Commit graph

111 commits

Author SHA1 Message Date
Graham Christensen 20a8437094 flake.nix: set nix to 2.6.0 2022-03-29 15:29:33 -04:00
Graham Christensen dc709422a6 Revert "Build against Nix 2.5.1" - build against nix-2.4pre20210810_a6ba313
This reverts commit 921e27d6c0.
2022-03-29 09:24:51 -04:00
Cole Helbling 921e27d6c0 Build against Nix 2.5.1 2022-03-28 11:36:14 -07:00
Cole Helbling 127a644595 Revert "Update Nix to 2.6"
This reverts commit 5ae26aa760.
2022-03-28 09:54:02 -07:00
Graham Christensen dfb3eccfaa
Merge pull request #1140 from Ma27/nix-update
Update Nix to 2.6
2022-02-19 08:38:34 -05:00
Graham Christensen f07fb7d279 LDAP support: include BC support for the YAML based loading
Includes a refactoring of the configuration loader.
2022-02-11 10:49:38 -05:00
Janne Heß 61d74a7194 Redo LDAP config in the main configuration and add role mappings 2022-02-11 10:49:38 -05:00
Graham Christensen d0bc0d0eda
Merge pull request #1152 from DeterminateSystems/parallel-tests
Parallel tests, fix a hydra-queue-runner race condition
2022-02-10 12:11:20 -05:00
Graham Christensen 5506962537 Test::Postgresql: update to a tagged fork to improve paralellism 2022-02-10 09:37:48 -05:00
Graham Christensen 8bce8109e3 flake.nix: drop the LDAP server test 2022-02-09 20:56:10 -05:00
Graham Christensen e4adec36f3 Set an env var in the build environment to point to the root of openldap 2022-02-09 20:56:10 -05:00
Graham Christensen 60adee7f94 hydra check inputs: add openldap 2022-02-09 20:56:10 -05:00
Graham Christensen 68c6c3d556 flake.nix: format with nixpkgs-fmt 2022-02-09 10:43:40 -05:00
Maximilian Bosch 5ae26aa760
Update Nix to 2.6 2022-02-06 15:05:15 +01:00
Marco Turchetto 73f2cc184f missing develop dependencies 2022-02-05 20:28:44 +01:00
Graham Christensen 89e8676d80 UUID4Tiny: init 2022-01-31 08:58:33 -08:00
Graham Christensen 3ae4b19d12 flake: update to postgres 13 for UUID commands 2022-01-28 13:07:11 -08:00
Cole Helbling fdf6f4d3da RunCommand: use IPC::Run3::run3 instead
run3 just seems to do better handling for what we want to do, and
requires less deep-reaching changes to this plugin to get it to play
nice, as IPC::Run::run would.
2022-01-28 13:07:11 -08:00
Graham Christensen 44cd890ae3
Merge pull request #1130 from DeterminateSystems/prompt-password
hydra-create-user: support prompting for password
2022-01-21 15:38:39 -05:00
Graham Christensen a888a57baf tests.ldap: verify the hydra_ prefix is required 2022-01-21 12:46:02 -05:00
Graham Christensen 76fbde6d6b Set noecho when reading passwords 2022-01-21 11:11:09 -05:00
Graham Christensen aa7b37838a PerlCritic: MoreUtils -> SomeUtils 2021-12-14 10:16:25 -05:00
Graham Christensen a658b80863 perlcritic: Readonly -> ReadonlyX 2021-12-14 10:16:25 -05:00
Cole Helbling 5659d2982c Hydra/Controller/Root: remove deprecated LocalRegex
11:38:20 hydra-server.1       | DEPRECATION WARNING: The Regex dispatch type is deprecated.
11:38:20 hydra-server.1       |   It is recommended that you convert Regex and LocalRegex
11:38:20 hydra-server.1       |   methods to Chained methods. at /nix/store/aa6gw57fnahd4824pbhmvcs0jlypmynq-hydra-perl-deps/lib/perl5/site_perl/5.32.1/Catalyst/DispatchType/Regex.pm line 210.
2021-12-03 12:12:53 -08:00
Marco Turchetto 68a9aac251 add missing develop dependency 2021-11-10 17:51:01 +01:00
Graham Christensen c317ab0dbe shell: add pixz so NAR serving works from foreman 2021-10-20 13:09:39 -04:00
Eelco Dolstra 2745226ada
Merge pull request #1003 from DeterminateSystems/perlcritic-level-4
perlcritic: level 4
2021-09-27 20:23:55 +02:00
Graham Christensen 99161c7c53
Merge pull request #1012 from helsinki-systems/fix/ldap-test
fix ldap nixos test
2021-09-24 14:27:26 -04:00
Jörg Thalheim e985a277b3 migrate to new openldap module syntax 2021-09-23 20:32:09 +02:00
Graham Christensen 85bb1c7ef9 (perlcritic) JSON::Any -> JSON::MaybeXS 2021-09-07 21:55:55 -04:00
Graham Christensen c880888f1e File::Slurp -> File::Slurper 2021-09-06 22:13:33 -04:00
ajs124 59cb44261d fix ldap nixos test
passwords were replaced with salted sha1 instead of sha256, because I
don't want to have to figure out how to make slapd load this module

We could also just do {CLEARTEXT} for the purpose of this test
2021-08-29 01:47:34 +02:00
Maximilian Bosch e36353532c
gitea-plugin: fix test
The test seems to be broken for a while[1]. The cause for this is that
in gitea 1.14 the `create-user` command got renamed to `user create`.

[1] https://hydra.nixos.org/build/151092299
2021-08-29 00:08:59 +02:00
Your Name 5d0ad5f649 hydra-notify: initial scratch take of prometheus events 2021-08-24 10:56:12 -04:00
Your Name 098e48d055 Flake: add perlcritic deps 2021-08-19 16:17:49 -04:00
Your Name 194eda28b7 flake.nix sort hydra-perl-deps inputs 2021-08-18 15:10:55 -04:00
Your Name d311a0d002 hydraJobs.tests.notifications: fixup file reference 2021-08-16 15:51:51 -04:00
Nathan van Doorn b63dfb7ad4 Rename version to version.txt
<version> is a standard header with C++20 which could cause issues if a library checks it exists then imports it

Because we have the root of this repo in the include path, it'd see that <version> exists (with, e.g., __has_include), and then try to include it as a header

But because it's just a file that says 0.1, this would fail

This happens with libpqxx 7
2021-07-05 19:47:58 +01:00
Amanda Cameron b0f8a207fe
flake: stdenv.lib -> lib
Nixpkgs on unstable has removed `stdenv.lib` as they've been warning for a while now. This removes the extra references to it in the flake.nix

I'm not entirely sure if this is right, but I figured it was trivial enough to give a quick try using the GH Editor while I was waiting for a job to finish
2021-06-17 16:50:38 -04:00
Graham Christensen 71453dd341 Expose Prometheus metrics at /metrics
Exposes metrics:

* http_request_duration_seconds_bucket
* http_request_size_bytes_bucket
* http_response_size_bytes_bucket
* http_requests_total

with labels of action and controller to help identify popular
endpoints and their performance characteristics.
2021-06-10 20:02:42 -04:00
Graham Christensen db6bad108b Use PrometheusTinyShared 2021-06-10 17:47:11 -04:00
Graham Christensen 1652631b21 Prometheus: init Tiny, TinyShared 2021-06-10 17:47:11 -04:00
Graham Christensen c6670b805f init: HashSharedMem for Prometheus 2021-06-10 17:47:11 -04:00
Graham Christensen b1fcc0c25b init DataRandom perl package for Prometheus stats 2021-06-10 17:47:11 -04:00
Graham Christensen 015d8298cb flake.nix: drop the API test 2021-04-28 18:32:23 -04:00
Maximilian Bosch 963085a04a
Add AuthenSASL to perl deps; improve email docs
The addition of AuthenSASL seems to be necessary to properly
authenticate against an SMTP server. Without this I got errors
such as

    error with Hydra::Plugin::EmailNotification=HASH(0x6ad0128)->buildFinished: SMTP auth requires MIME::Base64 and Authen::SASL
2021-04-26 18:33:57 +02:00
Graham Christensen 1da70030b7 Users: transparently upgrade passwords to Argon2
Passwords that are sha1 will be transparently upgraded to argon2,
and future comparisons will use Argon2

Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-04-15 11:35:11 -04:00
Graham Christensen 29620df85e Passwords: check in constant time
The default password comparison logic does not use
constant time validation. Switching to constant time
offers a meager improvement by removing a timing
oracle.

A prepatory step in moving to Argon2id password storage, since we'll need this change anyway after
for validating existing passwords.

Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-04-15 11:34:56 -04:00
Maximilian Bosch 3bc5252c80
Get rid of now obsolte LD_PRELOAD hack 2021-04-03 09:56:15 +02:00
Maximilian Bosch 2beb1f5405
Replace TestHTTPMockServer with python script
This seems to work fine in a `nix build`-sandbox as it doesn't depend on
`getprotobyname`.
2021-04-03 01:07:07 +02:00