blob: baad675229cce80701518eea625efa0072394162 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
# This test runs gitlab and checks if it works
let
initialRootPassword = "notproduction";
in
import ./make-test-python.nix ({ pkgs, lib, ...} : with lib; {
name = "gitlab";
meta = with pkgs.lib.maintainers; {
maintainers = [ globin ];
};
nodes = {
gitlab = { ... }: {
imports = [ common/user-account.nix ];
virtualisation.memorySize = if pkgs.stdenv.is64bit then 4096 else 2047;
systemd.services.gitlab.serviceConfig.Restart = mkForce "no";
systemd.services.gitlab-workhorse.serviceConfig.Restart = mkForce "no";
systemd.services.gitaly.serviceConfig.Restart = mkForce "no";
systemd.services.gitlab-sidekiq.serviceConfig.Restart = mkForce "no";
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
localhost = {
locations."/".proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
};
};
};
services.dovecot2 = {
enable = true;
enableImap = true;
};
services.gitlab = {
enable = true;
databasePasswordFile = pkgs.writeText "dbPassword" "xo0daiF4";
initialRootPasswordFile = pkgs.writeText "rootPassword" initialRootPassword;
smtp.enable = true;
extraConfig = {
incoming_email = {
enabled = true;
mailbox = "inbox";
address = "alice@localhost";
user = "alice";
password = "foobar";
host = "localhost";
port = 143;
};
pages = {
enabled = true;
host = "localhost";
};
};
secrets = {
secretFile = pkgs.writeText "secret" "r8X9keSKynU7p4aKlh4GO1Bo77g5a7vj";
otpFile = pkgs.writeText "otpsecret" "Zu5hGx3YvQx40DvI8WoZJQpX2paSDOlG";
dbFile = pkgs.writeText "dbsecret" "lsGltKWTejOf6JxCVa7nLDenzkO9wPLR";
jwsFile = pkgs.runCommand "oidcKeyBase" {} "${pkgs.openssl}/bin/openssl genrsa 2048 > $out";
};
};
};
};
testScript =
let
auth = pkgs.writeText "auth.json" (builtins.toJSON {
grant_type = "password";
username = "root";
password = initialRootPassword;
});
createProject = pkgs.writeText "create-project.json" (builtins.toJSON {
name = "test";
});
putFile = pkgs.writeText "put-file.json" (builtins.toJSON {
branch = "master";
author_email = "author@example.com";
author_name = "Firstname Lastname";
content = "some content";
commit_message = "create a new file";
});
in
''
gitlab.start()
gitlab.wait_for_unit("gitaly.service")
gitlab.wait_for_unit("gitlab-workhorse.service")
gitlab.wait_for_unit("gitlab-pages.service")
gitlab.wait_for_unit("gitlab-mailroom.service")
gitlab.wait_for_unit("gitlab.service")
gitlab.wait_for_unit("gitlab-sidekiq.service")
gitlab.wait_for_file("/var/gitlab/state/tmp/sockets/gitlab.socket")
gitlab.wait_until_succeeds("curl -sSf http://gitlab/users/sign_in")
gitlab.succeed(
"curl -isSf http://gitlab | grep -i location | grep -q http://gitlab/users/sign_in"
)
gitlab.succeed(
"${pkgs.sudo}/bin/sudo -u gitlab -H gitlab-rake gitlab:check 1>&2"
)
gitlab.succeed(
"echo \"Authorization: Bearer \$(curl -X POST -H 'Content-Type: application/json' -d @${auth} http://gitlab/oauth/token | ${pkgs.jq}/bin/jq -r '.access_token')\" >/tmp/headers"
)
gitlab.succeed(
"curl -X POST -H 'Content-Type: application/json' -H @/tmp/headers -d @${createProject} http://gitlab/api/v4/projects"
)
gitlab.succeed(
"curl -X POST -H 'Content-Type: application/json' -H @/tmp/headers -d @${putFile} http://gitlab/api/v4/projects/1/repository/files/some-file.txt"
)
gitlab.succeed(
"curl -H @/tmp/headers http://gitlab/api/v4/projects/1/repository/archive.tar.gz > /tmp/archive.tar.gz"
)
gitlab.succeed(
"curl -H @/tmp/headers http://gitlab/api/v4/projects/1/repository/archive.tar.bz2 > /tmp/archive.tar.bz2"
)
gitlab.succeed("test -s /tmp/archive.tar.gz")
gitlab.succeed("test -s /tmp/archive.tar.bz2")
'';
})
|
