nixos/test/prometheus-node-cert-exporter: replace activation script by ExecStartPre (#475348) (2fa9acad) · Commits · nix / nixpkgs

nixos/tests/prometheus-exporters.nix

+53 −27

Original line number	Diff line number	Diff line
		@@ -1171,14 +1171,33 @@ let
		exporterTest = ''
		wait_for_unit("prometheus-node-cert-exporter.service")
		wait_for_open_port(9141)
		succeed("test -f /run/certs/node-cert.cert")
		wait_until_succeeds(
		"curl -sSf http://localhost:9141/metrics \| grep 'ssl_certificate_expiry_seconds{.\\+path=\"/run/certs/node-cert\\.cert\".\\+}'"
		)
		'';

		metricProvider = {
		system.activationScripts.cert.text = ''
		metricProvider =
		{ config, ... }:
		{
		systemd.services.prometheus-node-cert-exporter = {
		serviceConfig.ExecStartPre =
		let
		createDir = pkgs.writeShellApplication {
		name = "create-dir";
		text =
		let
		inherit (config.services.prometheus.exporters.node-cert) user;
		in
		''
		mkdir -p /run/certs
		chown ${user}:${user} /run/certs
		chmod ug+rwx /run/certs
		'';
		};
		createCerts = pkgs.writeShellApplication {
		name = "create-certs";
		text = ''
		cd /run/certs

		cat >ca.template <<EOF
		@@ -1203,6 +1222,13 @@ let
		--outfile node-cert.cert
		'';
		};
		in
		[
		"+${lib.getExe createDir}"
		"${lib.getExe createCerts}"
		];
		};
		};
		};

		pgbouncer =