diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 0d75a616e23a..2392cc5878b2 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -369,7 +369,7 @@ in dnscrypt-proxy2 = handleTestOn [ "x86_64-linux" ] ./dnscrypt-proxy2.nix { }; dnsdist = import ./dnsdist.nix { inherit pkgs runTest; }; doas = runTest ./doas.nix; - docker = handleTestOn [ "aarch64-linux" "x86_64-linux" ] ./docker.nix { }; + docker = runTestOn [ "aarch64-linux" "x86_64-linux" ] ./docker.nix; docker-rootless = handleTestOn [ "aarch64-linux" "x86_64-linux" ] ./docker-rootless.nix { }; docker-registry = handleTest ./docker-registry.nix { }; docker-tools = handleTestOn [ "x86_64-linux" ] ./docker-tools.nix { }; diff --git a/nixos/tests/docker.nix b/nixos/tests/docker.nix index b7c4b2690573..eb92d6e21b91 100644 --- a/nixos/tests/docker.nix +++ b/nixos/tests/docker.nix @@ -1,59 +1,56 @@ # This test runs docker and checks if simple container starts +{ pkgs, ... }: +{ + name = "docker"; + meta = with pkgs.lib.maintainers; { + maintainers = [ + nequissimus + offline + ]; + }; -import ./make-test-python.nix ( - { pkgs, ... }: - { - name = "docker"; - meta = with pkgs.lib.maintainers; { - maintainers = [ - nequissimus - offline - ]; - }; + nodes = { + docker = + { pkgs, ... }: + { + virtualisation.docker.enable = true; + virtualisation.docker.autoPrune.enable = true; + virtualisation.docker.package = pkgs.docker; - nodes = { - docker = - { pkgs, ... }: - { - virtualisation.docker.enable = true; - virtualisation.docker.autoPrune.enable = true; - virtualisation.docker.package = pkgs.docker; + users.users = { + noprivs = { + isNormalUser = true; + description = "Can't access the docker daemon"; + password = "foobar"; + }; - users.users = { - noprivs = { - isNormalUser = true; - description = "Can't access the docker daemon"; - password = "foobar"; - }; - - hasprivs = { - isNormalUser = true; - description = "Can access the docker daemon"; - password = "foobar"; - extraGroups = [ "docker" ]; - }; + hasprivs = { + isNormalUser = true; + description = "Can access the docker daemon"; + password = "foobar"; + extraGroups = [ "docker" ]; }; }; - }; + }; + }; - testScript = '' - start_all() + testScript = '' + start_all() - docker.wait_for_unit("sockets.target") - docker.succeed("tar cv --files-from /dev/null | docker import - scratchimg") - docker.succeed( - "docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10" - ) - docker.succeed("docker ps | grep sleeping") - docker.succeed("sudo -u hasprivs docker ps") - docker.fail("sudo -u noprivs docker ps") - docker.succeed("docker stop sleeping") + docker.wait_for_unit("sockets.target") + docker.succeed("tar cv --files-from /dev/null | docker import - scratchimg") + docker.succeed( + "docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10" + ) + docker.succeed("docker ps | grep sleeping") + docker.succeed("sudo -u hasprivs docker ps") + docker.fail("sudo -u noprivs docker ps") + docker.succeed("docker stop sleeping") - # Must match version 4 times to ensure client and server git commits and versions are correct - docker.succeed('[ $(docker version | grep ${pkgs.docker.version} | wc -l) = "4" ]') - docker.succeed("systemctl restart systemd-sysctl") - docker.succeed("grep 1 /proc/sys/net/ipv4/conf/all/forwarding") - docker.succeed("grep 1 /proc/sys/net/ipv4/conf/default/forwarding") - ''; - } -) + # Must match version 4 times to ensure client and server git commits and versions are correct + docker.succeed('[ $(docker version | grep ${pkgs.docker.version} | wc -l) = "4" ]') + docker.succeed("systemctl restart systemd-sysctl") + docker.succeed("grep 1 /proc/sys/net/ipv4/conf/all/forwarding") + docker.succeed("grep 1 /proc/sys/net/ipv4/conf/default/forwarding") + ''; +}