mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-24 21:38:07 -05:00
tests: Add more signed substitute tests.
* tests/substitute-binary.scm (%narinfo): Set 'URL', 'Compression', and 'NarHash'. (call-with-narinfo): Create 'example.out' and 'example.nar'. ("query narinfo without signature", "substitute, no signature", "substitute, authorized key"): New tests.
This commit is contained in:
parent
52f80dfc8a
commit
e903b7c1a8
1 changed files with 48 additions and 3 deletions
|
@ -25,6 +25,7 @@ (define-module (test-substitute-binary)
|
|||
#:use-module (guix pk-crypto)
|
||||
#:use-module (guix pki)
|
||||
#:use-module (guix config)
|
||||
#:use-module (guix base32)
|
||||
#:use-module ((guix store) #:select (%store-prefix))
|
||||
#:use-module ((guix build utils) #:select (delete-file-recursively))
|
||||
#:use-module (rnrs bytevectors)
|
||||
|
@ -146,9 +147,10 @@ (define %narinfo
|
|||
;; Skeleton of the narinfo used below.
|
||||
(string-append "StorePath: " (%store-prefix)
|
||||
"/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-foo
|
||||
URL: nar/foo
|
||||
Compression: bzip2
|
||||
NarHash: sha256:7
|
||||
URL: example.nar
|
||||
Compression: none
|
||||
NarHash: sha256:" (bytevector->nix-base32-string
|
||||
(sha256 (string->utf8 "Substitutable data."))) "
|
||||
NarSize: 42
|
||||
References: bar baz
|
||||
Deriver: " (%store-prefix) "/foo.drv
|
||||
|
@ -176,6 +178,15 @@ (define (call-with-narinfo narinfo thunk)
|
|||
".narinfo")
|
||||
(cut display narinfo <>))
|
||||
|
||||
;; Prepare the nar.
|
||||
(call-with-output-file
|
||||
(string-append narinfo-directory "/example.out")
|
||||
(cut display "Substitutable data." <>))
|
||||
(call-with-output-file
|
||||
(string-append narinfo-directory "/example.nar")
|
||||
(cute write-file
|
||||
(string-append narinfo-directory "/example.out") <>))
|
||||
|
||||
(set! (@@ (guix scripts substitute-binary)
|
||||
%allow-unauthenticated-substitutes?)
|
||||
#f))
|
||||
|
@ -187,6 +198,18 @@ (define-syntax-rule (with-narinfo narinfo body ...)
|
|||
(call-with-narinfo narinfo (lambda () body ...)))
|
||||
|
||||
|
||||
(test-equal "query narinfo without signature"
|
||||
"" ; not substitutable
|
||||
|
||||
(with-narinfo %narinfo
|
||||
(string-trim-both
|
||||
(with-output-to-string
|
||||
(lambda ()
|
||||
(with-input-from-string (string-append "have " (%store-prefix)
|
||||
"/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-foo")
|
||||
(lambda ()
|
||||
(guix-substitute-binary "--query"))))))))
|
||||
|
||||
(test-equal "query narinfo with invalid hash"
|
||||
;; The hash in the signature differs from the hash of %NARINFO.
|
||||
""
|
||||
|
@ -232,6 +255,13 @@ (define-syntax-rule (with-narinfo narinfo body ...)
|
|||
(lambda ()
|
||||
(guix-substitute-binary "--query"))))))))
|
||||
|
||||
(test-error* "substitute, no signature"
|
||||
(with-narinfo %narinfo
|
||||
(guix-substitute-binary "--substitute"
|
||||
(string-append (%store-prefix)
|
||||
"/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-foo")
|
||||
"foo")))
|
||||
|
||||
(test-error* "substitute, invalid hash"
|
||||
;; The hash in the signature differs from the hash of %NARINFO.
|
||||
(with-narinfo (string-append %narinfo "Signature: "
|
||||
|
@ -253,6 +283,21 @@ (define-syntax-rule (with-narinfo narinfo body ...)
|
|||
"/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-foo")
|
||||
"foo")))
|
||||
|
||||
(test-equal "substitute, authorized key"
|
||||
"Substitutable data."
|
||||
(with-narinfo (string-append %narinfo "Signature: "
|
||||
(signature-field %narinfo))
|
||||
(dynamic-wind
|
||||
(const #t)
|
||||
(lambda ()
|
||||
(guix-substitute-binary "--substitute"
|
||||
(string-append (%store-prefix)
|
||||
"/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-foo")
|
||||
"substitute-retrieved")
|
||||
(call-with-input-file "substitute-retrieved" get-string-all))
|
||||
(lambda ()
|
||||
(false-if-exception (delete-file "substitute-retrieved"))))))
|
||||
|
||||
(test-end "substitute-binary")
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue