Merge remote-tracking branch 'upstream/master' into staging

nixos/tests/all-tests.nix

@@ -39,6 +39,7 @@ in
   cfssl = handleTestOn ["x86_64-linux"] ./cfssl.nix {};
   chromium = (handleTestOn ["x86_64-linux"] ./chromium.nix {}).stable or {};
   cjdns = handleTest ./cjdns.nix {};
+  clamav = handleTest ./clamav.nix {};
   cloud-init = handleTest ./cloud-init.nix {};
   codimd = handleTest ./codimd.nix {};
   containers-bridge = handleTest ./containers-bridge.nix {};
@@ -106,7 +107,7 @@ in
   installer = handleTest ./installer.nix {};
   ipv6 = handleTest ./ipv6.nix {};
   jenkins = handleTest ./jenkins.nix {};
-  kafka = handleTest ./kafka.nix {};
+  #kafka = handleTest ./kafka.nix {}; # broken since openjdk: 8u181 -> 8u192
   kerberos = handleTest tests/kerberos/default.nix {};
   kernel-latest = handleTest ./kernel-latest.nix {};
   kernel-lts = handleTest ./kernel-lts.nix {};
@@ -157,7 +158,6 @@ in
   openssh = handleTest ./openssh.nix {};
   osquery = handleTest ./osquery.nix {};
   ostree = handleTest ./ostree.nix {};
-  owncloud = handleTest ./owncloud.nix {};
   pam-oath-login = handleTest ./pam-oath-login.nix {};
   peerflix = handleTest ./peerflix.nix {};
   pgjwt = handleTest ./pgjwt.nix {};

nixos/tests/borgbackup.nix

@@ -130,6 +130,9 @@ in {
       # Make sure keepFile has the correct content
       $client->succeed("$borg extract '${localRepo}::${archiveName}'");
       $client->succeed('c=$(cat ${dataDir}/${keepFile}) && [[ "$c" == "${keepFileData}" ]]');
+      # Make sure the same is true when using `borg mount`
+      $client->succeed("mkdir -p /mnt/borg && $borg mount '${localRepo}::${archiveName}' /mnt/borg");
+      $client->succeed('c=$(cat /mnt/borg/${dataDir}/${keepFile}) && [[ "$c" == "${keepFileData}" ]]');
     };
 
     subtest "remote", sub {

nixos/tests/clamav.nix

@@ -0,0 +1,37 @@
+import ./make-test.nix ({ pkgs, ... }: let
+
+  eicarTestFile = pkgs.fetchurl {
+    url = "http://2016.eicar.org/download/eicar.com.txt";
+    sha256 = "03zxa7vap2jkqjif4bzcjp33yrnip5yrz2bisia9wj5npwdh4ni7";
+  };
+
+  clamavMain = builtins.fetchurl "http://database.clamav.net/main.cvd";
+  clamavDaily = builtins.fetchurl "http://database.clamav.net/daily.cvd";
+  clamavBytecode = builtins.fetchurl "http://database.clamav.net/bytecode.cvd";
+
+in {
+  name = "clamav";
+  meta = with pkgs.stdenv.lib.maintainers; {
+    maintainers = [ fpletz ];
+  };
+
+  nodes.machine = { ... }: {
+    virtualisation.memorySize = 1024;
+
+    services.clamav.daemon.enable = true;
+    systemd.services.clamav-daemon.preStart = ''
+      mkdir -p /var/lib/clamav
+      ln -sf ${clamavMain} /var/lib/clamav/main.cvd
+      ln -sf ${clamavDaily} /var/lib/clamav/daily.cvd
+      ln -sf ${clamavBytecode} /var/lib/clamav/bytecode.cvd
+    '';
+  };
+
+  testScript = ''
+    startAll;
+    $machine->waitForUnit("multi-user.target");
+    $machine->waitForUnit("clamav-daemon.service");
+    $machine->waitForFile("/run/clamav/clamd.ctl");
+    $machine->fail("clamdscan ${eicarTestFile}");
+  '';
+})

nixos/tests/gitlab.nix

@@ -8,7 +8,7 @@ import ./make-test.nix ({ pkgs, lib, ...} : with lib; {
 
   nodes = {
     gitlab = { ... }: {
-      virtualisation.memorySize = 2047;
+      virtualisation.memorySize = if pkgs.stdenv.is64bit then 4096 else 2047;
       systemd.services.gitlab.serviceConfig.Restart = mkForce "no";
       systemd.services.gitlab-workhorse.serviceConfig.Restart = mkForce "no";
       systemd.services.gitaly.serviceConfig.Restart = mkForce "no";

nixos/tests/gnome3-gdm.nix

@@ -23,11 +23,21 @@ import ./make-test.nix ({ pkgs, ...} : {
       virtualisation.memorySize = 1024;
     };
 
-  testScript =
-    ''
-      # wait for gdm to start and bring up X
+  testScript = let
+    # Keep line widths somewhat managable
+    bus = "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus";
+    gdbus = "${bus} gdbus";
+    # Call javascript in gnome shell, returns a tuple (success, output), where
+    # `success` is true if the dbus call was successful and output is what the
+    # javascript evaluates to.
+    eval = "call --session -d org.gnome.Shell -o /org/gnome/Shell -m org.gnome.Shell.Eval";
+    # False when startup is done
+    startingUp = "${gdbus} ${eval} Main.layoutManager._startingUp";
+    # Hopefully gnome-terminal's wm class
+    wmClass = "${gdbus} ${eval} global.display.focus_window.wm_class";
+  in ''
+      # wait for gdm to start
       $machine->waitForUnit("display-manager.service");
-      $machine->waitForX;
 
       # wait for alice to be logged in
       $machine->waitForUnit("default.target","alice");
@@ -35,10 +45,16 @@ import ./make-test.nix ({ pkgs, ...} : {
       # Check that logging in has given the user ownership of devices.
       $machine->succeed("getfacl /dev/snd/timer | grep -q alice");
 
-      # open a terminal and check it's there
-      $machine->succeed("su - alice -c 'DISPLAY=:0.0 XAUTHORITY=/run/user/\$UID/gdm/Xauthority gnome-terminal'");
-      $machine->succeed("xauth merge /run/user/1000/gdm/Xauthority");
-      $machine->waitForWindow(qr/Terminal/);
+      # Wait for the wayland server
+      $machine->waitForFile("/run/user/1000/wayland-0");
+
+      # Wait for gnome shell, correct output should be "(true, 'false')"
+      $machine->waitUntilSucceeds("su - alice -c '${startingUp} | grep -q true,..false'");
+
+      # open a terminal
+      $machine->succeed("su - alice -c '${bus} gnome-terminal'");
+      # and check it's there
+      $machine->waitUntilSucceeds("su - alice -c '${wmClass} | grep -q gnome-terminal-server'");
 
       # wait to get a nice screenshot
       $machine->sleep(20);

nixos/tests/gnome3.nix

@@ -16,7 +16,7 @@ import ./make-test.nix ({ pkgs, ...} : {
       services.xserver.displayManager.lightdm.autoLogin.enable = true;
       services.xserver.displayManager.lightdm.autoLogin.user = "alice";
       services.xserver.desktopManager.gnome3.enable = true;
-      services.xserver.desktopManager.default = "gnome";
+      services.xserver.desktopManager.default = "gnome-xorg";
 
       virtualisation.memorySize = 1024;
     };
@@ -33,7 +33,7 @@ import ./make-test.nix ({ pkgs, ...} : {
 
       $machine->succeed("su - alice -c 'DISPLAY=:0.0 gnome-terminal &'");
       $machine->succeed("xauth merge ~alice/.Xauthority");
-      $machine->waitForWindow(qr/Terminal/);
+      $machine->waitForWindow(qr/alice.*machine/);
       $machine->succeed("timeout 900 bash -c 'while read msg; do if [[ \$msg =~ \"GNOME Shell started\" ]]; then break; fi; done < <(journalctl -f)'");
       $machine->sleep(10);
       $machine->screenshot("screen");

nixos/tests/i3wm.nix

@@ -28,7 +28,7 @@ import ./make-test.nix ({ pkgs, ...} : {
     $machine->waitForFile("/home/alice/.config/i3/config");
     $machine->sleep(2);
     $machine->sendKeys("alt-ret");
-    $machine->waitForWindow(qr/machine.*alice/);
+    $machine->waitForWindow(qr/alice.*machine/);
     $machine->sleep(2);
     $machine->screenshot("terminal");
   '';

nixos/tests/kubernetes/base.nix

@@ -1,6 +1,6 @@
 { system ? builtins.currentSystem,
   config ? {},
-  pkgs ? import ../.. { inherit system config; }
+  pkgs ? import ../../.. { inherit system config; }
 }:
 
 with import ../../lib/testing.nix { inherit system pkgs; };

nixos/tests/kubernetes/kubernetes-common.nix

@@ -3,7 +3,6 @@ with pkgs.lib;
 let
   base = {
     inherit roles;
-    featureGates = ["AllAlpha"];
     flannel.enable = true;
     addons.dashboard.enable = true;
 

nixos/tests/owncloud.nix

@@ -1,39 +0,0 @@
-import ./make-test.nix ({ ... }:
-
-{
-  name = "owncloud";
-  nodes =
-    { web =
-        { ... }:
-        {
-          services.postgresql.enable = true;
-          services.httpd = {
-            enable = true;
-            logPerVirtualHost = true;
-            adminAddr = "example@example.com";
-            virtualHosts = [
-              {
-                hostName = "owncloud";
-                extraSubservices =
-                  [
-                    {
-                      serviceType   = "owncloud";
-                      adminPassword = "secret";
-                      dbPassword    = "secret";
-                    }
-                  ];
-              }
-            ];
-          };
-        };
-    };
-
-  testScript = ''
-    startAll;
-
-    $web->waitForUnit("postgresql");
-    $web->waitForUnit("httpd");
-
-    $web->succeed("curl -L 127.0.0.1:80");
-  '';
-})

nixos/tests/slurm.nix

@@ -63,6 +63,12 @@ in {
             ensurePermissions = { "slurm_acct_db.*" = "ALL PRIVILEGES"; };
             name = "slurm";
           }];
+          extraOptions = ''
+            # recommendations from: https://slurm.schedmd.com/accounting.html#mysql-configuration
+            innodb_buffer_pool_size=1024M
+            innodb_log_file_size=64M
+            innodb_lock_wait_timeout=900
+          '';
         };
       };
 
@@ -95,6 +101,7 @@ in {
   subtest "can_start_slurmdbd", sub {
     $dbd->succeed("systemctl restart slurmdbd");
     $dbd->waitForUnit("slurmdbd.service");
+    $dbd->waitForOpenPort(6819);
   };
 
   # there needs to be an entry for the current

nixos/tests/systemd.nix

@@ -56,6 +56,11 @@ import ./make-test.nix {
       $machine->succeed('test -z $(ls -1 /var/log/journal)');
     };
 
+    # Regression test for https://github.com/NixOS/nixpkgs/issues/50273
+    subtest "DynamicUser actually allocates a user", sub {
+        $machine->succeed('systemd-run --pty --property=Type=oneshot --property=DynamicUser=yes --property=User=iamatest whoami | grep iamatest');
+    };
+
     # Regression test for https://github.com/NixOS/nixpkgs/issues/35268
     subtest "file system with x-initrd.mount is not unmounted", sub {
       $machine->shutdown;

nixos/tests/xmonad.nix

@@ -22,7 +22,7 @@ import ./make-test.nix ({ pkgs, ...} : {
     $machine->waitUntilSucceeds("xmonad --restart");
     $machine->sleep(3);
     $machine->sendKeys("alt-shift-ret");
-    $machine->waitForWindow(qr/machine.*alice/);
+    $machine->waitForWindow(qr/alice.*machine/);
     $machine->sleep(1);
     $machine->screenshot("terminal");
   '';