Commit graph

66 commits

Author SHA1 Message Date
raito 8a1b11f8b1 fix(gerrit): make buildbot able to read the priv ssh key
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 16:56:21 +02:00
raito 4e5f0cb44b chore(auth): further generalize authn
So that it's possible to plug another OAuth2 instance.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 16:46:20 +02:00
raito 164ba3b014 chore(origins): expose in a cuter way allowed origins
Worked around in our original deployment, here's a nicer way to set it.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 16:33:04 +02:00
raito 87a9b9df01 chore(auth): generalize authentication method to internals of NixOS module
This makes it easier to make it configurable, this is step 1.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 19:52:55 +02:00
raito 2a7b42ef6b chore(gerrit): offer projects configuration and factor out private SSH keys
Previously, we needed to hardcode the URL for private SSH keys,
this is cleaned up and we can iterate over each project for its
configuration.

Configuration is at deployment time.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 19:39:16 +02:00
raito f221ab324e chore(web): remove outputsPath option
It was relying on GitHub stuff which we don't have and is not an option
we want to support.

If we wanted to do it, we would rather use S3 directly.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 19:37:46 +02:00
raito 7c92e8315e chore(nix): factor out the Gerrit configuration to the Nix module
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 18:40:38 +02:00
eldritch horrors 131fc792f7 allow worker counts to be set per arch 2024-04-05 15:13:11 +02:00
eldritch horrors d394f35f55 use one scheduler and worker set per arch
and an additional set for generic tasks like error reporting. this
prevents hol blocking for underutilized arches when at least one arch is
blocking, as usually happens to us with aarch64-linux.
2024-03-15 14:47:49 +01:00
eldritch horrors 5e50a858d7 revert to stable web ui
the react-based ui is too slow for our needs, janky, the log viewer
doesn't work quite right (breaking after ~600 lines of logs viewed),
loses updates to sub-builds, and just blanks its entire screen when a
build finishes. the old ui doesn't do that.
2024-03-15 14:40:23 +01:00
eldritch horrors a9ce436201 fix system builds with binary cache disabled 2024-03-15 13:17:25 +01:00
raito 8d36ac1d90 feat: signing key
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-12 01:27:46 +01:00
raito 6118daa0a4 feat: binary cache
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-12 01:27:46 +01:00
eldritch horrors 753df8e340 remove cachix
we aren't using it and it's somewhat in the way of our efforts to
improve scheduling and stuff.
2024-03-11 06:26:39 +01:00
puck e1dfa0e545 Remove cachix from dependencies
The rest of the Cachix infrastructure is intact. For now.
2024-03-10 13:03:16 +00:00
raito e92a2225f7 nix/coordinator: use a special key for service account
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 23:07:33 +01:00
raito 9f98533dd7 nix/worker: rename master → coordinator
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
raito 7ad9c1a378 nix/coordinator: introduce OAuth2 client secret
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
raito 81bd57ffac nix/coordinator: instantiate the GerritNixConfigurator
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
raito 101612eb70 nix/coordinator: fix various errors
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
raito beea96da2c nix/coordinator: simplify the module
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 18:45:19 +01:00
raito 329d9dd6d4 nix/coordinator: rename it into what this really is
No need to use legacy names.

Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 18:45:19 +01:00
Jörg Thalheim 3c1e2c0e76 cleanup drv gcroots after a build 2024-01-15 13:17:19 +00:00
Jörg Thalheim b2467c4ac5 typecheck twisted 2024-01-01 15:38:28 +00:00
Jörg Thalheim 9f889624aa fix syntax error if cachix is disabled 2023-12-26 17:08:26 +01:00
Jörg Thalheim f56e43267d expose cachix options explictly 2023-12-24 07:10:01 +00:00
Jörg Thalheim d0a378ef49 buildbot-nix: fix evalWorkerCount == null 2023-12-18 16:19:10 +01:00
Jörg Thalheim e4b55ed8e7 buildbot: drop secret patch
we have to wait until https://github.com/buildbot/buildbot/pull/7159 is
part of a new release.
2023-12-10 10:19:38 +00:00
Jörg Thalheim a13cd78a1c drop prometheus exporter again
User can add this themself
2023-12-08 11:11:48 +00:00
Jörg Thalheim c23b6e3c5f drop buildbot secret patch 2023-12-08 11:11:48 +00:00
Jörg Thalheim cbe4ce0571 move extraConfig into configurator
extraConfig can be only set once. By moving it to the configurator we allow users to set this option themself.
2023-12-08 11:11:48 +00:00
Jörg Thalheim b33d7e5a3e drop nix_update_flake_config pipeline
This is better offloaded to tools like dependabot/renovatebot.
I will probably work on integrate the latter one.
2023-12-03 15:10:16 +00:00
Jörg Thalheim e4965e5540 worker: don't kill service when a process takes too much RAM 2023-11-30 09:14:19 +01:00
zowoq b50b9ededa remove unused plugins 2023-11-26 09:00:43 +01:00
Jörg Thalheim 3c1cf982ad switch to ensureDBOwnership for buildbot 2023-11-18 09:17:52 +01:00
Jörg Thalheim fe1909ce5c replace black with ruff 2023-11-18 09:17:51 +01:00
Jörg Thalheim 5b4ddd014c make evalWorkerCount configurable 2023-11-12 07:23:35 +01:00
zowoq 0b145d91d8 master: add prometheus metrics 2023-11-10 13:49:14 +01:00
Jörg Thalheim 19d2d512f0 add integration test for worker 2023-11-04 13:50:23 +01:00
Jörg Thalheim 21a9864cd7 create gcroots directory for buildbot 2023-11-04 13:50:23 +01:00
Jörg Thalheim 4acc8695e1 fix tmpfiles.rules for outputsPath 2023-11-04 11:32:16 +01:00
Jörg Thalheim 333cd055c1 disable default schedulers defined in nixos 2023-11-04 11:27:12 +01:00
Jörg Thalheim ecaafe61b4 make nginx output paths optional 2023-11-04 11:21:36 +01:00
Jörg Thalheim fe70af3ad6 nixos/master: make buildbot a system user 2023-11-04 09:19:56 +01:00
Jörg Thalheim 35a8ad6354 buildbot: switch to extra-allowed-users 2023-11-04 08:44:15 +01:00
Jörg Thalheim 4966c611aa add buildbot_nix as a python package to buildbot 2023-10-31 11:35:35 +01:00
Jörg Thalheim 7d317826c0 drop setuptools from PYTHONPATH
fixed in nixpkgs in https://nixpk.gs/pr-tracker.html?pr=263963
2023-10-30 10:53:44 +01:00
Paul Haerle 10db40a5a8 worker: actually use cfg.masterUrl 2023-10-27 09:11:39 +00:00
Jörg Thalheim 7c96e552a3 fix tests 2023-10-27 09:58:10 +02:00
Jörg Thalheim 0732e17b14 add patch to make systemd LoadCredential work again 2023-10-27 08:29:34 +02:00