Skip to content

nixos/initrd-network-ssh: fix test#102530

Merged
Ma27 merged 1 commit intoNixOS:masterfrom
Ma27:fix-initrd-network-ssh-test
Nov 3, 2020
Merged

nixos/initrd-network-ssh: fix test#102530
Ma27 merged 1 commit intoNixOS:masterfrom
Ma27:fix-initrd-network-ssh-test

Conversation

@Ma27
Copy link
Member

@Ma27 Ma27 commented Nov 2, 2020

Motivation for this change

The test relied on moving initrd secrets from the store into the
initrd which was fine here as it's only an integration test and not a
production environment.

However, this broke in 20.09 when support for this was dropped[1]. To make
sure that the snakeoil key used as hostkey for sshd here actually gets
copied into the VM, I added a small script for this that takes care of
this process while building the initial ramdisk.

[1] d930466

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@Ma27
nixos/initrd-network-ssh: fix test
819b0f4 
The test relied on moving `initrd` secrets from the store into the
`initrd` which was fine here as it's only an integration test and not a
production environment.

However, this broke in 20.09 when support for this was dropped[1]. To make
sure that the snakeoil key used as hostkey for `sshd` here actually gets
copied into the VM, I added a small script for this that takes care of
this process while building the initial ramdisk.

[1] d930466
@Ma27 Ma27 added the 9.needs: port to stable A PR needs a backport to the stable release. label Nov 2, 2020
@Ma27 Ma27 requested review from WilliButz and emilazy November 2, 2020 20:56
@ofborg ofborg bot added 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux. labels Nov 2, 2020
@emilazy
Copy link
Member

emilazy commented Nov 3, 2020

Hm, does this relate to #91744?

@Ma27
Copy link
Member Author

Ma27 commented Nov 3, 2020

The problem I have with #91744 is that I don't want to touch the initrd-ssh-module right now as the current behavior is (from my PoV at least) rather unintuitive and I'm too afraid to change something there and probably causing further breakage.

I filed this PR since I wrote a similar testcase for a personal pet-project where I encountered the same issue, so I figured that it would make sense to fix this test as well. Until we have a working solution everyone agrees on, it would make sense IMHO to use this (temporary) fix to make sure that the current functionality works fine and we don't introduce some accidental regressions.

WilliButz
WilliButz approved these changes Nov 3, 2020
View reviewed changes
Copy link
Member

@WilliButz WilliButz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given that the current version of initrd.network.ssh works, while still having some quirks, I also find it important to have a working test for it, so I'm with @Ma27 on this approach.
These two extra commands in the test should be removed when the fixes to the module are added, for example in the mentioned PR.

@WilliButz
Copy link
Member

WilliButz commented Nov 3, 2020

@GrahamcOfBorg test initrd-network-ssh

@WilliButz
Copy link
Member

WilliButz commented Nov 3, 2020

@emilazy what do you think? :)

emilazy
emilazy approved these changes Nov 3, 2020
View reviewed changes
Copy link
Member

@emilazy emilazy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems reasonable to me.

@Ma27 Ma27 merged commit d6b804d into NixOS:master Nov 3, 2020
@Ma27 Ma27 deleted the fix-initrd-network-ssh-test branch November 3, 2020 23:01
@emilazy emilazy mentioned this pull request Nov 3, 2020
Closed
10 tasks
@Ma27
Copy link
Member Author

Ma27 commented Nov 3, 2020

Ported to 20.09 as 3090f4d.

@Ma27 Ma27 added 8.has: port to stable This PR already has a backport to the stable release. and removed 9.needs: port to stable A PR needs a backport to the stable release. labels Nov 3, 2020
@andir
Copy link
Member

andir commented Nov 3, 2020

This is probably related to #99618 where I was trying to provide a mechanism to properly do it during bootloader install time (as that allows you to generate the key on the server/during install/…).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@emilazy emilazy emilazy approved these changes

@WilliButz WilliButz WilliButz approved these changes

Assignees

No one assigned

Labels

6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: port to stable This PR already has a backport to the stable release. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Ma27 @emilazy @WilliButz @andir