raito
2411875825
fix(sshkey): PosixPath
does not play well with Buildbot APIs
...
It expected a `str`, not a `PosixPath`.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
raito
fa83000f07
feat(debug): add manhole debugging
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 20:52:52 +02:00
raito
48828cb33f
Merge pull request 'chore(*): refactor the whole code' ( #8 ) from refactor into main
...
Reviewed-on: #8
2024-10-05 18:31:22 +00:00
raito
22a58ce038
chore(nix-builders): remove legacy system
field
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito
98c5d82bf8
chore(dataclass): use default_factory
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito
ea5e2c6b98
chore(builders): localize builders specification like Hydra does
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito
235ff9b138
chore(entrypoint): hydraJobs → buildbotJobs
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito
2a1ce55f30
chore(systemd): add ssh
in the path
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito
449837ed81
chore(reporters): make it 3.11+ (and 4.0) compatible!
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito
b20d0a17ba
fix(gerrit): make buildbot able to read the priv ssh key
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito
965cd014b3
chore(auth): further generalize authn
...
So that it's possible to plug another OAuth2 instance.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
raito
bd8c11ed1e
chore(origins): expose in a cuter way allowed origins
...
Worked around in our original deployment, here's a nicer way to set it.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
raito
7102157055
chore(schedule): generalize source
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
raito
2a1ed49ac8
chore(review-callback): generalize the event project name
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
raito
c1e7af1794
chore(nix-eval): generalize the builds_scheduler_group by project
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
raito
ec9834b0d3
chore(nix): make the target attribute a constant
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
raito
c09da505c1
chore(gerrit): put the gerrit configuration in one place and generate repo URLs templates
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
raito
72b6757947
chore(canceller): generalize it to any project
...
Just iterate over all project names.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:00 -07:00
raito
d284a8bc77
chore(auth): generalize authentication method to internals of NixOS module
...
This makes it easier to make it configurable, this is step 1.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:01:31 -07:00
raito
16726a55bf
chore(*): cleanup unused code
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:51:14 -07:00
raito
b4ab40f746
chore(gerrit): offer projects configuration and factor out private SSH keys
...
Previously, we needed to hardcode the URL for private SSH keys,
this is cleaned up and we can iterate over each project for its
configuration.
Configuration is at deployment time.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:49:36 -07:00
raito
9eb92e76e7
chore(web): remove outputsPath
option
...
It was relying on GitHub stuff which we don't have and is not an option
we want to support.
If we wanted to do it, we would rather use S3 directly.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:48:45 -07:00
raito
e9b02fb0c3
chore(nix): factor out the Gerrit configuration to the Nix module
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:47:58 -07:00
raito
4fa460f563
chore(statuses): clarify why we don't use {start, summary}CB
...
Instead of just commenting them out.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:45:51 -07:00
raito
3f095e685b
chore(flake): rename the description
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:45:51 -07:00
raito
2c1420417a
chore(pyproject): add authorship information
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:45:51 -07:00
raito
58bc2cddae
chore(*): cleanup buildbot-effects
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:45:51 -07:00
raito
7875db31eb
fix: disable autologin for OAuth 2
...
Otherwise, read-only access constantly gets redirected to our login
page.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-09-29 15:54:21 +02:00
raito
f2d7f25f86
feat: enable Lix admins to admin the Buildbot properly
...
This removes the need for a proxy and rely on the `groups` property of
the `userDetails` passed at the authentication layer.
To add a certain role, add the group `buildbot-$role` to that user via
Keycloak.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-09-29 00:17:00 +02:00
eldritch horrors
45135d249b
fix silent timeout, set build timeout
...
using `--option` like this hid that the silent timeout was never
actually set, instead we set the unknown and thus ignored option
`--max-silent-time`. while we're at it we can also set a timeout
for the entire build, chosen as two hours because that should be
enough for all current jobs (and hopefully it'll stay that way).
2024-05-26 16:26:25 +02:00
eldritch horrors
2a528f9e53
remove accept-flake-config from n-e-j invocation
...
it's off by default and thus not representative of user flake setup, we
don't use it anyway, and it's a security risk to boot. there is no good
reason to enable this in any setting that is not perfectly trusted, and
even there it is not such a great idea due to the impurity it requires.
2024-05-26 15:50:55 +02:00
raito
825dbc5325
hotfix: missing comma for arguments list
...
Urgh...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-11 20:07:32 +02:00
raito
10fc1417b5
hotfix: fix dependency in buildbot in the prometheus plugin
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-11 20:04:21 +02:00
raito
e42966e193
Merge pull request 'feat: support Prometheus exports' ( #7 ) from prometheus into main
...
Reviewed-on: #7
Reviewed-by: jade <jade@noreply.git.lix.systems>
2024-05-11 17:58:16 +00:00
Qyriad
4f5abb7224
Merge pull request 'Remove --accept-flake-config' ( #13 ) from jade/deny-flake-config into main
...
Reviewed-on: #13
Reviewed-by: raito <raito@noreply.git.lix.systems>
Reviewed-by: Qyriad <qyriad@qyriad.me>
2024-05-07 18:26:02 +00:00
jade
d2ad4745c1
Remove --accept-flake-config
...
This is a cursed option that is free root for anyone who puts hacks into
flake.nix. We don't actually use `nixConfig` in Lix, so we can just
delete this thing.
Fixes: #11
2024-05-06 19:08:23 -07:00
raito
3876a30117
feat: support Prometheus exports
...
We package a quite old plugin for Buildbot: https://github.com/claws/buildbot-prometheus
Ideally, we should probably vendor it and maintain it ourselves.
There seems to be no protection against the metrics endpoint for
Buildbot, this is not a big deal given that the CI is public.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 14:26:32 +02:00
Qyriad
ea4b9ce350
Merge pull request 'feat: support Gerrit in Buildbot' ( #1 ) from gerrit into main
...
Reviewed-on: #1
2024-04-30 19:41:58 +00:00
eldritch horrors
131fc792f7
allow worker counts to be set per arch
2024-04-05 15:13:11 +02:00
eldritch horrors
daa84f4169
never build on the coordinator
...
for such cases just add the coordinator as a remote builder.
2024-04-05 14:12:15 +02:00
eldritch horrors
3717bfab04
automatically cancel outdated builds
2024-03-28 03:52:13 +01:00
puck
2eaee8f62b
Fix marking jobs as successful if they never finish evaluating.
2024-03-18 00:07:34 +00:00
eldritch horrors
d394f35f55
use one scheduler and worker set per arch
...
and an additional set for generic tasks like error reporting. this
prevents hol blocking for underutilized arches when at least one arch is
blocking, as usually happens to us with aarch64-linux.
2024-03-15 14:47:49 +01:00
eldritch horrors
5e50a858d7
revert to stable web ui
...
the react-based ui is too slow for our needs, janky, the log viewer
doesn't work quite right (breaking after ~600 lines of logs viewed),
loses updates to sub-builds, and just blanks its entire screen when a
build finishes. the old ui doesn't do that.
2024-03-15 14:40:23 +01:00
eldritch horrors
a9ce436201
fix system builds with binary cache disabled
2024-03-15 13:17:25 +01:00
raito
8d36ac1d90
feat: signing key
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-12 01:27:46 +01:00
raito
6118daa0a4
feat: binary cache
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-12 01:27:46 +01:00
puck
e9b3b38bbf
Skip scheduling cached builds; improve reporter message
2024-03-11 15:05:15 +00:00
puck
de02c833d0
Merge pull request 'better gerrit integration' ( #5 ) from better-gerrit into gerrit
...
Reviewed-on: #5
2024-03-11 07:57:50 -06:00
eldritch horrors
5cdef7efb6
fix status reporting to gerrit
...
also adjust labels from split verified to single verified, split labels
were only useful during the pre-ci hours
2024-03-11 14:44:09 +01:00