feat: add smoke check to images flake, lock nixpkgs

NixOS test boots a VM, loads the static-server image, starts it with index.html + foo.html, and verifies that /foo routes to foo.html (extensionless URL routing). Also adds flake.lock pinning nixpkgs. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-18 13:26:44 +01:00 · 2026-02-18 13:26:44 +01:00 · dd382a5cc4
commit dd382a5cc4
parent bc2885c5c7
2 changed files with 55 additions and 3 deletions
--- a/deploy-static-site/images/flake.lock
+++ b/deploy-static-site/images/flake.lock
@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1771008912,
+        "narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "a82ccc39b39b621151d6732718e3e250109076fa",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
--- a/deploy-static-site/images/flake.nix
+++ b/deploy-static-site/images/flake.nix
@ -7,12 +7,11 @@
    let
      system = "x86_64-linux";
      pkgs = nixpkgs.legacyPackages.${system};
-    in
-    {
+
      # Single image used by every static-site Nomad job.
      # At container startup it downloads the site tarball from S3, then serves it.
      # The Nomad job spec overrides Cmd with the domain- and hash-specific fetch+serve command.
-      packages.${system}.staticServer = pkgs.dockerTools.buildLayeredImage {
+      staticServer = pkgs.dockerTools.buildLayeredImage {
        name = "static-server";
        tag = "latest";
        contents = with pkgs; [
@ -26,5 +25,31 @@
        ];
        config.ExposedPorts."8080/tcp" = { };
      };
+    in
+    {
+      packages.${system}.staticServer = staticServer;
+
+      checks.${system}.smoke = nixpkgs.lib.nixosTest {
+        name = "static-server-smoke";
+
+        nodes.machine = { ... }: {
+          virtualisation.docker.enable = true;
+        };
+
+        testScript = ''
+          machine.start()
+          machine.wait_for_unit("docker.service")
+          machine.succeed("docker load < ${staticServer}")
+          machine.succeed(
+            "docker run -d --name site -p 8080:8080 static-server:latest"
+            " /bin/bash -c 'mkdir -p /var/www"
+            " && printf index > /var/www/index.html"
+            " && printf foo > /var/www/foo.html"
+            " && exec static-web-server --port 8080 --root /var/www'"
+          )
+          machine.wait_until_succeeds("curl -sf http://localhost:8080/")
+          machine.succeed("curl -sf http://localhost:8080/foo | grep -q foo")
+        '';
+      };
    };
 }