d23c41bac0
chore(gerrit): offer projects configuration and factor out private SSH keys
...
Previously, we needed to hardcode the URL for private SSH keys,
this is cleaned up and we can iterate over each project for its
configuration.
Configuration is at deployment time.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 20:53:49 +02:00
fa83000f07
feat(debug): add manhole debugging
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 20:52:52 +02:00
22a58ce038
chore(nix-builders): remove legacy system
field
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
ea5e2c6b98
chore(builders): localize builders specification like Hydra does
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
2a1ce55f30
chore(systemd): add ssh
in the path
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
b20d0a17ba
fix(gerrit): make buildbot able to read the priv ssh key
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
965cd014b3
chore(auth): further generalize authn
...
So that it's possible to plug another OAuth2 instance.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
bd8c11ed1e
chore(origins): expose in a cuter way allowed origins
...
Worked around in our original deployment, here's a nicer way to set it.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
d284a8bc77
chore(auth): generalize authentication method to internals of NixOS module
...
This makes it easier to make it configurable, this is step 1.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:01:31 -07:00
b4ab40f746
chore(gerrit): offer projects configuration and factor out private SSH keys
...
Previously, we needed to hardcode the URL for private SSH keys,
this is cleaned up and we can iterate over each project for its
configuration.
Configuration is at deployment time.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:49:36 -07:00
9eb92e76e7
chore(web): remove outputsPath
option
...
It was relying on GitHub stuff which we don't have and is not an option
we want to support.
If we wanted to do it, we would rather use S3 directly.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:48:45 -07:00
e9b02fb0c3
chore(nix): factor out the Gerrit configuration to the Nix module
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:47:58 -07:00
825dbc5325
hotfix: missing comma for arguments list
...
Urgh...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-11 20:07:32 +02:00
10fc1417b5
hotfix: fix dependency in buildbot in the prometheus plugin
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-11 20:04:21 +02:00
3876a30117
feat: support Prometheus exports
...
We package a quite old plugin for Buildbot: https://github.com/claws/buildbot-prometheus
Ideally, we should probably vendor it and maintain it ourselves.
There seems to be no protection against the metrics endpoint for
Buildbot, this is not a big deal given that the CI is public.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-06 14:26:32 +02:00
131fc792f7
allow worker counts to be set per arch
2024-04-05 15:13:11 +02:00
d394f35f55
use one scheduler and worker set per arch
...
and an additional set for generic tasks like error reporting. this
prevents hol blocking for underutilized arches when at least one arch is
blocking, as usually happens to us with aarch64-linux.
2024-03-15 14:47:49 +01:00
5e50a858d7
revert to stable web ui
...
the react-based ui is too slow for our needs, janky, the log viewer
doesn't work quite right (breaking after ~600 lines of logs viewed),
loses updates to sub-builds, and just blanks its entire screen when a
build finishes. the old ui doesn't do that.
2024-03-15 14:40:23 +01:00
a9ce436201
fix system builds with binary cache disabled
2024-03-15 13:17:25 +01:00
8d36ac1d90
feat: signing key
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-12 01:27:46 +01:00
6118daa0a4
feat: binary cache
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-12 01:27:46 +01:00
753df8e340
remove cachix
...
we aren't using it and it's somewhat in the way of our efforts to
improve scheduling and stuff.
2024-03-11 06:26:39 +01:00
e1dfa0e545
Remove cachix from dependencies
...
The rest of the Cachix infrastructure is intact. For now.
2024-03-10 13:03:16 +00:00
e92a2225f7
nix/coordinator: use a special key for service account
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 23:07:33 +01:00
9f98533dd7
nix/worker: rename master → coordinator
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
7ad9c1a378
nix/coordinator: introduce OAuth2 client secret
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
81bd57ffac
nix/coordinator: instantiate the GerritNixConfigurator
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
101612eb70
nix/coordinator: fix various errors
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 22:09:56 +01:00
beea96da2c
nix/coordinator: simplify the module
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 18:45:19 +01:00
329d9dd6d4
nix/coordinator: rename it into what this really is
...
No need to use legacy names.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-03-02 18:45:19 +01:00
3c1e2c0e76
cleanup drv gcroots after a build
2024-01-15 13:17:19 +00:00
b2467c4ac5
typecheck twisted
2024-01-01 15:38:28 +00:00
9f889624aa
fix syntax error if cachix is disabled
2023-12-26 17:08:26 +01:00
f56e43267d
expose cachix options explictly
2023-12-24 07:10:01 +00:00
d0a378ef49
buildbot-nix: fix evalWorkerCount == null
2023-12-18 16:19:10 +01:00
e4b55ed8e7
buildbot: drop secret patch
...
we have to wait until https://github.com/buildbot/buildbot/pull/7159 is
part of a new release.
2023-12-10 10:19:38 +00:00
a13cd78a1c
drop prometheus exporter again
...
User can add this themself
2023-12-08 11:11:48 +00:00
c23b6e3c5f
drop buildbot secret patch
2023-12-08 11:11:48 +00:00
cbe4ce0571
move extraConfig into configurator
...
extraConfig can be only set once. By moving it to the configurator we allow users to set this option themself.
2023-12-08 11:11:48 +00:00
b33d7e5a3e
drop nix_update_flake_config pipeline
...
This is better offloaded to tools like dependabot/renovatebot.
I will probably work on integrate the latter one.
2023-12-03 15:10:16 +00:00
e4965e5540
worker: don't kill service when a process takes too much RAM
2023-11-30 09:14:19 +01:00
zowoq
b50b9ededa
remove unused plugins
2023-11-26 09:00:43 +01:00
3c1cf982ad
switch to ensureDBOwnership for buildbot
2023-11-18 09:17:52 +01:00
fe1909ce5c
replace black with ruff
2023-11-18 09:17:51 +01:00
5b4ddd014c
make evalWorkerCount configurable
2023-11-12 07:23:35 +01:00
zowoq
0b145d91d8
master: add prometheus metrics
2023-11-10 13:49:14 +01:00
19d2d512f0
add integration test for worker
2023-11-04 13:50:23 +01:00
21a9864cd7
create gcroots directory for buildbot
2023-11-04 13:50:23 +01:00
4acc8695e1
fix tmpfiles.rules for outputsPath
2023-11-04 11:32:16 +01:00
333cd055c1
disable default schedulers defined in nixos
2023-11-04 11:27:12 +01:00