wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-25 06:31:14 +02:00
Code Activity

Merge remote-tracking branch 'origin/master' into relative-flakes

Browse source
This commit is contained in:
Eelco Dolstra 2024-11-22 14:44:32 +01:00
commit 0b00bf7c09
869 changed files with 5358 additions and 7769 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tests/functional/binary-cache.sh
View file

@ -238,7 +238,7 @@ clearCache
# preserve quotes variables in the single-quoted string
# shellcheck disable=SC2016
outPath=$(nix-build --no-out-link -E '
with import ./config.nix;
with import '"${config_nix}"';
mkDerivation {
name = "nar-listing";
buildCommand = "mkdir $out; echo foo > $out/bar; ln -s xyzzy $out/link";
@ -258,7 +258,7 @@ clearCache
# preserve quotes variables in the single-quoted string
# shellcheck disable=SC2016
outPath=$(nix-build --no-out-link -E '
with import ./config.nix;
with import '"${config_nix}"';
mkDerivation {
name = "debug-info";
buildCommand = "mkdir -p $out/lib/debug/.build-id/02; echo foo > $out/lib/debug/.build-id/02/623eda209c26a59b1a8638ff7752f6b945c26b.debug";
@ -276,7 +276,7 @@ diff -u \
# preserve quotes variables in the single-quoted string
# shellcheck disable=SC2016
expr='
with import ./config.nix;
with import '"${config_nix}"';
mkDerivation {
name = "multi-output";
buildCommand = "mkdir -p $out; echo foo > $doc; echo $doc > $out/docref";

9
tests/functional/build.sh
View file

@ -84,6 +84,7 @@ expectStderr 1 nix build --expr '""' --no-link \
| grepQuiet "has 0 entries in its context. It should only have exactly one entry"
# Too much string context
# shellcheck disable=SC2016 # The ${} in this is Nix, not shell
expectStderr 1 nix build --impure --expr 'with (import ./multiple-outputs.nix).e.a_a; "${drvPath}${outPath}"' --no-link \
| grepQuiet "has 2 entries in its context. It should only have exactly one entry"
@ -160,7 +161,7 @@ printf "%s\n" "$drv^*" | nix build --no-link --stdin --json | jq --exit-status '
out="$(nix build -f fod-failing.nix -L 2>&1)" && status=0 || status=$?
test "$status" = 1
# one "hash mismatch" error, one "build of ... failed"
test "$(<<<"$out" grep -E '^error:' | wc -l)" = 2
test "$(<<<"$out" grep -cE '^error:')" = 2
<<<"$out" grepQuiet -E "hash mismatch in fixed-output derivation '.*-x1\\.drv'"
<<<"$out" grepQuiet -vE "hash mismatch in fixed-output derivation '.*-x3\\.drv'"
<<<"$out" grepQuiet -vE "hash mismatch in fixed-output derivation '.*-x2\\.drv'"
@ -169,7 +170,7 @@ test "$(<<<"$out" grep -E '^error:' | wc -l)" = 2
out="$(nix build -f fod-failing.nix -L x1 x2 x3 --keep-going 2>&1)" && status=0 || status=$?
test "$status" = 1
# three "hash mismatch" errors - for each failing fod, one "build of ... failed"
test "$(<<<"$out" grep -E '^error:' | wc -l)" = 4
test "$(<<<"$out" grep -cE '^error:')" = 4
<<<"$out" grepQuiet -E "hash mismatch in fixed-output derivation '.*-x1\\.drv'"
<<<"$out" grepQuiet -E "hash mismatch in fixed-output derivation '.*-x3\\.drv'"
<<<"$out" grepQuiet -E "hash mismatch in fixed-output derivation '.*-x2\\.drv'"
@ -177,13 +178,13 @@ test "$(<<<"$out" grep -E '^error:' | wc -l)" = 4
out="$(nix build -f fod-failing.nix -L x4 2>&1)" && status=0 || status=$?
test "$status" = 1
test "$(<<<"$out" grep -E '^error:' | wc -l)" = 2
test "$(<<<"$out" grep -cE '^error:')" = 2
<<<"$out" grepQuiet -E "error: 1 dependencies of derivation '.*-x4\\.drv' failed to build"
<<<"$out" grepQuiet -E "hash mismatch in fixed-output derivation '.*-x2\\.drv'"
out="$(nix build -f fod-failing.nix -L x4 --keep-going 2>&1)" && status=0 || status=$?
test "$status" = 1
test "$(<<<"$out" grep -E '^error:' | wc -l)" = 3
test "$(<<<"$out" grep -cE '^error:')" = 3
<<<"$out" grepQuiet -E "error: 2 dependencies of derivation '.*-x4\\.drv' failed to build"
<<<"$out" grepQuiet -vE "hash mismatch in fixed-output derivation '.*-x3\\.drv'"
<<<"$out" grepQuiet -vE "hash mismatch in fixed-output derivation '.*-x2\\.drv'"

2
tests/functional/ca/config.nix Normal file
View file

@ -0,0 +1,2 @@
# Shim to get generated file
import "${builtins.getEnv "_NIX_TEST_BUILD_DIR"}/ca/config.nix"

2
tests/functional/ca/derivation-json.sh
View file

@ -1,5 +1,5 @@
#!/usr/bin/env bash
#
source common.sh
export NIX_TESTS_CA_BY_DEFAULT=1

2
tests/functional/ca/duplicate-realisation-in-closure.sh
View file

@ -1,6 +1,6 @@
#!/usr/bin/env bash
source ./common.sh
source common.sh
requireDaemonNewerThan "2.4pre20210625"

2
tests/functional/ca/import-from-derivation.sh
View file

@ -1,3 +1,5 @@
#!/usr/bin/env bash
source common.sh
export NIX_TESTS_CA_BY_DEFAULT=1

29
tests/functional/ca/local.mk
View file

@ -1,29 +0,0 @@
ca-tests := \
$(d)/build-with-garbage-path.sh \
$(d)/build.sh \
$(d)/build-cache.sh \
$(d)/concurrent-builds.sh \
$(d)/derivation-json.sh \
$(d)/duplicate-realisation-in-closure.sh \
$(d)/eval-store.sh \
$(d)/gc.sh \
$(d)/import-from-derivation.sh \
$(d)/new-build-cmd.sh \
$(d)/nix-copy.sh \
$(d)/nix-run.sh \
$(d)/nix-shell.sh \
$(d)/post-hook.sh \
$(d)/recursive.sh \
$(d)/repl.sh \
$(d)/selfref-gc.sh \
$(d)/signatures.sh \
$(d)/substitute.sh \
$(d)/why-depends.sh
install-tests-groups += ca
clean-files += \
$(d)/config.nix
test-deps += \
tests/functional/ca/config.nix

2
tests/functional/ca/meson.build
View file

@ -29,5 +29,5 @@ suites += {
'substitute.sh',
'why-depends.sh',
],
'workdir': meson.current_build_dir(),
'workdir': meson.current_source_dir(),
}

2
tests/functional/ca/new-build-cmd.sh
View file

@ -1,3 +1,5 @@
#!/usr/bin/env bash
source common.sh
export NIX_TESTS_CA_BY_DEFAULT=1

6
tests/functional/ca/nix-run.sh
View file

@ -2,6 +2,8 @@
source common.sh
FLAKE_PATH=path:$PWD
flakeDir="$TEST_HOME/flake"
mkdir -p "${flakeDir}"
cp flake.nix "${_NIX_TEST_BUILD_DIR}/ca/config.nix" content-addressed.nix "${flakeDir}"
nix run --no-write-lock-file "$FLAKE_PATH#runnable"
nix run --no-write-lock-file "path:${flakeDir}#runnable"

1
tests/functional/ca/nix-shell.sh
View file

@ -5,4 +5,3 @@ source common.sh
CONTENT_ADDRESSED=true
cd ..
source ./nix-shell.sh

2
tests/functional/ca/repl.sh
View file

@ -1,3 +1,5 @@
#!/usr/bin/env bash
source common.sh
export NIX_TESTS_CA_BY_DEFAULT=1

2
tests/functional/ca/why-depends.sh
View file

@ -1,3 +1,5 @@
#!/usr/bin/env bash
source common.sh
export NIX_TESTS_CA_BY_DEFAULT=1

86
tests/functional/check.sh
View file

@ -7,9 +7,9 @@ buggyNeedLocalStore "see #4813"
checkBuildTempDirRemoved ()
{
buildDir=$(sed -n 's/CHECK_TMPDIR=//p' $1 | head -1)
buildDir=$(sed -n 's/CHECK_TMPDIR=//p' "$1" | head -1)
checkBuildIdFile=${buildDir}/checkBuildId
[[ ! -f $checkBuildIdFile ]] || ! grep $checkBuildId $checkBuildIdFile
[[ ! -f $checkBuildIdFile ]] || ! grep "$checkBuildId" "$checkBuildIdFile"
}
# written to build temp directories to verify created by this instance
@ -23,20 +23,20 @@ nix-build dependencies.nix --no-out-link
nix-build dependencies.nix --no-out-link --check
# Build failure exit codes (100, 104, etc.) are from
# doc/manual/src/command-ref/status-build-failure.md
# doc/manual/source/command-ref/status-build-failure.md
# check for dangling temporary build directories
# only retain if build fails and --keep-failed is specified, or...
# ...build is non-deterministic and --check and --keep-failed are both specified
nix-build check.nix -A failed --argstr checkBuildId $checkBuildId \
--no-out-link 2> $TEST_ROOT/log || status=$?
nix-build check.nix -A failed --argstr checkBuildId "$checkBuildId" \
--no-out-link 2> "$TEST_ROOT/log" || status=$?
[ "$status" = "100" ]
checkBuildTempDirRemoved $TEST_ROOT/log
checkBuildTempDirRemoved "$TEST_ROOT/log"
nix-build check.nix -A failed --argstr checkBuildId $checkBuildId \
--no-out-link --keep-failed 2> $TEST_ROOT/log || status=$?
nix-build check.nix -A failed --argstr checkBuildId "$checkBuildId" \
--no-out-link --keep-failed 2> "$TEST_ROOT/log" || status=$?
[ "$status" = "100" ]
if checkBuildTempDirRemoved $TEST_ROOT/log; then false; fi
if checkBuildTempDirRemoved "$TEST_ROOT/log"; then false; fi
test_custom_build_dir() {
local customBuildDir="$TEST_ROOT/custom-build-dir"
@ -44,42 +44,46 @@ test_custom_build_dir() {
# Nix does not create the parent directories, and perhaps it shouldn't try to
# decide the permissions of build-dir.
mkdir "$customBuildDir"
nix-build check.nix -A failed --argstr checkBuildId $checkBuildId \
--no-out-link --keep-failed --option build-dir "$TEST_ROOT/custom-build-dir" 2> $TEST_ROOT/log || status=$?
nix-build check.nix -A failed --argstr checkBuildId "$checkBuildId" \
--no-out-link --keep-failed --option build-dir "$TEST_ROOT/custom-build-dir" 2> "$TEST_ROOT/log" || status=$?
[ "$status" = "100" ]
[[ 1 == "$(count "$customBuildDir/nix-build-"*)" ]]
local buildDir="$customBuildDir/nix-build-"*""
if [[ -e $buildDir/build ]]; then
buildDir=$buildDir/build
local buildDir=("$customBuildDir/nix-build-"*)
if [[ "${#buildDir[@]}" -ne 1 ]]; then
echo "expected one nix-build-* directory, got: ${buildDir[*]}" >&2
exit 1
fi
grep $checkBuildId $buildDir/checkBuildId
if [[ -e ${buildDir[*]}/build ]]; then
buildDir[0]="${buildDir[*]}/build"
fi
grep "$checkBuildId" "${buildDir[*]}/checkBuildId"
}
test_custom_build_dir
nix-build check.nix -A deterministic --argstr checkBuildId $checkBuildId \
--no-out-link 2> $TEST_ROOT/log
checkBuildTempDirRemoved $TEST_ROOT/log
nix-build check.nix -A deterministic --argstr checkBuildId "$checkBuildId" \
--no-out-link 2> "$TEST_ROOT/log"
checkBuildTempDirRemoved "$TEST_ROOT/log"
nix-build check.nix -A deterministic --argstr checkBuildId $checkBuildId \
--no-out-link --check --keep-failed 2> $TEST_ROOT/log
if grepQuiet 'may not be deterministic' $TEST_ROOT/log; then false; fi
checkBuildTempDirRemoved $TEST_ROOT/log
nix-build check.nix -A deterministic --argstr checkBuildId "$checkBuildId" \
--no-out-link --check --keep-failed 2> "$TEST_ROOT/log"
if grepQuiet 'may not be deterministic' "$TEST_ROOT/log"; then false; fi
checkBuildTempDirRemoved "$TEST_ROOT/log"
nix-build check.nix -A nondeterministic --argstr checkBuildId $checkBuildId \
--no-out-link 2> $TEST_ROOT/log
checkBuildTempDirRemoved $TEST_ROOT/log
nix-build check.nix -A nondeterministic --argstr checkBuildId "$checkBuildId" \
--no-out-link 2> "$TEST_ROOT/log"
checkBuildTempDirRemoved "$TEST_ROOT/log"
nix-build check.nix -A nondeterministic --argstr checkBuildId $checkBuildId \
--no-out-link --check 2> $TEST_ROOT/log || status=$?
grep 'may not be deterministic' $TEST_ROOT/log
nix-build check.nix -A nondeterministic --argstr checkBuildId "$checkBuildId" \
--no-out-link --check 2> "$TEST_ROOT/log" || status=$?
grep 'may not be deterministic' "$TEST_ROOT/log"
[ "$status" = "104" ]
checkBuildTempDirRemoved $TEST_ROOT/log
checkBuildTempDirRemoved "$TEST_ROOT/log"
nix-build check.nix -A nondeterministic --argstr checkBuildId $checkBuildId \
--no-out-link --check --keep-failed 2> $TEST_ROOT/log || status=$?
grep 'may not be deterministic' $TEST_ROOT/log
nix-build check.nix -A nondeterministic --argstr checkBuildId "$checkBuildId" \
--no-out-link --check --keep-failed 2> "$TEST_ROOT/log" || status=$?
grep 'may not be deterministic' "$TEST_ROOT/log"
[ "$status" = "104" ]
if checkBuildTempDirRemoved $TEST_ROOT/log; then false; fi
if checkBuildTempDirRemoved "$TEST_ROOT/log"; then false; fi
TODO_NixOS
@ -87,24 +91,24 @@ clearStore
path=$(nix-build check.nix -A fetchurl --no-out-link)
chmod +w $path
echo foo > $path
chmod -w $path
chmod +w "$path"
echo foo > "$path"
chmod -w "$path"
nix-build check.nix -A fetchurl --no-out-link --check
# Note: "check" doesn't repair anything, it just compares to the hash stored in the database.
[[ $(cat $path) = foo ]]
[[ $(cat "$path") = foo ]]
nix-build check.nix -A fetchurl --no-out-link --repair
[[ $(cat $path) != foo ]]
[[ $(cat "$path") != foo ]]
echo 'Hello World' > $TEST_ROOT/dummy
echo 'Hello World' > "$TEST_ROOT/dummy"
nix-build check.nix -A hashmismatch --no-out-link || status=$?
[ "$status" = "102" ]
echo -n > $TEST_ROOT/dummy
echo -n > "$TEST_ROOT/dummy"
nix-build check.nix -A hashmismatch --no-out-link
echo 'Hello World' > $TEST_ROOT/dummy
echo 'Hello World' > "$TEST_ROOT/dummy"
nix-build check.nix -A hashmismatch --no-out-link --check || status=$?
[ "$status" = "102" ]

2
tests/functional/chroot-store.sh
View file

@ -37,7 +37,7 @@ if canUseSandbox; then
}
EOF
cp simple.nix shell.nix simple.builder.sh config.nix "$flakeDir/"
cp simple.nix shell.nix simple.builder.sh "${config_nix}" "$flakeDir/"
TODO_NixOS

2
tests/functional/common/functions.sh
View file

@ -28,7 +28,7 @@ clearProfiles() {
# Clear the store, but do not fail if we're in an environment where we can't.
# This allows the test to run in a NixOS test environment, where we use the system store.
# See doc/manual/src/contributing/testing.md / Running functional tests on NixOS.
# See doc/manual/source/contributing/testing.md / Running functional tests on NixOS.
clearStoreIfPossible() {
if isTestOnNixOS; then
echo "clearStoreIfPossible: Not clearing store, because we're on NixOS. Moving on."

2
tests/functional/common/init.sh
View file

@ -19,7 +19,7 @@ EOF
# When we're doing everything in the same store, we need to bring
# dependencies into context.
sed -i "$(dirname "${BASH_SOURCE[0]}")"/../config.nix \
sed -i "${_NIX_TEST_BUILD_DIR}/config.nix" \
-e 's^\(shell\) = "/nix/store/\([^/]*\)/\(.*\)";^\1 = builtins.appendContext "/nix/store/\2" { "/nix/store/\2".path = true; } + "/\3";^' \
-e 's^\(path\) = "/nix/store/\([^/]*\)/\(.*\)";^\1 = builtins.appendContext "/nix/store/\2" { "/nix/store/\2".path = true; } + "/\3";^' \
;

5
tests/functional/common/paths.sh
View file

@ -8,11 +8,10 @@ COMMON_PATHS_SH_SOURCED=1
commonDir="$(readlink -f "$(dirname "${BASH_SOURCE[0]-$0}")")"
# Since these are generated files
# shellcheck disable=SC1091
# Just for `isTestOnNixOS`
source "$commonDir/functions.sh"
# shellcheck disable=SC1091
source "$commonDir/subst-vars.sh"
source "${_NIX_TEST_BUILD_DIR}/common/subst-vars.sh"
# Make sure shellcheck knows this will be defined by the above generated snippet
: "${bash?}" "${bindir?}"

2
tests/functional/common/subst-vars.sh.in
View file

@ -1,4 +1,4 @@
# NOTE: instances of @variable@ are substituted as defined in /mk/templates.mk
# NOTE: instances of @variable@ are substituted by the build system
if [[ -z "${COMMON_SUBST_VARS_SH_SOURCED-}" ]]; then

10
tests/functional/common/vars.sh
View file

@ -6,11 +6,14 @@ if [[ -z "${COMMON_VARS_SH_SOURCED-}" ]]; then
COMMON_VARS_SH_SOURCED=1
_NIX_TEST_SOURCE_DIR=$(realpath "${_NIX_TEST_SOURCE_DIR}")
_NIX_TEST_BUILD_DIR=$(realpath "${_NIX_TEST_BUILD_DIR}")
commonDir="$(readlink -f "$(dirname "${BASH_SOURCE[0]-$0}")")"
# Since this is a generated file
# shellcheck disable=SC1091
source "$commonDir/subst-vars.sh"
source "${_NIX_TEST_BUILD_DIR}/common/subst-vars.sh"
# Make sure shellcheck knows all these will be defined by the above generated snippet
: "${bindir?} ${coreutils?} ${dot?} ${SHELL?} ${busybox?} ${version?} ${system?}"
export coreutils dot busybox version system
@ -69,4 +72,9 @@ if [[ $(uname) == Linux ]] && [[ -L /proc/self/ns/user ]] && unshare --user true
_canUseSandbox=1
fi
# Very common, shorthand helps
# Used in other files
# shellcheck disable=SC2034
config_nix="${_NIX_TEST_BUILD_DIR}/config.nix"
fi # COMMON_VARS_SH_SOURCED

2
tests/functional/config.nix Normal file
View file

@ -0,0 +1,2 @@
# Shim to get generated file
import "${builtins.getEnv "_NIX_TEST_BUILD_DIR"}/config.nix"

2
tests/functional/dyn-drv/config.nix Normal file
View file

@ -0,0 +1,2 @@
# Shim to get generated file
import "${builtins.getEnv "_NIX_TEST_BUILD_DIR"}/dyn-drv/config.nix"

15
tests/functional/dyn-drv/local.mk
View file

@ -1,15 +0,0 @@
dyn-drv-tests := \
$(d)/text-hashed-output.sh \
$(d)/recursive-mod-json.sh \
$(d)/build-built-drv.sh \
$(d)/eval-outputOf.sh \
$(d)/dep-built-drv.sh \
$(d)/old-daemon-error-hack.sh
install-tests-groups += dyn-drv
clean-files += \
$(d)/config.nix
test-deps += \
tests/functional/dyn-drv/config.nix

2
tests/functional/dyn-drv/meson.build
View file

@ -15,5 +15,5 @@ suites += {
'dep-built-drv.sh',
'old-daemon-error-hack.sh',
],
'workdir': meson.current_build_dir(),
'workdir': meson.current_source_dir(),
}

14
tests/functional/eval.sh
View file

@ -35,17 +35,17 @@ nix-instantiate --eval -E 'assert 1 + 2 == 3; true'
[[ "$(nix-instantiate --eval -E '{"assert"=1;bar=2;}')" == '{ "assert" = 1; bar = 2; }' ]]
# Check that symlink cycles don't cause a hang.
ln -sfn cycle.nix $TEST_ROOT/cycle.nix
(! nix eval --file $TEST_ROOT/cycle.nix)
ln -sfn cycle.nix "$TEST_ROOT/cycle.nix"
(! nix eval --file "$TEST_ROOT/cycle.nix")
# Check that relative symlinks are resolved correctly.
mkdir -p $TEST_ROOT/xyzzy $TEST_ROOT/foo
ln -sfn ../xyzzy $TEST_ROOT/foo/bar
printf 123 > $TEST_ROOT/xyzzy/default.nix
mkdir -p "$TEST_ROOT/xyzzy" "$TEST_ROOT/foo"
ln -sfn ../xyzzy "$TEST_ROOT/foo/bar"
printf 123 > "$TEST_ROOT/xyzzy/default.nix"
[[ $(nix eval --impure --expr "import $TEST_ROOT/foo/bar") = 123 ]]
# Test --arg-from-file.
[[ "$(nix eval --raw --arg-from-file foo config.nix --expr '{ foo }: { inherit foo; }' foo)" = "$(cat config.nix)" ]]
[[ "$(nix eval --raw --arg-from-file foo "${config_nix}" --expr '{ foo }: { inherit foo; }' foo)" = "$(cat "${config_nix}")" ]]
# Check that special(-ish) files are drained.
if [[ -e /proc/version ]]; then
@ -57,7 +57,7 @@ fi
# Test that unknown settings are warned about
out="$(expectStderr 0 nix eval --option foobar baz --expr '""' --raw)"
[[ "$(echo "$out" | grep foobar | wc -l)" = 1 ]]
[[ "$(echo "$out" | grep -c foobar)" = 1 ]]
# Test flag alias
out="$(nix eval --expr '{}' --build-cores 1)"

3
tests/functional/fetchPath.sh
View file

@ -6,3 +6,6 @@ touch "$TEST_ROOT/foo" -t 202211111111
# We only check whether 2022-11-1* **:**:** is the last modified date since
# `lastModified` is transformed into UTC in `builtins.fetchTarball`.
[[ "$(nix eval --impure --raw --expr "(builtins.fetchTree \"path://$TEST_ROOT/foo\").lastModifiedDate")" =~ 2022111.* ]]
# Check that we can override lastModified for "path:" inputs.
[[ "$(nix eval --impure --expr "(builtins.fetchTree { type = \"path\"; path = \"$TEST_ROOT/foo\"; lastModified = 123; }).lastModified")" = 123 ]]

64
tests/functional/fetchurl.sh
View file

@ -9,12 +9,12 @@ clearStore
# Test fetching a flat file.
hash=$(nix-hash --flat --type sha256 ./fetchurl.sh)
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file://$(pwd)/fetchurl.sh --argstr sha256 $hash --no-out-link)
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url "file://$(pwd)/fetchurl.sh" --argstr sha256 "$hash" --no-out-link)
cmp $outPath fetchurl.sh
cmp "$outPath" fetchurl.sh
# Do not re-fetch paths already present.
outPath2=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file:///does-not-exist/must-remain-unused/fetchurl.sh --argstr sha256 $hash --no-out-link)
outPath2=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file:///does-not-exist/must-remain-unused/fetchurl.sh --argstr sha256 "$hash" --no-out-link)
test "$outPath" == "$outPath2"
# Now using a base-64 hash.
@ -22,9 +22,9 @@ clearStore
hash=$(nix hash file --type sha512 --base64 ./fetchurl.sh)
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file://$(pwd)/fetchurl.sh --argstr sha512 $hash --no-out-link)
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url "file://$(pwd)/fetchurl.sh" --argstr sha512 "$hash" --no-out-link)
cmp $outPath fetchurl.sh
cmp "$outPath" fetchurl.sh
# Now using an SRI hash.
clearStore
@ -33,58 +33,58 @@ hash=$(nix hash file ./fetchurl.sh)
[[ $hash =~ ^sha256- ]]
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file://$(pwd)/fetchurl.sh --argstr hash $hash --no-out-link)
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url "file://$(pwd)/fetchurl.sh" --argstr hash "$hash" --no-out-link)
cmp $outPath fetchurl.sh
cmp "$outPath" fetchurl.sh
# Test that we can substitute from a different store dir.
clearStore
other_store=file://$TEST_ROOT/other_store?store=/fnord/store
other_store="file://$TEST_ROOT/other_store?store=/fnord/store"
hash=$(nix hash file --type sha256 --base16 ./fetchurl.sh)
storePath=$(nix --store $other_store store add-file ./fetchurl.sh)
nix --store "$other_store" store add-file ./fetchurl.sh
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file:///no-such-dir/fetchurl.sh --argstr sha256 $hash --no-out-link --substituters $other_store)
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file:///no-such-dir/fetchurl.sh --argstr sha256 "$hash" --no-out-link --substituters "$other_store")
# Test hashed mirrors with an SRI hash.
nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file:///no-such-dir/fetchurl.sh --argstr hash $(nix hash to-sri --type sha256 $hash) \
--no-out-link --substituters $other_store
nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file:///no-such-dir/fetchurl.sh --argstr hash "$(nix hash to-sri --type sha256 "$hash")" \
--no-out-link --substituters "$other_store"
# Test unpacking a NAR.
rm -rf $TEST_ROOT/archive
mkdir -p $TEST_ROOT/archive
cp ./fetchurl.sh $TEST_ROOT/archive
chmod +x $TEST_ROOT/archive/fetchurl.sh
ln -s foo $TEST_ROOT/archive/symlink
nar=$TEST_ROOT/archive.nar
nix-store --dump $TEST_ROOT/archive > $nar
rm -rf "$TEST_ROOT/archive"
mkdir -p "$TEST_ROOT/archive"
cp ./fetchurl.sh "$TEST_ROOT/archive"
chmod +x "$TEST_ROOT/archive/fetchurl.sh"
ln -s foo "$TEST_ROOT/archive/symlink"
nar="$TEST_ROOT/archive.nar"
nix-store --dump "$TEST_ROOT/archive" > "$nar"
hash=$(nix-hash --flat --type sha256 $nar)
hash=$(nix-hash --flat --type sha256 "$nar")
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file://$nar --argstr sha256 $hash \
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url "file://$nar" --argstr sha256 "$hash" \
--arg unpack true --argstr name xyzzy --no-out-link)
echo $outPath | grepQuiet 'xyzzy'
echo "$outPath" | grepQuiet 'xyzzy'
test -x $outPath/fetchurl.sh
test -L $outPath/symlink
test -x "$outPath/fetchurl.sh"
test -L "$outPath/symlink"
nix-store --delete $outPath
nix-store --delete "$outPath"
# Test unpacking a compressed NAR.
narxz=$TEST_ROOT/archive.nar.xz
rm -f $narxz
xz --keep $nar
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url file://$narxz --argstr sha256 $hash \
narxz="$TEST_ROOT/archive.nar.xz"
rm -f "$narxz"
xz --keep "$nar"
outPath=$(nix-build -vvvvv --expr 'import <nix/fetchurl.nix>' --argstr url "file://$narxz" --argstr sha256 "$hash" \
--arg unpack true --argstr name xyzzy --no-out-link)
test -x $outPath/fetchurl.sh
test -L $outPath/symlink
test -x "$outPath/fetchurl.sh"
test -L "$outPath/symlink"
# Make sure that *not* passing a outputHash fails.
requireDaemonNewerThan "2.20"
expected=100
if [[ -v NIX_DAEMON_PACKAGE ]]; then expected=1; fi # work around the daemon not returning a 100 status correctly
expectStderr $expected nix-build --expr '{ url }: builtins.derivation { name = "nix-cache-info"; system = "x86_64-linux"; builder = "builtin:fetchurl"; inherit url; outputHashMode = "flat"; }' --argstr url file://$narxz 2>&1 | grep 'must be a fixed-output or impure derivation'
expectStderr $expected nix-build --expr '{ url }: builtins.derivation { name = "nix-cache-info"; system = "x86_64-linux"; builder = "builtin:fetchurl"; inherit url; outputHashMode = "flat"; }' --argstr url "file://$narxz" 2>&1 | grep 'must be a fixed-output or impure derivation'

2
tests/functional/flakes/build-paths.sh
View file

@ -79,7 +79,7 @@ cat > "$flake1Dir"/flake.nix <<EOF
}
EOF
cp ../simple.nix ../simple.builder.sh ../config.nix "$flake1Dir/"
cp ../simple.nix ../simple.builder.sh "${config_nix}" "$flake1Dir/"
echo bar > "$flake1Dir/foo"

2
tests/functional/flakes/bundle.sh
View file

@ -2,7 +2,7 @@
source common.sh
cp ../simple.nix ../simple.builder.sh ../config.nix "$TEST_HOME"
cp ../simple.nix ../simple.builder.sh "${config_nix}" "$TEST_HOME"
cd "$TEST_HOME"

44
tests/functional/flakes/commit-lock-file-summary.sh Normal file
View file

@ -0,0 +1,44 @@
#!/usr/bin/env bash
source ./common.sh
TODO_NixOS
createFlake1
lockfileSummaryFlake=$TEST_ROOT/lockfileSummaryFlake
createGitRepo "$lockfileSummaryFlake" "--initial-branch=main"
# Test that the --commit-lock-file-summary flag and its alias work
cat > "$lockfileSummaryFlake/flake.nix" <<EOF
{
inputs = {
flake1.url = "git+file://$flake1Dir";
};
description = "lockfileSummaryFlake";
outputs = inputs: rec {
packages.$system.default = inputs.flake1.packages.$system.foo;
};
}
EOF
git -C "$lockfileSummaryFlake" add flake.nix
git -C "$lockfileSummaryFlake" commit -m 'Add lockfileSummaryFlake'
testSummary="test summary 1"
nix flake lock "$lockfileSummaryFlake" --commit-lock-file --commit-lock-file-summary "$testSummary"
[[ -e "$lockfileSummaryFlake/flake.lock" ]]
[[ -z $(git -C "$lockfileSummaryFlake" diff main || echo failed) ]]
[[ "$(git -C "$lockfileSummaryFlake" log --format=%s -n 1)" = "$testSummary" ]]
git -C "$lockfileSummaryFlake" rm :/:flake.lock
git -C "$lockfileSummaryFlake" commit -m "remove flake.lock"
testSummary="test summary 2"
# NOTE(cole-h): We use `--option` here because Nix settings do not currently support flag-ifying the
# alias of a setting: https://github.com/NixOS/nix/issues/10989
nix flake lock "$lockfileSummaryFlake" --commit-lock-file --option commit-lockfile-summary "$testSummary"
[[ -e "$lockfileSummaryFlake/flake.lock" ]]
[[ -z $(git -C "$lockfileSummaryFlake" diff main || echo failed) ]]
[[ "$(git -C "$lockfileSummaryFlake" log --format=%s -n 1)" = "$testSummary" ]]

50
tests/functional/flakes/common.sh
View file

@ -1,10 +1,13 @@
# shellcheck shell=bash
source ../common.sh
# shellcheck disable=SC2034 # this variable is used by tests that source this file
registry=$TEST_ROOT/registry.json
writeSimpleFlake() {
local flakeDir="$1"
cat > $flakeDir/flake.nix <<EOF
cat > "$flakeDir/flake.nix" <<EOF
{
description = "Bla bla";
@ -31,19 +34,51 @@ writeSimpleFlake() {
}
EOF
cp ../simple.nix ../shell.nix ../simple.builder.sh ../config.nix $flakeDir/
cp ../simple.nix ../shell.nix ../simple.builder.sh "${config_nix}" "$flakeDir/"
}
createSimpleGitFlake() {
requireGit
local flakeDir="$1"
writeSimpleFlake $flakeDir
git -C $flakeDir add flake.nix simple.nix shell.nix simple.builder.sh config.nix
git -C $flakeDir commit -m 'Initial'
writeSimpleFlake "$flakeDir"
git -C "$flakeDir" add flake.nix simple.nix shell.nix simple.builder.sh config.nix
git -C "$flakeDir" commit -m 'Initial'
}
# Create a simple Git flake and add it to the registry as "flake1".
createFlake1() {
flake1Dir="$TEST_ROOT/flake1"
createGitRepo "$flake1Dir" ""
createSimpleGitFlake "$flake1Dir"
nix registry add --registry "$registry" flake1 "git+file://$flake1Dir"
}
createFlake2() {
flake2Dir="$TEST_ROOT/flake 2"
percentEncodedFlake2Dir="$TEST_ROOT/flake%202"
# Give one repo a non-main initial branch.
createGitRepo "$flake2Dir" "--initial-branch=main"
cat > "$flake2Dir/flake.nix" <<EOF
{
description = "Fnord";
outputs = { self, flake1 }: rec {
packages.$system.bar = flake1.packages.$system.foo;
};
}
EOF
git -C "$flake2Dir" add flake.nix
git -C "$flake2Dir" commit -m 'Initial'
nix registry add --registry "$registry" flake2 "git+file://$percentEncodedFlake2Dir"
}
writeDependentFlake() {
local flakeDir="$1"
cat > $flakeDir/flake.nix <<EOF
cat > "$flakeDir/flake.nix" <<EOF
{
outputs = { self, flake1 }: {
packages.$system.default = flake1.packages.$system.default;
@ -55,7 +90,7 @@ EOF
writeTrivialFlake() {
local flakeDir="$1"
cat > $flakeDir/flake.nix <<EOF
cat > "$flakeDir/flake.nix" <<EOF
{
outputs = { self }: {
expr = 123;
@ -71,6 +106,7 @@ createGitRepo() {
rm -rf "$repo" "$repo".tmp
mkdir -p "$repo"
# shellcheck disable=SC2086 # word splitting of extraArgs is intended
git -C "$repo" init $extraArgs
git -C "$repo" config user.email "foobar@example.com"
git -C "$repo" config user.name "Foobar"

12
tests/functional/flakes/config.sh
View file

@ -2,7 +2,7 @@
source common.sh
cp ../simple.nix ../simple.builder.sh ../config.nix $TEST_HOME
cp ../simple.nix ../simple.builder.sh "${config_nix}" $TEST_HOME
cd $TEST_HOME
@ -26,7 +26,17 @@ cat <<EOF > flake.nix
EOF
# Without --accept-flake-config, the post hook should not run.
# To test variations in stderr tty-ness, we run the command in different ways,
# none of which should block on stdin or accept the `nixConfig`s.
nix build < /dev/null
nix build < /dev/null 2>&1 | cat
# EOF counts as no, even when interactive (throw EOF error before)
if type -p script >/dev/null && script -q -c true /dev/null; then
echo "script is available and GNU-like, so we can ensure a tty"
script -q -c 'nix build < /dev/null' /dev/null
else
echo "script is not available or not GNU-like, so we skip testing with an added tty"
fi
(! [[ -f post-hook-ran ]])
TODO_NixOS
clearStore

94
tests/functional/flakes/develop.sh
View file

@ -5,11 +5,11 @@ source ../common.sh
TODO_NixOS
clearStore
rm -rf $TEST_HOME/.cache $TEST_HOME/.config $TEST_HOME/.local
rm -rf "$TEST_HOME/.cache" "$TEST_HOME/.config" "$TEST_HOME/.local"
# Create flake under test.
cp ../shell-hello.nix ../config.nix $TEST_HOME/
cat <<EOF >$TEST_HOME/flake.nix
cp ../shell-hello.nix "$config_nix" "$TEST_HOME/"
cat <<EOF >"$TEST_HOME/flake.nix"
{
inputs.nixpkgs.url = "$TEST_HOME/nixpkgs";
outputs = {self, nixpkgs}: {
@ -24,9 +24,10 @@ cat <<EOF >$TEST_HOME/flake.nix
EOF
# Create fake nixpkgs flake.
mkdir -p $TEST_HOME/nixpkgs
cp ../config.nix ../shell.nix $TEST_HOME/nixpkgs
cat <<EOF >$TEST_HOME/nixpkgs/flake.nix
mkdir -p "$TEST_HOME/nixpkgs"
cp "${config_nix}" ../shell.nix "$TEST_HOME/nixpkgs"
cat <<EOF >"$TEST_HOME/nixpkgs/flake.nix"
{
outputs = {self}: {
legacyPackages.$system.bashInteractive = (import ./shell.nix {}).bashInteractive;
@ -34,7 +35,7 @@ cat <<EOF >$TEST_HOME/nixpkgs/flake.nix
}
EOF
cd $TEST_HOME
cd "$TEST_HOME"
# Test whether `nix develop` passes through environment variables.
[[ "$(
@ -43,13 +44,86 @@ echo "\$ENVVAR"
EOF
)" = "a" ]]
# Test whether `nix develop --ignore-environment` does _not_ pass through environment variables.
# Test whether `nix develop --ignore-env` does _not_ pass through environment variables.
[[ -z "$(
ENVVAR=a nix develop --ignore-environment --no-write-lock-file .#hello <<EOF
ENVVAR=a nix develop --ignore-env --no-write-lock-file .#hello <<EOF
echo "\$ENVVAR"
EOF
)" ]]
# Test wether `--keep-env-var` keeps the environment variable.
(
expect='BAR'
got="$(FOO='BAR' nix develop --ignore-env --keep-env-var FOO --no-write-lock-file .#hello <<EOF
echo "\$FOO"
EOF
)"
[[ "$got" == "$expect" ]]
)
# Test wether duplicate `--keep-env-var` keeps the environment variable.
(
expect='BAR'
got="$(FOO='BAR' nix develop --ignore-env --keep-env-var FOO --keep-env-var FOO --no-write-lock-file .#hello <<EOF
echo "\$FOO"
EOF
)"
[[ "$got" == "$expect" ]]
)
# Test wether `--set-env-var` sets the environment variable.
(
expect='BAR'
got="$(nix develop --ignore-env --set-env-var FOO 'BAR' --no-write-lock-file .#hello <<EOF
echo "\$FOO"
EOF
)"
[[ "$got" == "$expect" ]]
)
# Test that `--set-env-var` overwrites previously set variables.
(
expect='BLA'
got="$(FOO='BAR' nix develop --set-env-var FOO 'BLA' --no-write-lock-file .#hello <<EOF
echo "\$FOO"
EOF
)"
[[ "$got" == "$expect" ]]
)
# Test that multiple `--set-env-var` work.
(
expect='BARFOO'
got="$(nix develop --set-env-var FOO 'BAR' --set-env-var BAR 'FOO' --no-write-lock-file .#hello <<EOF | tr -d '\n'
echo "\$FOO"
echo "\$BAR"
EOF
)"
[[ "$got" == "$expect" ]]
)
# Check that we throw an error when `--keep-env-var` is used without `--ignore-env`.
expectStderr 1 nix develop --keep-env-var FOO .#hello |
grepQuiet "error: --keep-env-var does not make sense without --ignore-env"
# Check that we throw an error when `--unset-env-var` is used with `--ignore-env`.
expectStderr 1 nix develop --ignore-env --unset-env-var FOO .#hello |
grepQuiet "error: --unset-env-var does not make sense with --ignore-env"
# Test wether multiple occurances of `--set-env-var` throws.
expectStderr 1 nix develop --set-env-var FOO 'BAR' --set-env-var FOO 'BLA' --no-write-lock-file .#hello |
grepQuiet "error: Duplicate definition of environment variable 'FOO' with '--set-env-var' is ambiguous"
# Test wether similar `--unset-env-var` and `--set-env-var` throws.
expectStderr 1 nix develop --set-env-var FOO 'BAR' --unset-env-var FOO --no-write-lock-file .#hello |
grepQuiet "error: Cannot unset environment variable 'FOO' that is set with '--set-env-var'"
expectStderr 1 nix develop --unset-env-var FOO --set-env-var FOO 'BAR' --no-write-lock-file .#hello |
grepQuiet "error: Cannot set environment variable 'FOO' that is unset with '--unset-env-var'"
# Check that multiple `--ignore-env`'s are okay.
expectStderr 0 nix develop --ignore-env --set-env-var FOO 'BAR' --ignore-env .#hello < /dev/null
# Determine the bashInteractive executable.
nix build --no-write-lock-file './nixpkgs#bashInteractive' --out-link ./bash-interactive
BASH_INTERACTIVE_EXECUTABLE="$PWD/bash-interactive/bin/bash"
@ -63,7 +137,7 @@ EOF
# Test whether `nix develop` with ignore environment sets `SHELL` to nixpkgs#bashInteractive shell.
[[ "$(
SHELL=custom nix develop --ignore-environment --no-write-lock-file .#hello <<EOF
SHELL=custom nix develop --ignore-env --no-write-lock-file .#hello <<EOF
echo "\$SHELL"
EOF
)" -ef "$BASH_INTERACTIVE_EXECUTABLE" ]]

28
tests/functional/flakes/dubious-query.sh Normal file
View file

@ -0,0 +1,28 @@
#!/usr/bin/env bash
source ./common.sh
createFlake1
repoDir="$flake1Dir"
# Check that a flakeref without a query is accepted correctly.
expectStderr 0 nix --offline build --dry-run "git+file://$repoDir#foo"
# Check that a flakeref with a good query is accepted correctly.
expectStderr 0 nix --offline build --dry-run "git+file://$repoDir?foo=bar#foo"
# Check that we get the dubious query warning, when passing in a query without an equal sign.
expectStderr 0 nix --offline build --dry-run "git+file://$repoDir?bar#foo" \
| grepQuiet "warning: dubious URI query 'bar' is missing equal sign '=', ignoring"
# Check that the anchor (#) is taken as a whole, not split, and throws an error.
expectStderr 1 nix --offline build --dry-run "git+file://$repoDir#foo?bar" \
| grepQuiet "error: flake 'git+file://$repoDir' does not provide attribute 'packages.$system.foo?bar', 'legacyPackages.$system.foo?bar' or 'foo?bar'"
# Check that a literal `?` in the query doesn't print dubious query warning.
expectStderr 0 nix --offline build --dry-run "git+file://$repoDir?#foo" \
| grepInverse "warning: dubious URI query "
# Check that a literal `?=` in the query doesn't print dubious query warning.
expectStderr 0 nix --offline build --dry-run "git+file://$repoDir?=#foo" \
| grepInverse "warning: dubious URI query "

7
tests/functional/flakes/edit.sh
View file

@ -2,12 +2,7 @@
source ./common.sh
requireGit
flake1Dir=$TEST_ROOT/flake1
createGitRepo "$flake1Dir"
createSimpleGitFlake "$flake1Dir"
createFlake1
export EDITOR=cat
nix edit "$flake1Dir#" | grepQuiet simple.builder.sh

2
tests/functional/flakes/eval-cache.sh
View file

@ -7,7 +7,7 @@ requireGit
flake1Dir="$TEST_ROOT/eval-cache-flake"
createGitRepo "$flake1Dir" ""
cp ../simple.nix ../simple.builder.sh ../config.nix "$flake1Dir/"
cp ../simple.nix ../simple.builder.sh "${config_nix}" "$flake1Dir/"
git -C "$flake1Dir" add simple.nix simple.builder.sh config.nix
git -C "$flake1Dir" commit -m "config.nix"

304
tests/functional/flakes/flakes.sh
View file

@ -9,46 +9,20 @@ requireGit
clearStore
rm -rf $TEST_HOME/.cache $TEST_HOME/.config
flake1Dir=$TEST_ROOT/flake1
flake2Dir=$TEST_ROOT/flake\ 2
percentEncodedFlake2Dir=$TEST_ROOT/flake%202
createFlake1
createFlake2
flake3Dir=$TEST_ROOT/flake%20
percentEncodedFlake3Dir=$TEST_ROOT/flake%2520
flake5Dir=$TEST_ROOT/flake5
flake7Dir=$TEST_ROOT/flake7
nonFlakeDir=$TEST_ROOT/nonFlake
badFlakeDir=$TEST_ROOT/badFlake
flakeGitBare=$TEST_ROOT/flakeGitBare
lockfileSummaryFlake=$TEST_ROOT/lockfileSummaryFlake
for repo in "$flake1Dir" "$flake2Dir" "$flake3Dir" "$flake7Dir" "$nonFlakeDir" "$lockfileSummaryFlake"; do
# Give one repo a non-main initial branch.
extraArgs=
if [[ "$repo" == "$flake2Dir" ]]; then
extraArgs="--initial-branch=main"
fi
if [[ "$repo" == "$lockfileSummaryFlake" ]]; then
extraArgs="--initial-branch=main"
fi
createGitRepo "$repo" "$extraArgs"
for repo in "$flake3Dir" "$flake7Dir"; do
createGitRepo "$repo" ""
done
createSimpleGitFlake "$flake1Dir"
cat > "$flake2Dir/flake.nix" <<EOF
{
description = "Fnord";
outputs = { self, flake1 }: rec {
packages.$system.bar = flake1.packages.$system.foo;
};
}
EOF
git -C "$flake2Dir" add flake.nix
git -C "$flake2Dir" commit -m 'Initial'
cat > "$flake3Dir/flake.nix" <<EOF
{
description = "Fnord";
@ -70,113 +44,13 @@ EOF
git -C "$flake3Dir" add flake.nix default.nix
git -C "$flake3Dir" commit -m 'Initial'
cat > "$nonFlakeDir/README.md" <<EOF
FNORD
EOF
cat > "$nonFlakeDir/shebang.sh" <<EOF
#! $(type -P env) nix
#! nix --offline shell
#! nix flake1#fooScript
#! nix --no-write-lock-file --command bash
set -ex
foo
echo "\$@"
EOF
chmod +x "$nonFlakeDir/shebang.sh"
git -C "$nonFlakeDir" add README.md shebang.sh
git -C "$nonFlakeDir" commit -m 'Initial'
# this also tests a fairly trivial double backtick quoted string, ``--command``
cat > $nonFlakeDir/shebang-comments.sh <<EOF
#! $(type -P env) nix
# some comments
# some comments
# some comments
#! nix --offline shell
#! nix flake1#fooScript
#! nix --no-write-lock-file ``--command`` bash
foo
EOF
chmod +x $nonFlakeDir/shebang-comments.sh
cat > $nonFlakeDir/shebang-different-comments.sh <<EOF
#! $(type -P env) nix
# some comments
// some comments
/* some comments
* some comments
\ some comments
% some comments
@ some comments
-- some comments
(* some comments
#! nix --offline shell
#! nix flake1#fooScript
#! nix --no-write-lock-file --command cat
foo
EOF
chmod +x $nonFlakeDir/shebang-different-comments.sh
cat > $nonFlakeDir/shebang-reject.sh <<EOF
#! $(type -P env) nix
# some comments
# some comments
# some comments
#! nix --offline shell *
#! nix flake1#fooScript
#! nix --no-write-lock-file --command bash
foo
EOF
chmod +x $nonFlakeDir/shebang-reject.sh
cat > $nonFlakeDir/shebang-inline-expr.sh <<EOF
#! $(type -P env) nix
EOF
cat >> $nonFlakeDir/shebang-inline-expr.sh <<"EOF"
#! nix --offline shell
#! nix --impure --expr ``
#! nix let flake = (builtins.getFlake (toString ../flake1)).packages;
#! nix fooScript = flake.${builtins.currentSystem}.fooScript;
#! nix /* just a comment !@#$%^&*()__+ # */
#! nix in fooScript
#! nix ``
#! nix --no-write-lock-file --command bash
set -ex
foo
echo "$@"
EOF
chmod +x $nonFlakeDir/shebang-inline-expr.sh
cat > $nonFlakeDir/fooScript.nix <<"EOF"
let flake = (builtins.getFlake (toString ../flake1)).packages;
fooScript = flake.${builtins.currentSystem}.fooScript;
in fooScript
EOF
cat > $nonFlakeDir/shebang-file.sh <<EOF
#! $(type -P env) nix
EOF
cat >> $nonFlakeDir/shebang-file.sh <<"EOF"
#! nix --offline shell
#! nix --impure --file ./fooScript.nix
#! nix --no-write-lock-file --command bash
set -ex
foo
echo "$@"
EOF
chmod +x $nonFlakeDir/shebang-file.sh
# Construct a custom registry, additionally test the --registry flag
nix registry add --registry "$registry" flake1 "git+file://$flake1Dir"
nix registry add --registry "$registry" flake2 "git+file://$percentEncodedFlake2Dir"
nix registry add --registry "$registry" flake3 "git+file://$percentEncodedFlake3Dir"
nix registry add --registry "$registry" flake4 flake3
nix registry add --registry "$registry" nixpkgs flake1
# Test 'nix registry list'.
[[ $(nix registry list | wc -l) == 5 ]]
[[ $(nix registry list | wc -l) == 4 ]]
nix registry list | grep '^global'
nix registry list | grepInverse '^user' # nothing in user registry
@ -346,77 +220,8 @@ _NIX_FORCE_HTTP=1 nix build -o "$TEST_ROOT/result" "git+file://$percentEncodedFl
mv "$flake1Dir.tmp" "$flake1Dir"
mv "$flake2Dir.tmp" "$flake2Dir"
# Add nonFlakeInputs to flake3.
rm "$flake3Dir/flake.nix"
cat > "$flake3Dir/flake.nix" <<EOF
{
inputs = {
flake1 = {};
flake2 = {};
nonFlake = {
url = git+file://$nonFlakeDir;
flake = false;
};
nonFlakeFile = {
url = path://$nonFlakeDir/README.md;
flake = false;
};
nonFlakeFile2 = {
url = "$nonFlakeDir/README.md";
flake = false;
};
};
description = "Fnord";
outputs = inputs: rec {
packages.$system.xyzzy = inputs.flake2.packages.$system.bar;
packages.$system.sth = inputs.flake1.packages.$system.foo;
packages.$system.fnord =
with import ./config.nix;
mkDerivation {
inherit system;
name = "fnord";
dummy = builtins.readFile (builtins.path { name = "source"; path = ./.; filter = path: type: baseNameOf path == "config.nix"; } + "/config.nix");
dummy2 = builtins.readFile (builtins.path { name = "source"; path = inputs.flake1; filter = path: type: baseNameOf path == "simple.nix"; } + "/simple.nix");
buildCommand = ''
cat \${inputs.nonFlake}/README.md > \$out
[[ \$(cat \${inputs.nonFlake}/README.md) = \$(cat \${inputs.nonFlakeFile}) ]]
[[ \${inputs.nonFlakeFile} = \${inputs.nonFlakeFile2} ]]
'';
};
};
}
EOF
cp ../config.nix "$flake3Dir"
git -C "$flake3Dir" add flake.nix config.nix
git -C "$flake3Dir" commit -m 'Add nonFlakeInputs'
# Check whether `nix build` works with a lockfile which is missing a
# nonFlakeInputs.
nix build -o "$TEST_ROOT/result" "$flake3Dir#sth" --commit-lock-file
nix build -o "$TEST_ROOT/result" flake3#fnord
[[ $(cat $TEST_ROOT/result) = FNORD ]]
# Check whether flake input fetching is lazy: flake3#sth does not
# depend on flake2, so this shouldn't fail.
rm -rf "$TEST_HOME/.cache"
clearStore
mv "$flake2Dir" "$flake2Dir.tmp"
mv "$nonFlakeDir" "$nonFlakeDir.tmp"
nix build -o "$TEST_ROOT/result" flake3#sth
(! nix build -o "$TEST_ROOT/result" flake3#xyzzy)
(! nix build -o "$TEST_ROOT/result" flake3#fnord)
mv "$flake2Dir.tmp" "$flake2Dir"
mv "$nonFlakeDir.tmp" "$nonFlakeDir"
nix build -o "$TEST_ROOT/result" flake3#xyzzy flake3#fnord
# Test doing multiple `lookupFlake`s
nix build -o "$TEST_ROOT/result" flake4#xyzzy
nix build -o "$TEST_ROOT/result" flake3#xyzzy
# Test 'nix flake update' and --override-flake.
nix flake lock "$flake3Dir"
@ -425,53 +230,15 @@ nix flake lock "$flake3Dir"
nix flake update --flake "$flake3Dir" --override-flake flake2 nixpkgs
[[ ! -z $(git -C "$flake3Dir" diff master || echo failed) ]]
# Make branch "removeXyzzy" where flake3 doesn't have xyzzy anymore
git -C "$flake3Dir" checkout -b removeXyzzy
rm "$flake3Dir/flake.nix"
cat > "$flake3Dir/flake.nix" <<EOF
{
inputs = {
nonFlake = {
url = "$nonFlakeDir";
flake = false;
};
};
description = "Fnord";
outputs = { self, flake1, flake2, nonFlake }: rec {
packages.$system.sth = flake1.packages.$system.foo;
packages.$system.fnord =
with import ./config.nix;
mkDerivation {
inherit system;
name = "fnord";
buildCommand = ''
cat \${nonFlake}/README.md > \$out
'';
};
};
}
EOF
nix flake lock "$flake3Dir"
git -C "$flake3Dir" add flake.nix flake.lock
git -C "$flake3Dir" commit -m 'Remove packages.xyzzy'
git -C "$flake3Dir" checkout master
# Test whether fuzzy-matching works for registry entries.
(! nix build -o "$TEST_ROOT/result" flake4/removeXyzzy#xyzzy)
nix build -o "$TEST_ROOT/result" flake4/removeXyzzy#sth
# Testing the nix CLI
nix registry add flake1 flake3
[[ $(nix registry list | wc -l) == 6 ]]
nix registry pin flake1
[[ $(nix registry list | wc -l) == 6 ]]
nix registry pin flake1 flake3
[[ $(nix registry list | wc -l) == 6 ]]
nix registry remove flake1
[[ $(nix registry list | wc -l) == 5 ]]
nix registry pin flake1
[[ $(nix registry list | wc -l) == 5 ]]
nix registry pin flake1 flake3
[[ $(nix registry list | wc -l) == 5 ]]
nix registry remove flake1
[[ $(nix registry list | wc -l) == 4 ]]
# Test 'nix registry list' with a disabled global registry.
nix registry add user-flake1 git+file://$flake1Dir
@ -481,7 +248,7 @@ nix --flake-registry "" registry list | grepQuietInverse '^global' # nothing in
nix --flake-registry "" registry list | grepQuiet '^user'
nix registry remove user-flake1
nix registry remove user-flake2
[[ $(nix registry list | wc -l) == 5 ]]
[[ $(nix registry list | wc -l) == 4 ]]
# Test 'nix flake clone'.
rm -rf $TEST_ROOT/flake1-v2
@ -643,46 +410,3 @@ nix flake metadata "$flake2Dir" --reference-lock-file $TEST_ROOT/flake2-overridd
# reference-lock-file can only be used if allow-dirty is set.
expectStderr 1 nix flake metadata "$flake2Dir" --no-allow-dirty --reference-lock-file $TEST_ROOT/flake2-overridden.lock
# Test shebang
[[ $($nonFlakeDir/shebang.sh) = "foo" ]]
[[ $($nonFlakeDir/shebang.sh "bar") = "foo"$'\n'"bar" ]]
[[ $($nonFlakeDir/shebang-comments.sh ) = "foo" ]]
[[ "$($nonFlakeDir/shebang-different-comments.sh)" = "$(cat $nonFlakeDir/shebang-different-comments.sh)" ]]
[[ $($nonFlakeDir/shebang-inline-expr.sh baz) = "foo"$'\n'"baz" ]]
[[ $($nonFlakeDir/shebang-file.sh baz) = "foo"$'\n'"baz" ]]
expect 1 $nonFlakeDir/shebang-reject.sh 2>&1 | grepQuiet -F 'error: unsupported unquoted character in nix shebang: *. Use double backticks to escape?'
# Test that the --commit-lock-file-summary flag and its alias work
cat > "$lockfileSummaryFlake/flake.nix" <<EOF
{
inputs = {
flake1.url = "git+file://$flake1Dir";
};
description = "lockfileSummaryFlake";
outputs = inputs: rec {
packages.$system.default = inputs.flake1.packages.$system.foo;
};
}
EOF
git -C "$lockfileSummaryFlake" add flake.nix
git -C "$lockfileSummaryFlake" commit -m 'Add lockfileSummaryFlake'
testSummary="test summary 1"
nix flake lock "$lockfileSummaryFlake" --commit-lock-file --commit-lock-file-summary "$testSummary"
[[ -e "$lockfileSummaryFlake/flake.lock" ]]
[[ -z $(git -C "$lockfileSummaryFlake" diff main || echo failed) ]]
[[ "$(git -C "$lockfileSummaryFlake" log --format=%s -n 1)" = "$testSummary" ]]
git -C "$lockfileSummaryFlake" rm :/:flake.lock
git -C "$lockfileSummaryFlake" commit -m "remove flake.lock"
testSummary="test summary 2"
# NOTE(cole-h): We use `--option` here because Nix settings do not currently support flag-ifying the
# alias of a setting: https://github.com/NixOS/nix/issues/10989
nix flake lock "$lockfileSummaryFlake" --commit-lock-file --option commit-lockfile-summary "$testSummary"
[[ -e "$lockfileSummaryFlake/flake.lock" ]]
[[ -z $(git -C "$lockfileSummaryFlake" diff main || echo failed) ]]
[[ "$(git -C "$lockfileSummaryFlake" log --format=%s -n 1)" = "$testSummary" ]]

25
tests/functional/flakes/local.mk
View file

@ -1,25 +0,0 @@
flake-tests := \
$(d)/flakes.sh \
$(d)/develop.sh \
$(d)/edit.sh \
$(d)/run.sh \
$(d)/mercurial.sh \
$(d)/circular.sh \
$(d)/init.sh \
$(d)/inputs.sh \
$(d)/follow-paths.sh \
$(d)/bundle.sh \
$(d)/check.sh \
$(d)/unlocked-override.sh \
$(d)/absolute-paths.sh \
$(d)/absolute-attr-paths.sh \
$(d)/build-paths.sh \
$(d)/flake-in-submodule.sh \
$(d)/prefetch.sh \
$(d)/eval-cache.sh \
$(d)/search-root.sh \
$(d)/config.sh \
$(d)/show.sh \
$(d)/relative-paths.sh
install-tests-groups += flake

7
tests/functional/flakes/meson.build
View file

@ -23,6 +23,11 @@ suites += {
'search-root.sh',
'config.sh',
'show.sh',
'dubious-query.sh',
'shebang.sh',
'commit-lock-file-summary.sh',
'non-flake-inputs.sh',
'relative-paths.sh',
],
'workdir': meson.current_build_dir(),
'workdir': meson.current_source_dir(),
}

128
tests/functional/flakes/non-flake-inputs.sh Normal file
View file

@ -0,0 +1,128 @@
#!/usr/bin/env bash
source ./common.sh
TODO_NixOS
createFlake1
createFlake2
nonFlakeDir=$TEST_ROOT/nonFlake
createGitRepo "$nonFlakeDir" ""
cat > "$nonFlakeDir/README.md" <<EOF
FNORD
EOF
git -C "$nonFlakeDir" add README.md
git -C "$nonFlakeDir" commit -m 'Initial'
flake3Dir=$TEST_ROOT/flake3
createGitRepo "$flake3Dir" ""
cat > "$flake3Dir/flake.nix" <<EOF
{
inputs = {
flake1 = {};
flake2 = {};
nonFlake = {
url = git+file://$nonFlakeDir;
flake = false;
};
nonFlakeFile = {
url = path://$nonFlakeDir/README.md;
flake = false;
};
nonFlakeFile2 = {
url = "$nonFlakeDir/README.md";
flake = false;
};
};
description = "Fnord";
outputs = inputs: rec {
packages.$system.xyzzy = inputs.flake2.packages.$system.bar;
packages.$system.sth = inputs.flake1.packages.$system.foo;
packages.$system.fnord =
with import ./config.nix;
mkDerivation {
inherit system;
name = "fnord";
dummy = builtins.readFile (builtins.path { name = "source"; path = ./.; filter = path: type: baseNameOf path == "config.nix"; } + "/config.nix");
dummy2 = builtins.readFile (builtins.path { name = "source"; path = inputs.flake1; filter = path: type: baseNameOf path == "simple.nix"; } + "/simple.nix");
buildCommand = ''
cat \${inputs.nonFlake}/README.md > \$out
[[ \$(cat \${inputs.nonFlake}/README.md) = \$(cat \${inputs.nonFlakeFile}) ]]
[[ \${inputs.nonFlakeFile} = \${inputs.nonFlakeFile2} ]]
'';
};
};
}
EOF
cp "${config_nix}" "$flake3Dir"
git -C "$flake3Dir" add flake.nix config.nix
git -C "$flake3Dir" commit -m 'Add nonFlakeInputs'
# Check whether `nix build` works with a lockfile which is missing a
# nonFlakeInputs.
nix build -o "$TEST_ROOT/result" "$flake3Dir#sth" --commit-lock-file
nix registry add --registry "$registry" flake3 "git+file://$flake3Dir"
nix build -o "$TEST_ROOT/result" flake3#fnord
[[ $(cat "$TEST_ROOT/result") = FNORD ]]
# Check whether flake input fetching is lazy: flake3#sth does not
# depend on flake2, so this shouldn't fail.
rm -rf "$TEST_HOME/.cache"
clearStore
mv "$flake2Dir" "$flake2Dir.tmp"
mv "$nonFlakeDir" "$nonFlakeDir.tmp"
nix build -o "$TEST_ROOT/result" flake3#sth
(! nix build -o "$TEST_ROOT/result" flake3#xyzzy)
(! nix build -o "$TEST_ROOT/result" flake3#fnord)
mv "$flake2Dir.tmp" "$flake2Dir"
mv "$nonFlakeDir.tmp" "$nonFlakeDir"
nix build -o "$TEST_ROOT/result" flake3#xyzzy flake3#fnord
# Make branch "removeXyzzy" where flake3 doesn't have xyzzy anymore
git -C "$flake3Dir" checkout -b removeXyzzy
rm "$flake3Dir/flake.nix"
cat > "$flake3Dir/flake.nix" <<EOF
{
inputs = {
nonFlake = {
url = "$nonFlakeDir";
flake = false;
};
};
description = "Fnord";
outputs = { self, flake1, flake2, nonFlake }: rec {
packages.$system.sth = flake1.packages.$system.foo;
packages.$system.fnord =
with import ./config.nix;
mkDerivation {
inherit system;
name = "fnord";
buildCommand = ''
cat \${nonFlake}/README.md > \$out
'';
};
};
}
EOF
nix flake lock "$flake3Dir"
git -C "$flake3Dir" add flake.nix flake.lock
git -C "$flake3Dir" commit -m 'Remove packages.xyzzy'
git -C "$flake3Dir" checkout master
# Test whether fuzzy-matching works for registry entries.
nix registry add --registry "$registry" flake4 flake3
(! nix build -o "$TEST_ROOT/result" flake4/removeXyzzy#xyzzy)
nix build -o "$TEST_ROOT/result" flake4/removeXyzzy#sth

5
tests/functional/flakes/run.sh
View file

@ -6,7 +6,8 @@ TODO_NixOS
clearStore
rm -rf $TEST_HOME/.cache $TEST_HOME/.config $TEST_HOME/.local
cp ../shell-hello.nix ../config.nix $TEST_HOME
cp ../shell-hello.nix "${config_nix}" $TEST_HOME
cd $TEST_HOME
cat <<EOF > flake.nix
@ -37,11 +38,13 @@ env > $TEST_ROOT/expected-env
nix run -f shell-hello.nix env > $TEST_ROOT/actual-env
# Remove/reset variables we expect to be different.
# - PATH is modified by nix shell
# - we unset TMPDIR on macOS if it contains /var/folders. bad. https://github.com/NixOS/nix/issues/7731
# - _ is set by bash and is expected to differ because it contains the original command
# - __CF_USER_TEXT_ENCODING is set by macOS and is beyond our control
sed -i \
-e 's/PATH=.*/PATH=.../' \
-e 's/_=.*/_=.../' \
-e '/^TMPDIR=\/var\/folders\/.*/d' \
-e '/^__CF_USER_TEXT_ENCODING=.*$/d' \
$TEST_ROOT/expected-env $TEST_ROOT/actual-env
sort $TEST_ROOT/expected-env | uniq > $TEST_ROOT/expected-env.sorted

109
tests/functional/flakes/shebang.sh Normal file
View file

@ -0,0 +1,109 @@
#!/usr/bin/env bash
source ./common.sh
TODO_NixOS
createFlake1
scriptDir="$TEST_ROOT/nonFlake"
mkdir -p "$scriptDir"
cat > "$scriptDir/shebang.sh" <<EOF
#! $(type -P env) nix
#! nix --offline shell
#! nix flake1#fooScript
#! nix --no-write-lock-file --command bash
set -ex
foo
echo "\$@"
EOF
chmod +x "$scriptDir/shebang.sh"
# this also tests a fairly trivial double backtick quoted string, ``--command``
cat > "$scriptDir/shebang-comments.sh" <<EOF
#! $(type -P env) nix
# some comments
# some comments
# some comments
#! nix --offline shell
#! nix flake1#fooScript
#! nix --no-write-lock-file ``--command`` bash
foo
EOF
chmod +x "$scriptDir/shebang-comments.sh"
cat > "$scriptDir/shebang-different-comments.sh" <<EOF
#! $(type -P env) nix
# some comments
// some comments
/* some comments
* some comments
\ some comments
% some comments
@ some comments
-- some comments
(* some comments
#! nix --offline shell
#! nix flake1#fooScript
#! nix --no-write-lock-file --command cat
foo
EOF
chmod +x "$scriptDir/shebang-different-comments.sh"
cat > "$scriptDir/shebang-reject.sh" <<EOF
#! $(type -P env) nix
# some comments
# some comments
# some comments
#! nix --offline shell *
#! nix flake1#fooScript
#! nix --no-write-lock-file --command bash
foo
EOF
chmod +x "$scriptDir/shebang-reject.sh"
cat > "$scriptDir/shebang-inline-expr.sh" <<EOF
#! $(type -P env) nix
EOF
cat >> "$scriptDir/shebang-inline-expr.sh" <<"EOF"
#! nix --offline shell
#! nix --impure --expr ``
#! nix let flake = (builtins.getFlake (toString ../flake1)).packages;
#! nix fooScript = flake.${builtins.currentSystem}.fooScript;
#! nix /* just a comment !@#$%^&*()__+ # */
#! nix in fooScript
#! nix ``
#! nix --no-write-lock-file --command bash
set -ex
foo
echo "$@"
EOF
chmod +x "$scriptDir/shebang-inline-expr.sh"
cat > "$scriptDir/fooScript.nix" <<"EOF"
let flake = (builtins.getFlake (toString ../flake1)).packages;
fooScript = flake.${builtins.currentSystem}.fooScript;
in fooScript
EOF
cat > "$scriptDir/shebang-file.sh" <<EOF
#! $(type -P env) nix
EOF
cat >> "$scriptDir/shebang-file.sh" <<"EOF"
#! nix --offline shell
#! nix --impure --file ./fooScript.nix
#! nix --no-write-lock-file --command bash
set -ex
foo
echo "$@"
EOF
chmod +x "$scriptDir/shebang-file.sh"
[[ $("$scriptDir/shebang.sh") = "foo" ]]
[[ $("$scriptDir/shebang.sh" "bar") = "foo"$'\n'"bar" ]]
[[ $("$scriptDir/shebang-comments.sh" ) = "foo" ]]
[[ "$("$scriptDir/shebang-different-comments.sh")" = "$(cat "$scriptDir/shebang-different-comments.sh")" ]]
[[ $("$scriptDir/shebang-inline-expr.sh" baz) = "foo"$'\n'"baz" ]]
[[ $("$scriptDir/shebang-file.sh" baz) = "foo"$'\n'"baz" ]]
expect 1 "$scriptDir/shebang-reject.sh" 2>&1 | grepQuiet -F 'error: unsupported unquoted character in nix shebang: *. Use double backticks to escape?'

25
tests/functional/flakes/show.sh
View file

@ -87,28 +87,3 @@ assert show_output.legacyPackages.${builtins.currentSystem}.AAAAAASomeThingsFail
assert show_output.legacyPackages.${builtins.currentSystem}.simple.name == "simple";
true
'
cat >flake.nix<<EOF
{
outputs = inputs: {
packages.$system = {
aNoDescription = import ./simple.nix;
bOneLineDescription = import ./simple.nix // { meta.description = "one line"; };
cMultiLineDescription = import ./simple.nix // { meta.description = ''
line one
line two
''; };
dLongDescription = import ./simple.nix // { meta.description = ''
01234567890123456789012345678901234567890123456789012345678901234567890123456789abcdefg
''; };
eEmptyDescription = import ./simple.nix // { meta.description = ""; };
};
};
}
EOF
nix flake show > ./show-output.txt
test "$(awk -F '[:] ' '/aNoDescription/{print $NF}' ./show-output.txt)" = "package 'simple'"
test "$(awk -F '[:] ' '/bOneLineDescription/{print $NF}' ./show-output.txt)" = "package 'simple' - 'one line'"
test "$(awk -F '[:] ' '/cMultiLineDescription/{print $NF}' ./show-output.txt)" = "package 'simple' - 'line one'"
test "$(awk -F '[:] ' '/dLongDescription/{print $NF}' ./show-output.txt)" = "package 'simple' - '012345678901234567890123456..."
test "$(awk -F '[:] ' '/eEmptyDescription/{print $NF}' ./show-output.txt)" = "package 'simple'"

4
tests/functional/fmt.sh
View file

@ -7,11 +7,11 @@ TODO_NixOS # Provide a `shell` variable. Try not to `export` it, perhaps.
clearStoreIfPossible
rm -rf "$TEST_HOME"/.cache "$TEST_HOME"/.config "$TEST_HOME"/.local
cp ./simple.nix ./simple.builder.sh ./fmt.simple.sh ./config.nix "$TEST_HOME"
cp ./simple.nix ./simple.builder.sh ./fmt.simple.sh "${config_nix}" "$TEST_HOME"
cd "$TEST_HOME"
nix fmt --help | grep "Format"
nix fmt --help | grep "forward"
cat << EOF > flake.nix
{

4
tests/functional/gc-auto.sh
View file

@ -23,7 +23,7 @@ fifoLock=$TEST_ROOT/fifoLock
mkfifo "$fifoLock"
expr=$(cat <<EOF
with import ./config.nix; mkDerivation {
with import ${config_nix}; mkDerivation {
name = "gc-A";
buildCommand = ''
set -x
@ -51,7 +51,7 @@ EOF
)
expr2=$(cat <<EOF
with import ./config.nix; mkDerivation {
with import ${config_nix}; mkDerivation {
name = "gc-B";
buildCommand = ''
set -x

2
tests/functional/gc-non-blocking.sh
View file

@ -38,7 +38,7 @@ pid2=$!
# Start a build. This should not be blocked by the GC in progress.
outPath=$(nix-build --max-silent-time 60 -o "$TEST_ROOT/result" -E "
with import ./config.nix;
with import ${config_nix};
mkDerivation {
name = \"non-blocking\";
buildCommand = \"set -x; test -e $running; mkdir \$out; echo > $fifo2\";

40
tests/functional/gc.sh
View file

@ -11,46 +11,46 @@ outPath=$(nix-store -rvv "$drvPath")
# Set a GC root.
rm -f "$NIX_STATE_DIR/gcroots/foo"
ln -sf $outPath "$NIX_STATE_DIR/gcroots/foo"
ln -sf "$outPath" "$NIX_STATE_DIR/gcroots/foo"
[ "$(nix-store -q --roots $outPath)" = "$NIX_STATE_DIR/gcroots/foo -> $outPath" ]
[ "$(nix-store -q --roots "$outPath")" = "$NIX_STATE_DIR/gcroots/foo -> $outPath" ]
nix-store --gc --print-roots | grep $outPath
nix-store --gc --print-live | grep $outPath
nix-store --gc --print-dead | grep $drvPath
if nix-store --gc --print-dead | grep -E $outPath$; then false; fi
nix-store --gc --print-roots | grep "$outPath"
nix-store --gc --print-live | grep "$outPath"
nix-store --gc --print-dead | grep "$drvPath"
if nix-store --gc --print-dead | grep -E "$outPath"$; then false; fi
nix-store --gc --print-dead
inUse=$(readLink $outPath/reference-to-input-2)
if nix-store --delete $inUse; then false; fi
test -e $inUse
inUse=$(readLink "$outPath/reference-to-input-2")
if nix-store --delete "$inUse"; then false; fi
test -e "$inUse"
if nix-store --delete $outPath; then false; fi
test -e $outPath
if nix-store --delete "$outPath"; then false; fi
test -e "$outPath"
for i in $NIX_STORE_DIR/*; do
for i in "$NIX_STORE_DIR"/*; do
if [[ $i =~ /trash ]]; then continue; fi # compat with old daemon
touch $i.lock
touch $i.chroot
touch "$i.lock"
touch "$i.chroot"
done
nix-collect-garbage
# Check that the root and its dependencies haven't been deleted.
cat $outPath/foobar
cat $outPath/reference-to-input-2/bar
cat "$outPath/foobar"
cat "$outPath/reference-to-input-2/bar"
# Check that the derivation has been GC'd.
if test -e $drvPath; then false; fi
if test -e "$drvPath"; then false; fi
rm "$NIX_STATE_DIR/gcroots/foo"
nix-collect-garbage
# Check that the output has been GC'd.
if test -e $outPath/foobar; then false; fi
if test -e "$outPath/foobar"; then false; fi
# Check that the store is empty.
rmdir $NIX_STORE_DIR/.links
rmdir $NIX_STORE_DIR
rmdir "$NIX_STORE_DIR/.links"
rmdir "$NIX_STORE_DIR"

7
tests/functional/git-hashing/local.mk
View file

@ -1,7 +0,0 @@
git-hashing-tests := \
$(d)/simple.sh
install-tests-groups += git-hashing
clean-files += \
$(d)/config.nix

2
tests/functional/git-hashing/meson.build
View file

@ -4,5 +4,5 @@ suites += {
'tests': [
'simple.sh',
],
'workdir': meson.current_build_dir(),
'workdir': meson.current_source_dir(),
}

1
tests/functional/help.sh
View file

@ -65,5 +65,6 @@ def recurse($prefix):
}
nix __dump-cli | subcommands | while IFS= read -r cmd; do
# shellcheck disable=SC2086 # word splitting of cmd is intended
nix $cmd --help
done

3
tests/functional/lang.sh
View file

@ -37,12 +37,14 @@ nix-instantiate --eval -E 'let x = { repeating = x; tracing = builtins.trace x t
2>&1 | grepQuiet -F 'trace: { repeating = «repeated»; tracing = «potential infinite recursion»; }'
nix-instantiate --eval -E 'builtins.warn "Hello" 123' 2>&1 | grepQuiet 'warning: Hello'
# shellcheck disable=SC2016 # The ${} in this is Nix, not shell
nix-instantiate --eval -E 'builtins.addErrorContext "while doing ${"something"} interesting" (builtins.warn "Hello" 123)' 2>/dev/null | grepQuiet 123
# warn does not accept non-strings for now
expectStderr 1 nix-instantiate --eval -E 'let x = builtins.warn { x = x; } true; in x' \
| grepQuiet "expected a string but found a set"
expectStderr 1 nix-instantiate --eval --abort-on-warn -E 'builtins.warn "Hello" 123' | grepQuiet Hello
# shellcheck disable=SC2016 # The ${} in this is Nix, not shell
NIX_ABORT_ON_WARN=1 expectStderr 1 nix-instantiate --eval -E 'builtins.addErrorContext "while doing ${"something"} interesting" (builtins.warn "Hello" 123)' | grepQuiet "while doing something interesting"
set +x
@ -106,6 +108,7 @@ for i in lang/eval-fail-*.nix; do
fi
)"
if
# shellcheck disable=SC2086 # word splitting of flags is intended
expectStderr 1 nix-instantiate $flags "lang/$i.nix" \
| sed "s!$(pwd)!/pwd!g" > "lang/$i.err"
then

12
tests/functional/lang/eval-okay-deprecate-cursed-or.err.exp Normal file
View file

@ -0,0 +1,12 @@
warning: at /pwd/lang/eval-okay-deprecate-cursed-or.nix:3:47: This expression uses `or` as an identifier in a way that will change in a future Nix release.
Wrap this entire expression in parentheses to preserve its current meaning:
((x: x) or)
Give feedback at https://github.com/NixOS/nix/pull/11121
warning: at /pwd/lang/eval-okay-deprecate-cursed-or.nix:4:39: This expression uses `or` as an identifier in a way that will change in a future Nix release.
Wrap this entire expression in parentheses to preserve its current meaning:
((x: x + 1) or)
Give feedback at https://github.com/NixOS/nix/pull/11121
warning: at /pwd/lang/eval-okay-deprecate-cursed-or.nix:5:44: This expression uses `or` as an identifier in a way that will change in a future Nix release.
Wrap this entire expression in parentheses to preserve its current meaning:
((x: x) or)
Give feedback at https://github.com/NixOS/nix/pull/11121

1
tests/functional/lang/eval-okay-deprecate-cursed-or.exp Normal file
View file

@ -0,0 +1 @@
0

11
tests/functional/lang/eval-okay-deprecate-cursed-or.nix Normal file
View file

@ -0,0 +1,11 @@
let
# These are cursed and should warn
cursed0 = builtins.length (let or = 1; in [ (x: x) or ]);
cursed1 = let or = 1; in (x: x * 2) (x: x + 1) or;
cursed2 = let or = 1; in { a = 2; }.a or (x: x) or;
# These are uses of `or` as an identifier that are not cursed
allowed0 = let or = (x: x); in map or [];
allowed1 = let f = (x: x); or = f; in f (f or);
in
0

8
tests/functional/linux-sandbox.sh
View file

@ -40,14 +40,14 @@ nix-sandbox-build dependencies.nix --check
# Test that sandboxed builds with --check and -K can move .check directory to store
nix-sandbox-build check.nix -A nondeterministic
# `100 + 4` means non-determinstic, see doc/manual/src/command-ref/status-build-failure.md
# `100 + 4` means non-determinstic, see doc/manual/source/command-ref/status-build-failure.md
expectStderr 104 nix-sandbox-build check.nix -A nondeterministic --check -K > $TEST_ROOT/log
grepQuietInverse 'error: renaming' $TEST_ROOT/log
grepQuiet 'may not be deterministic' $TEST_ROOT/log
# Test that sandboxed builds cannot write to /etc easily
# `100` means build failure without extra info, see doc/manual/src/command-ref/status-build-failure.md
expectStderr 100 nix-sandbox-build -E 'with import ./config.nix; mkDerivation { name = "etc-write"; buildCommand = "echo > /etc/test"; }' |
# `100` means build failure without extra info, see doc/manual/source/command-ref/status-build-failure.md
expectStderr 100 nix-sandbox-build -E 'with import '"${config_nix}"'; mkDerivation { name = "etc-write"; buildCommand = "echo > /etc/test"; }' |
grepQuiet "/etc/test: Permission denied"
@ -56,7 +56,7 @@ testCert () {
expectation=$1 # "missing" | "present"
mode=$2 # "normal" | "fixed-output"
certFile=$3 # a string that can be the path to a cert file
# `100` means build failure without extra info, see doc/manual/src/command-ref/status-build-failure.md
# `100` means build failure without extra info, see doc/manual/source/command-ref/status-build-failure.md
[ "$mode" == fixed-output ] && ret=1 || ret=100
expectStderr $ret nix-sandbox-build linux-sandbox-cert-test.nix --argstr mode "$mode" --option ssl-cert-file "$certFile" |
grepQuiet "CERT_${expectation}_IN_SANDBOX"

14
tests/functional/local-overlay-store/local.mk
View file

@ -1,14 +0,0 @@
local-overlay-store-tests := \
$(d)/check-post-init.sh \
$(d)/redundant-add.sh \
$(d)/build.sh \
$(d)/bad-uris.sh \
$(d)/add-lower.sh \
$(d)/delete-refs.sh \
$(d)/delete-duplicate.sh \
$(d)/gc.sh \
$(d)/verify.sh \
$(d)/optimise.sh \
$(d)/stale-file-handle.sh
install-tests-groups += local-overlay-store

2
tests/functional/local-overlay-store/meson.build
View file

@ -14,5 +14,5 @@ suites += {
'optimise.sh',
'stale-file-handle.sh',
],
'workdir': meson.current_build_dir(),
'workdir': meson.current_source_dir(),
}

143
tests/functional/local.mk
View file

@ -1,143 +0,0 @@
nix_tests = \
test-infra.sh \
gc.sh \
nix-collect-garbage-d.sh \
remote-store.sh \
legacy-ssh-store.sh \
lang.sh \
lang-gc.sh \
characterisation-test-infra.sh \
experimental-features.sh \
fetchMercurial.sh \
gc-auto.sh \
user-envs.sh \
user-envs-migration.sh \
binary-cache.sh \
multiple-outputs.sh \
nix-build.sh \
gc-concurrent.sh \
repair.sh \
fixed.sh \
export-graph.sh \
timeout.sh \
fetchGitRefs.sh \
gc-runtime.sh \
tarball.sh \
fetchGit.sh \
fetchurl.sh \
fetchPath.sh \
fetchTree-file.sh \
simple.sh \
referrers.sh \
optimise-store.sh \
substitute-with-invalid-ca.sh \
signing.sh \
hash-convert.sh \
hash-path.sh \
gc-non-blocking.sh \
check.sh \
nix-shell.sh \
check-refs.sh \
build-remote-input-addressed.sh \
secure-drv-outputs.sh \
restricted.sh \
fetchGitSubmodules.sh \
fetchGitVerification.sh \
readfile-context.sh \
nix-channel.sh \
recursive.sh \
dependencies.sh \
check-reqs.sh \
build-remote-content-addressed-fixed.sh \
build-remote-content-addressed-floating.sh \
build-remote-trustless-should-pass-0.sh \
build-remote-trustless-should-pass-1.sh \
build-remote-trustless-should-pass-2.sh \
build-remote-trustless-should-pass-3.sh \
build-remote-trustless-should-fail-0.sh \
build-remote-with-mounted-ssh-ng.sh \
nar-access.sh \
impure-eval.sh \
pure-eval.sh \
eval.sh \
repl.sh \
binary-cache-build-remote.sh \
search.sh \
logging.sh \
export.sh \
config.sh \
add.sh \
chroot-store.sh \
filter-source.sh \
misc.sh \
dump-db.sh \
linux-sandbox.sh \
supplementary-groups.sh \
build-dry.sh \
structured-attrs.sh \
shell.sh \
brotli.sh \
zstd.sh \
compression-levels.sh \
nix-copy-ssh.sh \
nix-copy-ssh-ng.sh \
post-hook.sh \
function-trace.sh \
fmt.sh \
eval-store.sh \
why-depends.sh \
derivation-json.sh \
derivation-advanced-attributes.sh \
import-from-derivation.sh \
nix_path.sh \
nars.sh \
placeholders.sh \
ssh-relay.sh \
build.sh \
build-delete.sh \
output-normalization.sh \
selfref-gc.sh \
db-migration.sh \
bash-profile.sh \
pass-as-file.sh \
nix-profile.sh \
suggestions.sh \
store-info.sh \
fetchClosure.sh \
completions.sh \
impure-derivations.sh \
path-from-hash-part.sh \
path-info.sh \
toString-path.sh \
read-only-store.sh \
nested-sandboxing.sh \
impure-env.sh \
debugger.sh \
extra-sandbox-profile.sh \
help.sh
ifeq ($(HAVE_LIBCPUID), 1)
nix_tests += compute-levels.sh
endif
ifeq ($(ENABLE_BUILD), yes)
nix_tests += test-libstoreconsumer.sh
ifeq ($(BUILD_SHARED_LIBS), 1)
nix_tests += plugins.sh
endif
endif
$(d)/test-libstoreconsumer.sh.test $(d)/test-libstoreconsumer.sh.test-debug: \
$(buildprefix)$(d)/test-libstoreconsumer/test-libstoreconsumer
$(d)/plugins.sh.test $(d)/plugins.sh.test-debug: \
$(buildprefix)$(d)/plugins/libplugintest.$(SO_EXT)
install-tests += $(foreach x, $(nix_tests), $(d)/$(x))
test-clean-files := \
$(d)/common/subst-vars.sh \
$(d)/config.nix
clean-files += $(test-clean-files)
test-deps += $(test-clean-files)

2
tests/functional/logging.sh
View file

@ -22,7 +22,7 @@ nix-build dependencies.nix --no-out-link --compress-build-log
builder="$(realpath "$(mktemp)")"
echo -e "#!/bin/sh\nmkdir \$out" > "$builder"
outp="$(nix-build -E \
'with import ./config.nix; mkDerivation { name = "fnord"; builder = '"$builder"'; }' \
'with import '"${config_nix}"'; mkDerivation { name = "fnord"; builder = '"$builder"'; }' \
--out-link "$(mktemp -d)/result")"
test -d "$outp"

57
tests/functional/meson.build
View file

@ -1,4 +1,4 @@
project('nix-functional-tests', 'cpp',
project('nix-functional-tests',
version : files('.version'),
default_options : [
'cpp_std=c++2a',
@ -14,31 +14,15 @@ project('nix-functional-tests', 'cpp',
fs = import('fs')
# Need to combine source and build trees
run_command(
'rsync',
'-a',
'--copy-unsafe-links',
meson.current_source_dir() / '',
meson.current_build_dir() / '',
)
# This current-source-escaping relative is no good because we don't know
# where the build directory will be, therefore we fix it up. Once the
# Make build system is gone, we should think about doing this better.
scripts_dir = fs.relative_to(
meson.current_source_dir() / '..' / '..' / 'scripts',
meson.current_build_dir(),
)
run_command(
'sed',
'-i', meson.current_build_dir() / 'bash-profile.sh',
'-e', 's^../../scripts^@0@^'.format(scripts_dir),
)
nix = find_program('nix')
bash = find_program('bash', native : true)
busybox = find_program('busybox', native : true, required : false)
coreutils = find_program('coreutils', native : true)
if host_machine.system() == 'windows'
# Because of the state of symlinks on Windows, coreutils.exe doesn't usually exist, but things like ls.exe will
coreutils = find_program('ls', native : true)
else
coreutils = find_program('coreutils', native : true)
endif
dot = find_program('dot', native : true, required : false)
nix_bin_dir = fs.parent(nix.full_path())
@ -185,12 +169,13 @@ suites = [
'extra-sandbox-profile.sh',
'help.sh',
],
'workdir': meson.current_build_dir(),
'workdir': meson.current_source_dir(),
},
]
nix_store = dependency('nix-store', required : false)
if nix_store.found()
add_languages('cpp')
subdir('test-libstoreconsumer')
suites += {
'name': 'libstoreconsumer',
@ -200,7 +185,7 @@ if nix_store.found()
'tests': [
'test-libstoreconsumer.sh',
],
'workdir': meson.current_build_dir(),
'workdir': meson.current_source_dir(),
}
endif
@ -208,6 +193,7 @@ endif
# Plugin tests require shared libraries support.
nix_expr = dependency('nix-expr', required : false)
if nix_expr.found() and get_option('default_library') != 'static'
add_languages('cpp')
subdir('plugins')
suites += {
'name': 'plugins',
@ -217,7 +203,7 @@ if nix_expr.found() and get_option('default_library') != 'static'
'tests': [
'plugins.sh',
],
'workdir': meson.current_build_dir(),
'workdir': meson.current_source_dir(),
}
endif
@ -228,14 +214,12 @@ subdir('git-hashing')
subdir('local-overlay-store')
foreach suite : suites
workdir = suite['workdir']
suite_name = suite['name']
foreach script : suite['tests']
workdir = suite['workdir']
prefix = fs.relative_to(workdir, meson.project_build_root())
script = script
# Turns, e.g., `tests/functional/flakes/show.sh` into a Meson test target called
# `functional-flakes-show`.
name = fs.replace_suffix(prefix / script, '')
name = fs.replace_suffix(script, '')
test(
name,
@ -247,14 +231,17 @@ foreach suite : suites
'-o', 'pipefail',
script,
],
suite : suite['name'],
suite : suite_name,
env : {
'TEST_NAME': name,
'_NIX_TEST_SOURCE_DIR': meson.current_source_dir(),
'_NIX_TEST_BUILD_DIR': meson.current_build_dir(),
'TEST_NAME': suite_name / name,
'NIX_REMOTE': '',
'PS4': '+(${BASH_SOURCE[0]-$0}:$LINENO) ',
},
# some tests take 15+ seconds even on an otherwise idle machine, on a loaded machine
# this can easily drive them to failure. give them more time than default of 30sec
# Some tests take 15+ seconds even on an otherwise idle machine;
# on a loaded machine this can easily drive them to failure. Give
# them more time than the default of 30 seconds.
timeout : 300,
# Used for target dependency/ordering tracking, not adding compiler flags or anything.
depends : suite['deps'],

2
tests/functional/nar-access.nix
View file

@ -20,4 +20,4 @@ asdom 12398
EOF
'';
};
}
}

44
tests/functional/nar-access.sh
View file

@ -9,57 +9,57 @@ cd "$TEST_ROOT"
# Dump path to nar.
narFile="$TEST_ROOT/path.nar"
nix-store --dump $storePath > $narFile
nix-store --dump "$storePath" > "$narFile"
# Check that find and nar ls match.
( cd $storePath; find . | sort ) > files.find
nix nar ls -R -d $narFile "" | sort > files.ls-nar
( cd "$storePath"; find . | sort ) > files.find
nix nar ls -R -d "$narFile" "" | sort > files.ls-nar
diff -u files.find files.ls-nar
# Check that file contents of data match.
nix nar cat $narFile /foo/data > data.cat-nar
diff -u data.cat-nar $storePath/foo/data
nix nar cat "$narFile" /foo/data > data.cat-nar
diff -u data.cat-nar "$storePath/foo/data"
# Check that file contents of baz match.
nix nar cat $narFile /foo/baz > baz.cat-nar
diff -u baz.cat-nar $storePath/foo/baz
nix nar cat "$narFile" /foo/baz > baz.cat-nar
diff -u baz.cat-nar "$storePath/foo/baz"
nix store cat $storePath/foo/baz > baz.cat-nar
diff -u baz.cat-nar $storePath/foo/baz
nix store cat "$storePath/foo/baz" > baz.cat-nar
diff -u baz.cat-nar "$storePath/foo/baz"
TODO_NixOS
# Check that 'nix store cat' fails on invalid store paths.
invalidPath="$(dirname $storePath)/99999999999999999999999999999999-foo"
cp -r $storePath $invalidPath
expect 1 nix store cat $invalidPath/foo/baz
invalidPath="$(dirname "$storePath")/99999999999999999999999999999999-foo"
cp -r "$storePath" "$invalidPath"
expect 1 nix store cat "$invalidPath/foo/baz"
# Test --json.
diff -u \
<(nix nar ls --json $narFile / | jq -S) \
<(nix nar ls --json "$narFile" / | jq -S) \
<(echo '{"type":"directory","entries":{"foo":{},"foo-x":{},"qux":{},"zyx":{}}}' | jq -S)
diff -u \
<(nix nar ls --json -R $narFile /foo | jq -S) \
<(nix nar ls --json -R "$narFile" /foo | jq -S) \
<(echo '{"type":"directory","entries":{"bar":{"type":"regular","size":0,"narOffset":368},"baz":{"type":"regular","size":0,"narOffset":552},"data":{"type":"regular","size":58,"narOffset":736}}}' | jq -S)
diff -u \
<(nix nar ls --json -R $narFile /foo/bar | jq -S) \
<(nix nar ls --json -R "$narFile" /foo/bar | jq -S) \
<(echo '{"type":"regular","size":0,"narOffset":368}' | jq -S)
diff -u \
<(nix store ls --json $storePath | jq -S) \
<(nix store ls --json "$storePath" | jq -S) \
<(echo '{"type":"directory","entries":{"foo":{},"foo-x":{},"qux":{},"zyx":{}}}' | jq -S)
diff -u \
<(nix store ls --json -R $storePath/foo | jq -S) \
<(nix store ls --json -R "$storePath/foo" | jq -S) \
<(echo '{"type":"directory","entries":{"bar":{"type":"regular","size":0},"baz":{"type":"regular","size":0},"data":{"type":"regular","size":58}}}' | jq -S)
diff -u \
<(nix store ls --json -R $storePath/foo/bar| jq -S) \
<(nix store ls --json -R "$storePath/foo/bar"| jq -S) \
<(echo '{"type":"regular","size":0}' | jq -S)
# Test missing files.
expect 1 nix store ls --json -R $storePath/xyzzy 2>&1 | grep 'does not exist'
expect 1 nix store ls $storePath/xyzzy 2>&1 | grep 'does not exist'
expect 1 nix store ls --json -R "$storePath/xyzzy" 2>&1 | grep 'does not exist'
expect 1 nix store ls "$storePath/xyzzy" 2>&1 | grep 'does not exist'
# Test failure to dump.
if nix-store --dump $storePath >/dev/full ; then
if nix-store --dump "$storePath" >/dev/full ; then
echo "dumping to /dev/full should fail"
exit -1
exit 1
fi

47
tests/functional/nars.sh
View file

@ -88,20 +88,53 @@ touch "$TEST_ROOT/case/xt_CONNMARK.h~nix~case~hack~3"
rm -rf "$TEST_ROOT/case"
expectStderr 1 nix-store "${opts[@]}" --restore "$TEST_ROOT/case" < case-collision.nar | grepQuiet "NAR contains file name 'test' that collides with case-hacked file name 'Test~nix~case~hack~1'"
# Deserializing a NAR that contains file names that Unicode-normalize
# to the same name should fail on macOS but succeed on Linux.
# Deserializing a NAR that contains file names that Unicode-normalize to the
# same name should fail on macOS and specific Linux setups (typically ZFS with
# `utf8only` enabled and `normalization` set to anything else than `none`). The
# deserialization should succeed on most Linux, where file names aren't
# unicode-normalized.
#
# We test that:
#
# 1. It either succeeds or fails with "already exists" error.
# 2. Nix has the same behavior with respect to unicode normalization than
# $TEST_ROOT's filesystem (when using basic Unix commands)
rm -rf "$TEST_ROOT/out"
if [[ $(uname) = Darwin ]]; then
expectStderr 1 nix-store --restore "$TEST_ROOT/out" < unnormalized.nar | grepQuiet "path '.*/out/â' already exists"
else
nix-store --restore "$TEST_ROOT/out" < unnormalized.nar
set +e
unicodeTestOut=$(nix-store --restore "$TEST_ROOT/out" < unnormalized.nar 2>&1)
unicodeTestCode=$?
set -e
touch "$TEST_ROOT/unicode-â" # non-canonical version
touch "$TEST_ROOT/unicode-â"
touchFilesCount=$(find "$TEST_ROOT" -maxdepth 1 -name "unicode-*" -type f | wc -l)
if (( unicodeTestCode == 1 )); then
# If the command failed (MacOS or ZFS + normalization), checks that it failed
# with the expected "already exists" error, and that this is the same
# behavior as `touch`
echo "$unicodeTestOut" | grepQuiet "path '.*/out/â' already exists"
(( touchFilesCount == 1 ))
elif (( unicodeTestCode == 0 )); then
# If the command succeeded, check that both files are present, and that this
# is the same behavior as `touch`
[[ -e $TEST_ROOT/out/â ]]
[[ -e $TEST_ROOT/out/â ]]
(( touchFilesCount == 2 ))
else
# if the return code is neither 0 or 1, fail the test.
echo "NAR deserialization of files with the same Unicode normalization failed with unexpected return code $unicodeTestCode" >&2
exit 1
fi
rm -f "$TEST_ROOT/unicode-*"
# Unpacking a NAR with a NUL character in a file name should fail.
rm -rf "$TEST_ROOT/out"
expectStderr 1 nix-store --restore "$TEST_ROOT/out" < nul.nar | grepQuiet "NAR contains invalid file name 'f"
expectStderr 1 nix-store --restore "$TEST_ROOT/out" < nul-character.nar | grepQuiet "NAR contains invalid file name 'f"
# Likewise for a '.' filename.
rm -rf "$TEST_ROOT/out"

9
tests/functional/nested-sandboxing.sh
View file

@ -8,6 +8,15 @@ TODO_NixOS
requireSandboxSupport
start="$TEST_ROOT/start"
mkdir -p "$start"
cp -r common common.sh ${config_nix} ./nested-sandboxing "$start"
cp "${_NIX_TEST_BUILD_DIR}/common/subst-vars.sh" "$start/common"
# N.B. redefine
_NIX_TEST_SOURCE_DIR="$start"
_NIX_TEST_BUILD_DIR="$start"
cd "$start"
source ./nested-sandboxing/command.sh
expectStderr 100 runNixBuild badStoreUrl 2 | grepQuiet '`sandbox-build-dir` must not contain'

3
tests/functional/nested-sandboxing/runner.nix
View file

@ -19,6 +19,9 @@ mkDerivation {
export PATH=${builtins.getEnv "NIX_BIN_DIR"}:$PATH
export _NIX_TEST_SOURCE_DIR=$PWD
export _NIX_TEST_BUILD_DIR=$PWD
source common.sh
source ./nested-sandboxing/command.sh

2
tests/functional/nix-channel.sh
View file

@ -35,7 +35,7 @@ drvPath=$(nix-instantiate dependencies.nix)
nix copy --to file://$TEST_ROOT/foo?compression="bzip2" $(nix-store -r "$drvPath")
rm -rf $TEST_ROOT/nixexprs
mkdir -p $TEST_ROOT/nixexprs
cp config.nix dependencies.nix dependencies.builder*.sh $TEST_ROOT/nixexprs/
cp "${config_nix}" dependencies.nix dependencies.builder*.sh $TEST_ROOT/nixexprs/
ln -s dependencies.nix $TEST_ROOT/nixexprs/default.nix
(cd $TEST_ROOT && tar cvf - nixexprs) | bzip2 > $TEST_ROOT/foo/nixexprs.tar.bz2

4
tests/functional/nix-profile.sh
View file

@ -47,7 +47,7 @@ printf World > $flake1Dir/who
printf 1.0 > $flake1Dir/version
printf false > $flake1Dir/ca.nix
cp ./config.nix $flake1Dir/
cp "${config_nix}" $flake1Dir/
# Test upgrading from nix-env.
nix-env -f ./user-envs.nix -i foo-1.0
@ -140,7 +140,7 @@ nix profile install $(nix-build --no-out-link ./simple.nix)
# Test packages with same name from different sources
mkdir $TEST_ROOT/simple-too
cp ./simple.nix ./config.nix simple.builder.sh $TEST_ROOT/simple-too
cp ./simple.nix "${config_nix}" simple.builder.sh $TEST_ROOT/simple-too
nix profile install --file $TEST_ROOT/simple-too/simple.nix ''
nix profile list | grep -A4 'Name:.*simple' | grep 'Name:.*simple-1'
nix profile remove simple 2>&1 | grep 'removed 1 packages'

42
tests/functional/nix-shell.sh
View file

@ -31,6 +31,15 @@ output=$(nix-shell --pure --keep SELECTED_IMPURE_VAR "$shellDotNix" -A shellDrv
[ "$output" = " - foo - bar - baz" ]
# test NIX_BUILD_TOP
testTmpDir=$(pwd)/nix-shell
mkdir -p "$testTmpDir"
output=$(TMPDIR="$testTmpDir" nix-shell --pure "$shellDotNix" -A shellDrv --run 'echo $NIX_BUILD_TOP')
[[ "$output" =~ ${testTmpDir}.* ]] || {
echo "expected $output =~ ${testTmpDir}.*" >&2
exit 1
}
# Test nix-shell on a .drv
[[ $(nix-shell --pure $(nix-instantiate "$shellDotNix" -A shellDrv) --run \
'echo "$IMPURE_VAR - $VAR_FROM_STDENV_SETUP - $VAR_FROM_NIX - $TEST_inNixShell"') = " - foo - bar - false" ]]
@ -70,7 +79,7 @@ sed -e "s|@ENV_PROG@|$(type -P env)|" shell.shebang.expr > $TEST_ROOT/shell.sheb
chmod a+rx $TEST_ROOT/shell.shebang.expr
# Should fail due to expressions using relative path
! $TEST_ROOT/shell.shebang.expr bar
cp shell.nix config.nix $TEST_ROOT
cp shell.nix "${config_nix}" $TEST_ROOT
# Should succeed
echo "cwd: $PWD"
output=$($TEST_ROOT/shell.shebang.expr bar)
@ -117,7 +126,7 @@ $TEST_ROOT/shell.shebang.nix
mkdir $TEST_ROOT/lookup-test $TEST_ROOT/empty
echo "import $shellDotNix" > $TEST_ROOT/lookup-test/shell.nix
cp config.nix $TEST_ROOT/lookup-test/
cp "${config_nix}" $TEST_ROOT/lookup-test/
echo 'abort "do not load default.nix!"' > $TEST_ROOT/lookup-test/default.nix
nix-shell $TEST_ROOT/lookup-test -A shellDrv --run 'echo "it works"' | grepQuiet "it works"
@ -158,6 +167,35 @@ EOF
chmod a+x $TEST_ROOT/marco/polo/default.nix
(cd $TEST_ROOT/marco && ./polo/default.nix | grepQuiet "Polo")
# https://github.com/NixOS/nix/issues/11892
mkdir $TEST_ROOT/issue-11892
cat >$TEST_ROOT/issue-11892/shebangscript <<EOF
#!$(type -P env) nix-shell
#! nix-shell -I nixpkgs=$shellDotNix
#! nix-shell -p 'callPackage (import ./my_package.nix) {}'
#! nix-shell -i bash
set -euxo pipefail
my_package
EOF
cat >$TEST_ROOT/issue-11892/my_package.nix <<EOF
{ stdenv, shell, ... }:
stdenv.mkDerivation {
name = "my_package";
buildCommand = ''
mkdir -p \$out/bin
( echo "#!\${shell}"
echo "echo 'ok' 'baz11892'"
) > \$out/bin/my_package
cat \$out/bin/my_package
chmod a+x \$out/bin/my_package
'';
}
EOF
chmod a+x $TEST_ROOT/issue-11892/shebangscript
$TEST_ROOT/issue-11892/shebangscript \
| tee /dev/stderr \
| grepQuiet "ok baz11892"
#####################
# Flake equivalents #

0
tests/functional/nul.nar → tests/functional/nul-character.nar
View file

6
tests/functional/optimise-store.sh
View file

@ -4,8 +4,8 @@ source common.sh
clearStoreIfPossible
outPath1=$(echo 'with import ./config.nix; mkDerivation { name = "foo1"; builder = builtins.toFile "builder" "mkdir $out; echo hello > $out/foo"; }' | nix-build - --no-out-link --auto-optimise-store)
outPath2=$(echo 'with import ./config.nix; mkDerivation { name = "foo2"; builder = builtins.toFile "builder" "mkdir $out; echo hello > $out/foo"; }' | nix-build - --no-out-link --auto-optimise-store)
outPath1=$(echo 'with import '"${config_nix}"'; mkDerivation { name = "foo1"; builder = builtins.toFile "builder" "mkdir $out; echo hello > $out/foo"; }' | nix-build - --no-out-link --auto-optimise-store)
outPath2=$(echo 'with import '"${config_nix}"'; mkDerivation { name = "foo2"; builder = builtins.toFile "builder" "mkdir $out; echo hello > $out/foo"; }' | nix-build - --no-out-link --auto-optimise-store)
TODO_NixOS # ignoring the client-specified setting 'auto-optimise-store', because it is a restricted setting and you are not a trusted user
# TODO: only continue when trusted user or root
@ -23,7 +23,7 @@ if [ "$nlink" != 3 ]; then
exit 1
fi
outPath3=$(echo 'with import ./config.nix; mkDerivation { name = "foo3"; builder = builtins.toFile "builder" "mkdir $out; echo hello > $out/foo"; }' | nix-build - --no-out-link)
outPath3=$(echo 'with import '"${config_nix}"'; mkDerivation { name = "foo3"; builder = builtins.toFile "builder" "mkdir $out; echo hello > $out/foo"; }' | nix-build - --no-out-link)
inode3="$(stat --format=%i $outPath3/foo)"
if [ "$inode1" = "$inode3" ]; then

17
tests/functional/package.nix
View file

@ -1,12 +1,10 @@
{ lib
, stdenv
, mkMesonDerivation
, releaseTools
, meson
, ninja
, pkg-config
, rsync
, jq
, git
@ -17,14 +15,11 @@
, nix-expr
, nix-cli
, rapidcheck
, gtest
, runCommand
, busybox-sandbox-shell ? null
# Configuration Options
, pname ? "nix-functional-tests"
, version
# For running the functional tests against a different pre-built Nix.
@ -36,8 +31,7 @@ let
in
mkMesonDerivation (finalAttrs: {
pname = "nix-functional-tests";
inherit version;
inherit pname version;
workDir = ./.;
fileset = fileset.unions [
@ -48,11 +42,10 @@ mkMesonDerivation (finalAttrs: {
];
# Hack for sake of the dev shell
passthru.baseNativeBuildInputs = [
passthru.externalNativeBuildInputs = [
meson
ninja
pkg-config
rsync
jq
git
@ -62,11 +55,12 @@ mkMesonDerivation (finalAttrs: {
# etc.
busybox-sandbox-shell
# For Overlay FS tests need `mount`, `umount`, and `unshare`.
# For `script` command (ensuring a TTY)
# TODO use `unixtools` to be precise over which executables instead?
util-linux
];
nativeBuildInputs = finalAttrs.passthru.baseNativeBuildInputs ++ [
nativeBuildInputs = finalAttrs.passthru.externalNativeBuildInputs ++ [
nix-cli
];
@ -75,7 +69,6 @@ mkMesonDerivation (finalAttrs: {
nix-expr
];
preConfigure =
# "Inline" .version so it's not a symlink, and includes the suffix.
# Do the meson utils, without modification.

2
tests/functional/pass-as-file.sh
View file

@ -5,7 +5,7 @@ source common.sh
clearStoreIfPossible
outPath=$(nix-build --no-out-link -E "
with import ./config.nix;
with import ${config_nix};
mkDerivation {
name = \"pass-as-file\";

2
tests/functional/placeholders.sh
View file

@ -5,7 +5,7 @@ source common.sh
clearStoreIfPossible
nix-build --no-out-link -E '
with import ./config.nix;
with import '"${config_nix}"';
mkDerivation {
name = "placeholders";

2
tests/functional/plugins.sh
View file

@ -3,7 +3,7 @@
source common.sh
for ext in so dylib; do
plugin="$PWD/plugins/libplugintest.$ext"
plugin="${_NIX_TEST_BUILD_DIR}/plugins/libplugintest.$ext"
[[ -f "$plugin" ]] && break
done

11
tests/functional/plugins/local.mk
View file

@ -1,11 +0,0 @@
libraries += libplugintest
libplugintest_DIR := $(d)
libplugintest_SOURCES := $(d)/plugintest.cc
libplugintest_ALLOW_UNDEFINED := 1
libplugintest_EXCLUDE_FROM_LIBRARY_LIST := 1
libplugintest_CXXFLAGS := $(INCLUDE_libutil) $(INCLUDE_libstore) $(INCLUDE_libexpr) $(INCLUDE_libfetchers)

5
tests/functional/recursive.nix
View file

@ -1,4 +1,5 @@
with import ./config.nix;
let config_nix = /. + "${builtins.getEnv "_NIX_TEST_BUILD_DIR"}/config.nix"; in
with import config_nix;
mkDerivation rec {
name = "recursive";
@ -41,7 +42,7 @@ mkDerivation rec {
# Build a derivation.
nix $opts build -L --impure --expr '
with import ${./config.nix};
with import ${config_nix};
mkDerivation {
name = "inner1";
buildCommand = "echo $fnord blaat > $out";

31
tests/functional/restricted.sh
View file

@ -7,8 +7,15 @@ clearStoreIfPossible
nix-instantiate --restrict-eval --eval -E '1 + 2'
(! nix-instantiate --eval --restrict-eval ./restricted.nix)
(! nix-instantiate --eval --restrict-eval <(echo '1 + 2'))
mkdir -p "$TEST_ROOT/nix"
cp ./simple.nix "$TEST_ROOT/nix"
cp ./simple.builder.sh "$TEST_ROOT/nix"
cp "${config_nix}" "$TEST_ROOT/nix"
cd "$TEST_ROOT/nix"
nix-instantiate --restrict-eval ./simple.nix -I src=.
nix-instantiate --restrict-eval ./simple.nix -I src1=simple.nix -I src2=config.nix -I src3=./simple.builder.sh
nix-instantiate --restrict-eval ./simple.nix -I src1=./simple.nix -I src2=./config.nix -I src3=./simple.builder.sh
# no default NIX_PATH
(unset NIX_PATH; ! nix-instantiate --restrict-eval --find-file .)
@ -16,28 +23,28 @@ nix-instantiate --restrict-eval ./simple.nix -I src1=simple.nix -I src2=config.n
(! nix-instantiate --restrict-eval --eval -E 'builtins.readFile ./simple.nix')
nix-instantiate --restrict-eval --eval -E 'builtins.readFile ./simple.nix' -I src=../..
expectStderr 1 nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile <foo/simple.nix>' | grepQuiet "forbidden in restricted mode"
expectStderr 1 nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile <foo/simple.nix>' | grepQuiet "was not found in the Nix search path"
nix-instantiate --restrict-eval --eval -E 'let __nixPath = [ { prefix = "foo"; path = ./.; } ]; in builtins.readFile <foo/simple.nix>' -I src=.
p=$(nix eval --raw --expr "builtins.fetchurl file://$(pwd)/restricted.sh" --impure --restrict-eval --allowed-uris "file://$(pwd)")
cmp $p restricted.sh
p=$(nix eval --raw --expr "builtins.fetchurl file://${_NIX_TEST_SOURCE_DIR}/restricted.sh" --impure --restrict-eval --allowed-uris "file://${_NIX_TEST_SOURCE_DIR}")
cmp "$p" "${_NIX_TEST_SOURCE_DIR}/restricted.sh"
(! nix eval --raw --expr "builtins.fetchurl file://$(pwd)/restricted.sh" --impure --restrict-eval)
(! nix eval --raw --expr "builtins.fetchurl file://${_NIX_TEST_SOURCE_DIR}/restricted.sh" --impure --restrict-eval)
(! nix eval --raw --expr "builtins.fetchurl file://$(pwd)/restricted.sh" --impure --restrict-eval --allowed-uris "file://$(pwd)/restricted.sh/")
(! nix eval --raw --expr "builtins.fetchurl file://${_NIX_TEST_SOURCE_DIR}/restricted.sh" --impure --restrict-eval --allowed-uris "file://${_NIX_TEST_SOURCE_DIR}/restricted.sh/")
nix eval --raw --expr "builtins.fetchurl file://$(pwd)/restricted.sh" --impure --restrict-eval --allowed-uris "file://$(pwd)/restricted.sh"
nix eval --raw --expr "builtins.fetchurl file://${_NIX_TEST_SOURCE_DIR}/restricted.sh" --impure --restrict-eval --allowed-uris "file://${_NIX_TEST_SOURCE_DIR}/restricted.sh"
(! nix eval --raw --expr "builtins.fetchurl https://github.com/NixOS/patchelf/archive/master.tar.gz" --impure --restrict-eval)
(! nix eval --raw --expr "builtins.fetchTarball https://github.com/NixOS/patchelf/archive/master.tar.gz" --impure --restrict-eval)
(! nix eval --raw --expr "fetchGit git://github.com/NixOS/patchelf.git" --impure --restrict-eval)
ln -sfn $(pwd)/restricted.nix $TEST_ROOT/restricted.nix
ln -sfn "${_NIX_TEST_SOURCE_DIR}/restricted.nix" "$TEST_ROOT/restricted.nix"
[[ $(nix-instantiate --eval $TEST_ROOT/restricted.nix) == 3 ]]
(! nix-instantiate --eval --restrict-eval $TEST_ROOT/restricted.nix)
(! nix-instantiate --eval --restrict-eval $TEST_ROOT/restricted.nix -I $TEST_ROOT)
(! nix-instantiate --eval --restrict-eval $TEST_ROOT/restricted.nix -I .)
nix-instantiate --eval --restrict-eval $TEST_ROOT/restricted.nix -I $TEST_ROOT -I .
nix-instantiate --eval --restrict-eval "$TEST_ROOT/restricted.nix" -I "$TEST_ROOT" -I "${_NIX_TEST_SOURCE_DIR}"
[[ $(nix eval --raw --impure --restrict-eval -I . --expr 'builtins.readFile "${import ./simple.nix}/hello"') == 'Hello World!' ]]
@ -54,12 +61,12 @@ expectStderr 1 nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { pr
[[ $(nix-instantiate --restrict-eval --eval -E "let __nixPath = [ { prefix = \"foo\"; path = $TEST_ROOT/tunnel.d; } ]; in builtins.readDir <foo/tunnel>" -I $TEST_ROOT/tunnel.d) == '{ "tunnel.d" = "directory"; }' ]]
# Check whether we can leak symlink information through directory traversal.
traverseDir="$(pwd)/restricted-traverse-me"
ln -sfn "$(pwd)/restricted-secret" "$(pwd)/restricted-innocent"
traverseDir="${_NIX_TEST_SOURCE_DIR}/restricted-traverse-me"
ln -sfn "${_NIX_TEST_SOURCE_DIR}/restricted-secret" "${_NIX_TEST_SOURCE_DIR}/restricted-innocent"
mkdir -p "$traverseDir"
goUp="..$(echo "$traverseDir" | sed -e 's,[^/]\+,..,g')"
output="$(nix eval --raw --restrict-eval -I "$traverseDir" \
--expr "builtins.readFile \"$traverseDir/$goUp$(pwd)/restricted-innocent\"" \
--expr "builtins.readFile \"$traverseDir/$goUp${_NIX_TEST_SOURCE_DIR}/restricted-innocent\"" \
2>&1 || :)"
echo "$output" | grep "is forbidden"
echo "$output" | grepInverse -F restricted-secret

2
tests/functional/selfref-gc.sh
View file

@ -7,7 +7,7 @@ requireDaemonNewerThan "2.6.0pre20211215"
clearStoreIfPossible
nix-build --no-out-link -E '
with import ./config.nix;
with import '"${config_nix}"';
let d1 = mkDerivation {
name = "selfref-gc";

6
tests/functional/shell.nix
View file

@ -37,7 +37,7 @@ let pkgs = rec {
mkdir -p $out
ln -s ${setupSh} $out/setup
'';
};
} // { inherit mkDerivation; };
shellDrv = mkDerivation {
name = "shellDrv";
@ -94,5 +94,9 @@ let pkgs = rec {
chmod a+rx $out/bin/ruby
'';
inherit (cfg) shell;
callPackage = f: args: f (pkgs // args);
inherit pkgs;
}; in pkgs

24
tests/functional/shell.sh
View file

@ -27,8 +27,8 @@ expect 1 nix shell -f shell-hello.nix forbidden-symlink -c hello 2>&1 | grepQuie
# For instance, we might set an environment variable temporarily to affect some
# initialization or whatnot, but this must not leak into the environment of the
# command being run.
env > $TEST_ROOT/expected-env
nix shell -f shell-hello.nix hello -c env > $TEST_ROOT/actual-env
env > "$TEST_ROOT/expected-env"
nix shell -f shell-hello.nix hello -c env > "$TEST_ROOT/actual-env"
# Remove/reset variables we expect to be different.
# - PATH is modified by nix shell
# - we unset TMPDIR on macOS if it contains /var/folders
@ -39,10 +39,10 @@ sed -i \
-e 's/_=.*/_=.../' \
-e '/^TMPDIR=\/var\/folders\/.*/d' \
-e '/^__CF_USER_TEXT_ENCODING=.*$/d' \
$TEST_ROOT/expected-env $TEST_ROOT/actual-env
sort $TEST_ROOT/expected-env > $TEST_ROOT/expected-env.sorted
sort $TEST_ROOT/actual-env > $TEST_ROOT/actual-env.sorted
diff $TEST_ROOT/expected-env.sorted $TEST_ROOT/actual-env.sorted
"$TEST_ROOT/expected-env" "$TEST_ROOT/actual-env"
sort "$TEST_ROOT/expected-env" > "$TEST_ROOT/expected-env.sorted"
sort "$TEST_ROOT/actual-env" > "$TEST_ROOT/actual-env.sorted"
diff "$TEST_ROOT/expected-env.sorted" "$TEST_ROOT/actual-env.sorted"
if isDaemonNewer "2.20.0pre20231220"; then
# Test that command line attribute ordering is reflected in the PATH
@ -53,8 +53,8 @@ fi
requireSandboxSupport
chmod -R u+w $TEST_ROOT/store0 || true
rm -rf $TEST_ROOT/store0
chmod -R u+w "$TEST_ROOT/store0" || true
rm -rf "$TEST_ROOT/store0"
clearStore
@ -64,10 +64,10 @@ path=$(nix eval --raw -f shell-hello.nix hello)
# visible in the sandbox.
nix shell --sandbox-build-dir /build-tmp \
--sandbox-paths '/nix? /bin? /lib? /lib64? /usr?' \
--store $TEST_ROOT/store0 -f shell-hello.nix hello -c hello | grep 'Hello World'
--store "$TEST_ROOT/store0" -f shell-hello.nix hello -c hello | grep 'Hello World'
path2=$(nix shell --sandbox-paths '/nix? /bin? /lib? /lib64? /usr?' --store $TEST_ROOT/store0 -f shell-hello.nix hello -c $SHELL -c 'type -p hello')
path2=$(nix shell --sandbox-paths '/nix? /bin? /lib? /lib64? /usr?' --store "$TEST_ROOT/store0" -f shell-hello.nix hello -c "$SHELL" -c 'type -p hello')
[[ $path/bin/hello = $path2 ]]
[[ "$path/bin/hello" = "$path2" ]]
[[ -e $TEST_ROOT/store0/nix/store/$(basename $path)/bin/hello ]]
[[ -e $TEST_ROOT/store0/nix/store/$(basename "$path")/bin/hello ]]

8
tests/functional/supplementary-groups.sh
View file

@ -9,7 +9,7 @@ needLocalStore "The test uses --store always so we would just be bypassing the d
TODO_NixOS
unshare --mount --map-root-user bash <<EOF
unshare --mount --map-root-user -- bash -e -x <<EOF
source common.sh
# Avoid store dir being inside sandbox build-dir
@ -24,15 +24,13 @@ unshare --mount --map-root-user bash <<EOF
cmd=(nix-build ./hermetic.nix --arg busybox "$busybox" --arg seed 1 --no-out-link)
# Fails with default setting
# TODO better error
setLocalStore store1
expectStderr 1 "\${cmd[@]}" | grepQuiet "unable to start build process"
expectStderr 1 "\${cmd[@]}" | grepQuiet "setgroups failed"
# Fails with `require-drop-supplementary-groups`
# TODO better error
setLocalStore store2
NIX_CONFIG='require-drop-supplementary-groups = true' \
expectStderr 1 "\${cmd[@]}" | grepQuiet "unable to start build process"
expectStderr 1 "\${cmd[@]}" | grepQuiet "setgroups failed"
# Works without `require-drop-supplementary-groups`
setLocalStore store3

18
tests/functional/tarball.sh
View file

@ -10,7 +10,7 @@ tarroot=$TEST_ROOT/tarball
rm -rf "$tarroot"
mkdir -p "$tarroot"
cp dependencies.nix "$tarroot/default.nix"
cp config.nix dependencies.builder*.sh "$tarroot/"
cp "${config_nix}" dependencies.builder*.sh "$tarroot/"
touch -d '@1000000000' "$tarroot" "$tarroot"/*
hash=$(nix hash path "$tarroot")
@ -45,7 +45,7 @@ test_tarball() {
nix-instantiate --eval -E 'with <fnord/xyzzy>; 1 + 2' -I fnord=file:///no-such-tarball"$ext"
(! nix-instantiate --eval -E '<fnord/xyzzy> 1' -I fnord=file:///no-such-tarball"$ext")
nix-instantiate --eval -E '<fnord/config.nix>' -I fnord=file:///no-such-tarball"$ext" -I fnord=.
nix-instantiate --eval -E '<fnord/config.nix>' -I fnord=file:///no-such-tarball"$ext" -I fnord="${_NIX_TEST_BUILD_DIR}"
# Ensure that the `name` attribute isnt accepted as that would mess
# with the content-addressing
@ -97,3 +97,17 @@ chmod +x "$TEST_ROOT/tar_root/foo"
tar cvf "$TEST_ROOT/tar.tar" -C "$TEST_ROOT/tar_root" .
path="$(nix flake prefetch --refresh --json "tarball+file://$TEST_ROOT/tar.tar" | jq -r .storePath)"
[[ $(cat "$path/foo") = bar ]]
# Test a tarball with non-contiguous directory entries.
rm -rf "$TEST_ROOT/tar_root"
mkdir -p "$TEST_ROOT/tar_root/a/b"
echo foo > "$TEST_ROOT/tar_root/a/b/foo"
echo bla > "$TEST_ROOT/tar_root/bla"
tar cvf "$TEST_ROOT/tar.tar" -C "$TEST_ROOT/tar_root" .
echo abc > "$TEST_ROOT/tar_root/bla"
echo xyzzy > "$TEST_ROOT/tar_root/a/b/xyzzy"
tar rvf "$TEST_ROOT/tar.tar" -C "$TEST_ROOT/tar_root" ./a/b/xyzzy ./bla
path="$(nix flake prefetch --refresh --json "tarball+file://$TEST_ROOT/tar.tar" | jq -r .storePath)"
[[ $(cat "$path/a/b/xyzzy") = xyzzy ]]
[[ $(cat "$path/a/b/foo") = foo ]]
[[ $(cat "$path/bla") = abc ]]

2
tests/functional/test-libstoreconsumer.sh
View file

@ -4,5 +4,5 @@ source common.sh
drv="$(nix-instantiate simple.nix)"
cat "$drv"
out="$(./test-libstoreconsumer/test-libstoreconsumer "$drv")"
out="$("${_NIX_TEST_BUILD_DIR}/test-libstoreconsumer/test-libstoreconsumer" "$drv")"
grep -F "Hello World!" < "$out/hello"

15
tests/functional/test-libstoreconsumer/local.mk
View file

@ -1,15 +0,0 @@
programs += test-libstoreconsumer
test-libstoreconsumer_DIR := $(d)
# do not install
test-libstoreconsumer_INSTALL_DIR :=
test-libstoreconsumer_SOURCES := \
$(wildcard $(d)/*.cc) \
test-libstoreconsumer_CXXFLAGS += $(INCLUDE_libutil) $(INCLUDE_libstore)
test-libstoreconsumer_LIBS = libstore libutil
test-libstoreconsumer_LDFLAGS = $(THREAD_LDFLAGS) $(SODIUM_LIBS) $(EDITLINE_LIBS) $(BOOST_LDFLAGS) $(LOWDOWN_LIBS)

2
tests/functional/why-depends.sh
View file

@ -4,7 +4,7 @@ source common.sh
clearStoreIfPossible
cp ./dependencies.nix ./dependencies.builder0.sh ./config.nix $TEST_HOME
cp ./dependencies.nix ./dependencies.builder0.sh "${config_nix}" $TEST_HOME
cd $TEST_HOME

15
tests/functional/zstd.sh
View file

@ -11,22 +11,25 @@ cacheURI="file://$cacheDir?compression=zstd"
outPath=$(nix-build dependencies.nix --no-out-link)
nix copy --to $cacheURI $outPath
nix copy --to "$cacheURI" "$outPath"
HASH=$(nix hash path $outPath)
HASH=$(nix hash path "$outPath")
clearStore
clearCacheCache
nix copy --from $cacheURI $outPath --no-check-sigs
nix copy --from "$cacheURI" "$outPath" --no-check-sigs --profile "$TEST_ROOT/profile" --out-link "$TEST_ROOT/result"
if ls $cacheDir/nar/*.zst &> /dev/null; then
[[ -e $TEST_ROOT/profile ]]
[[ -e $TEST_ROOT/result ]]
if ls "$cacheDir/nar/"*.zst &> /dev/null; then
echo "files do exist"
else
echo "nars do not exist"
exit 1
fi
HASH2=$(nix hash path $outPath)
HASH2=$(nix hash path "$outPath")
[[ $HASH = $HASH2 ]]
[[ "$HASH" = "$HASH2" ]]

31
tests/nixos/chroot-store.nix Normal file
View file

@ -0,0 +1,31 @@
{ lib, config, nixpkgs, ... }:
let
pkgs = config.nodes.machine.nixpkgs.pkgs;
pkgA = pkgs.hello;
pkgB = pkgs.cowsay;
in {
name = "chroot-store";
nodes =
{ machine =
{ config, lib, pkgs, ... }:
{ virtualisation.writableStore = true;
virtualisation.additionalPaths = [ pkgA ];
environment.systemPackages = [ pkgB ];
nix.extraOptions = "experimental-features = nix-command";
};
};
testScript = { nodes }: ''
# fmt: off
start_all()
machine.succeed("nix copy --no-check-sigs --to /tmp/nix ${pkgA}")
machine.succeed("nix shell --store /tmp/nix ${pkgA} --command hello >&2")
# Test that /nix/store is available via an overlayfs mount.
machine.succeed("nix shell --store /tmp/nix ${pkgA} --command cowsay foo >&2")
'';
}

16
tests/nixos/default.nix
View file

@ -21,7 +21,8 @@ let
defaults = {
nixpkgs.pkgs = nixpkgsFor.${system}.native;
nix.checkAllErrors = false;
nix.package = noTests nixpkgsFor.${system}.native.nix;
# TODO: decide which packaging stage to use. `nix-cli` is efficient, but not the same as the user-facing `everything.nix` package (`default`). Perhaps a good compromise is `everything.nix` + `noTests` defined above?
nix.package = nixpkgsFor.${system}.native.nixComponents.nix-cli;
};
_module.args.nixpkgs = nixpkgs;
_module.args.system = system;
@ -33,10 +34,9 @@ let
forNix = nixVersion: runNixOSTestFor system {
imports = [test];
defaults.nixpkgs.overlays = [(curr: prev: {
# NOTE: noTests pkg might not have been built yet for some older versions of the package
# and in versions before 2.25, the untested build wasn't shared with the tested build yet
# Add noTests here when those versions become irrelevant.
nix = (builtins.getFlake "nix/${nixVersion}").packages.${system}.nix;
nix = let
packages = (builtins.getFlake "nix/${nixVersion}").packages.${system};
in packages.nix-cli or packages.nix;
})];
};
};
@ -124,6 +124,8 @@ in
nix-copy = runNixOSTestFor "x86_64-linux" ./nix-copy.nix;
nix-docker = runNixOSTestFor "x86_64-linux" ./nix-docker.nix;
nssPreload = runNixOSTestFor "x86_64-linux" ./nss-preload.nix;
githubFlakes = runNixOSTestFor "x86_64-linux" ./github-flakes.nix;
@ -159,4 +161,8 @@ in
fsync = runNixOSTestFor "x86_64-linux" ./fsync.nix;
cgroups = runNixOSTestFor "x86_64-linux" ./cgroups;
fetchurl = runNixOSTestFor "x86_64-linux" ./fetchurl.nix;
chrootStore = runNixOSTestFor "x86_64-linux" ./chroot-store.nix;
}

84
tests/nixos/fetchurl.nix Normal file
View file

@ -0,0 +1,84 @@
# Test whether builtin:fetchurl properly performs TLS certificate
# checks on HTTPS servers.
{ pkgs, ... }:
let
makeTlsCert = name: pkgs.runCommand name {
nativeBuildInputs = with pkgs; [ openssl ];
} ''
mkdir -p $out
openssl req -x509 \
-subj '/CN=${name}/' -days 49710 \
-addext 'subjectAltName = DNS:${name}' \
-keyout "$out/key.pem" -newkey ed25519 \
-out "$out/cert.pem" -noenc
'';
goodCert = makeTlsCert "good";
badCert = makeTlsCert "bad";
in
{
name = "nss-preload";
nodes = {
machine = { pkgs, ... }: {
services.nginx = {
enable = true;
virtualHosts."good" = {
addSSL = true;
sslCertificate = "${goodCert}/cert.pem";
sslCertificateKey = "${goodCert}/key.pem";
root = pkgs.runCommand "nginx-root" {} ''
mkdir "$out"
echo 'hello world' > "$out/index.html"
'';
};
virtualHosts."bad" = {
addSSL = true;
sslCertificate = "${badCert}/cert.pem";
sslCertificateKey = "${badCert}/key.pem";
root = pkgs.runCommand "nginx-root" {} ''
mkdir "$out"
echo 'foobar' > "$out/index.html"
'';
};
};
security.pki.certificateFiles = [ "${goodCert}/cert.pem" ];
networking.hosts."127.0.0.1" = [ "good" "bad" ];
virtualisation.writableStore = true;
nix.settings.experimental-features = "nix-command";
};
};
testScript = ''
machine.wait_for_unit("nginx")
machine.wait_for_open_port(443)
out = machine.succeed("curl https://good/index.html")
assert out == "hello world\n"
out = machine.succeed("cat ${badCert}/cert.pem > /tmp/cafile.pem; curl --cacert /tmp/cafile.pem https://bad/index.html")
assert out == "foobar\n"
# Fetching from a server with a trusted cert should work.
machine.succeed("nix build --no-substitute --expr 'import <nix/fetchurl.nix> { url = \"https://good/index.html\"; hash = \"sha256-qUiQTy8PR5uPgZdpSzAYSw0u0cHNKh7A+4XSmaGSpEc=\"; }'")
# Fetching from a server with an untrusted cert should fail.
err = machine.fail("nix build --no-substitute --expr 'import <nix/fetchurl.nix> { url = \"https://bad/index.html\"; hash = \"sha256-rsBwZF/lPuOzdjBZN2E08FjMM3JHyXit0Xi2zN+wAZ8=\"; }' 2>&1")
print(err)
assert "SSL certificate problem: self-signed certificate" in err
# Fetching from a server with a trusted cert should work via environment variable override.
machine.succeed("NIX_SSL_CERT_FILE=/tmp/cafile.pem nix build --no-substitute --expr 'import <nix/fetchurl.nix> { url = \"https://bad/index.html\"; hash = \"sha256-rsBwZF/lPuOzdjBZN2E08FjMM3JHyXit0Xi2zN+wAZ8=\"; }'")
'';
}

51
tests/nixos/functional/common.nix
View file

@ -24,43 +24,42 @@ in
environment.systemPackages = let
run-test-suite = pkgs.writeShellApplication {
name = "run-test-suite";
runtimeInputs = [ pkgs.gnumake pkgs.jq pkgs.git ];
runtimeInputs = [
pkgs.meson
pkgs.ninja
pkgs.jq
pkgs.git
# Want to avoid `/run/current-system/sw/bin/bash` because we
# want a store path. Likewise for coreutils.
pkgs.bash
pkgs.coreutils
];
text = ''
set -x
cat /proc/sys/fs/file-max
ulimit -Hn
ulimit -Sn
cd ~
cp -r ${pkgs.nix.overrideAttrs (o: {
name = "nix-configured-source";
outputs = [ "out" ];
separateDebugInfo = false;
disallowedReferences = [ ];
buildPhase = ":";
checkPhase = ":";
installPhase = ''
cp -r . $out
'';
installCheckPhase = ":";
fixupPhase = ":";
doInstallCheck = true;
})} nix
chmod -R +w nix
cd nix
# Tests we don't need
echo >tests/functional/plugins/local.mk
sed -i tests/functional/local.mk \
-e 's!nix_tests += plugins\.sh!!' \
-e 's!nix_tests += test-libstoreconsumer\.sh!!' \
;
cd ~
cp -r ${pkgs.nixComponents.nix-functional-tests.src} nix
chmod -R +w nix
chmod u+w nix/.version
echo ${pkgs.nixComponents.version} > nix/.version
export isTestOnNixOS=1
export version=${config.nix.package.version}
export NIX_REMOTE_=daemon
export NIX_REMOTE=daemon
export NIX_STORE=${builtins.storeDir}
make -j1 installcheck --keep-going
meson setup nix/tests/functional build
cd build
meson test -j1 --print-errorlogs
'';
};
in [

5
tests/nixos/nix-copy.nix
View file

@ -37,7 +37,8 @@ in {
{ config, pkgs, ... }:
{ services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "yes";
users.users.root.password = "foobar";
users.users.root.hashedPasswordFile = null;
users.users.root.password = "foobar";
virtualisation.writableStore = true;
virtualisation.additionalPaths = [ pkgB pkgC ];
};
@ -64,7 +65,7 @@ in {
# Copy the closure of package A from the client to the server using password authentication,
# and check that all prompts are visible
server.fail("nix-store --check-validity ${pkgA}")
client.send_chars("nix copy --to ssh://server ${pkgA} >&2; echo done\n")
client.send_chars("nix copy --to ssh://server ${pkgA} >&2; echo -n do; echo ne\n")
client.wait_for_text("continue connecting")
client.send_chars("yes\n")
client.wait_for_text("Password:")

47
tests/nixos/nix-docker-test.sh Normal file
View file

@ -0,0 +1,47 @@
#!/usr/bin/env bash
# docker.nix test script. Runs inside a built docker.nix container.
set -eEuo pipefail
export NIX_CONFIG='substituters = http://cache:5000?trusted=1'
cd /tmp
# Test getting a fetched derivation
test "$("$(nix-build -E '(import <nixpkgs> {}).hello')"/bin/hello)" = "Hello, world!"
# Test building a simple derivation
# shellcheck disable=SC2016
nix-build -E '
let
pkgs = import <nixpkgs> {};
in
builtins.derivation {
name = "test";
system = builtins.currentSystem;
builder = "${pkgs.bash}/bin/bash";
args = ["-c" "echo OK > $out"];
}'
test "$(cat result)" = OK
# Ensure #!/bin/sh shebang works
echo '#!/bin/sh' > ./shebang-test
echo 'echo OK' >> ./shebang-test
chmod +x ./shebang-test
test "$(./shebang-test)" = OK
# Ensure #!/usr/bin/env shebang works
echo '#!/usr/bin/env bash' > ./shebang-test
echo 'echo OK' >> ./shebang-test
chmod +x ./shebang-test
test "$(./shebang-test)" = OK
# Test nix-shell
{
echo '#!/usr/bin/env nix-shell'
echo '#! nix-shell -i bash'
echo '#! nix-shell -p hello'
echo 'hello'
} > ./nix-shell-test
chmod +x ./nix-shell-test
test "$(./nix-shell-test)" = "Hello, world!"

53
tests/nixos/nix-docker.nix Normal file
View file

@ -0,0 +1,53 @@
# Test the container built by ../../docker.nix.
{ lib, config, nixpkgs, hostPkgs, ... }:
let
pkgs = config.nodes.machine.nixpkgs.pkgs;
nixImage = import ../../docker.nix {
inherit (config.nodes.machine.nixpkgs) pkgs;
};
nixUserImage = import ../../docker.nix {
inherit (config.nodes.machine.nixpkgs) pkgs;
name = "nix-user";
uid = 1000;
gid = 1000;
uname = "user";
gname = "user";
};
containerTestScript = ./nix-docker-test.sh;
in {
name = "nix-docker";
nodes =
{ machine =
{ config, lib, pkgs, ... }:
{ virtualisation.diskSize = 4096;
};
cache =
{ config, lib, pkgs, ... }:
{ virtualisation.additionalPaths = [ pkgs.stdenv pkgs.hello ];
services.harmonia.enable = true;
networking.firewall.allowedTCPPorts = [ 5000 ];
};
};
testScript = { nodes }: ''
cache.wait_for_unit("harmonia.service")
machine.succeed("mkdir -p /etc/containers")
machine.succeed("""echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json""")
machine.succeed("${pkgs.podman}/bin/podman load -i ${nixImage}")
machine.succeed("${pkgs.podman}/bin/podman run --rm nix nix --version")
machine.succeed("${pkgs.podman}/bin/podman run --rm -i nix < ${containerTestScript}")
machine.succeed("${pkgs.podman}/bin/podman load -i ${nixUserImage}")
machine.succeed("${pkgs.podman}/bin/podman run --rm nix-user nix --version")
machine.succeed("${pkgs.podman}/bin/podman run --rm -i nix-user < ${containerTestScript}")
machine.succeed("[[ $(${pkgs.podman}/bin/podman run --rm nix-user stat -c %u /nix/store) = 1000 ]]")
'';
}

8
tests/nixos/remote-builds.nix
View file

@ -34,6 +34,8 @@ let
}
'';
supportsBadShell = lib.versionAtLeast config.nodes.client.nix.package.version "2.25pre";
in
{
@ -82,7 +84,7 @@ in
nix.settings.substituters = lib.mkForce [ ];
programs.ssh.extraConfig = "ConnectTimeout 30";
environment.systemPackages = [
# `bad-shell` is used to make sure Nix works an environment with a misbehaving shell.
# `bad-shell` is used to make sure Nix works in an environment with a misbehaving shell.
#
# More realistically, a bad shell would still run the command ("echo started")
# but considering that our solution is to avoid this shell (set via $SHELL), we
@ -125,13 +127,15 @@ in
'echo hello world on $(hostname)' >&2
""")
${lib.optionalString supportsBadShell ''
# Check that SSH uses SHELL for LocalCommand, as expected, and check that
# our test setup here is working. The next test will use this bad SHELL.
client.succeed(f"SHELL=$(which bad-shell) ssh -oLocalCommand='true' -oPermitLocalCommand=yes {builder1.name} 'echo hello world' | grep -F 'Hello, I am a broken shell'")
''}
# Perform a build and check that it was performed on the builder.
out = client.succeed(
"SHELL=$(which bad-shell) nix-build ${expr nodes.client 1} 2> build-output",
"${lib.optionalString supportsBadShell "SHELL=$(which bad-shell)"} nix-build ${expr nodes.client 1} 2> build-output",
"grep -q Hello build-output"
)
builder1.succeed(f"test -e {out}")

5
tests/nixos/s3-binary-cache-store.nix
View file

@ -12,7 +12,7 @@ let
storeUrl = "s3://my-cache?endpoint=http://server:9000&region=eu-west-1";
in {
name = "nix-copy-closure";
name = "s3-binary-cache-store";
nodes =
{ server =
@ -51,6 +51,9 @@ in {
server.succeed("${env} nix copy --to '${storeUrl}' ${pkgA}")
# Test fetchurl on s3:// URLs while we're at it.
client.succeed("${env} nix eval --impure --expr 'builtins.fetchurl { name = \"foo\"; url = \"s3://my-cache/nix-cache-info?endpoint=http://server:9000&region=eu-west-1\"; }'")
# Copy a package from the binary cache.
client.fail("nix path-info ${pkgA}")

1
tests/unit/libexpr-support/.version
View file

@ -1 +0,0 @@
../../../.version

1
tests/unit/libexpr-support/build-utils-meson
View file

@ -1 +0,0 @@
../../../build-utils-meson/

23
tests/unit/libexpr-support/local.mk
View file

@ -1,23 +0,0 @@
libraries += libexpr-test-support
libexpr-test-support_NAME = libnixexpr-test-support
libexpr-test-support_DIR := $(d)
ifeq ($(INSTALL_UNIT_TESTS), yes)
libexpr-test-support_INSTALL_DIR := $(checklibdir)
else
libexpr-test-support_INSTALL_DIR :=
endif
libexpr-test-support_SOURCES := \
$(wildcard $(d)/tests/*.cc) \
$(wildcard $(d)/tests/value/*.cc)
libexpr-test-support_CXXFLAGS += $(libexpr-tests_EXTRA_INCLUDES)
libexpr-test-support_LIBS = \
libstore-test-support libutil-test-support \
libexpr libstore libutil
libexpr-test-support_LDFLAGS := $(THREAD_LDFLAGS) -lrapidcheck

76
tests/unit/libexpr-support/meson.build
View file

@ -1,76 +0,0 @@
project('nix-expr-test-support', 'cpp',
version : files('.version'),
default_options : [
'cpp_std=c++2a',
# TODO(Qyriad): increase the warning level
'warning_level=1',
'debug=true',
'optimization=2',
'errorlogs=true', # Please print logs for tests that fail
],
meson_version : '>= 1.1',
license : 'LGPL-2.1-or-later',
)
cxx = meson.get_compiler('cpp')
subdir('build-utils-meson/deps-lists')
deps_private_maybe_subproject = [
]
deps_public_maybe_subproject = [
dependency('nix-util'),
dependency('nix-util-test-support'),
dependency('nix-store'),
dependency('nix-store-test-support'),
dependency('nix-expr'),
]
subdir('build-utils-meson/subprojects')
subdir('build-utils-meson/threads')
rapidcheck = dependency('rapidcheck')
deps_public += rapidcheck
add_project_arguments(
# TODO(Qyriad): Yes this is how the autoconf+Make system did it.
# It would be nice for our headers to be idempotent instead.
'-include', 'config-util.hh',
'-include', 'config-store.hh',
'-include', 'config-expr.hh',
language : 'cpp',
)
subdir('build-utils-meson/diagnostics')
sources = files(
'tests/value/context.cc',
)
include_dirs = [include_directories('.')]
headers = files(
'tests/libexpr.hh',
'tests/nix_api_expr.hh',
'tests/value/context.hh',
)
subdir('build-utils-meson/export-all-symbols')
this_library = library(
'nix-expr-test-support',
sources,
dependencies : deps_public + deps_private + deps_other,
include_directories : include_dirs,
# TODO: Remove `-lrapidcheck` when https://github.com/emil-e/rapidcheck/pull/326
# is available. See also ../libutil/build.meson
link_args: linker_export_flags + ['-lrapidcheck'],
prelink : true, # For C++ static initializers
install : true,
)
install_headers(headers, subdir : 'nix', preserve_path : true)
libraries_private = []
subdir('build-utils-meson/export')

77
tests/unit/libexpr-support/package.nix
View file

@ -1,77 +0,0 @@
{ lib
, stdenv
, mkMesonDerivation
, releaseTools
, meson
, ninja
, pkg-config
, nix-store-test-support
, nix-expr
, rapidcheck
# Configuration Options
, version
}:
let
inherit (lib) fileset;
in
mkMesonDerivation (finalAttrs: {
pname = "nix-util-test-support";
inherit version;
workDir = ./.;
fileset = fileset.unions [
../../../build-utils-meson
./build-utils-meson
../../../.version
./.version
./meson.build
# ./meson.options
(fileset.fileFilter (file: file.hasExt "cc") ./.)
(fileset.fileFilter (file: file.hasExt "hh") ./.)
];
outputs = [ "out" "dev" ];
nativeBuildInputs = [
meson
ninja
pkg-config
];
propagatedBuildInputs = [
nix-store-test-support
nix-expr
rapidcheck
];
preConfigure =
# "Inline" .version so it's not a symlink, and includes the suffix.
# Do the meson utils, without modification.
''
chmod u+w ./.version
echo ${version} > ../../../.version
'';
mesonFlags = [
];
env = lib.optionalAttrs (stdenv.isLinux && !(stdenv.hostPlatform.isStatic && stdenv.system == "aarch64-linux")) {
LDFLAGS = "-fuse-ld=gold";
};
separateDebugInfo = !stdenv.hostPlatform.isStatic;
hardeningDisable = lib.optional stdenv.hostPlatform.isStatic "pie";
meta = {
platforms = lib.platforms.unix ++ lib.platforms.windows;
};
})

Some files were not shown because too many files have changed in this diff Show more