chore(deps): lock file maintenance

ci: parallelize checks
If I ever get more runners, this will be a great speedup.
2025-01-23 22:40:24 +01:00 · 2025-01-23 22:32:15 +01:00 · 2025-01-23 22:24:30 +01:00
4 changed files with 138 additions and 19 deletions
--- a/.forgejo/workflows/check.yml
+++ b/.forgejo/workflows/check.yml
@ -4,15 +4,30 @@ jobs:
    runs-on: nixos
    steps:
      - uses: https://git.salame.cl/actions/checkout@v4
-      - run: nix --version
+      - name: Build Package
-      - run: nix build --print-build-logs .#
+        run: |
          nix --version
          nix build --print-build-logs .#
  check:
    needs: build # we use the built binaries in the checks
    runs-on: nixos
    strategy:
      matrix:
        check:
          - treefmt
          - clippy
          - nextest
          - module-ipv4-test
          - module-ipv6-test
          - module-nginx-test
    steps:
      - uses: https://git.salame.cl/actions/checkout@v4
-      - run: nix --version
+      - name: Check
-      - run: nix flake check --keep-going --verbose --print-build-logs
+        run: |
          set -x
          nix --version
          # shellcheck disable=SC2016
          nix build --print-build-logs '.#checks.x86_64-linux.${{ matrix.check }}'
  report-size:
    runs-on: nixos
    needs: build
--- a/Cargo.lock
+++ b/Cargo.lock
@ -78,9 +78,9 @@ dependencies = [
 [[package]]
 name = "axum"
-version = "0.8.2"
+version = "0.8.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "efea76243612a2436fb4074ba0cf3ba9ea29efdeb72645d8fc63f116462be1de"
+checksum = "6d6fd624c75e18b3b4c6b9caf42b1afe24437daaee904069137d8bab077be8b8"
 dependencies = [
 "axum-core",
 "bytes",
@ -123,12 +123,12 @@ dependencies = [
 [[package]]
 name = "axum-core"
-version = "0.5.1"
+version = "0.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eab1b0df7cded837c40dacaa2e1c33aa17c84fc3356ae67b5645f1e83190753e"
+checksum = "df1362f362fd16024ae199c1970ce98f9661bf5ef94b9808fee734bc3698b733"
 dependencies = [
 "bytes",
- "futures-core",
+ "futures-util",
 "http",
 "http-body",
 "http-body-util",
@ -728,9 +728,9 @@ checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f"
 [[package]]
 name = "rustix"
-version = "0.38.43"
+version = "0.38.44"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a78891ee6bf2340288408954ac787aa063d8e8817e9f53abb37c695c6d834ef6"
+checksum = "fdb5bc1ae2baa591800df16c9ca78619bf65c0488b41b96ccec5d11220d8c154"
 dependencies = [
 "bitflags",
 "errno",
@ -1086,9 +1086,9 @@ dependencies = [
 [[package]]
 name = "unicode-ident"
-version = "1.0.14"
+version = "1.0.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "adb9e6ca4f869e1180728b7950e35922a7fc6397f7b641499e8f3ef06e50dc83"
+checksum = "11cd88e12b17c6494200a9c1b683a04fcac9573ed74cd1b62aeb2727c5592243"
 [[package]]
 name = "unicode-linebreak"
--- a/flake-modules/tests.nix
+++ b/flake-modules/tests.nix
@ -100,6 +100,27 @@
            config.services.webnsupdate.bindIp = "::1";
          };
          webnsupdate-nginx-machine =
            { lib, config, ... }:
            {
              imports = [
                webnsupdate-ipv4-machine
              ];
              config.services = {
                # Use default IP Source
                webnsupdate.extraArgs = lib.mkForce [ "-vvv" ]; # debug messages
                nginx = {
                  enable = true;
                  recommendedProxySettings = true;
                  virtualHosts.webnsupdate.locations."/".proxyPass =
                    "http://${config.services.webnsupdate.bindIp}:${builtins.toString config.services.webnsupdate.bindPort}";
                };
              };
            };
          testScript = ''
            machine.start(allow_reboot=True)
            machine.wait_for_unit("bind.service")
@ -166,6 +187,89 @@
            nodes.machine = webnsupdate-ipv6-machine;
            inherit testScript;
          };
          module-nginx-test = pkgs.testers.runNixOSTest {
            name = "webnsupdate-nginx-module";
            nodes.machine = webnsupdate-nginx-machine;
            testScript = ''
              machine.start(allow_reboot=True)
              machine.wait_for_unit("bind.service")
              machine.wait_for_unit("webnsupdate.service")
              # ensure base DNS records area available
              with subtest("query base DNS records"):
                  machine.succeed("dig @127.0.0.1 ${testDomain} | grep ^${testDomain}")
                  machine.succeed("dig @127.0.0.1 ns1.${testDomain} | grep ^ns1.${testDomain}")
                  machine.succeed("dig @127.0.0.1 nsupdate.${testDomain} | grep ^nsupdate.${testDomain}")
              # ensure webnsupdate managed records are missing
              with subtest("query webnsupdate DNS records (fail)"):
                  machine.fail("dig @127.0.0.1 test1.${testDomain} A    | grep ^test1.${testDomain}")
                  machine.fail("dig @127.0.0.1 test2.${testDomain} A    | grep ^test2.${testDomain}")
                  machine.fail("dig @127.0.0.1 test3.${testDomain} A    | grep ^test3.${testDomain}")
                  machine.fail("dig @127.0.0.1 test1.${testDomain} AAAA | grep ^test1.${testDomain}")
                  machine.fail("dig @127.0.0.1 test2.${testDomain} AAAA | grep ^test2.${testDomain}")
                  machine.fail("dig @127.0.0.1 test3.${testDomain} AAAA | grep ^test3.${testDomain}")
              with subtest("update webnsupdate DNS records (invalid auth)"):
                  machine.fail("curl --fail --silent -u test1:test1 -X GET http://127.0.0.1/update")
                  machine.fail("cat /var/lib/webnsupdate/last-ip") # no last-ip set yet
              # ensure webnsupdate managed records are missing
              with subtest("query webnsupdate DNS records (fail)"):
                  machine.fail("dig @127.0.0.1 test1.${testDomain} A    | grep ^test1.${testDomain}")
                  machine.fail("dig @127.0.0.1 test2.${testDomain} A    | grep ^test2.${testDomain}")
                  machine.fail("dig @127.0.0.1 test3.${testDomain} A    | grep ^test3.${testDomain}")
                  machine.fail("dig @127.0.0.1 test1.${testDomain} AAAA | grep ^test1.${testDomain}")
                  machine.fail("dig @127.0.0.1 test2.${testDomain} AAAA | grep ^test2.${testDomain}")
                  machine.fail("dig @127.0.0.1 test3.${testDomain} AAAA | grep ^test3.${testDomain}")
              with subtest("update webnsupdate IPv4 DNS records (valid auth)"):
                  machine.succeed("curl --fail --silent -u test:test -X GET http://127.0.0.1/update")
                  machine.succeed("cat /var/lib/webnsupdate/last-ip")
              # ensure webnsupdate managed IPv4 records are available
              with subtest("query webnsupdate IPv4 DNS records (succeed)"):
                  machine.succeed("dig @127.0.0.1 test1.${testDomain} A | grep ^test1.${testDomain}")
                  machine.succeed("dig @127.0.0.1 test2.${testDomain} A | grep ^test2.${testDomain}")
                  machine.succeed("dig @127.0.0.1 test3.${testDomain} A | grep ^test3.${testDomain}")
              # ensure webnsupdate managed IPv6 records are missing
              with subtest("query webnsupdate IPv6 DNS records (fail)"):
                  machine.fail("dig @127.0.0.1 test1.${testDomain} AAAA | grep ^test1.${testDomain}")
                  machine.fail("dig @127.0.0.1 test2.${testDomain} AAAA | grep ^test2.${testDomain}")
                  machine.fail("dig @127.0.0.1 test3.${testDomain} AAAA | grep ^test3.${testDomain}")
              with subtest("update webnsupdate IPv6 DNS records (valid auth)"):
                  machine.succeed("curl --fail --silent -u test:test -X GET http://[::1]/update")
                  machine.succeed("cat /var/lib/webnsupdate/last-ip")
              # ensure webnsupdate managed IPv6 records are missing
              with subtest("query webnsupdate IPv6 DNS records (fail)"):
                  machine.succeed("dig @127.0.0.1 test1.${testDomain} AAAA | grep ^test1.${testDomain}")
                  machine.succeed("dig @127.0.0.1 test2.${testDomain} AAAA | grep ^test2.${testDomain}")
                  machine.succeed("dig @127.0.0.1 test3.${testDomain} AAAA | grep ^test3.${testDomain}")
              machine.reboot()
              machine.succeed("cat /var/lib/webnsupdate/last-ip")
              machine.wait_for_unit("webnsupdate.service")
              machine.succeed("cat /var/lib/webnsupdate/last-ip")
              # ensure base DNS records area available after a reboot
              with subtest("query base DNS records"):
                  machine.succeed("dig @127.0.0.1 ${testDomain} | grep ^${testDomain}")
                  machine.succeed("dig @127.0.0.1 ns1.${testDomain} | grep ^ns1.${testDomain}")
                  machine.succeed("dig @127.0.0.1 nsupdate.${testDomain} | grep ^nsupdate.${testDomain}")
              # ensure webnsupdate managed records are available after a reboot
              with subtest("query webnsupdate DNS records (succeed)"):
                  machine.succeed("dig @127.0.0.1 test1.${testDomain} A    | grep ^test1.${testDomain}")
                  machine.succeed("dig @127.0.0.1 test2.${testDomain} A    | grep ^test2.${testDomain}")
                  machine.succeed("dig @127.0.0.1 test3.${testDomain} A    | grep ^test3.${testDomain}")
                  machine.succeed("dig @127.0.0.1 test1.${testDomain} AAAA | grep ^test1.${testDomain}")
                  machine.succeed("dig @127.0.0.1 test2.${testDomain} AAAA | grep ^test2.${testDomain}")
                  machine.succeed("dig @127.0.0.1 test3.${testDomain} AAAA | grep ^test3.${testDomain}")
            '';
          };
        };
    };
 }
--- a/flake.lock
+++ b/flake.lock
@ -2,11 +2,11 @@
  "nodes": {
    "crane": {
      "locked": {
-        "lastModified": 1737250794,
+        "lastModified": 1737563566,
-        "narHash": "sha256-bdIPhvsAKyYQzqAIeay4kOxTHGwLGkhM+IlBIsmMYFI=",
+        "narHash": "sha256-GLJvkOG29XCynQm8XWPyykMRqIhxKcBARVu7Ydrz02M=",
        "owner": "ipetkov",
        "repo": "crane",
-        "rev": "c5b7075f4a6d523fe8204618aa9754e56478c0e0",
+        "rev": "849376434956794ebc7a6b487d31aace395392ba",
        "type": "github"
      },
      "original": {
@ -37,11 +37,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1737062831,
+        "lastModified": 1737469691,
-        "narHash": "sha256-Tbk1MZbtV2s5aG+iM99U8FqwxU/YNArMcWAv6clcsBc=",
+        "narHash": "sha256-nmKOgAU48S41dTPIXAq0AHZSehWUn6ZPrUKijHAMmIk=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "5df43628fdf08d642be8ba5b3625a6c70731c19c",
+        "rev": "9e4d5190a9482a1fb9d18adf0bdb83c6e506eaab",
        "type": "github"
      },
      "original": {
Author	SHA1	Message	Date
Renovate Bot	48b807d6b5	chore(deps): lock file maintenance All checks were successful / build (push) Successful in 2s Details / check (clippy) (push) Successful in 2s Details / check (module-ipv4-test) (push) Successful in 7s Details / check (module-ipv6-test) (push) Successful in 7s Details / check (module-nginx-test) (push) Successful in 30s Details / check (nextest) (push) Successful in 2s Details / check (treefmt) (push) Successful in 2s Details / report-size (push) Successful in 6s Details	2025-01-23 22:40:24 +01:00
Jalil David Salamé Messina	2e8d20f89d	ci: parallelize checks All checks were successful / build (push) Successful in 1s Details / check (clippy) (push) Successful in 2s Details / check (module-ipv4-test) (push) Successful in 6s Details / check (module-ipv6-test) (push) Successful in 6s Details / check (module-nginx-test) (push) Successful in 7s Details / check (nextest) (push) Successful in 2s Details / check (treefmt) (push) Successful in 2s Details / report-size (push) Successful in 2s Details If I ever get more runners, this will be a great speedup.	2025-01-23 22:32:15 +01:00
Jalil David Salamé Messina	ec27e31336	feat(tests): add nginx integration test All checks were successful / build (push) Successful in 1s Details / check (push) Successful in 9s Details / report-size (push) Successful in 1s Details This ensures we can handle IPv4 and IPv6 simultaneously	2025-01-23 22:24:30 +01:00