raito
0bd761173a
This removes the need for a proxy and rely on the `groups` property of the `userDetails` passed at the authentication layer. To add a certain role, add the group `buildbot-$role` to that user via Keycloak. Signed-off-by: Raito Bezarius <raito@lix.systems> |
||
---|---|---|
.github | ||
bin | ||
buildbot_effects | ||
buildbot_nix | ||
examples | ||
nix | ||
.gitignore | ||
.mergify.yml | ||
default.nix | ||
flake.lock | ||
flake.nix | ||
pyproject.toml | ||
README.md |
Buildbot-nix
Buildbot-nix is a NixOS module designed to integrate Buildbot, a continuous integration (CI) framework, into the Nix ecosystem. This module is under active development, and while it's generally stable and widely used, please be aware that some APIs may change over time.
Getting Started with Buildbot Setup
To set up Buildbot using Buildbot-nix, you can start by exploring the provided examples:
- Check out the basic setup in example.
- Learn about configuring the Buildbot master in master module.
- Understand how to set up a Buildbot worker in worker module.
Additionally, you can find real-world examples at the end of this document.
Buildbot masters and workers can be deployed either on the same machine or on separate machines. To support multiple architectures, configure them as nix remote builders. For a practical NixOS example, see this remote builder configuration.
Using Buildbot in Your Project
Buildbot-nix automatically triggers builds for your project under these conditions:
- When a pull request is opened.
- When a commit is pushed to the default git branch.
It does this by evaluating the .#checks
attribute of your project's flake in
parallel. Each attribute found results in a separate build step. You can test
these builds locally using nix flake check -L
or
nix-fast-build.
If you need to build other parts of your flake, such as packages or NixOS
machines, you should re-export these into the .#checks
output. Here are two
examples to guide you:
- Using flake-parts.
- A plain flake example.
Integration with GitHub
Buildbot-nix primarily supports GitHub, with plans to extend support to other platforms like Gitea.
To integrate with GitHub:
- GitHub App: Set up a GitHub app for Buildbot to enable GitHub user authentication on the Buildbot dashboard.
- OAuth Credentials: After installing the app, generate OAuth credentials and configure them in the buildbot-nix NixOS module.
- GitHub Token: Obtain a GitHub token with
admin:repo_hook
andrepo
permissions. For GitHub organizations, it's advisable to create a separate GitHub user for managing repository webhooks.
Real-World Deployments
See Buildbot-nix in action in these deployments:
- Nix-community infra: Configuration | Instance
- Mic92's dotfiles: Configuration | Instance
- Technical University Munich: Configuration | Instance
- Numtide: Instance