From e0d6bb0dadd14e7c0f0ed3c453a38a915b7b2e11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roberto=20Abdelkader=20Mart=C3=ADnez=20P=C3=A9rez?= Date: Tue, 4 Feb 2025 12:29:01 +0100 Subject: [PATCH] test: unit test autofirma-truststore. Closes #110 --- flake.lock | 84 ++++++++++++++++++++++++++++++++------ flake.nix | 8 ++++ nix/tests/unit/default.nix | 29 +++++++++++++ 3 files changed, 108 insertions(+), 13 deletions(-) create mode 100644 nix/tests/unit/default.nix diff --git a/flake.lock b/flake.lock index e76dd2c..17aa279 100644 --- a/flake.lock +++ b/flake.lock @@ -36,7 +36,9 @@ }, "flake-parts": { "inputs": { - "nixpkgs-lib": "nixpkgs-lib" + "nixpkgs-lib": [ + "nixpkgs" + ] }, "locked": { "lastModified": 1738453229, @@ -87,6 +89,52 @@ "type": "github" } }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "nix-unit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1731952509, + "narHash": "sha256-p4gB3Rhw8R6Ak4eMl8pqjCPOLCZRqaehZxdZ/mbFClM=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "7b5f051df789b6b20d259924d349a9ba3319b226", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, + "nix-unit": { + "inputs": { + "flake-parts": [ + "flake-parts" + ], + "nix-github-actions": "nix-github-actions", + "nixpkgs": [ + "nixpkgs" + ], + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1733705700, + "narHash": "sha256-stdx1z86yj66bChYswqjRw8BpdJRwxkH2XIJrsygpiM=", + "owner": "nix-community", + "repo": "nix-unit", + "rev": "d867d72d21da3b7d83f0feef73b0ac7f72b16437", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-unit", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1737885589, @@ -103,18 +151,6 @@ "type": "github" } }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1738452942, - "narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" - } - }, "nixpkgs_2": { "locked": { "lastModified": 1738410390, @@ -154,9 +190,31 @@ "flake-parts": "flake-parts", "home-manager": "home-manager", "jmulticard-src": "jmulticard-src", + "nix-unit": "nix-unit", "nixpkgs": "nixpkgs_2", "python-updates": "python-updates" } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nix-unit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733662930, + "narHash": "sha256-9qOp6jNdezzLMxwwXaXZWPXosHbNqno+f7Ii/xftqZ8=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "357cda84af1d74626afb7fb3bc12d6957167cda9", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 5168576..bfa73a6 100644 --- a/flake.nix +++ b/flake.nix @@ -16,6 +16,10 @@ python-updates.url = "github:NixOS/nixpkgs/python-updates"; # Until #376856 get's into nixos-unstable home-manager.url = "github:nix-community/home-manager"; flake-parts.url = "github:hercules-ci/flake-parts"; + flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; + nix-unit.url = "github:nix-community/nix-unit"; + nix-unit.inputs.nixpkgs.follows = "nixpkgs"; + nix-unit.inputs.flake-parts.follows = "flake-parts"; }; # Autofirma sources @@ -45,6 +49,7 @@ jmulticard-src, clienteafirma-external-src, autofirma-src, + nix-unit }: flake-parts.lib.mkFlake {inherit inputs;} { flake = { @@ -81,6 +86,7 @@ dnieremote = pkgs.callPackage ./nix/dnieremote/default.nix {openssl_1_1 = ignoreVulnerable_openssl_1_1;}; configuradorfnmt = pkgs.callPackage ./nix/configuradorfnmt/default.nix {}; }; + tests = import ./nix/tests/unit { inherit self; }; checks.x86_64-linux = let pkgs = nixpkgs.legacyPackages.x86_64-linux; in { @@ -117,6 +123,7 @@ ]; imports = [ inputs.flake-parts.flakeModules.easyOverlay + inputs.nix-unit.modules.flake.default ]; perSystem = { config, @@ -163,6 +170,7 @@ update-fixed-output-derivations download-autofirma-trusted-providers download-url-linked-CAs + nix-unit.packages.${system}.default ]; }; packages = let diff --git a/nix/tests/unit/default.nix b/nix/tests/unit/default.nix new file mode 100644 index 0000000..642c3e9 --- /dev/null +++ b/nix/tests/unit/default.nix @@ -0,0 +1,29 @@ +{ self }: +with builtins; +let + ascendingOrder = sort lessThan; + truststorePath = "${self}/nix/autofirma/truststore"; + providers = fromJSON (readFile "${truststorePath}/prestadores/providers.json"); + allCAFiles = attrNames (readDir "${truststorePath}/prestadores/CAs-by-provider"); + CAFetchLinks = fromJSON (readFile "${truststorePath}/prestadores/CAs_fetch_links.json"); +in +{ + testProviderListIsNotEmpty = { + expr = length providers > 0; + expected = true; + }; + testCAFilesAndTrustedProvidersMatch = let + trimJsonExt = s: substring 0 ((stringLength s) - (stringLength ".json")) s; + in { + expr = ascendingOrder (map trimJsonExt allCAFiles); + expected = ascendingOrder (map (p: p.cif) providers); + }; + testAllCAFilesHaveFetchLinkEntry = { + expr = ascendingOrder (map (p: p.cif) CAFetchLinks); + expected = ascendingOrder (map (p: p.cif) providers); + }; + testAllFetchLinksHaveURLField = { + expr = all (link: hasAttr "url" link) CAFetchLinks; + expected = true; + }; +}