nixos/tests: update initrd-secrets test to test secret in /run/keys
Since /run/keys is a ramfs, it is not paged out and a good place to copy secrets to. Test whether secrets with a path in /run/keys exist after initrd.
This commit is contained in:
parent
14df81c809
commit
b089c39a23
1 changed files with 8 additions and 2 deletions
|
@ -13,7 +13,12 @@ let
|
|||
|
||||
machine = { ... }: {
|
||||
virtualisation.useBootLoader = true;
|
||||
boot.initrd.secrets."/test" = secretInStore;
|
||||
boot.initrd.secrets = {
|
||||
"/test" = secretInStore;
|
||||
|
||||
# This should *not* need to be copied in postMountCommands
|
||||
"/run/keys/test" = secretInStore;
|
||||
};
|
||||
boot.initrd.postMountCommands = ''
|
||||
cp /test /mnt-root/secret-from-initramfs
|
||||
'';
|
||||
|
@ -26,7 +31,8 @@ let
|
|||
start_all()
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
machine.succeed(
|
||||
"cmp ${secretInStore} /secret-from-initramfs"
|
||||
"cmp ${secretInStore} /secret-from-initramfs",
|
||||
"cmp ${secretInStore} /run/keys/test",
|
||||
)
|
||||
'';
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue