{modules,tests}/back: Update to deal with newest back

1 files changed, 110 insertions, 26 deletions

diff --git a/tests/by-name/ba/back/test.nix b/tests/by-name/ba/back/test.nix
index 63f2837..85cb611 100644
--- a/tests/by-name/ba/back/test.nix
+++ b/tests/by-name/ba/back/test.nix
@@ -8,9 +8,19 @@
   nixLib,
   ...
 }: let
-  gitRepoPath = "/srv/test/repo";
-
   domain = "server";
+
+  sshKeys =
+    import ../../gi/git-server/ssh_keys.nix {inherit pkgs;};
+
+  gitoliteAdminConfSnippet = pkgs.writeText "gitolite-admin-conf-snippet" ''
+    repo CREATOR/[a-zA-Z0-9].*
+      C     = @all
+      RW+   = CREATOR
+      RW    = WRITERS
+      R     = READERS
+      option user-configs = cgit\.owner cgit\.desc cgit\.section cgit\.homepage
+  '';
 in
   nixos-lib.runTest {
     hostPkgs = pkgs; # the Nixpkgs package set used outside the VMs
@@ -26,7 +36,7 @@ in
 
     nodes = {
       server = {config, ...}: {
-        environment.systemPackages = [pkgs.git pkgs.git-bug pkgs.gawk];
+        environment.systemPackages = [pkgs.git];
 
         imports =
           extraModules
@@ -35,28 +45,46 @@ in
           ];
 
         vhack = {
+          persist.enable = true;
+          openssh.enable = true;
           nginx = {
             enable = true;
             selfsign = true;
           };
           git-server = {
             enable = true;
+            domain = "git.${domain}";
+            gitolite.adminPubkey = sshKeys.admin.pub;
           };
           back = {
             enable = true;
-            repositories = {
-              "${gitRepoPath}" = {
-                enable = true;
-                domain = "${domain}";
-                port = 9220;
-              };
+            domain = "issues.${domain}";
+
+            settings = {
+              scan_path = "${config.services.gitolite.dataDir}/repositories";
+              project_list = "${config.services.gitolite.dataDir}/projects.list";
             };
           };
         };
       };
 
-      client = {...}: {
-        environment.systemPackages = [pkgs.curl];
+      client = {nodes, ...}: {
+        environment.systemPackages = [pkgs.git pkgs.curl pkgs.git-bug pkgs.gawk];
+        programs.ssh.extraConfig = ''
+          Host *
+            UserKnownHostsFile /dev/null
+            StrictHostKeyChecking no
+            # there's nobody around that can input password
+            PreferredAuthentications publickey
+        '';
+        users.users.alice = {isNormalUser = true;};
+        networking.hosts = {
+          "${nodes.server.networking.primaryIPAddress}" = [
+            "git.${domain}"
+            "issues.${domain}"
+            "${domain}"
+          ];
+        };
       };
     };
 
@@ -67,16 +95,64 @@ in
     ''
       start_all()
 
-      with subtest("can setup git-bug issues on server"):
-        server.succeed("${pkgs.writeShellScript "setup-git-repo" ''
-        set -ex
+      with subtest("can setup ssh keys on client"):
+        client.succeed(
+            "mkdir -p ~root/.ssh",
+            "cp ${sshKeys.admin.priv} ~root/.ssh/id_ed25519",
+            "chmod 600 ~root/.ssh/id_ed25519",
+        )
+        client.succeed(
+            "sudo -u alice mkdir -p ~alice/.ssh",
+            "sudo -u alice cp ${sshKeys.alice.priv} ~alice/.ssh/id_ed25519",
+            "sudo -u alice chmod 600 ~alice/.ssh/id_ed25519",
+        )
+
+      with subtest("gitolite server starts"):
+        server.wait_for_unit("gitolite-init.service")
+        server.wait_for_unit("sshd.service")
+        client.succeed("ssh -n git@git.${domain} info")
+
+
+      with subtest("admin can clone and configure gitolite-admin.git"):
+        client.succeed("${pkgs.writeShellScript "setup-gitolite-admin.git" ''
+        set -xe
+
+        git clone git@git.${domain}:gitolite-admin.git
+        git config --global user.name 'System Administrator'
+        git config --global user.email root\@domain.example
+
+        cp ${sshKeys.alice.pub} gitolite-admin/keydir/alice.pub
 
-        mkdir --parents "${gitRepoPath}"
-        cd "${gitRepoPath}"
+        (cd gitolite-admin && git switch -c master && git branch -D main)
 
-        git init
+        (cd gitolite-admin && git add . && git commit -m 'Add keys for alice' && git push -u origin master)
+        cat ${gitoliteAdminConfSnippet} >> gitolite-admin/conf/gitolite.conf
+        (cd gitolite-admin && git add . && git commit -m 'Add support for wild repos' && git push)
+        (cd gitolite-admin && git push -d origin main)
+      ''}")
+
+      with subtest("alice can create a repo"):
+        client.succeed("sudo -u alice ${pkgs.writeShellScript "alice-create-repo" ''
+        set -xe
 
-        git bug user create --avatar "" --email "test@email.org" --name "test user" --non-interactive
+        mkdir --parents ./alice/repo1 && cd alice/repo1;
+
+        git init --initial-branch main
+        echo "# Alice's Repo" > README.md
+        git add README.md
+        git -c user.name=Alice -c user.email=alice@domain.example commit -m 'Add readme'
+
+        git remote add origin git@git.${domain}:alice/repo1.git
+        git push --set-upstream origin main
+      ''}")
+
+      with subtest("can setup git-bug issues in alice/repo1"):
+        client.succeed("sudo -u alice ${pkgs.writeShellScript "setup-git-repo" ''
+        set -ex
+
+        cd alice/repo1
+
+        git bug user create --avatar "" --email "alice@server.org" --name "alice" --non-interactive
 
         git bug add \
         --title "Some bug title" \
@@ -98,24 +174,32 @@ in
         git bug comment add --message "Some comment message" --non-interactive
         git bug comment add --message "Second comment message" --non-interactive
 
-        # NOTE(@bpeetz): Currently, the `back` module assumes that the git user can write
-        # to the repository, as such we need to provide write access here <2024-12-24>
-        chown --recursive git:git "${gitRepoPath}"
+        # TODO: This should use `git bug push`, but their ssh implementation is just
+        # too special to work in a VM test <2025-03-08>
+        git push origin +refs/bugs/*
+        git push origin +refs/identities/*
+
+        ssh git@${domain} -- config alice/repo1 --add cgit.owner Alice
+        ssh git@${domain} -- perms alice/repo1 + READERS @all
       ''}")
 
       with subtest("back server starts"):
-        server.wait_for_unit("${builtins.replaceStrings ["/"] ["_"] "back-${domain}.service"}")
+        server.wait_for_unit("back.service")
 
       with subtest("client can access the server"):
         client.succeed("${pkgs.writeShellScript "curl-back" ''
         set -xe
 
-        curl --insecure --silent --fail --show-error "https://${domain}/issues/open" --output /root/issues.html
-
-        grep -- '- 2 comments' /root/issues.html
+        curl --insecure --fail --show-error "https://issues.${domain}/alice/repo1.git/issues/open" --output /root/issues.html
         grep -- 'Second bug title' /root/issues.html
-      ''}")
+
+        curl --insecure --fail --show-error "https://issues.${domain}/" --output /root/repos.html
+        grep -- 'repo' /root/repos.html
+        grep -- "&#60;No description&#62;" /root/repos.html
+        grep -- '<span class="user-name">Alice</span>' /root/repos.html
+      ''} >&2")
 
       client.copy_from_vm("/root/issues.html", "");
+      client.copy_from_vm("/root/repos.html", "");
     '';
   }