nixos/tests/signal-desktop: test if the SQLite DB is (un)encrypted

Well, this should test if the database is encrypted but currently it is
still unencrypted and we need to notice if this behaviour changes in the
future (as it will cause data loss, see e.g. NixOS#108772).
Anyway, this doesn't really matter for security reasons but we need this
test to prevent data loss (unfortunately Signal-Desktop and SQLCipher
handle this badly... :o).

nixos/tests/signal-desktop.nix

@@ -3,7 +3,7 @@ import ./make-test-python.nix ({ pkgs, ...} :
 {
   name = "signal-desktop";
   meta = with pkgs.lib.maintainers; {
-    maintainers = [ flokli ];
+    maintainers = [ flokli primeos ];
   };
 
   machine = { ... }:
@@ -16,7 +16,7 @@ import ./make-test-python.nix ({ pkgs, ...} :
 
     services.xserver.enable = true;
     test-support.displayManager.auto.user = "alice";
-    environment.systemPackages = [ pkgs.signal-desktop ];
+    environment.systemPackages = with pkgs; [ signal-desktop file ];
     virtualisation.memorySize = 1024;
   };
 
@@ -39,5 +39,17 @@ import ./make-test-python.nix ({ pkgs, ...} :
     machine.wait_for_text("Signal")
     machine.wait_for_text("File Edit View Window Help")
     machine.screenshot("signal_desktop")
+
+    # Test if the database is encrypted to prevent these issues:
+    # - https://github.com/NixOS/nixpkgs/issues/108772
+    # - https://github.com/NixOS/nixpkgs/pull/117555
+    print(machine.succeed("su - alice -c 'file ~/.config/Signal/sql/db.sqlite'"))
+    # TODO: The DB should be encrypted and the following should be machine.fail
+    # instead of machine.succeed but the DB is currently unencrypted and we
+    # want to notice if this isn't the case anymore as the transition to a
+    # encrypted DB can cause data loss!:
+    machine.succeed(
+        "su - alice -c 'file ~/.config/Signal/sql/db.sqlite' | grep -i sqlite"
+    )
   '';
 })