From 4fcf44825fbcfbc46fd6dfe48ea09164aa003647 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Mon, 20 Nov 2017 19:11:02 +0100
Subject: Add tests for verifying/copying content-addressed paths

These don't require signatures.
---
 tests/signing.sh | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

(limited to 'tests/signing.sh')

diff --git a/tests/signing.sh b/tests/signing.sh
index 221dfa35ec01..8e8215618f89 100644
--- a/tests/signing.sh
+++ b/tests/signing.sh
@@ -52,6 +52,16 @@ nix sign-paths --key-file $TEST_ROOT/sk1 $outPath2
 
 nix verify -r $outPath2 --sigs-needed 1 --trusted-public-keys $pk1
 
+# Build something content-addressed.
+outPathCA=$(IMPURE_VAR1=foo IMPURE_VAR2=bar nix-build ./fixed.nix -A good.0)
+
+[[ $(nix path-info --json $outPathCA) =~ '"ca":"fixed:md5:' ]]
+
+# Content-addressed paths don't need signatures, so they verify
+# regardless of --sigs-needed.
+nix verify $outPathCA
+nix verify $outPathCA --sigs-needed 1000
+
 # Copy to a binary cache.
 nix copy --to file://$cacheDir $outPath2
 
@@ -73,7 +83,7 @@ rm -rf $TEST_ROOT/store0
 (! nix copy --to $TEST_ROOT/store0 $outPath)
 
 # But succeed if we supply the public keys.
-(nix copy --to $TEST_ROOT/store0 $outPath --trusted-public-keys $pk1)
+nix copy --to $TEST_ROOT/store0 $outPath --trusted-public-keys $pk1
 
 expect 2 nix verify --store $TEST_ROOT/store0 -r $outPath
 
@@ -86,3 +96,6 @@ nix copy --to $TEST_ROOT/store0?require-sigs=false $outPath2
 
 # But signatures should still get copied.
 nix verify --store $TEST_ROOT/store0 -r $outPath2 --trusted-public-keys $pk1
+
+# Content-addressed stuff can be copied without signatures.
+nix copy --to $TEST_ROOT/store0 $outPathCA
-- 
cgit 1.4.1