fixup! [OPS-1463] Docker networks and volumes

flake.nix

@@ -12,7 +12,7 @@
       url = "github:hercules-ci/gitignore.nix";
       flake = false;
     };
-
+    nixpkgs.url = "github:serokell/nixpkgs/sereja/revert-docker-networks";
     flake-compat = {
       flake = false;
     };
@@ -81,6 +81,9 @@
       packages = pkgs.lib.optionalAttrs (! lib.hasInfix "darwin" system) {
         inherit (pkgs) benchwrapper;
       };
+      checks = {
+        docker = import ./tests/docker.nix (inputs // { inherit pkgs; });
+      };
     }
   ));
 }

modules/virtualization/docker.nix

@@ -21,15 +21,24 @@ with lib; let
     vsuperfluous="$(${pkgs.gnugrep}/bin/grep -vxF -f $vwanted $vexisting || true)"
     while read -r net; do
       if [[ ! -z "$net" ]]; then
-        echo -n "Removed superfluous Docker network: "
-        ${pkgs.docker}/bin/docker network rm "$net" || true
-        rm -f /etc/docker/network-opts/$net
+        if [[ -f /etc/docker/network-opts/$net ]]; then
+          echo -n "Removed superfluous Docker network: "
+          ${pkgs.docker}/bin/docker network rm "$net" || true
+          rm -f /etc/docker/network-opts/$net
+        else
+          echo "Skipped deleting Docker network $net as it was manually created (/etc/docker/network-opts/$net is missing)."
+        fi
       fi
     done <<< "$nsuperfluous"
     while read -r vol; do
       if [[ ! -z "$vol" ]]; then
-        echo -n "Removed superfluous Docker volume: "
-        ${pkgs.docker}/bin/docker volume rm "$vol" || true
+        if [[ -f /etc/docker/volumes/$vol ]]; then
+          echo -n "Removed superfluous Docker volume: "
+          ${pkgs.docker}/bin/docker volume rm "$vol" || true
+          rm -f /etc/docker/volumes/$vol
+        else
+          echo "Skipped deleting Docker volume $vol as it was manually created (/etc/docker/volumes/$vol is missing)."
+        fi
       fi
     done <<< "$vsuperfluous"
   '';
@@ -50,7 +59,7 @@ with lib; let
     '';
   in ''
     mkdir -p /etc/docker/network-opts/
-    if [[ $(${pkgs.docker}/bin/docker network ls --quiet --filter name=${name} | wc -c) -eq 0 ]]; then
+    if [[ $(${pkgs.docker}/bin/docker network ls --quiet --filter name=^${name}$ | wc -c) -eq 0 ]]; then
       rm -f /etc/docker/network-opts/${name}
       ${create}
     elif [[ "${toString recreate}" ]]; then
@@ -69,9 +78,11 @@ with lib; let
   '';
 
   mkVolume = name: ''
-    if [[ $(${pkgs.docker}/bin/docker volume ls --quiet --filter name=${name} | wc -c) -eq 0 ]]; then
+    mkdir -p /etc/docker/volumes/
+    if [[ $(${pkgs.docker}/bin/docker volume ls --quiet --filter name=^${name}$ | wc -c) -eq 0 ]]; then
       echo "*** docker volume create ${name}"
       ${pkgs.docker}/bin/docker volume create ${name}
+      touch /etc/docker/volumes/${name}
     fi
   '';
 in {

tests/docker.nix

@@ -0,0 +1,44 @@
+# SPDX-FileCopyrightText: 2023 Serokell <https://serokell.io/>
+#
+# SPDX-License-Identifier: MPL-2.0
+
+{ self, nixpkgs, pkgs, ... }:
+import "${nixpkgs}/nixos/tests/make-test-python.nix" ({...} : {
+  name = "docker";
+  nodes = {
+    docker = {...}:
+      {
+        imports = [ self.nixosModules.docker ];
+        virtualisation.docker = {
+          enable = true;
+          volumes = [ "thevolume" ];
+          networks.thenetwork = {
+            driver = "bridge";
+            subnet = "172.28.0.0/16";
+            ip-range = "172.28.5.0/24";
+            gateway = "172.28.5.254";
+          };
+        };
+
+      };
+  };
+
+  testScript = ''
+    start_all()
+
+    docker.wait_for_unit("sockets.target")
+    docker.wait_for_unit("docker.service")
+
+    docker.succeed("docker volume ls | grep thevolume")
+    docker.succeed("docker network ls | grep thenetwork")
+
+    docker.succeed("docker volume create newvolume");
+    docker.succeed("docker network create newnetwork")
+    docker.systemctl("restart docker")
+    docker.wait_for_unit("docker.service")
+
+    # don't remove manually created networks and volumes
+    docker.succeed("docker volume ls | grep newvolume")
+    docker.succeed("docker network ls | grep newnetwork")
+  '';
+}) { inherit pkgs; }