]> git.scottworley.com Git - trustix-integration-tests/commitdiff
Fail if the build happens locally
authorScott Worley <scottworley@scottworley.com>
Mon, 19 Jul 2021 21:29:43 +0000 (14:29 -0700)
committerScott Worley <scottworley@scottworley.com>
Tue, 20 Jul 2021 00:01:33 +0000 (17:01 -0700)
This test is supposed to exercise fetching from a remote trusted cache,
so a local build means that this didn't happen.

checks/one-publisher.nix

index 7ecec8fb125135fd7e512bd6b82202f15460bf3a..b661624c0f476e184bd43f8b30c5d9e6d3ccf67a 100644 (file)
@@ -51,6 +51,10 @@ let
     }
   '';
 
+  log-local-builds = writeShellScript "log-local-builds" ''
+    echo "$OUT_PATHS" >> /var/log/local-builds
+  '';
+
   clientConfig = writeText "clientConfig" ''
     { lib, ... }: {
       services.trustix-nix-cache = {
@@ -76,7 +80,9 @@ let
           percentage.minimum = 66;
         };
       };
-
+      nix.extraOptions = '''
+        post-build-hook = ${log-local-builds}
+      ''';
     }
   '';
 
@@ -176,5 +182,6 @@ in nixosTest {
         "nixos-rebuild switch --show-trace",
     )
     clint.succeed("nix-build '<nixpkgs>' -A hello")
+    clint.fail("grep hello /var/log/local-builds")
   '';
 }