diff options
author | Kira Bruneau <kira.bruneau@pm.me> | 2023-04-30 13:53:57 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-04-30 13:53:57 -0400 |
commit | 50200de3f4d3456d6d0eeca52982bf9c6adef80b (patch) | |
tree | 239a86c268f4be7b6bb0af89b3c9d6d135ea3431 /nixos/tests | |
parent | 234d0433747819774dd5b09bc3baf7a87ac60dda (diff) | |
parent | 3e7069bb47e90254811052aff1c295f33ac9f4c7 (diff) |
Merge pull request #216230 from tcheronneau/master
nixos/{consul-template,vault-agent}: init
Diffstat (limited to 'nixos/tests')
-rw-r--r-- | nixos/tests/all-tests.nix | 2 | ||||
-rw-r--r-- | nixos/tests/consul-template.nix | 36 | ||||
-rw-r--r-- | nixos/tests/vault-agent.nix | 52 |
3 files changed, 90 insertions, 0 deletions
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 57cd7f1a6129b..0031ffed0c3f7 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -146,6 +146,7 @@ in { collectd = handleTest ./collectd.nix {}; connman = handleTest ./connman.nix {}; consul = handleTest ./consul.nix {}; + consul-template = handleTest ./consul-template.nix {}; containers-bridge = handleTest ./containers-bridge.nix {}; containers-custom-pkgs.nix = handleTest ./containers-custom-pkgs.nix {}; containers-ephemeral = handleTest ./containers-ephemeral.nix {}; @@ -753,6 +754,7 @@ in { varnish60 = handleTest ./varnish.nix { package = pkgs.varnish60; }; varnish72 = handleTest ./varnish.nix { package = pkgs.varnish72; }; vault = handleTest ./vault.nix {}; + vault-agent = handleTest ./vault-agent.nix {}; vault-dev = handleTest ./vault-dev.nix {}; vault-postgresql = handleTest ./vault-postgresql.nix {}; vaultwarden = handleTest ./vaultwarden.nix {}; diff --git a/nixos/tests/consul-template.nix b/nixos/tests/consul-template.nix new file mode 100644 index 0000000000000..cbffa94569e38 --- /dev/null +++ b/nixos/tests/consul-template.nix @@ -0,0 +1,36 @@ +import ./make-test-python.nix ({ ... }: { + name = "consul-template"; + + nodes.machine = { ... }: { + services.consul-template.instances.example.settings = { + template = [{ + contents = '' + {{ key "example" }} + ''; + perms = "0600"; + destination = "/example"; + }]; + }; + + services.consul = { + enable = true; + extraConfig = { + server = true; + bootstrap_expect = 1; + bind_addr = "127.0.0.1"; + }; + }; + }; + + testScript = '' + machine.wait_for_unit("consul.service") + machine.wait_for_open_port(8500) + + machine.wait_for_unit("consul-template-example.service") + + machine.wait_until_succeeds('consul kv put example example') + + machine.wait_for_file("/example") + machine.succeed('grep "example" /example') + ''; +}) diff --git a/nixos/tests/vault-agent.nix b/nixos/tests/vault-agent.nix new file mode 100644 index 0000000000000..dc86c829b67af --- /dev/null +++ b/nixos/tests/vault-agent.nix @@ -0,0 +1,52 @@ +import ./make-test-python.nix ({ pkgs, ... }: { + name = "vault-agent"; + + nodes.machine = { config, pkgs, ... }: { + services.vault-agent.instances.example.settings = { + vault.address = config.environment.variables.VAULT_ADDR; + + auto_auth = [{ + method = [{ + type = "token_file"; + config.token_file_path = pkgs.writeText "vault-token" config.environment.variables.VAULT_TOKEN; + }]; + }]; + + template = [{ + contents = '' + {{- with secret "secret/example" }} + {{ .Data.data.key }}" + {{- end }} + ''; + perms = "0600"; + destination = "/example"; + }]; + }; + + services.vault = { + enable = true; + dev = true; + devRootTokenID = config.environment.variables.VAULT_TOKEN; + }; + + environment = { + systemPackages = [ pkgs.vault ]; + variables = { + VAULT_ADDR = "http://localhost:8200"; + VAULT_TOKEN = "root"; + }; + }; + }; + + testScript = '' + machine.wait_for_unit("vault.service") + machine.wait_for_open_port(8200) + + machine.wait_until_succeeds('vault kv put secret/example key=example') + + machine.wait_for_unit("vault-agent-example.service") + + machine.wait_for_file("/example") + machine.succeed('grep "example" /example') + ''; +}) |