d60403c3c0
feat: add incoming ref data to non-flakes entrypoint
...
We can now implement a Nix library for Buildbot CI. :)
We dump it into a file, it's better to pass large stuff and easier to
escape things.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 22:42:12 +02:00
b3a0b5a69e
fix(auth): remove userinfoUri
as a positional argument
...
This broke the authentication, because we were expecting the client ID &
client secret.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:43:45 +02:00
77d0ed37d1
fix(args): pass the right string
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
79bcbba46d
fix(buildbot-name): nix_configure → determining jobs
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
1484a875dc
fix(ret): return success and write \n
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
c824b084e8
fix(steps): add *steps* not *step*
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
2a2a2793e4
fix(workdir): rebase in build/ for ShellMixin
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
97dee6cfec
feat(nix-configure): name it
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
dfb9595f7d
fix(log): add the stdio log if it doesn't exist
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
c5dea04717
feat: support non-flake entrypoint
...
The way to use Buildbot jobs without Flakes is via `.ci/buildbot.nix`.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
1711bfd840
fix(eval): event.change.project
is also a buildprop for project name
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
2d51fda98e
feat(eval): in case of total failure, do not derivation show
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
af13c5948e
fix(eval): event.refUpdate.project
instead of event.project
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
253e44646d
fix(properties): use getProperty
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
bbac51e09e
fix(gerrit): pass properly the ssh private key and not its path
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
83ac74f18f
fix(gerrit): repourl was not formatted
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
2411875825
fix(sshkey): PosixPath
does not play well with Buildbot APIs
...
It expected a `str`, not a `PosixPath`.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 21:21:26 +02:00
fa83000f07
feat(debug): add manhole debugging
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-05 20:52:52 +02:00
48828cb33f
Merge pull request 'chore(*): refactor the whole code' ( #8 ) from refactor into main
...
Reviewed-on: #8
2024-10-05 18:31:22 +00:00
22a58ce038
chore(nix-builders): remove legacy system
field
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
98c5d82bf8
chore(dataclass): use default_factory
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
ea5e2c6b98
chore(builders): localize builders specification like Hydra does
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
235ff9b138
chore(entrypoint): hydraJobs → buildbotJobs
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
2a1ce55f30
chore(systemd): add ssh
in the path
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
449837ed81
chore(reporters): make it 3.11+ (and 4.0) compatible!
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
b20d0a17ba
fix(gerrit): make buildbot able to read the priv ssh key
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
965cd014b3
chore(auth): further generalize authn
...
So that it's possible to plug another OAuth2 instance.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:13:01 -07:00
bd8c11ed1e
chore(origins): expose in a cuter way allowed origins
...
Worked around in our original deployment, here's a nicer way to set it.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
7102157055
chore(schedule): generalize source
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
2a1ed49ac8
chore(review-callback): generalize the event project name
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
c1e7af1794
chore(nix-eval): generalize the builds_scheduler_group by project
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
ec9834b0d3
chore(nix): make the target attribute a constant
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
c09da505c1
chore(gerrit): put the gerrit configuration in one place and generate repo URLs templates
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:01 -07:00
72b6757947
chore(canceller): generalize it to any project
...
Just iterate over all project names.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:02:00 -07:00
d284a8bc77
chore(auth): generalize authentication method to internals of NixOS module
...
This makes it easier to make it configurable, this is step 1.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 14:01:31 -07:00
16726a55bf
chore(*): cleanup unused code
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:51:14 -07:00
b4ab40f746
chore(gerrit): offer projects configuration and factor out private SSH keys
...
Previously, we needed to hardcode the URL for private SSH keys,
this is cleaned up and we can iterate over each project for its
configuration.
Configuration is at deployment time.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:49:36 -07:00
9eb92e76e7
chore(web): remove outputsPath
option
...
It was relying on GitHub stuff which we don't have and is not an option
we want to support.
If we wanted to do it, we would rather use S3 directly.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:48:45 -07:00
e9b02fb0c3
chore(nix): factor out the Gerrit configuration to the Nix module
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:47:58 -07:00
4fa460f563
chore(statuses): clarify why we don't use {start, summary}CB
...
Instead of just commenting them out.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:45:51 -07:00
3f095e685b
chore(flake): rename the description
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:45:51 -07:00
2c1420417a
chore(pyproject): add authorship information
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:45:51 -07:00
58bc2cddae
chore(*): cleanup buildbot-effects
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-10-04 12:45:51 -07:00
7875db31eb
fix: disable autologin for OAuth 2
...
Otherwise, read-only access constantly gets redirected to our login
page.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-09-29 15:54:21 +02:00
f2d7f25f86
feat: enable Lix admins to admin the Buildbot properly
...
This removes the need for a proxy and rely on the `groups` property of
the `userDetails` passed at the authentication layer.
To add a certain role, add the group `buildbot-$role` to that user via
Keycloak.
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-09-29 00:17:00 +02:00
45135d249b
fix silent timeout, set build timeout
...
using `--option` like this hid that the silent timeout was never
actually set, instead we set the unknown and thus ignored option
`--max-silent-time`. while we're at it we can also set a timeout
for the entire build, chosen as two hours because that should be
enough for all current jobs (and hopefully it'll stay that way).
2024-05-26 16:26:25 +02:00
2a528f9e53
remove accept-flake-config from n-e-j invocation
...
it's off by default and thus not representative of user flake setup, we
don't use it anyway, and it's a security risk to boot. there is no good
reason to enable this in any setting that is not perfectly trusted, and
even there it is not such a great idea due to the impurity it requires.
2024-05-26 15:50:55 +02:00
825dbc5325
hotfix: missing comma for arguments list
...
Urgh...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-11 20:07:32 +02:00
10fc1417b5
hotfix: fix dependency in buildbot in the prometheus plugin
...
Signed-off-by: Raito Bezarius <raito@lix.systems>
2024-05-11 20:04:21 +02:00
e42966e193
Merge pull request 'feat: support Prometheus exports' ( #7 ) from prometheus into main
...
Reviewed-on: #7
Reviewed-by: jade <jade@noreply.git.lix.systems>
2024-05-11 17:58:16 +00:00