Skip to content

Commit

Permalink
check that host key is copied in tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@tie @mergify
tie authored and mergify[bot] committed Oct 4, 2023
1 parent a8d94ff commit ffcbf8c
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions tests/from-nixos.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,11 @@
start_all()
installer.succeed("mkdir -p /tmp/extra-files/var/lib/secrets")
installer.succeed("echo value > /tmp/extra-files/var/lib/secrets/key")
ssh_key_path = "/etc/ssh/ssh_host_ed25519_key.pub"
ssh_key_output = installer.wait_until_succeeds(f"""
ssh -i /root/.ssh/install_key -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
root@installed cat {ssh_key_path}
""")
installer.succeed("""
nixos-anywhere \
-i /root/.ssh/install_key \
Expand All @@ -43,5 +48,7 @@
assert "nixos-anywhere" == hostname, f"'nixos-anywhere' != '{hostname}'"
content = new_machine.succeed("cat /var/lib/secrets/key").strip()
assert "value" == content, f"secret does not have expected value: {content}"
ssh_key_content = new_machine.succeed(f"cat {ssh_key_path}").strip()
assert ssh_key_content in ssh_key_output, "SSH host identity changed"
'';
}

0 comments on commit ffcbf8c

Please sign in to comment.