about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--tests/Makefile.am6
-rw-r--r--tests/check-refs.nix.in59
-rw-r--r--tests/check-refs.sh36
-rw-r--r--tests/common.sh.in1
4 files changed, 100 insertions, 2 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am
index b19802d87bfc..4b56d0226878 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -3,7 +3,7 @@ TESTS_ENVIRONMENT = $(SHELL) -e
 extra1 = $(shell pwd)/test-tmp/shared
 
 simple.sh: simple.nix
-dependencies.sh gc.sh nix-push.sh nix-pull.in logging.sh nix-build.sh install-package.sh: dependencies.nix
+dependencies.sh gc.sh nix-push.sh nix-pull.in logging.sh nix-build.sh install-package.sh check-refs.sh: dependencies.nix
 locking.sh: locking.nix
 parallel.sh: parallel.nix
 build-hook.sh: build-hook.nix
@@ -14,12 +14,13 @@ gc-concurrent.sh: gc-concurrent.nix gc-concurrent2.nix
 user-envs.sh: user-envs.nix
 fixed.sh: fixed.nix
 gc-runtime.sh: gc-runtime.nix
+check-refs.sh: check-refs.nix
 
 TESTS = init.sh hash.sh lang.sh add.sh simple.sh dependencies.sh \
   locking.sh parallel.sh build-hook.sh substitutes.sh substitutes2.sh \
   fallback.sh nix-push.sh gc.sh gc-concurrent.sh verify.sh nix-pull.sh \
   referrers.sh user-envs.sh logging.sh nix-build.sh misc.sh fixed.sh \
-  gc-runtime.sh install-package.sh
+  gc-runtime.sh install-package.sh check-refs.sh
 
 XFAIL_TESTS =
 
@@ -42,5 +43,6 @@ EXTRA_DIST = $(TESTS) \
   user-envs.nix.in user-envs.builder.sh \
   fixed.nix.in fixed.builder1.sh fixed.builder2.sh \
   gc-runtime.nix.in gc-runtime.builder.sh \
+  check-refs.nix.in \
   $(wildcard lang/*.nix) $(wildcard lang/*.exp) $(wildcard lang/*.exp.xml) \
   common.sh.in
diff --git a/tests/check-refs.nix.in b/tests/check-refs.nix.in
new file mode 100644
index 000000000000..a3738fa43d20
--- /dev/null
+++ b/tests/check-refs.nix.in
@@ -0,0 +1,59 @@
+rec {
+
+  dep = import ./dependencies.nix;
+
+  makeTest = nr: args: derivation ({
+    name = "check-refs-" + toString nr;
+    system = "@system@";
+    builder = "@shell@";
+    PATH = "@testPath@";
+  } // args);
+
+  src = builtins.toFile "aux-ref" "bla bla";
+
+  test1 = makeTest 1 {
+    args = ["-e" "-x" (builtins.toFile "builder.sh" "mkdir $out; ln -s $dep $out/link")];
+    inherit dep;
+  };
+
+  test2 = makeTest 2 {
+    args = ["-e" "-x" (builtins.toFile "builder.sh" "mkdir $out; ln -s ${src} $out/link")];
+    inherit dep;
+  };
+
+  test3 = makeTest 3 {
+    args = ["-e" "-x" (builtins.toFile "builder.sh" "mkdir $out; ln -s $dep $out/link")];
+    allowedReferences = [];
+    inherit dep;
+  };
+
+  test4 = makeTest 4 {
+    args = ["-e" "-x" (builtins.toFile "builder.sh" "mkdir $out; ln -s $dep $out/link")];
+    allowedReferences = [dep];
+    inherit dep;
+  };
+
+  test5 = makeTest 5 {
+    args = ["-e" "-x" (builtins.toFile "builder.sh" "mkdir $out")];
+    allowedReferences = [];
+    inherit dep;
+  };
+
+  test6 = makeTest 6 {
+    args = ["-e" "-x" (builtins.toFile "builder.sh" "mkdir $out; ln -s $out $out/link")];
+    allowedReferences = [];
+    inherit dep;
+  };
+
+  test7 = makeTest 7 {
+    args = ["-e" "-x" (builtins.toFile "builder.sh" "mkdir $out; ln -s $out $out/link")];
+    allowedReferences = ["out"];
+    inherit dep;
+  };
+
+  test8 = makeTest 8 {
+    args = ["-e" "-x" (builtins.toFile "builder.sh" "mkdir $out; ln -s ${test1} $out/link")];
+    inherit dep;
+  };
+
+}
diff --git a/tests/check-refs.sh b/tests/check-refs.sh
new file mode 100644
index 000000000000..0e80b1541ff7
--- /dev/null
+++ b/tests/check-refs.sh
@@ -0,0 +1,36 @@
+source common.sh
+
+set -x
+
+RESULT=$TEST_ROOT/result
+
+dep=$($nixbuild -o $RESULT check-refs.nix -A dep)
+
+# test1 references dep, not itself.
+test1=$($nixbuild -o $RESULT check-refs.nix -A test1)
+! $nixstore -q --references $test1 | grep -q $test1
+$nixstore -q --references $test1 | grep -q $dep
+
+# test2 references src, not itself nor dep.
+test2=$($nixbuild -o $RESULT check-refs.nix -A test2)
+! $nixstore -q --references $test2 | grep -q $test2
+! $nixstore -q --references $test2 | grep -q $dep
+$nixstore -q --references $test2 | grep -q aux-ref
+
+# test3 should fail (unallowed ref).
+! $nixbuild -o $RESULT check-refs.nix -A test3
+
+# test4 should succeed.
+$nixbuild -o $RESULT check-refs.nix -A test4
+
+# test5 should succeed.
+$nixbuild -o $RESULT check-refs.nix -A test5
+
+# test6 should fail (unallowed self-ref).
+! $nixbuild -o $RESULT check-refs.nix -A test6
+
+# test7 should succeed (allowed self-ref).
+$nixbuild -o $RESULT check-refs.nix -A test7
+
+# test8 should fail (toFile depending on derivation output).
+! $nixbuild -o $RESULT check-refs.nix -A test8
diff --git a/tests/common.sh.in b/tests/common.sh.in
index ca4c62d91493..fa54bcd485cf 100644
--- a/tests/common.sh.in
+++ b/tests/common.sh.in
@@ -43,6 +43,7 @@ export nixinstantiate=$TOP/src/nix-instantiate/nix-instantiate
 export nixstore=$TOP/src/nix-store/nix-store
 export nixenv=$TOP/src/nix-env/nix-env
 export nixhash=$TOP/src/nix-hash/nix-hash
+export nixbuild=$NIX_BIN_DIR/nix-build
 
 readLink() {
     ls -l "$1" | sed 's/.*->\ //'