From c36f929dee42c13ffa5e02adfdf749ec789fc5f4 Mon Sep 17 00:00:00 2001
From: Silvan Mosberger <contact@infinisil.com>
Date: Mon, 16 May 2022 17:00:54 +0200
Subject: [PATCH] nixos/tests: Add tests for dockerTools.buildNixShellImage

---
 nixos/tests/docker-tools.nix           |  53 +++++++++++
 pkgs/build-support/docker/default.nix  |   2 +-
 pkgs/build-support/docker/examples.nix | 116 ++++++++++++++++++++++++-
 3 files changed, 169 insertions(+), 2 deletions(-)

diff --git a/nixos/tests/docker-tools.nix b/nixos/tests/docker-tools.nix
index 21a727dbd97c..e76a46131929 100644
--- a/nixos/tests/docker-tools.nix
+++ b/nixos/tests/docker-tools.nix
@@ -431,5 +431,58 @@ import ./make-test-python.nix ({ pkgs, ... }: {
         docker.succeed("docker run --rm image-with-certs:latest test -r /etc/pki/tls/certs/ca-bundle.crt")
         docker.succeed("docker image rm image-with-certs:latest")
 
+    with subtest("buildNixShellImage: Can build a basic derivation"):
+        docker.succeed(
+            "${examples.nix-shell-basic} | docker load",
+            "docker run --rm nix-shell-basic bash -c 'buildDerivation && $out/bin/hello' | grep '^Hello, world!$'"
+        )
+
+    with subtest("buildNixShellImage: Runs the shell hook"):
+        docker.succeed(
+            "${examples.nix-shell-hook} | docker load",
+            "docker run --rm -it nix-shell-hook | grep 'This is the shell hook!'"
+        )
+
+    with subtest("buildNixShellImage: Sources stdenv, making build inputs available"):
+        docker.succeed(
+            "${examples.nix-shell-inputs} | docker load",
+            "docker run --rm -it nix-shell-inputs | grep 'Hello, world!'"
+        )
+
+    with subtest("buildNixShellImage: passAsFile works"):
+        docker.succeed(
+            "${examples.nix-shell-pass-as-file} | docker load",
+            "docker run --rm -it nix-shell-pass-as-file | grep 'this is a string'"
+        )
+
+    with subtest("buildNixShellImage: run argument works"):
+        docker.succeed(
+            "${examples.nix-shell-run} | docker load",
+            "docker run --rm -it nix-shell-run | grep 'This shell is not interactive'"
+        )
+
+    with subtest("buildNixShellImage: command argument works"):
+        docker.succeed(
+            "${examples.nix-shell-command} | docker load",
+            "docker run --rm -it nix-shell-command | grep 'This shell is interactive'"
+        )
+
+    with subtest("buildNixShellImage: home directory is writable by default"):
+        docker.succeed(
+            "${examples.nix-shell-writable-home} | docker load",
+            "docker run --rm -it nix-shell-writable-home"
+        )
+
+    with subtest("buildNixShellImage: home directory can be made non-existent"):
+        docker.succeed(
+            "${examples.nix-shell-nonexistent-home} | docker load",
+            "docker run --rm -it nix-shell-nonexistent-home"
+        )
+
+    with subtest("buildNixShellImage: can build derivations"):
+        docker.succeed(
+            "${examples.nix-shell-build-derivation} | docker load",
+            "docker run --rm -it nix-shell-build-derivation"
+        )
   '';
 })
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix
index 81e18c67959b..9e35ffc1bced 100644
--- a/pkgs/build-support/docker/default.nix
+++ b/pkgs/build-support/docker/default.nix
@@ -80,7 +80,7 @@ let
 in
 rec {
   examples = callPackage ./examples.nix {
-    inherit buildImage buildLayeredImage fakeNss pullImage shadowSetup buildImageWithNixDb;
+    inherit buildImage buildLayeredImage fakeNss pullImage shadowSetup buildImageWithNixDb streamNixShellImage;
   };
 
   tests = {
diff --git a/pkgs/build-support/docker/examples.nix b/pkgs/build-support/docker/examples.nix
index 1e9f07045e37..802b2f79f0fc 100644
--- a/pkgs/build-support/docker/examples.nix
+++ b/pkgs/build-support/docker/examples.nix
@@ -7,7 +7,7 @@
 #  $ nix-build '<nixpkgs>' -A dockerTools.examples.redis
 #  $ docker load < result
 
-{ pkgs, buildImage, buildLayeredImage, fakeNss, pullImage, shadowSetup, buildImageWithNixDb, pkgsCross }:
+{ pkgs, buildImage, buildLayeredImage, fakeNss, pullImage, shadowSetup, buildImageWithNixDb, pkgsCross, streamNixShellImage }:
 
 let
   nixosLib = import ../../../nixos/lib {
@@ -715,4 +715,118 @@ rec {
     config = {
     };
   };
+
+  nix-shell-basic = streamNixShellImage {
+    name = "nix-shell-basic";
+    tag = "latest";
+    drv = pkgs.hello;
+  };
+
+  nix-shell-hook = streamNixShellImage {
+    name = "nix-shell-hook";
+    tag = "latest";
+    drv = pkgs.mkShell {
+      shellHook = ''
+        echo "This is the shell hook!"
+        exit
+      '';
+    };
+  };
+
+  nix-shell-inputs = streamNixShellImage {
+    name = "nix-shell-inputs";
+    tag = "latest";
+    drv = pkgs.mkShell {
+      nativeBuildInputs = [
+        pkgs.hello
+      ];
+    };
+    command = ''
+      hello
+    '';
+  };
+
+  nix-shell-pass-as-file = streamNixShellImage {
+    name = "nix-shell-pass-as-file";
+    tag = "latest";
+    drv = pkgs.mkShell {
+      str = "this is a string";
+      passAsFile = [ "str" ];
+    };
+    command = ''
+      cat "$strPath"
+    '';
+  };
+
+  nix-shell-run = streamNixShellImage {
+    name = "nix-shell-run";
+    tag = "latest";
+    drv = pkgs.mkShell {};
+    run = ''
+      case "$-" in
+      *i*) echo This shell is interactive ;;
+      *) echo This shell is not interactive ;;
+      esac
+    '';
+  };
+
+  nix-shell-command = streamNixShellImage {
+    name = "nix-shell-command";
+    tag = "latest";
+    drv = pkgs.mkShell {};
+    command = ''
+      case "$-" in
+      *i*) echo This shell is interactive ;;
+      *) echo This shell is not interactive ;;
+      esac
+    '';
+  };
+
+  nix-shell-writable-home = streamNixShellImage {
+    name = "nix-shell-writable-home";
+    tag = "latest";
+    drv = pkgs.mkShell {};
+    run = ''
+      if [[ "$HOME" != "$(eval "echo ~$(whoami)")" ]]; then
+        echo "\$HOME ($HOME) is not the same as ~\$(whoami) ($(eval "echo ~$(whoami)"))"
+        exit 1
+      fi
+
+      if ! touch $HOME/test-file; then
+        echo "home directory is not writable"
+        exit 1
+      fi
+      echo "home directory is writable"
+    '';
+  };
+
+  nix-shell-nonexistent-home = streamNixShellImage {
+    name = "nix-shell-nonexistent-home";
+    tag = "latest";
+    drv = pkgs.mkShell {};
+    homeDirectory = "/homeless-shelter";
+    run = ''
+      if [[ "$HOME" != "$(eval "echo ~$(whoami)")" ]]; then
+        echo "\$HOME ($HOME) is not the same as ~\$(whoami) ($(eval "echo ~$(whoami)"))"
+        exit 1
+      fi
+
+      if -e $HOME; then
+        echo "home directory exists"
+        exit 1
+      fi
+      echo "home directory doesn't exist"
+    '';
+  };
+
+  nix-shell-build-derivation = streamNixShellImage {
+    name = "nix-shell-build-derivation";
+    tag = "latest";
+    drv = pkgs.hello;
+    run = ''
+      buildDerivation
+      $out/bin/hello
+    '';
+  };
+
 }