You can have NixCI automatically run impure test using secrets and the internet.
You can have NixCI automatically run impure test using secrets and the internet.
To activate the impure testing mechanism, add a
test
section to
your NixCI configuration.
For example, this
example
test configures the
packages.x86_64-linux.impure-test
package to be run as a test:
{
test = {
example = {
branches = "default";
package = "packages.x86_64-linux.impure-test";
};
};
}
In particular, NixCI will
nix run packages.x86_64-linux.impure-test
, which will execute the package's
meta.mainProgram
.
Tests can access secrets and SSH keys as environment variables. See the Secrets & SSH Keys documentation for how to declare and use them.
NixCI also automatically provides git metadata as environment variables during tests.
test: # optional
# default: {}
# Test Configurations
<key>:
# TestConfiguration
enable: # optional
# default: true
# enable this test
<boolean>
package: # required
# package of which the main program will be run
<string>
system: # optional
# system on which the test will be run
<string>
branches: # optional
# default: any
# branches from which may be tested
# any of
[ # Deploy from any branch
any
, # The same as "any"
all
, # Only deploy from the default branch
default
, # Deploy from any of this list of branches
- <string>
]
secrets: # optional
# default: []
# secrets provided to the test
- <string>
ssh-keys: # optional
# default: []
# ssh keys provided to the test
- # SshKeyConfiguration
secret: # required
# name of the secret on NixCI to use as the private key
<string>
public-key: # required
# public key of the ssh key
<string>