix ];`
			`builders.config = { lib, pkgs, ... }: {`
			`imports = [ setNixPackage ];`
			`};`
tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00			`};`

Refactor hydraJobs.tests.remoteBuilds_*_2_18 2024-06-03 18:26:16 +03:00			`# FIXME: these tests don't work yet`

			`# "remoteBuildsSshNg_local_${nixVersion}" = runNixOSTestFor "x86_64-linux" {`
			`# name = "remoteBuildsSshNg_local_${nixVersion}";`
			`# imports = [ ./remote-builds-ssh-ng.nix ];`
			`# nodes.client = { lib, pkgs, ... }: {`
			`# imports = [ overridingModule ];`
			`# };`
			`# };`
			`}`
			`) otherNixes`
			`// {`
tests/nixos: Test remote build against older versions 2024-01-22 19:34:52 +02:00
Define NixOS tests in `tests/nixos/default.nix` rather than `flake.nix` I think the our `flake.nix` is currently too large and too scary looking. I think this matters --- if Nix cannot dog-food itself in a way that is elegant, why should other people have confidence that their own code can be elegant and easy to maintain? We could do this at many points in time, but I think around now, when we are thinking about stabilizing parts of Flakes, is an especially good time. This is a first step to make the `flake.nix` smaller, and make individual components responsible for their own packaging. I hope we can do this many more follow-ups like it, until the top-level `flake.nix` is very small and just coordinates between other things. 2023-10-06 17:53:01 +03:00			`nix-copy-closure = runNixOSTestFor "x86_64-linux" ./nix-copy-closure.nix;`

			`nix-copy = runNixOSTestFor "x86_64-linux" ./nix-copy.nix;`

			`nssPreload = runNixOSTestFor "x86_64-linux" ./nss-preload.nix;`

			`githubFlakes = runNixOSTestFor "x86_64-linux" ./github-flakes.nix;`

Add nixos test 2024-04-11 15:58:42 +03:00			`gitSubmodules = runNixOSTestFor "x86_64-linux" ./git-submodules.nix;`

Define NixOS tests in `tests/nixos/default.nix` rather than `flake.nix` I think the our `flake.nix` is currently too large and too scary looking. I think this matters --- if Nix cannot dog-food itself in a way that is elegant, why should other people have confidence that their own code can be elegant and easy to maintain? We could do this at many points in time, but I think around now, when we are thinking about stabilizing parts of Flakes, is an especially good time. This is a first step to make the `flake.nix` smaller, and make individual components responsible for their own packaging. I hope we can do this many more follow-ups like it, until the top-level `flake.nix` is very small and just coordinates between other things. 2023-10-06 17:53:01 +03:00			`sourcehutFlakes = runNixOSTestFor "x86_64-linux" ./sourcehut-flakes.nix;`

			`tarballFlakes = runNixOSTestFor "x86_64-linux" ./tarball-flakes.nix;`

			`containers = runNixOSTestFor "x86_64-linux" ./containers/containers.nix;`

			`setuid = lib.genAttrs`
TMP: Disable tests.setuid.i686-linux Temporarily(?) blocked on https://github.com/NixOS/nixpkgs/pull/297475#issuecomment-2145589501 2024-06-03 19:09:38 +03:00			`["x86_64-linux"]`
Define NixOS tests in `tests/nixos/default.nix` rather than `flake.nix` I think the our `flake.nix` is currently too large and too scary looking. I think this matters --- if Nix cannot dog-food itself in a way that is elegant, why should other people have confidence that their own code can be elegant and easy to maintain? We could do this at many points in time, but I think around now, when we are thinking about stabilizing parts of Flakes, is an especially good time. This is a first step to make the `flake.nix` smaller, and make individual components responsible for their own packaging. I hope we can do this many more follow-ups like it, until the top-level `flake.nix` is very small and just coordinates between other things. 2023-10-06 17:53:01 +03:00			`(system: runNixOSTestFor system ./setuid.nix);`
initialize test suite for git fetchers solves #9388 This utilizes nixos vm tests to allow: - writing tests for fetchTree and fetchGit involving actual networking. - writing small independent test cases by automating local and remote repository setup per test case. This adds: - a gitea module setting up a gitea server - a setup module that simplifies writing test cases by automating the repo setup. - a simple git http test case Other improvements: For all nixos tests, add capability of overriding the nix version to test against. This should make it easier to prevent regressions. If a new test is added it can simply be ran against any older nix version without having to backport the test. For example, for running the container tests against nix 2.12.0: `nix build "$(nix eval --raw .#hydraJobs.tests.containers --impure --apply 't: (t.forNix "2.12.0").drvPath')^*" -L` 2023-12-29 10:15:16 +02:00
			`fetch-git = runNixOSTestFor "x86_64-linux" ./fetch-git;`
Add a NixOS test for the sandbox escape Test that we can't leverage abstract unix domain sockets to leak file descriptors out of the sandbox and modify the path after it has been registered. 2024-02-12 22:28:20 +02:00
			`ca-fd-leak = runNixOSTestFor "x86_64-linux" ./ca-fd-leak;`
test(nixos): add integration test for doubly-compressed content Add an integration test with a compressing proxy (nginx is used). This test verifies that fetched archives do not get decompressed excessively. 2024-03-30 00:29:34 +02:00
			`gzip-content-encoding = runNixOSTestFor "x86_64-linux" ./gzip-content-encoding.nix;`
Add a test for the user sandboxing 2024-04-08 15:51:54 +03:00
tests: Add hydraJobs.tests.functional_* 2024-06-16 13:13:07 +03:00			`functional_user = runNixOSTestFor "x86_64-linux" ./functional/as-user.nix;`

			`functional_trusted = runNixOSTestFor "x86_64-linux" ./functional/as-trusted-user.nix;`

			`functional_root = runNixOSTestFor "x86_64-linux" ./functional/as-root.nix;`

Add a test for the user sandboxing 2024-04-08 15:51:54 +03:00			`user-sandboxing = runNixOSTestFor "x86_64-linux" ./user-sandboxing;`
Add a VM test for S3BinaryCacheStore Fixes #11238. 2024-08-05 12:38:38 +03:00
			`s3-binary-cache-store = runNixOSTestFor "x86_64-linux" ./s3-binary-cache-store.nix;`
Add a VM test for fsync-store-paths Based on https://github.com/squalus/nix-durability-tests/blob/master/flake.nix. 2024-08-22 16:34:19 +03:00
			`fsync = runNixOSTestFor "x86_64-linux" ./fsync.nix;`
Add tests for daemon with cgroups 2024-09-03 20:27:56 +03:00
			`cgroups = runNixOSTestFor "x86_64-linux" ./cgroups;`
Add a test for builtin:fetchurl cert verification 2024-09-24 17:13:28 +03:00
			`fetchurl = runNixOSTestFor "x86_64-linux" ./fetchurl.nix;`
Add a test for chroot stores 2024-10-22 23:23:16 +03:00
			`chrootStore = runNixOSTestFor "x86_64-linux" ./chroot-store.nix;`
Define NixOS tests in `tests/nixos/default.nix` rather than `flake.nix` I think the our `flake.nix` is currently too large and too scary looking. I think this matters --- if Nix cannot dog-food itself in a way that is elegant, why should other people have confidence that their own code can be elegant and easy to maintain? We could do this at many points in time, but I think around now, when we are thinking about stabilizing parts of Flakes, is an especially good time. This is a first step to make the `flake.nix` smaller, and make individual components responsible for their own packaging. I hope we can do this many more follow-ups like it, until the top-level `flake.nix` is very small and just coordinates between other things. 2023-10-06 17:53:01 +03:00			`}`