1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
|
(begin
(use-modules (srfi srfi-19))
`((title . "GuixSD system tests")
(author . "Ludovic Courtès")
(date unquote (make-date 0 0 0 0 28 6 2016 7200))
(content
div
(p "From its inception, Guix has had a thorough test suite—something that’s not only reassuring, but also the thing that allows for fearless evolution of the code. That we didn’t have this safety net when hacking on the whole operating system, GuixSD, made it uncomfortable and more risky. We are now addressing the problem with the introduction of "
(em "system tests")
", closing one of the major roadblocks towards 1.0."
(br))
(p "Before going into details, let me recap the sorts of testing that already occurred in Guix land."
(br))
(h4 "Unit tests")
(p "Guix’s "
(a (@ (href "http://git.savannah.gnu.org/cgit/guix.git/tree/tests"))
"test suite")
" currently contains almost 600 "
(em "unit tests")
". Each one of these stresses one particular function or subset of the functionality of Guix. This covers core package management functionality such as package builds, utility modules such as monads or the public key infrastructure (PKI) used for authenticating binaries, maintenance tools such as "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Invoking-guix-lint.html"))
"lint")
" and the "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Invoking-guix-import.html"))
"importers")
", as well as the command-line interface."
(br))
(p "Since Guix provides Scheme modules for use "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/G_002dExpressions.html"))
"both in the package management front-end and on the “build side”")
", the latter is also tested. This includes part of the "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Build-Systems.html"))
"build systems")
", and helpers like our "
(a (@ (href "http://git.savannah.gnu.org/cgit/guix.git/tree/guix/build/gremlin.scm#n264"))
"ELF validation module")
"."
(br))
(h4 "Package tests")
(p "Then come the software packages that Guix ships. All of the packages in the distro are under "
(a (@ (href "https://hydra.gnu.org/jobset/gnu/master"))
"continuous integration")
" on the 4 supported architectures (32-bit and 64-bit Intel compatible, as well as MIPS64 and ARMv7.) Our build farm serves the resulting binaries, which users can choose to download as "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Substitutes.html"))
"substitutes for local builds")
". Our build server, which currently runs an instance of "
(a (@ (href "https://nixos.org/hydra/")) "Hydra")
", always shows the number of succeeding/failing builds on its dashboard. That way, breakage introduced by changes in the package collection is always rapidly detected. This is a direct benefit of the "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Introduction.html"))
"functional packaging model")
"."
(br))
(p "Additionally, our policy is to always run each package’s test suite (typically “make check”) as part of its build process, unless there is a serious technical obstacle to doing that. That way, we can, and do catch integration issues, incompatibilities, and plain bugs before they hit users."
(br))
(h4 "System tests")
(p "So far, so good. Now, what about GuixSD itself? GuixSD did not have an automated test suite until now. What it did have, though, is the ability to instantiate an operating system in a virtual machine (VM) or in a container. You would write your "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Using-the-Configuration-System.html"))
"operating system declaration")
" in a file, then run, say:"
(br))
(div (@ (class "example"))
(pre "guix system vm my-config.scm "))
(p "This "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Invoking-guix-system.html#Invoking-guix-system"))
"gives you a script to launch a VM")
" running an instance of the OS declared in ‘my-config.scm’. Already pretty convenient! And indeed, even more so back in the days when we were eating a fair amount of dog food. In fact, that’s how we ate our "
(a (@ (href "https://savannah.gnu.org/forum/forum.php?forum_id=7506"))
"first")
(a (@ (href "https://savannah.gnu.org/forum/forum.php?forum_id=7737"))
"dog food dishes")
", and the VM infrastructure was the fork and knife that made it more tolerable."
(br))
(p "So what could we test exactly? Roughly, we want to test that the instantiated system behaves according to the source ‘operating-system’ declaration: that user accounts are all there, that system services are running as expected, that all of the configuration is taken into account."
(br))
(p "To do that, we need to run the system under test in a VM, but we also need to instrument it. We use "
(a (@ (href "http://qemu.org")) "QEMU")
" to run our VMs, and QEMU along with the Linux virtio-serial module nicely supports communication between the guest operating system and the host, a strategy also used by "
(a (@ (href "https://github.com/NixOS/nixpkgs/blob/master/nixos/lib/test-driver/Machine.pm"))
"NixOS’ test driver")
". Concretely, we define a "
(a (@ (href "http://git.savannah.gnu.org/cgit/guix.git/tree/gnu/build/marionette.scm"))
"“marionette”")
(a (@ (href "http://git.savannah.gnu.org/cgit/guix.git/tree/gnu/tests.scm#n129"))
"service")
", which hooks a Guile "
(a (@ (href "https://www.gnu.org/software/guile/manual/html_node/The-REPL.html"))
"read-eval-print loop")
" (REPL) inside the guest. This allows the host to evaluate arbitrary code in the guest VM."
(br))
(p "Now we can write build processes ("
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Derivations.html"))
"aka. “derivations”")
") that will:"
(br))
(ol (li "instantiate an instrumented variant of the operating system configuration we want to test in a VM image;\n")
(li "spawn the VM, run a series of tests on the guest OS, and return the test results.\n"))
(p "Thus, a system test to make sure the "
(a (@ (href "https://www.gnu.org/software/guile/manual/html_node/System-Identification.html#index-scm_005funame"))
"‘uname’")
" system call returns something that matches the OS declaration looks like this:"
(br))
(div (@ (class "example"))
(pre "(define (run-test)\n (define os\n ;; The declaration of the OS we want to instantiate and test.\n ;; Calling 'marionette-operating-system' instruments it.\n (marionette-operating-system\n (operating-system\n (host-name \"komputilo\")\n (timezone \"Europe/Berlin\")\n (locale \"en_US.UTF-8\")\n\n (bootloader (grub-configuration (device \"/dev/sdX\")))\n (file-systems %base-file-systems))))\n\n ;; Compute the script to run OS in a VM.\n (mlet %store-monad ((run (system-qemu-image/shared-store-script\n os #:graphic? #f)))\n (define test\n ;; The actual test. Here “#~” is like “quote”, allowing us\n ;; to describe code to run in the build environment; it’s a\n ;; “g-expression.”\n #~(begin\n (use-modules (gnu build marionette)\n (srfi srfi-64)\n (ice-9 match))\n\n (define marionette\n\t ;; Spawn the VM that runs the declared OS.\n (make-marionette (list #$run)))\n\n (mkdir #$output)\n (chdir #$output)\n\n (test-begin \"basic\")\n\n (test-assert \"uname\"\n\t ;; Call the ‘uname’ Scheme function in the guest.\n\t ;; In the host, make sure its result (a vector) matches\n\t ;; our OS declaration above.\n (match (marionette-eval '(uname) marionette)\n (#(\"Linux\" host-name version _ architecture)\n (and (string=? host-name\n #$(operating-system-host-name os))\n (string-prefix? #$(package-version\n (operating-system-kernel os))\n version)\n (string-prefix? architecture %host-type)))))\n\n (test-end)\n (exit (= (test-runner-fail-count (test-runner-current)) 0))))\n\n ;; Turn the test into a buildable “derivation”.\n (gexp->derivation \"simple-test\" test\n #:modules '((gnu build marionette)))))\n"))
(p "There are interesting things going on here. First, while this is all Scheme code, there are in fact three tiers or strata of code at play here: the code that produces the OS declaration and the derivation, the build code of that derivation—the test—embodied in a "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/G_002dExpressions.html"))
"g-expression")
", and code sent from the host to the guest VM via ‘marionette-eval’."
(br))
(p "Using Scheme all the way means we can share code, use the right tools such as the "
(a (@ (href "http://srfi.schemers.org/srfi-64/srfi-64.html"))
"SRFI-64 test framework")
" here, pass values from one tier to another, and so on. And of course, being a full-blown language rather than shell scripts or similar means we have a rich and semantically-clear interface at our fingertips: we can directly access the data structures that matter rather than grepping the output of high-level commands. As an example, we can directly query the "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Shepherd-Services.html"))
"system service manager")
" right "
(a (@ (href "http://git.savannah.gnu.org/cgit/guix.git/tree/gnu/services/herd.scm"))
"from Scheme")
", which is often useful in system tests."
(br))
(h4 "Status")
(p "Guix now includes the test infrastructure described above; running “make check-system” runs all the currently defined tests. Currently we have "
(a (@ (href "http://git.savannah.gnu.org/cgit/guix.git/tree/gnu/tests/base.scm"))
"tests for basic functionality")
". This includes making sure that all the system services declared are available and running. We have tests for specific system services such as the "
(a (@ (href "https://www.gnu.org/software/mcron/"))
"mcron")
" job scheduling daemon—inspired by your parents’ cron, but with a powerful Scheme interface—and "
(a (@ (href "http://avahi.org/")) "Avahi")
" and its "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Name-Service-Switch.html"))
"name service switch")
" (NSS) integration."
(br))
(p "Last but not least, we have "
(a (@ (href "http://git.savannah.gnu.org/cgit/guix.git/tree/gnu/tests/install.scm"))
"tests")
" of the full "
(a (@ (href "https://www.gnu.org/software/guix/manual/html_node/System-Installation.html"))
"GuixSD installation procedure")
", which turned out to be "
(a (@ (href "https://lists.gnu.org/archive/html/guix-devel/2016-06/msg00815.html"))
"more involved")
" than the other tests. This works by running the GuixSD installation image in a VM, using another VM image as the target installation media, and finally booting the newly-installed system."
(br))
(p "All the tests are automatically run on our build farm (see "
(a (@ (href "https://hydra.gnu.org/job/gnu/master/test.basic.x86_64-linux"))
"here")
", "
(a (@ (href "https://hydra.gnu.org/job/gnu/master/test.installed-os.x86_64-linux"))
"here")
", or "
(a (@ (href "https://hydra.gnu.org/job/gnu/master/test.mcron.i686-linux"))
"there")
"), which provides quick feedback. One step closer to 1.0!"
(br))
(h4 "About GNU Guix")
(p (a (@ (href "http://www.gnu.org/software/guix"))
"GNU Guix")
" is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and "
(a (@ (href "http://www.gnu.org/distros/free-system-distribution-guidelines.html"))
"respects the user's freedom")
"."
(br))
(p "In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native "
(a (@ (href "http://www.gnu.org/software/guile"))
"Guile")
" modules, using extensions to the "
(a (@ (href "http://schemers.org")) "Scheme")
" language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable."
(br))
(p "GuixSD can be used on an i686 or x86_64 machine. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and armv7."
(br)))))
|