nixos/containers-ip: Test both ipv4 and ipv6 in the same script

2019-11-26 00:44:12 +01:00 · 2019-11-26 00:44:12 +01:00 · 07802f4d20
commit 07802f4d20
parent 4e89f75ca6
6 changed files with 80 additions and 121 deletions
--- a/nixos/release-combined.nix
+++ b/nixos/release-combined.nix
@ -63,8 +63,7 @@ in rec {

        #(all nixos.tests.containers)
        (all nixos.tests.containers-imperative)
-        (all nixos.tests.containers-ipv4)
-        (all nixos.tests.containers-ipv6)
+        (all nixos.tests.containers-ip)
        nixos.tests.chromium.x86_64-linux or []
        (all nixos.tests.firefox)
        (all nixos.tests.firewall)
--- a/nixos/release-small.nix
+++ b/nixos/release-small.nix
@ -32,8 +32,7 @@ in rec {
    tests = {
      inherit (nixos'.tests)
        containers-imperative
-        containers-ipv4
-        containers-ipv6
+        containers-ip
        firewall
        ipv6
        login
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@ -53,8 +53,7 @@ in
  containers-extra_veth = handleTest ./containers-extra_veth.nix {};
  containers-hosts = handleTest ./containers-hosts.nix {};
  containers-imperative = handleTest ./containers-imperative.nix {};
-  containers-ipv4 = handleTest ./containers-ipv4.nix {};
-  containers-ipv6 = handleTest ./containers-ipv6.nix {};
+  containers-ip = handleTest ./containers-ip.nix {};
  containers-macvlans = handleTest ./containers-macvlans.nix {};
  containers-physical_interfaces = handleTest ./containers-physical_interfaces.nix {};
  containers-restart_networking = handleTest ./containers-restart_networking.nix {};
--- a/nixos/tests/containers-ip.nix
+++ b/nixos/tests/containers-ip.nix
@ -0,0 +1,77 @@
+# Test for NixOS' container support.
+
+let
+  webserverFor = hostAddress: localAddress: {
+    inherit hostAddress localAddress;
+    privateNetwork = true;
+    config = {
+      services.httpd = {
+        enable = true;
+        adminAddr = "foo@example.org";
+      };
+      networking.firewall.allowedTCPPorts = [ 80 ];
+    };
+  };
+
+in import ./make-test-python.nix ({ pkgs, ...} : {
+  name = "containers-ipv4-ipv6";
+  meta = with pkgs.stdenv.lib.maintainers; {
+    maintainers = [ aristid aszlig eelco kampfschlaefer ];
+  };
+
+  machine =
+    { pkgs, ... }: {
+      imports = [ ../modules/installer/cd-dvd/channel.nix ];
+      virtualisation = {
+        writableStore = true;
+        memorySize = 768;
+      };
+
+      containers.webserver4 = webserverFor "10.231.136.1" "10.231.136.2";
+      containers.webserver6 = webserverFor "fc00::2" "fc00::1";
+      virtualisation.pathsInNixDB = [ pkgs.stdenv ];
+    };
+
+  testScript = { nodes, ... }: ''
+    import time
+
+
+    def curl_host(ip):
+        # put [] around ipv6 addresses for curl
+        host = ip if ":" not in ip else f"[{ip}]"
+        return f"curl --fail --connect-timeout 2 http://{host}/ > /dev/null"
+
+
+    def get_ip(container):
+        # need to distinguish because show-ip won't work for ipv6
+        if container == "webserver4":
+            ip = machine.succeed(f"nixos-container show-ip {container}").rstrip()
+            assert ip == "${nodes.machine.config.containers.webserver4.localAddress}"
+            return ip
+        return "${nodes.machine.config.containers.webserver6.localAddress}"
+
+
+    for container in "webserver4", "webserver6":
+        assert container in machine.succeed("nixos-container list")
+
+        with subtest(f"Start container {container}"):
+            machine.succeed(f"nixos-container start {container}")
+            # wait 2s for container to start and network to be up
+            time.sleep(2)
+
+        # Since "start" returns after the container has reached
+        # multi-user.target, we should now be able to access it.
+
+        ip = get_ip(container)
+        with subtest(f"{container} reacts to pings and HTTP requests"):
+            machine.succeed(f"ping -n -c1 {ip}")
+            machine.succeed(curl_host(ip))
+
+        with subtest(f"Stop container {container}"):
+            machine.succeed(f"nixos-container stop {container}")
+            machine.fail(curl_host(ip))
+
+        # Destroying a declarative container should fail.
+        machine.fail(f"nixos-container destroy {container}")
+  '';
+})
--- a/nixos/tests/containers-ipv4.nix
+++ b/nixos/tests/containers-ipv4.nix
@ -1,55 +0,0 @@
-# Test for NixOS' container support.
-
-import ./make-test.nix ({ pkgs, ...} : {
-  name = "containers-ipv4";
-  meta = with pkgs.stdenv.lib.maintainers; {
-    maintainers = [ aristid aszlig eelco kampfschlaefer ];
-  };
-
-  machine =
-    { pkgs, ... }:
-    { imports = [ ../modules/installer/cd-dvd/channel.nix ];
-      virtualisation.writableStore = true;
-      virtualisation.memorySize = 768;
-
-      containers.webserver =
-        { privateNetwork = true;
-          hostAddress = "10.231.136.1";
-          localAddress = "10.231.136.2";
-          config =
-            { services.httpd.enable = true;
-              services.httpd.adminAddr = "foo@example.org";
-              networking.firewall.allowedTCPPorts = [ 80 ];
-              system.stateVersion = "18.03";
-            };
-        };
-
-      virtualisation.pathsInNixDB = [ pkgs.stdenv ];
-    };
-
-  testScript =
-    ''
-      $machine->succeed("nixos-container list") =~ /webserver/ or die;
-
-      # Start the webserver container.
-      $machine->succeed("nixos-container start webserver");
-
-      # wait two seconds for the container to start and the network to be up
-      sleep 2;
-
-      # Since "start" returns after the container has reached
-      # multi-user.target, we should now be able to access it.
-      my $ip = $machine->succeed("nixos-container show-ip webserver");
-      chomp $ip;
-      $machine->succeed("ping -n -c1 $ip");
-      $machine->succeed("curl --fail http://$ip/ > /dev/null");
-
-      # Stop the container.
-      $machine->succeed("nixos-container stop webserver");
-      $machine->fail("curl --fail --connect-timeout 2 http://$ip/ > /dev/null");
-
-      # Destroying a declarative container should fail.
-      $machine->fail("nixos-container destroy webserver");
-    '';
-
-})
--- a/nixos/tests/containers-ipv6.nix
+++ b/nixos/tests/containers-ipv6.nix
@ -1,60 +0,0 @@
-# Test for NixOS' container support.
-
-let
-  hostIp = "fc00::2";
-  localIp = "fc00::1";
-in
-
-import ./make-test.nix ({ pkgs, ...} : {
-  name = "containers-ipv6";
-  meta = with pkgs.stdenv.lib.maintainers; {
-    maintainers = [ aristid aszlig eelco kampfschlaefer ];
-  };
-
-  machine =
-    { pkgs, ... }:
-    { imports = [ ../modules/installer/cd-dvd/channel.nix ];
-      virtualisation.writableStore = true;
-      virtualisation.memorySize = 768;
-
-      containers.webserver =
-        { privateNetwork = true;
-          hostAddress6 = hostIp;
-          localAddress6 = localIp;
-          config =
-            { services.httpd.enable = true;
-              services.httpd.adminAddr = "foo@example.org";
-              networking.firewall.allowedTCPPorts = [ 80 ];
-            };
-        };
-
-      virtualisation.pathsInNixDB = [ pkgs.stdenv ];
-    };
-
-  testScript =
-    ''
-      $machine->waitForUnit("default.target");
-      $machine->succeed("nixos-container list") =~ /webserver/ or die;
-
-      # Start the webserver container.
-      $machine->succeed("nixos-container start webserver");
-
-      # wait two seconds for the container to start and the network to be up
-      sleep 2;
-
-      # Since "start" returns after the container has reached
-      # multi-user.target, we should now be able to access it.
-      my $ip = "${localIp}";
-      chomp $ip;
-      $machine->succeed("ping -n -c 1 $ip");
-      $machine->succeed("curl --fail http://[$ip]/ > /dev/null");
-
-      # Stop the container.
-      $machine->succeed("nixos-container stop webserver");
-      $machine->fail("curl --fail --connect-timeout 2 http://[$ip]/ > /dev/null");
-
-      # Destroying a declarative container should fail.
-      $machine->fail("nixos-container destroy webserver");
-    '';
-
-})