nixos/tests/dendrite: init #121777
nixos/tests/dendrite: init #121777
Conversation
|
In light of #121728 (comment), can we please add TLS to the test with a non world-readable key? That should fail atm. |
|
Yes, I can add that this weekend |
dotlambda
changed the title
|
Depends on #121942 |
mjlbach
force-pushed
the
matrix_dendrite_module_test
branch
2 times, most recently
from
cd439e1
to
22657d4
Compare
|
My nixpkgs PR bumping matrix-nio is now in master, I'm cleaning up and including a couple additional features (including the TLS case). I assume the latter will fail, so I'll also add additional option we discussed on matrix to the systemd service |
mjlbach
force-pushed
the
matrix_dendrite_module_test
branch
from
22657d4
to
6136ef9
Compare
|
I went ahead and updated the test. Questions:
Re: hardening the module and adding a test, I'll do that in a separate PR. |
pkgs/servers/dendrite/default.nix
Outdated
| @@ -13,6 +13,8 @@ buildGoModule rec { | |||
|
|
|||
| vendorSha256 = "1l1wydvi0yalas79cvhrqg563cvs57hg9rv6qnkw879r6smb2x1n"; | |||
|
|
|||
| passthru.tests = nixosTests.dendrite; | |||
There was a problem hiding this comment.
| passthru.tests = nixosTests.dendrite; | |
| passthru.tests = { | |
| inherit (nixosTests) dendrite; | |
| } |
There was a problem hiding this comment.
Is there a reason for this? The former pattern is very common in nixpkgs, and we aren't inheriting multiple tests.
There was a problem hiding this comment.
It's what every other package does.
There was a problem hiding this comment.
This isn't true, but I've changed it to what you suggested:
pkgs/servers/web-apps/engelsystem/default.nix
40: passthru.tests = nixosTests.engelsystem;
pkgs/servers/keycloak/default.nix
58: passthru.tests = nixosTests.keycloak;
pkgs/servers/miniflux/default.nix
34: passthru.tests = nixosTests.miniflux;
pkgs/servers/pinnwand/steck.nix
25: passthru.tests = nixosTests.pinnwand;
pkgs/servers/pinnwand/default.nix
46: passthru.tests = nixosTests.pinnwand;
pkgs/servers/nextcloud/default.nix
16: passthru.tests = nixosTests.nextcloud;
pkgs/applications/audio/musescore/default.nix
44: passthru.tests = nixosTests.musescore;
pkgs/applications/networking/irc/convos/default.nix
83: passthru.tests = nixosTests.convos;
pkgs/applications/misc/keepassx/community.nix
123: passthru.tests = nixosTests.keepassxc;
pkgs/os-specific/linux/firejail/default.nix
72: passthru.tests = nixosTests.firejail;
pkgs/os-specific/linux/usbguard/default.nix
77: passthru.tests = nixosTests.usbguard;
pkgs/tools/security/bitwarden_rs/vault.nix
19: passthru.tests = nixosTests.bitwarden;
pkgs/tools/security/bitwarden_rs/default.nix
38: passthru.tests = nixosTests.bitwarden;
There was a problem hiding this comment.
You're right, but most of them do it correctly, i.e. as documented: https://nixos.org/manual/nixpkgs/unstable/#var-meta-tests.
nixos/tests/dendrite.nix
Outdated
| homeserver.succeed( | ||
| "/run/current-system/specialisation/running/bin/switch-to-configuration test >&2" | ||
| ) |
There was a problem hiding this comment.
I just copied synapse, I can change it
There was a problem hiding this comment.
This is actually necessary for the test to wait until the service is started, removing it causes the test to fail with
Exception: unit "dendrite.service" is inactive and there are no pending jobs
There was a problem hiding this comment.
Maybe we have to do homeserver.wait_for_unit("network.target")?
No need to, ofborg only runs tests on Linux.
I'm strongly opposed to that. We either fix the module now or remove it from 21.05. |
You are strongly demotivating me to contribute to nixpkgs. You should adjust how you talk to contributors, because I am losing interest in working with you.
|
|
@mjlbach I wasn't talking about hardening, sorry if it sounded like I was. I would just like to see a test using |
|
As part of the hardening PR, I'm also going to change the tlsCert/key as we discussed previously using systemd credentials. I just wanted to get the test infrastructure in as I had to fix a lot of things (both upstream, and in the matrix-nio dependency chain). I don't see the harm in having a dedicated PR that enables the test, which I can then expand on when I add tests re: the tls issue. |
|
Okay, if you do it before 21.05 then it's fine with me. Please change the two things mentioned above though. Btw, thanks a lot for going as far as fixing stuff in nio for this test! |
mjlbach
force-pushed
the
matrix_dendrite_module_test
branch
from
6136ef9
to
62785de
Compare
nixos/tests/dendrite.nix
Outdated
|
|
||
| nodes = { | ||
| homeserver = { pkgs, ... }: { | ||
| specialisation.running.configuration = { |
There was a problem hiding this comment.
This is the culprit as it will build the configuration running but not run it. With
| specialisation.running.configuration = { |
it should work.
The option specialisation can be used for switching configuration within a test.
There was a problem hiding this comment.
Should be resolved now, thanks!
mjlbach
force-pushed
the
matrix_dendrite_module_test
branch
from
62785de
to
5f00525
Compare
mjlbach
force-pushed
the
matrix_dendrite_module_test
branch
from
5f00525
to
94e89ad
Compare
Motivation for this change
Matrix-nio is actively maintained, but also didn't support dendrite until tonight. I filed an upstream PR to fix this which was recently merged matrix-nio/matrix-nio#254. We'll need to wait until upstream cuts the next release in order to verify/merge this test (it worked on my local machine).
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)cc @dotlambda @infinisil