From bba6b37c9d0898867a7d9c38a1b5b77efcfb07b9 Mon Sep 17 00:00:00 2001 From: sternenseemann Date: Fri, 31 Jan 2025 22:38:44 +0100 Subject: [PATCH] nixos: make initrd-network-ssh test a channel blocker Last year the initrd sshd broke due to an openssh update which looked innocent enough (the change that broke the initrd was mentioned in the changelog, but you'd be forgiven for not making the connection): - https://github.com/NixOS/nixpkgs/pull/323753 - https://github.com/NixOS/nixpkgs/pull/323796 Hopefully this won't happen again, the initrd test has been added to passthru.tests for openssh since: https://github.com/NixOS/nixpkgs/pull/356190 However, it is probably best to also have such an issue block the channel. The ssh initrd is probably almost exclusively used on remote machines where it is really bad when the initrd sshd doesn't come up since it is used to unlock an encrypted volume or similar, so it'd be stuck in initrd indefinitely. Also, for such systems it is usually very difficult to impossible to easily choose a different generation to boot into via the boot loader. --- nixos/release-combined.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/release-combined.nix b/nixos/release-combined.nix index 3b1c85a44142..10811f63e5eb 100644 --- a/nixos/release-combined.nix +++ b/nixos/release-combined.nix @@ -167,6 +167,7 @@ rec { (onFullSupported "nixos.tests.nfs4.simple") (onSystems [ "x86_64-linux" ] "nixos.tests.oci-containers.podman") (onFullSupported "nixos.tests.openssh") + (onFullSupported "nixos.tests.initrd-network-ssh") (onFullSupported "nixos.tests.pantheon") (onFullSupported "nixos.tests.php.fpm") (onFullSupported "nixos.tests.php.httpd")