verify remote template content

.github/workflows/test.yml

@@ -21,7 +21,7 @@ jobs:
       - name: Run integration tests
         run: |
           go install
-          python3 tests/test_archives.py
+          python3 tests/integration/test_archives.py
 
   container-test:
     name: Run provisioning in a container
@@ -42,11 +42,11 @@ jobs:
 
       - name: Provision
         run: |
-          ~/go/bin/fup -f contrib/test.yml -l 0 -n
+          ~/go/bin/fup -f tests/config/test.yml -l 0 -n
 
       - name: Verify
         run: |
-          ~/go/bin/fup-verify -c contrib/test.yml -f contrib/verify-test.yml
+          ~/go/bin/fup-verify -c tests/config/test.yml -f tests/config/verify-test.yml
 
   container-remote-config-test:
     name: Run provisioning in a container via a remote config
@@ -67,8 +67,8 @@ jobs:
 
       - name: Provision
         run: |
-          ~/go/bin/fup -f https://raw.githubusercontent.com/femnad/fup/main/contrib/test.yml -l 0 -n
+          ~/go/bin/fup -f https://raw.githubusercontent.com/femnad/fup/main/tests/config/test-remote.yml -l 0 -n
 
       - name: Verify
         run: |
-          ~/go/bin/fup-verify -c https://raw.githubusercontent.com/femnad/fup/main/contrib/test.yml -f contrib/verify-test.yml
+          ~/go/bin/fup-verify -c https://raw.githubusercontent.com/femnad/fup/main/tests/config/test-remote.yml -f tests/config/verify-test-remote.yml

cmd/verify/config.go

@@ -6,7 +6,13 @@ type DirEntry struct {
 	Type   string `yaml:"type"`
 }
 
+type FileContent struct {
+	Content string `yaml:"content"`
+	Path    string `yaml:"path"`
+}
+
 type expect struct {
-	Executables []string   `yaml:"executables"`
-	DirEntries  []DirEntry `yaml:"paths"`
+	Executables []string      `yaml:"executables"`
+	DirEntries  []DirEntry    `yaml:"paths"`
+	Files       []FileContent `yaml:"file_content"`
 }

cmd/verify/verify.go

@@ -90,6 +90,19 @@ func ensureCorrectDirEntry(entry DirEntry, fupConfig base.Config) error {
 	return nil
 }
 
+func ensureFileContent(content FileContent) error {
+	bytes, err := os.ReadFile(content.Path)
+	if err != nil {
+		return err
+	}
+
+	if content.Content != string(bytes) {
+		return fmt.Errorf("file %s doesn't have expected content")
+	}
+
+	return nil
+}
+
 func readConfig(config string) (expect, error) {
 	var e expect
 	f, err := os.Open(config)
@@ -119,5 +132,10 @@ func Verify(config string, fupConfig base.Config) error {
 		errs = append(errs, err)
 	}
 
+	for _, content := range e.Files {
+		err := ensureFileContent(content)
+		errs = append(errs, err)
+	}
+
 	return errors.Join(errs...)
 }

tests/config/test-remote.yml

@@ -0,0 +1,49 @@
+settings:
+  extract_dir: ~/ext
+  versions:
+    chezmoi: 2.42.2
+
+preflight:
+  - task: Enable Docker repo (Debian|Ubuntu)
+    when: is-debian is-ubuntu
+    unless:
+      stat: /etc/apt/sources.list.d/docker.list
+    steps:
+      - name: shell
+        shell: bash
+        cmd: |
+          set -euEo pipefail
+          mkdir -p /etc/apt/keyrings
+          curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+          chmod a+r /etc/apt/keyrings/docker.gpg
+          echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" > /etc/apt/sources.list.d/docker.list
+          apt update
+
+packages:
+  debian|ubuntu:
+    - docker-ce
+    - neovim
+
+archives:
+  - url: https://github.com/twpayne/chezmoi/releases/download/v${version}/chezmoi_${version}_linux_amd64.tar.gz
+    name: chezmoi
+    unless:
+      cmd: chezmoi --version
+      post: split 2 | cut 1 | cut -1
+
+tasks:
+  - task: Clone chezmoi
+    unless:
+      stat: ~/.local/share/chezmoi
+    steps:
+      - name: git
+        repo:
+          name: https://gitlab.com/femnad/chezmoi.git
+        dir: ~/.local/share/chezmoi
+      - name: cmd
+        cmd: ~/bin/chezmoi apply --force
+
+template:
+  - src: unattended-upgrades.conf
+    dest: /etc/apt/apt.conf.d/50unattended-upgrades
+    when: is-ubuntu

contrib/test.yml → tests/config/test.yml

@@ -42,3 +42,8 @@ tasks:
         dir: ~/.local/share/chezmoi
       - name: cmd
         cmd: ~/bin/chezmoi apply --force
+
+template:
+  - src: unattended-upgrades.conf
+    dest: /etc/apt/apt.conf.d/50unattended-upgrades
+    when: is-ubuntu

tests/config/verify-test-remote.yml

@@ -0,0 +1,33 @@
+executables:
+  - docker
+  - nvim
+
+paths:
+  - path: ~/.local/share/chezmoi
+    type: dir
+  - path: ~/bin/chm
+    type: exec
+  - path: ~/.config/fup/fup.yml
+    type: file
+  - path: ~/bin/chezmoi
+    type: symlink
+    target: ${extract_dir}/chezmoi/chezmoi
+
+file_content:
+  - path: /etc/apt/apt.conf.d/50unattended-upgrades
+    content: |
+      Unattended-Upgrade::Allowed-Origins {
+              "${distro_id}:${distro_codename}";
+              "${distro_id}:${distro_codename}-security";
+              "${distro_id}ESM:${distro_codename}";
+              "${distro_id}ESM:${distro_codename}-security";
+              "${distro_id}:${distro_codename}-updates";
+              "${distro_id}:${distro_codename}-proposed";
+              "${distro_id}:${distro_codename}-backports";
+      };
+
+      Unattended-Upgrade::Remove-Unused-Dependencies "true";
+
+      Unattended-Upgrade::MinimalSteps "false";
+
+      Unattended-Upgrade::OnlyOnACPower "false";