Anna Gillert
dbc95f15b8
nixos/test-driver: Avoid shell injection in machine.execute()
2022-04-21 10:54:00 +02:00
Anna Gillert
f7e89a59da
nixos/test-driver: fix missing shellopts in execute
...
Without this fix, setting the shellopts in `machine.execute` is
inconsitent. When no timeout is used, shellopts `set -euo pipefail` are
applied to the command as expected. When a timeout is specified, the
shellopts are not applied to the command itself (which is called inside
a `sh -c` that doesn't inherit the shellopts) but rather to the
`timeout` command, leading to the following full command:
```bash
(set -euo pipefail; timeout 900 sh -c 'cmd') | (base64 --wrap 0; echo)\n
```
With this fix, this is the command we get:
```bash
timeout 900 sh -c 'set -euo pipefail; false | true') | (base64 --wrap 0; echo)\n
```
2022-04-21 10:54:00 +02:00
Graham Christensen
d65eff4fb6
Merge pull request #167902 from DeterminateSystems/openstack-zfs-cleanup
...
openstack-image: init, make-single-disk-zfs-image: init
2022-04-16 19:44:53 -04:00
Jacek Galowicz
6b414c5b66
Merge pull request #168609 from rnhmjoj/pr-test-driver
...
nixos/test-driver: highlight driver log lines
2022-04-14 13:09:36 +02:00
rnhmjoj
ca1b1f6dc0
nixos/test-driver: highlight driver log lines
...
There is a whole lot of noise in a NixOS test log due to journal,
commands, and test driver messages all being mixing together.
With this commit the test driver messages are highlighted so you don't
have to squint too much to see where a subtest starts and ends or what
was the last command being run.
Here's an excerpt from a highlighted log:
�[2mmachine # [ 6.647826] dhcpcd[668]: eth0: adding default route via 10.0.2.2�[0m
�[2mmachine # I've had a great day!�[0m
(finished: must succeed: curl -sfL https://example.com/how-are-you ? | tee /dev/stderr, in 0.19 seconds)
(finished: subtest: Privoxy can filter https requests, in 0.22 seconds)
�[1m�[32msubtest: Blocks are working�[0m
machine: �[1m�[32mwaiting for TCP port 443�[0m
�[2mmachine # Connection to localhost (::1) 443 port [tcp/https] succeeded!�[0m
(finished: waiting for TCP port 443, in 0.03 seconds)
machine: �[1m�[32mmust fail: curl -f https://example.com/ads 1>&2�[0m
�[2mmachine # [ 6.730608] nscd[742]: 742 monitored file `/etc/resolv.conf` was written to�[0m
�[2mmachine # [ 6.733071] privoxy[814]: 2022-04-14 09:41:01.695 7fa995c39640 Actions: +block{Fake ads} ...
�[2mmachine # curl: (22) The requested URL returned error: 403�[0m
�[2mmachine # [ 6.753098] systemd[1]: Stopping Name Service Cache Daemon...�[0m
�[2mmachine # [ 6.755632] systemd[1]: nscd.service: Deactivated successfully.�[0m
�[2mmachine # [ 6.757069] systemd[1]: Stopped Name Service Cache Daemon.�[0m
(finished: must fail: curl -f https://example.com/ads 1>&2, in 0.07 seconds)
machine: �[1m�[32mmust succeed: curl -f https://example.com/PRIVOXY-FORCE/ads 1>&2�[0m
�[2mmachine # [ 6.765099] systemd[1]: Starting Name Service Cache Daemon...�[0m
�[2mmachine # [ 6.781519] nscd[925]: 925 monitoring file `/etc/passwd` (1)�[0m
�[2mmachine # [ 6.844105] systemd[1]: Reached target Network is Online.�[0m
�[2mmachine # [ 6.848860] privoxy[814]: 2022-04-14 09:41:01.805 7fa995c39640 Actions: +block{Fake ads} ...
�[2mmachine # [ 6.856068] nscd[925]: 925 monitoring file `/etc/nsswitch.conf` (8)�[0m
�[2mmachine # [ 6.858229] systemd[1]: Reached target Multi-User System.�[0m
�[2mmachine # [ 6.858934] nscd[925]: 925 monitoring directory `/etc` (2)�[0m
�[2mmachine # [ 6.861315] systemd[1]: Startup finished in 2.374s (kernel) + 4.451s (userspace) = 6.826s.�[0m
�[2mmachine # Hot Nixpkgs PRs in your area. Click here!�[0m
�[2mmachine # [ 6.873055] nscd[925]: 925 monitoring directory `/etc` (2)�[0m
�[2mmachine # [ 6.874489] nscd[925]: 925 monitoring file `/etc/nsswitch.conf` (8)�[0m
�[2mmachine # [ 6.875599] nscd[925]: 925 monitoring directory `/etc` (2)�[0m
(finished: must succeed: curl -f https://example.com/PRIVOXY-FORCE/ads 1>&2, in 0.12 seconds)
(finished: subtest: Blocks are working, in 0.22 seconds)
�[1m�[32msubtest: Temporary certificates are cleaned�[0m
machine: �[1m�[32mmust succeed: test $(ls /run/privoxy/certs | wc -l) -gt 0�[0m
(finished: must succeed: test $(ls /run/privoxy/certs | wc -l) -gt 0, in 0.02 seconds)
machine: �[1m�[32mmust succeed: date -s "$(date --date '12 days')"�[0m
(finished: must succeed: date -s "$(date --date '12 days')", in 0.02 seconds)
�[2mmachine # [ 6.959589] systemd[1]: Started Logrotate Service.�[0m
�[2mmachine # [ 6.966685] systemd[1]: Starting Cleanup of Temporary Directories...�[0m
�[2mmachine # [ 6.974783] systemd[1]: logrotate.service: Deactivated successfully.�[0m
�[2mmachine # [ 7.004493] systemd[1]: systemd-tmpfiles-clean.service: Deactivated successfully.�[0m
�[2mmachine # [ 7.005457] systemd[1]: Finished Cleanup of Temporary Directories.�[0m
machine: �[1m�[32mmust succeed: test $(ls /run/privoxy/certs | wc -l) -eq 0�[0m
(finished: must succeed: test $(ls /run/privoxy/certs | wc -l) -eq 0, in 0.01 seconds)
(finished: subtest: Temporary certificates are cleaned, in 0.15 seconds)
(finished: run the VM test script, in 7.44 seconds)
test script finished in 7.48s
�[1m�[32mcleanup�[0m
kill machine (pid 8)
2022-04-14 11:54:21 +02:00
Sandro
a39694b41f
Merge pull request #168194 from SuperSandro2000/xserver-excludePackages
...
Xserver exclude packages
2022-04-13 11:37:32 +02:00
Sandro Jäckel
28539842d8
nixos/utils: move removePackagesByName to here from gnome
2022-04-11 15:42:49 +02:00
Lassulus
f0848eeb05
Merge pull request #167316 from helsinki-systems/feat/opportunistic-kvm
...
nixos/lib/qemu-common: Opportunistically use KVM
2022-04-10 18:54:59 +01:00
Graham Christensen
8a5bdce566
make-single-disk-zfs-image: init
2022-04-07 15:28:28 -04:00
Graham Christensen
a8f41adbb7
amazon-image: use make-multi-disk-zfs-image
2022-04-07 15:28:28 -04:00
Robert Hensing
c705953267
Merge pull request #165540 from Infinisil/module-args-docs
...
lib/modules: Document `_module.args`
2022-04-05 21:51:46 +02:00
Silvan Mosberger
25de2935ef
lib/modules: Document _module.args
...
Documents the _module.args option, motivated by many usages in Flakes,
especially with the deprecation of extraArgs
(78ada83361
2022-04-05 18:26:40 +02:00
lassulus
ed18db011f
make-disk-image: add systemdMinimal to PATH
...
this is needed to setup /tmp inside the chroot. which is needed by
systemd-boot to sucessfully install
2022-04-05 11:57:53 +02:00
Max Hausch
a2465483e8
nixos/lib/qemu-common: Opportunistically use KVM
...
This will try to use KVM if available and fallback to using TCG if not.
Useful for nested virtualisation of arm on x86.
2022-04-05 11:49:42 +02:00
Janne Heß
beb02229fb
nixos/systemd-unit-options: Fix indentation
2022-04-04 13:53:58 +01:00
Janne Heß
4b9efea255
nixos/stage-1-systemd: Implement job scripts
2022-04-04 11:44:31 +01:00
Janne Heß
7cdc4dd5d1
Merge pull request #164943 from ElvishJerricco/systemd-initrd-reuse-systemd-module
...
initrd: Opt-in bare bones systemd-based initrd
2022-04-03 15:53:02 +02:00
Janne Heß
b7c62b8238
nixos/systemd-initrd: Remove unit options that don't work
2022-04-01 11:58:30 +02:00
Janne Heß
1e5261f31c
nixos/systemd-lib: Use module composition
2022-04-01 09:57:19 +02:00
Robert Hensing
ecbf5ae27a
nixosTest: Simplify doc by deprecating syntax sugar
2022-03-28 14:11:58 +02:00
Silvan Mosberger
5a67e9db61
Merge pull request #133532 from Infinisil/systemd-unit-dirs
2022-03-25 19:05:35 +01:00
Silvan Mosberger
c70a466d21
nixos/systemd: Allow creation of unit directories
...
This patch allows creation of files like
/etc/systemd/system/user-.slice.d/limits.conf with
systemd.units."user-.slice.d/limits.conf" = {
text = ''
[Slice]
CPUAccounting=yes
CPUQuota=50%
'';
};
which previously threw an error
Also renames the systemd-unit-path test to sytsemd-misc, and extends it to
test that `systemd.units` can handle directories. In this case we make
sure that resource limits specified in user slices apply.
2022-03-25 17:47:44 +01:00
Janne Heß
7d0e21c77e
nixos/test-runner: Allow writing to qemu stdin
2022-03-25 12:08:21 +01:00
Florian Klink
fc91cdb5bc
nixos/lib/systemd-lib.nix: move comment back down to packages
...
https://github.com/NixOS/nixpkgs/pull/164943#discussion_r833215903
2022-03-24 19:03:09 +01:00
Florian Klink
e3083decc4
systemd-initrd, systemd-lib: drop initrdServiceToUnit
...
We can just use serviceToUnit here.
2022-03-24 18:57:16 +01:00
Robert Hensing
ce5a33e62b
Merge pull request #164660 from ncfavier/tests-restrict-arguments
...
nixos/testing: restrict arguments to makeTest
2022-03-24 17:01:47 +01:00
Will Fancher
9828446608
systemd-initrd: Fix Environment= and PATH
2022-03-22 21:28:51 -04:00
Will Fancher
2d4ebf1259
initrd: Optional systemd-based initrd
2022-03-22 21:28:43 -04:00
Viktor Kleen
6d766ae8b7
nixos/test-driver: deduplicate VLANs
...
Naively deduplicate VLANs in the python driver for NixOS tests. The
current implementation accidentally works, since the VLan class mutates
the environment. On construction it sets QEMU_VDE_SOCKET_${id} and this
environment variable gets overwritten once a second VLAN with the same
id is constructed. Because the NIC flags passed to qemu just use the
QEMU_VDE_SOCKET_${id} environment variable, this implicitly chooses a
single vde_switch process for each VLAN.
However, this leads to unusable vde_switch processes being spawned in
each test run and as a side effect makes it impossible to access the
correct VLan objects in the interactive test driver. It also makes it
remarkably hard to understand why the current implementation ever
worked.
2022-03-22 13:16:28 +00:00
Will Fancher
25113740a5
nixos: systemd-lib: Make generateUnits general with default args
2022-03-22 07:02:23 -04:00
Robert Hensing
6c469679f6
Merge remote-tracking branch 'upstream/master' into tests-restrict-arguments
2022-03-21 23:17:17 +01:00
Will Fancher
52c98fc3e9
nixos: systemd: Split unit types into separate module
2022-03-21 10:25:27 -04:00
Naïm Favier
8f57dc38d9
fixup! nixos/testing: restrict arguments to makeTest
2022-03-19 11:51:39 +01:00
Naïm Favier
79a234567c
nixos/testing: restrict arguments to makeTest
...
Disallow passing arbitrary arguments to makeTest since they are not
used; this can help catch mistakes.
2022-03-18 02:44:11 +01:00
Robert Hensing
0395086d0c
Merge pull request #162271 from Infinisil/warn-no-type
...
Throw an error for options without a type
2022-03-16 22:58:45 +01:00
Bob van der Linden
9bc093b30a
nixos: systemd: split off helper functions into systemd-lib
2022-03-15 21:52:13 +01:00
pennae
aa7b129708
Merge pull request #154113 from pennae/systemd-escaping
...
nixos: add functions and documentation for escaping systemd Exec* directives
2022-03-13 19:57:32 +00:00
pennae
40a35299fa
nixos: add functions and documentation for escaping systemd Exec* directives
...
it's really easy to accidentally write the wrong systemd Exec* directive, ones
that works most of the time but fails when users include systemd metacharacters
in arguments that are interpolated into an Exec* directive. add a few functions
analogous to escapeShellArg{,s} and some documentation on how and when to use them.
2022-03-12 00:48:52 +01:00
Janne Heß
0c766a100e
lib/options: Throw error for options without a type
...
Makes all options rendered in the manual throw an error if they don't
have a type specified.
This is a follow-up to #76184
Co-Authored-By: Silvan Mosberger <contact@infinisil.com>
2022-02-28 22:51:41 +01:00
talyz
b549e7bbb5
genJqSecretsReplacementSnippet: Fix error handling
...
With the previous change that enabled error propagation through
`inherit_errexit`, the script would fail if `errexit` was set, but
`inherit_errexit` was not. This is due to `shopt -p` exiting with an
error if the option is disabled. To work around this, use the exit
code instead of the text value returned by `shopt -p`.
Fixes #160869 .
2022-02-23 12:48:51 +01:00
Daniel Fullmer
24fb872079
nixos/test-driver: fix regression when using legacy start command
...
The aarch64-linux versions of the boot.uefiUsb and boot.uefiCdrom tests
were broken by b0fc9da879
2022-02-17 18:12:24 -08:00
Janne Heß
fa3c756621
Merge pull request #157329 from helsinki-systems/feat/nixos-reload-triggers
...
nixos/systemd: Implement reload triggers
2022-02-11 23:59:26 +01:00
Janne Heß
b5b3ee4f78
nixos/systemd: Add reloadTriggers to services
2022-02-09 15:14:37 +01:00
Jonathan Ringer
46fd0afcb3
Merge remote-tracking branch 'origin/master' into staging-next
...
Conflicts:
pkgs/development/python-modules/pysdl2/default.nix
pkgs/top-level/aliases.nix
2022-02-06 18:36:59 -08:00
Robert Hensing
8403e02a5d
Merge pull request #126769 from ncfavier/nixosSystem-lib
...
nixos: move default module location logic to `eval-config.nix`
2022-02-06 22:49:17 +01:00
Jonathan Ringer
c6c7162876
Merge remote-tracking branch 'origin/staging-next' into staging
2022-02-03 21:34:17 -08:00
Jonathan Ringer
9a16965c75
Merge remote-tracking branch 'origin/staging-next' into staging
...
Conflicts:
pkgs/development/python-modules/awesomeversion/default.nix
pkgs/development/python-modules/md2gemini/default.nix
pkgs/development/python-modules/mill-local/default.nix
pkgs/development/python-modules/pyatv/default.nix
pkgs/development/python-modules/pyezviz/default.nix
pkgs/development/python-modules/pyinsteon/default.nix
pkgs/development/python-modules/pylitterbot/default.nix
pkgs/development/python-modules/pynuki/default.nix
pkgs/development/python-modules/pypck/default.nix
pkgs/development/python-modules/types-requests/default.nix
pkgs/top-level/aliases.nix
2022-02-03 21:29:24 -08:00
Kim Lindberger
415b9c3b5a
Merge pull request #157519 from talyz/gitlab-error-handling
...
nixos/gitlab: Implement better script error handling
2022-02-03 22:19:03 +01:00
Lassulus
b80607af67
Merge pull request #154804 from Mic92/tests-prompt
...
nixos/tests: add prompt to shell_interact()
2022-02-02 18:50:46 +01:00
github-actions[bot]
aee8ca6639
Merge staging-next into staging
2022-02-01 00:02:21 +00:00
