1077725153
fix(gerrit): make buildbot able to read the priv ssh key
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 16:49:03 +02:00
4e5f0cb44b
chore(auth): further generalize authn
...
So that it's possible to plug another OAuth2 instance.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 16:46:20 +02:00
164ba3b014
chore(origins): expose in a cuter way allowed origins
...
Worked around in our original deployment, here's a nicer way to set it.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 16:33:04 +02:00
87a9b9df01
chore(auth): generalize authentication method to internals of NixOS module
...
This makes it easier to make it configurable, this is step 1.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 19:52:55 +02:00
2a7b42ef6b
chore(gerrit): offer projects configuration and factor out private SSH keys
...
Previously, we needed to hardcode the URL for private SSH keys,
this is cleaned up and we can iterate over each project for its
configuration.
Configuration is at deployment time.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 19:39:16 +02:00
f221ab324e
chore(web): remove outputsPath
option
...
It was relying on GitHub stuff which we don't have and is not an option
we want to support.
If we wanted to do it, we would rather use S3 directly.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 19:37:46 +02:00
7c92e8315e
chore(nix): factor out the Gerrit configuration to the Nix module
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 18:40:38 +02:00
131fc792f7
allow worker counts to be set per arch
2024-04-05 15:13:11 +02:00
d394f35f55
use one scheduler and worker set per arch
...
and an additional set for generic tasks like error reporting. this
prevents hol blocking for underutilized arches when at least one arch is
blocking, as usually happens to us with aarch64-linux.
2024-03-15 14:47:49 +01:00
5e50a858d7
revert to stable web ui
...
the react-based ui is too slow for our needs, janky, the log viewer
doesn't work quite right (breaking after ~600 lines of logs viewed),
loses updates to sub-builds, and just blanks its entire screen when a
build finishes. the old ui doesn't do that.
2024-03-15 14:40:23 +01:00
a9ce436201
fix system builds with binary cache disabled
2024-03-15 13:17:25 +01:00
8d36ac1d90
feat: signing key
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-12 01:27:46 +01:00
6118daa0a4
feat: binary cache
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-12 01:27:46 +01:00
753df8e340
remove cachix
...
we aren't using it and it's somewhat in the way of our efforts to
improve scheduling and stuff.
2024-03-11 06:26:39 +01:00
e1dfa0e545
Remove cachix from dependencies
...
The rest of the Cachix infrastructure is intact. For now.
2024-03-10 13:03:16 +00:00
e92a2225f7
nix/coordinator: use a special key for service account
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 23:07:33 +01:00
9f98533dd7
nix/worker: rename master → coordinator
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
7ad9c1a378
nix/coordinator: introduce OAuth2 client secret
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
81bd57ffac
nix/coordinator: instantiate the GerritNixConfigurator
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
101612eb70
nix/coordinator: fix various errors
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
beea96da2c
nix/coordinator: simplify the module
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 18:45:19 +01:00
329d9dd6d4
nix/coordinator: rename it into what this really is
...
No need to use legacy names.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 18:45:19 +01:00
3c1e2c0e76
cleanup drv gcroots after a build
2024-01-15 13:17:19 +00:00
b2467c4ac5
typecheck twisted
2024-01-01 15:38:28 +00:00
9f889624aa
fix syntax error if cachix is disabled
2023-12-26 17:08:26 +01:00
f56e43267d
expose cachix options explictly
2023-12-24 07:10:01 +00:00
d0a378ef49
buildbot-nix: fix evalWorkerCount == null
2023-12-18 16:19:10 +01:00
e4b55ed8e7
buildbot: drop secret patch
...
we have to wait until https://github.com/buildbot/buildbot/pull/7159 is
part of a new release.
2023-12-10 10:19:38 +00:00
a13cd78a1c
drop prometheus exporter again
...
User can add this themself
2023-12-08 11:11:48 +00:00
c23b6e3c5f
drop buildbot secret patch
2023-12-08 11:11:48 +00:00
cbe4ce0571
move extraConfig into configurator
...
extraConfig can be only set once. By moving it to the configurator we allow users to set this option themself.
2023-12-08 11:11:48 +00:00
b33d7e5a3e
drop nix_update_flake_config pipeline
...
This is better offloaded to tools like dependabot/renovatebot.
I will probably work on integrate the latter one.
2023-12-03 15:10:16 +00:00
e4965e5540
worker: don't kill service when a process takes too much RAM
2023-11-30 09:14:19 +01:00
zowoq
b50b9ededa
remove unused plugins
2023-11-26 09:00:43 +01:00
3c1cf982ad
switch to ensureDBOwnership for buildbot
2023-11-18 09:17:52 +01:00
fe1909ce5c
replace black with ruff
2023-11-18 09:17:51 +01:00
5b4ddd014c
make evalWorkerCount configurable
2023-11-12 07:23:35 +01:00
zowoq
0b145d91d8
master: add prometheus metrics
2023-11-10 13:49:14 +01:00
19d2d512f0
add integration test for worker
2023-11-04 13:50:23 +01:00
21a9864cd7
create gcroots directory for buildbot
2023-11-04 13:50:23 +01:00
4acc8695e1
fix tmpfiles.rules for outputsPath
2023-11-04 11:32:16 +01:00
333cd055c1
disable default schedulers defined in nixos
2023-11-04 11:27:12 +01:00
ecaafe61b4
make nginx output paths optional
2023-11-04 11:21:36 +01:00
fe70af3ad6
nixos/master: make buildbot a system user
2023-11-04 09:19:56 +01:00
35a8ad6354
buildbot: switch to extra-allowed-users
2023-11-04 08:44:15 +01:00
4966c611aa
add buildbot_nix as a python package to buildbot
2023-10-31 11:35:35 +01:00
7d317826c0
drop setuptools from PYTHONPATH
...
fixed in nixpkgs in https://nixpk.gs/pr-tracker.html?pr=263963
2023-10-30 10:53:44 +01:00
10db40a5a8
worker: actually use cfg.masterUrl
2023-10-27 09:11:39 +00:00
7c96e552a3
fix tests
2023-10-27 09:58:10 +02:00
0732e17b14
add patch to make systemd LoadCredential work again
2023-10-27 08:29:34 +02:00