clan-core/nixosModules/clanCore/vars/eval-tests/default.nix

{ lib, pkgs, ... }:
let
  eval =
    module:
    (lib.evalModules {
      modules = [
        ../interface.nix
        module
      ];
      specialArgs.pkgs = pkgs;
    }).config;

  usage_simple = {
    generators.my_secret = {
      files.password = { };
      files.username.secret = false;
      prompts.prompt1 = { };
      script = ''
        cp $prompts/prompt1 $files/password
      '';
    };
  };
in
{
  single_file_single_prompt =
    let
      config = eval usage_simple;
    in
    {
      # files are always secret by default
      test_file_secret_by_default = {
        expr = config.generators.my_secret.files.password.secret;
        expected = true;
      };
      # secret files must not provide a value
      test_secret_value_access_raises_error = {
        expr = config.generators.my_secret.files.password.value;
        expectedError.type = "ThrownError";
        expectedError.msg = "Cannot access value of secret file";
      };
      # public values must provide a value at eval time
      test_public_value_access = {
        expr = config.generators.my_secret.files.username ? value;
        expected = true;
      };
      # both secret and public values must provide a path
      test_secret_has_path = {
        expr = config.generators.my_secret.files.password ? path;
        expected = true;
      };
      test_public_var_has_path = {
        expr = config.generators.my_secret.files.username ? path;
        expected = true;
      };
    };

  # Ensure that generators.imports works
  # This allows importing generators from third party projects without providing
  #   them access to other settings.
  test_generator_modules =
    let
      generator_module = {
        my-generator.files.password = { };
      };
      config = eval { generators.imports = [ generator_module ]; };
    in
    {
      expr = config.generators ? my-generator;
      expected = true;
    };

  # script can be text
  test_script_text =
    let
      config = eval {
        # imports = [ usage_simple ];
        generators.my_secret.script = ''
          echo "Hello, world!"
        '';
      };
    in
    {
      expr = config.generators.my_secret.script;
      expected = "echo \"Hello, world!\"\n";
    };

  # script can be a derivation
  test_script_writer =
    let
      config = eval {
        # imports = [ usage_simple ];
        generators.my_secret.script = derivation {
          system = pkgs.system;
          name = "my-script";
          builder = "/bin/sh";
          args = [
            "-c"
            ''touch $out''
          ];
        };
      };
    in
    {
      expr = lib.hasPrefix builtins.storeDir config.generators.my_secret.script;
      expected = true;
    };
}
vars: add generators.<name>.finalScript 2024-07-02 09:36:31 +00:00			`{ lib, pkgs, ... }:`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`let`
			`eval =`
			`module:`
			`(lib.evalModules {`
			`modules = [`
vars: simplify eval tests by using submodule directly 2024-07-02 06:55:00 +00:00			`../interface.nix`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`module`
			`];`
vars: add generators.<name>.finalScript 2024-07-02 09:36:31 +00:00			`specialArgs.pkgs = pkgs;`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`}).config;`
secrets: add settings, generator submodules, improve tests 2024-07-02 08:38:24 +00:00
			`usage_simple = {`
			`generators.my_secret = {`
			`files.password = { };`
			`files.username.secret = false;`
			`prompts.prompt1 = { };`
			`script = ''`
			`cp $prompts/prompt1 $files/password`
			`'';`
			`};`
			`};`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`in`
			`{`
			`single_file_single_prompt =`
			`let`
secrets: add settings, generator submodules, improve tests 2024-07-02 08:38:24 +00:00			`config = eval usage_simple;`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`in`
			`{`
secrets: add settings, generator submodules, improve tests 2024-07-02 08:38:24 +00:00			`# files are always secret by default`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`test_file_secret_by_default = {`
vars: simplify eval tests by using submodule directly 2024-07-02 06:55:00 +00:00			`expr = config.generators.my_secret.files.password.secret;`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`expected = true;`
			`};`
secrets: add settings, generator submodules, improve tests 2024-07-02 08:38:24 +00:00			`# secret files must not provide a value`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`test_secret_value_access_raises_error = {`
vars: simplify eval tests by using submodule directly 2024-07-02 06:55:00 +00:00			`expr = config.generators.my_secret.files.password.value;`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`expectedError.type = "ThrownError";`
			`expectedError.msg = "Cannot access value of secret file";`
			`};`
secrets: add settings, generator submodules, improve tests 2024-07-02 08:38:24 +00:00			`# public values must provide a value at eval time`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`test_public_value_access = {`
vars: simplify eval tests by using submodule directly 2024-07-02 06:55:00 +00:00			`expr = config.generators.my_secret.files.username ? value;`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`expected = true;`
			`};`
			`# both secret and public values must provide a path`
			`test_secret_has_path = {`
vars: simplify eval tests by using submodule directly 2024-07-02 06:55:00 +00:00			`expr = config.generators.my_secret.files.password ? path;`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`expected = true;`
			`};`
			`test_public_var_has_path = {`
vars: simplify eval tests by using submodule directly 2024-07-02 06:55:00 +00:00			`expr = config.generators.my_secret.files.username ? path;`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`expected = true;`
			`};`
			`};`
secrets: add settings, generator submodules, improve tests 2024-07-02 08:38:24 +00:00
			`# Ensure that generators.imports works`
			`# This allows importing generators from third party projects without providing`
			`# them access to other settings.`
			`test_generator_modules =`
			`let`
			`generator_module = {`
			`my-generator.files.password = { };`
			`};`
			`config = eval { generators.imports = [ generator_module ]; };`
			`in`
			`{`
vars: add generators.<name>.finalScript 2024-07-02 09:36:31 +00:00			`expr = config.generators ? my-generator;`
			`expected = true;`
			`};`

			`# script can be text`
			`test_script_text =`
			`let`
			`config = eval {`
			`# imports = [ usage_simple ];`
			`generators.my_secret.script = ''`
			`echo "Hello, world!"`
			`'';`
			`};`
			`in`
			`{`
			`expr = config.generators.my_secret.script;`
			`expected = "echo \"Hello, world!\"\n";`
			`};`

			`# script can be a derivation`
			`test_script_writer =`
			`let`
			`config = eval {`
			`# imports = [ usage_simple ];`
			`generators.my_secret.script = derivation {`
			`system = pkgs.system;`
			`name = "my-script";`
			`builder = "/bin/sh";`
			`args = [`
			`"-c"`
			`''touch $out''`
			`];`
			`};`
			`};`
			`in`
			`{`
			`expr = lib.hasPrefix builtins.storeDir config.generators.my_secret.script;`
secrets: add settings, generator submodules, improve tests 2024-07-02 08:38:24 +00:00			`expected = true;`
			`};`
vars: init - init eval tests - init basic interface 2024-06-27 14:09:42 +00:00			`}`