Commit graph

72 commits

Author SHA1 Message Date
raito 22a58ce038 chore(nix-builders): remove legacy system field
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito ea5e2c6b98 chore(builders): localize builders specification like Hydra does
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito 2a1ce55f30 chore(systemd): add ssh in the path
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito b20d0a17ba fix(gerrit): make buildbot able to read the priv ssh key
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito 965cd014b3 chore(auth): further generalize authn
So that it's possible to plug another OAuth2 instance.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito bd8c11ed1e chore(origins): expose in a cuter way allowed origins
Worked around in our original deployment, here's a nicer way to set it.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
raito d284a8bc77 chore(auth): generalize authentication method to internals of NixOS module
This makes it easier to make it configurable, this is step 1.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:01:31 -07:00
raito b4ab40f746 chore(gerrit): offer projects configuration and factor out private SSH keys
Previously, we needed to hardcode the URL for private SSH keys,
this is cleaned up and we can iterate over each project for its
configuration.

Configuration is at deployment time.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:49:36 -07:00
raito 9eb92e76e7 chore(web): remove outputsPath option
It was relying on GitHub stuff which we don't have and is not an option
we want to support.

If we wanted to do it, we would rather use S3 directly.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:48:45 -07:00
raito e9b02fb0c3 chore(nix): factor out the Gerrit configuration to the Nix module
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:47:58 -07:00
raito 825dbc5325 hotfix: missing comma for arguments list
Urgh...

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-11 20:07:32 +02:00
raito 10fc1417b5 hotfix: fix dependency in buildbot in the prometheus plugin
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-11 20:04:21 +02:00
raito 3876a30117 feat: support Prometheus exports
We package a quite old plugin for Buildbot: https://github.com/claws/buildbot-prometheus
Ideally, we should probably vendor it and maintain it ourselves.

There seems to be no protection against the metrics endpoint for
Buildbot, this is not a big deal given that the CI is public.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 14:26:32 +02:00
eldritch horrors 131fc792f7 allow worker counts to be set per arch 2024-04-05 15:13:11 +02:00
eldritch horrors d394f35f55 use one scheduler and worker set per arch
and an additional set for generic tasks like error reporting. this
prevents hol blocking for underutilized arches when at least one arch is
blocking, as usually happens to us with aarch64-linux.
2024-03-15 14:47:49 +01:00
eldritch horrors 5e50a858d7 revert to stable web ui
the react-based ui is too slow for our needs, janky, the log viewer
doesn't work quite right (breaking after ~600 lines of logs viewed),
loses updates to sub-builds, and just blanks its entire screen when a
build finishes. the old ui doesn't do that.
2024-03-15 14:40:23 +01:00
eldritch horrors a9ce436201 fix system builds with binary cache disabled 2024-03-15 13:17:25 +01:00
raito 8d36ac1d90 feat: signing key
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-12 01:27:46 +01:00
raito 6118daa0a4 feat: binary cache
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-12 01:27:46 +01:00
eldritch horrors 753df8e340 remove cachix
we aren't using it and it's somewhat in the way of our efforts to
improve scheduling and stuff.
2024-03-11 06:26:39 +01:00
puck e1dfa0e545 Remove cachix from dependencies
The rest of the Cachix infrastructure is intact. For now.
2024-03-10 13:03:16 +00:00
raito e92a2225f7 nix/coordinator: use a special key for service account
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 23:07:33 +01:00
raito 9f98533dd7 nix/worker: rename master → coordinator
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
raito 7ad9c1a378 nix/coordinator: introduce OAuth2 client secret
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
raito 81bd57ffac nix/coordinator: instantiate the GerritNixConfigurator
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
raito 101612eb70 nix/coordinator: fix various errors
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
raito beea96da2c nix/coordinator: simplify the module
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 18:45:19 +01:00
raito 329d9dd6d4 nix/coordinator: rename it into what this really is
No need to use legacy names.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 18:45:19 +01:00
Jörg Thalheim 3c1e2c0e76 cleanup drv gcroots after a build 2024-01-15 13:17:19 +00:00
Jörg Thalheim b2467c4ac5 typecheck twisted 2024-01-01 15:38:28 +00:00
Jörg Thalheim 9f889624aa fix syntax error if cachix is disabled 2023-12-26 17:08:26 +01:00
Jörg Thalheim f56e43267d expose cachix options explictly 2023-12-24 07:10:01 +00:00
Jörg Thalheim d0a378ef49 buildbot-nix: fix evalWorkerCount == null 2023-12-18 16:19:10 +01:00
Jörg Thalheim e4b55ed8e7 buildbot: drop secret patch
we have to wait until https://github.com/buildbot/buildbot/pull/7159 is
part of a new release.
2023-12-10 10:19:38 +00:00
Jörg Thalheim a13cd78a1c drop prometheus exporter again
User can add this themself
2023-12-08 11:11:48 +00:00
Jörg Thalheim c23b6e3c5f drop buildbot secret patch 2023-12-08 11:11:48 +00:00
Jörg Thalheim cbe4ce0571 move extraConfig into configurator
extraConfig can be only set once. By moving it to the configurator we allow users to set this option themself.
2023-12-08 11:11:48 +00:00
Jörg Thalheim b33d7e5a3e drop nix_update_flake_config pipeline
This is better offloaded to tools like dependabot/renovatebot.
I will probably work on integrate the latter one.
2023-12-03 15:10:16 +00:00
Jörg Thalheim e4965e5540 worker: don't kill service when a process takes too much RAM 2023-11-30 09:14:19 +01:00
zowoq b50b9ededa remove unused plugins 2023-11-26 09:00:43 +01:00
Jörg Thalheim 3c1cf982ad switch to ensureDBOwnership for buildbot 2023-11-18 09:17:52 +01:00
Jörg Thalheim fe1909ce5c replace black with ruff 2023-11-18 09:17:51 +01:00
Jörg Thalheim 5b4ddd014c make evalWorkerCount configurable 2023-11-12 07:23:35 +01:00
zowoq 0b145d91d8 master: add prometheus metrics 2023-11-10 13:49:14 +01:00
Jörg Thalheim 19d2d512f0 add integration test for worker 2023-11-04 13:50:23 +01:00
Jörg Thalheim 21a9864cd7 create gcroots directory for buildbot 2023-11-04 13:50:23 +01:00
Jörg Thalheim 4acc8695e1 fix tmpfiles.rules for outputsPath 2023-11-04 11:32:16 +01:00
Jörg Thalheim 333cd055c1 disable default schedulers defined in nixos 2023-11-04 11:27:12 +01:00
Jörg Thalheim ecaafe61b4 make nginx output paths optional 2023-11-04 11:21:36 +01:00
Jörg Thalheim fe70af3ad6 nixos/master: make buildbot a system user 2023-11-04 09:19:56 +01:00