From 384b8e40924a97d5d68b993a9202d8de93703dcf Mon Sep 17 00:00:00 2001
From: WxNzEMof <143541718+WxNzEMof@users.noreply.github.com>
Date: Sun, 10 Nov 2024 23:20:31 +0000
Subject: [PATCH] tests/nixos: add more thorough nix-docker tests

---
 tests/nixos/nix-docker-test.sh | 56 ++++++++++++++++++++++++++++++++++
 tests/nixos/nix-docker.nix     | 20 ++++++++++--
 2 files changed, 73 insertions(+), 3 deletions(-)
 create mode 100644 tests/nixos/nix-docker-test.sh

diff --git a/tests/nixos/nix-docker-test.sh b/tests/nixos/nix-docker-test.sh
new file mode 100644
index 00000000000..381e2d15670
--- /dev/null
+++ b/tests/nixos/nix-docker-test.sh
@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+# docker.nix test script. Runs inside a built docker.nix container.
+
+set -eEuo pipefail
+
+export NIX_CONFIG='
+substituters = http://cache:5000?trusted=1
+trusted-substituters = http://cache:5000?trusted=1
+'
+
+cd /tmp
+
+# Test getting a fetched derivation
+test "$("$(nix-build -E '(import <nixpkgs> {}).hello')"/bin/hello)" = "Hello, world!"
+
+# Test building a simple derivation
+# shellcheck disable=SC2016
+nix-build -E '
+let
+  pkgs = import <nixpkgs> {};
+in
+builtins.derivation {
+  name = "test";
+  system = builtins.currentSystem;
+  builder = "${pkgs.bash}/bin/bash";
+  args = [
+    "-c"
+    '\'\''
+    echo "OK" > $out
+    '\'\''
+  ];
+}'
+
+test "$(cat result)" = OK
+
+# Ensure #!/bin/sh shebang works
+echo '#!/bin/sh' > ./shebang-test
+echo 'echo OK' >> ./shebang-test
+chmod +x ./shebang-test
+test "$(./shebang-test)" = OK
+
+# Ensure #!/usr/bin/env shebang works
+echo '#!/usr/bin/env bash' > ./shebang-test
+echo 'echo OK' >> ./shebang-test
+chmod +x ./shebang-test
+test "$(./shebang-test)" = OK
+
+# Test nix-shell
+{
+    echo '#!/usr/bin/env nix-shell'
+    echo '#! nix-shell -i bash'
+    echo '#! nix-shell -p hello'
+    echo 'hello'
+} > ./nix-shell-test
+chmod +x ./nix-shell-test
+test "$(./nix-shell-test)" = "Hello, world!"
diff --git a/tests/nixos/nix-docker.nix b/tests/nixos/nix-docker.nix
index 04a84207d7b..f7f5c7ce255 100644
--- a/tests/nixos/nix-docker.nix
+++ b/tests/nixos/nix-docker.nix
@@ -17,23 +17,37 @@ let
     gname = "user";
   };
 
+  containerTestScript = ./nix-docker-test.sh;
+
 in {
   name = "nix-docker";
 
-  nodes.machine =
-    { config, lib, pkgs, ... }:
-    { virtualisation.diskSize = 4096;
+  nodes =
+    { machine =
+        { config, lib, pkgs, ... }:
+        { virtualisation.diskSize = 4096;
+        };
+      cache =
+        { config, lib, pkgs, ... }:
+        { virtualisation.additionalPaths = [ pkgs.stdenv pkgs.pkgsi686Linux.stdenv pkgs.hello ];
+          services.harmonia.enable = true;
+          networking.firewall.allowedTCPPorts = [ 5000 ];
+        };
     };
 
   testScript = { nodes }: ''
+    cache.wait_for_unit("harmonia.service")
+
     machine.succeed("mkdir -p /etc/containers")
     machine.succeed("""echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json""")
 
     machine.succeed("${pkgs.podman}/bin/podman load -i ${nixImage}")
     machine.succeed("${pkgs.podman}/bin/podman run -i --rm nix nix --version")
+    machine.succeed("${pkgs.podman}/bin/podman run -i --rm nix < ${containerTestScript}")
 
     machine.succeed("${pkgs.podman}/bin/podman load -i ${nixUserImage}")
     machine.succeed("${pkgs.podman}/bin/podman run -i --rm nix-user nix --version")
+    machine.succeed("${pkgs.podman}/bin/podman run -i --rm nix-user < ${containerTestScript}")
     machine.succeed("[[ $(${pkgs.podman}/bin/podman run -i --rm nix-user stat -c %u /nix/store) = 1000 ]]")
   '';
 }