Commit graph

954 commits

Author SHA1 Message Date
Eelco Dolstra 2f6c2f5622
Remove the global channel
It's useless and it makes it very easy to kill the server by fetching
/channel/latest/closure.
2016-11-17 18:17:02 +01:00
Eelco Dolstra 98e7e37832
hydra-server: Fix and simplify robots.txt 2016-11-17 18:13:57 +01:00
Eelco Dolstra 07decd6915 Also hide disabled projects on the overview page by default 2016-11-01 13:15:55 +01:00
Eelco Dolstra ef711ce845 Handle Referer not having a trailing slash
Fixes #415.
2016-11-01 11:00:59 +01:00
Eelco Dolstra a2be29377e Hide hidden jobsets for project admins by default
This unclutters project pages.

Fixes #390.
2016-10-31 11:40:36 +01:00
Eelco Dolstra 2b790ceefa Remove the pretty-printed log
It didn't work anymore due to the removal of nix-log2xml. And in any
case XSL is the work of the devil.
2016-10-27 14:43:17 +02:00
Eelco Dolstra a12e9478e7 When manually scheduling an eval, force re-instantiation of store derivations
Without this, if (failed or aborted) derivations have been
garbage-collected, there is no way to restart them, which is very
annoying. Now we set a forceEval flag in the jobset to cause it to be
re-evaluated even if none of the inputs have changed.
2016-10-24 20:20:20 +02:00
Eelco Dolstra 140cbe9302 Set utf-8 charset for raw logs
Also fix incorrect use of Content-Encoding header in View::Plain.
2016-10-24 17:14:33 +02:00
Eelco Dolstra f7ff7f741b Fix a couple of encoding issues 2016-10-24 16:49:11 +02:00
Eelco Dolstra 5d8fbc6ca1 Fix referer check 2016-10-21 17:56:34 +02:00
Eelco Dolstra c928c41ee1 Add XSRF protection for POST requests
Some Hydra API requests were vulnerable to XSRF attacks, e.g. you
could have a form on another website using http://hydra/logout as the
form action. So we now require POST requests to come from the same
origin.

Reported by Hans-Christian Esperer.
2016-10-20 16:11:33 +02:00
Eelco Dolstra bbe45ed844 Remove Persona support
Persona is no longer supported by Mozilla, so let's remove it.
2016-10-20 14:14:04 +02:00
Eelco Dolstra f2724d088d Test: Show error output from hydra-queue-runner on timeout 2016-10-06 17:18:59 +02:00
Eelco Dolstra b03e3c593c Merge pull request #338 from expipiplus1/apache-include
Enable apache style includes in the config file
2016-08-19 13:32:44 +02:00
Domen Kožar 2840a5e089 push_github: return empty response instead of a template, fixes #309 2016-08-17 00:21:18 +02:00
Joe Hermaszewski 12194447ee GitHub push suffix (#332)
* Fix api/push-github

Fixes #309

* Don't require .git suffix on jobset inputs
2016-08-17 00:00:09 +02:00
Domen Kožar 03e8538746 Merge pull request #331 from expipiplus1/github-push
Fix api/push-github
2016-08-16 23:59:12 +02:00
Domen Kožar 23bf99b8e2 Use pixz instead of bzip2 for compressing nars
According to following two benchmarks:

- https://www.rootusers.com/gzip-vs-bzip2-vs-xz-performance-comparison/
- http://catchchallenger.first-world.info/wiki/Quick_Benchmark:_Gzip_vs_Bzip2_vs_LZMA_vs_XZ_vs_LZ4_vs_LZO

xz has better compression ratio than bzip2 at lowest compression rate.

https://github.com/vasi/pixz has been chosen as it can scale compressing
over multiple cores linearly.

We're using this in snabblab for a month now and it has improved CPU
wise the main Hydra server.
2016-08-12 11:39:07 +02:00
Joe Hermaszewski 02d56dda58 Trigger ssh like urls from github pushes
URLs like "git@github.com:owner/repo.git

This commit removed the need for a forward slash between 'github.com' and
'owner'.
2016-06-21 16:34:54 +01:00
Joe Hermaszewski 02baff987a Enable apache style includes in the config file 2016-06-19 16:59:24 +01:00
Joe Hermaszewski eb9aba0ff4 Fix api/push-github
Fixes #309
2016-06-14 10:36:43 +01:00
Eelco Dolstra a55942603a Provide a plugin hook for when build steps finish
Fixes #318.
2016-05-27 14:35:32 +02:00
Eelco Dolstra f70946efca Allow public dashboards
Dashboards can now be marked as publically visible in the user
preferences. The dashboard URL has changed from /user/<name>/dashboard
to /dashboard/<name> because /user/<name> requires being logged in as
<name> or as an admin.
2016-05-27 14:35:32 +02:00
Shea Levy 4392d3e21d Enable declarative projects.
This allows fully declarative project specifications. This is best
illustrated by example:

* I create a new project, setting the declarative spec file to
  "spec.json" and the declarative input to a git repo pointing
  at git://github.com/shlevy/declarative-hydra-example.git
* hydra creates a special ".jobsets" jobset alongside the project
* Just before evaluating the ".jobsets" jobset, hydra fetches
  declarative-hydra-example.git, reads spec.json as a jobset spec,
  and updates the jobset's configuration accordingly:
{
    "enabled": 1,
    "hidden": false,
    "description": "Jobsets",
    "nixexprinput": "src",
    "nixexprpath": "default.nix",
    "checkinterval": 300,
    "schedulingshares": 100,
    "enableemail": false,
    "emailoverride": "",
    "keepnr": 3,
    "inputs": {
        "src": { "type": "git", "value": "git://github.com/shlevy/declarative-hydra-example.git", "emailresponsible": false },
        "nixpkgs": { "type": "git", "value": "git://github.com/NixOS/nixpkgs.git release-16.03", "emailresponsible": false }
    }
}
* When the "jobsets" job of the ".jobsets" jobset completes, hydra
  reads its output as a JSON representation of a dictionary of
  jobset specs and creates a jobset named "master" configured
  accordingly (In this example, this is the same configuration as
  .jobsets itself, except using release.nix instead of default.nix):
{
    "enabled": 1,
    "hidden": false,
    "description": "js",
    "nixexprinput": "src",
    "nixexprpath": "release.nix",
    "checkinterval": 300,
    "schedulingshares": 100,
    "enableemail": false,
    "emailoverride": "",
    "keepnr": 3,
    "inputs": {
        "src": { "type": "git", "value": "git://github.com/shlevy/declarative-hydra-example.git", "emailresponsible": false },
        "nixpkgs": { "type": "git", "value": "git://github.com/NixOS/nixpkgs.git release-16.03", "emailresponsible": false }
    }
}
2016-05-09 08:54:27 -04:00
Eelco Dolstra b2b978eda0 Fix JSON output for builds 2016-04-18 11:44:59 +02:00
Eelco Dolstra ef72569cc3 Merge pull request #280 from shlevy/github-status-api
Add a plugin to interact with the github status API.
2016-04-14 20:03:45 +02:00
Eelco Dolstra a7755678fe Drop unused BuildProducts.description column 2016-04-13 16:30:52 +02:00
Shea Levy ae24e7fb31 GithubStatus: Include the full job name and build ID in the context.
Build ID can be omitted by setting excludeBuildFromContext in config
2016-04-12 15:19:05 -04:00
Shea Levy 0d0b925af1 Add a plugin to interact with the github status API.
Mutliple <githubstatus> sections are possible:
* jobs: regexp for jobs to match
* inputs: the input which corresponds to the github repo/rev whose
  status we want to report. Can be repeated
* authorization: Verbatim contents of the Authorization header. See
  https://developer.github.com/v3/#authentication.
2016-04-12 14:42:01 -04:00
Shea Levy 9b37cb89ae Add buildStarted plugin hook 2016-04-12 14:42:01 -04:00
Eelco Dolstra ed88bbaac0 Set Vary to Accept
Otherwise, the browser may mix up HTML and JSON responses if it has
requested both. For example, hitting the back button to return to a
job metric page will show a JSON response, because that was the last
thing the browser fetched for that URL.

This requires Catalyst::Action::Rest >= 1.20.
2016-03-25 14:48:12 +01:00
Eelco Dolstra dab16fb26b Lazy load the metrics tab 2016-03-25 13:49:06 +01:00
Eelco Dolstra 759bd38ef2 Sort metrics by name 2016-03-25 11:56:25 +01:00
Eelco Dolstra 6fc4dc4e27 /queue-summary: Show number of queued builds by system type 2016-03-22 17:03:26 +01:00
Eelco Dolstra d5cffd4bc7 Make "Running builds" and "Machine status" pages faster 2016-03-16 15:19:18 +01:00
Eelco Dolstra 520c8a5826 Use faster query to determine number of running builds
The previous query

  select count(*) from builds b left join buildsteps s on s.build = b.id where busy = 1 and finished = 0

is suddenly taking several minutes. Probably PostgreSQL decided to use
a suboptimal query plan.
2016-03-16 13:41:43 +01:00
Eelco Dolstra 49a4639377 Add a more concise queue page
The old page didn't scale very well if you have 150K builds in the
queue, in fact it tended to make browsers hang. The new one just
shows, for each jobset, the number of queued builds. The actual builds
can be seen by going to the corresponding jobset page and looking at
the evals.
2016-03-08 19:44:51 +01:00
Eelco Dolstra 76104accda Return unique store paths 2016-03-03 11:32:30 +01:00
Eelco Dolstra e7655fdcbc Fix latest-finished 2016-03-02 18:06:20 +01:00
Eelco Dolstra e45bbfbef0 Fix .nixpkg channel uri
Fixes #274.
2016-03-02 15:38:40 +01:00
Eelco Dolstra 8b4f90b0d4 .nixpkgs: Drop obsolete manifest URI 2016-03-02 15:24:23 +01:00
Eelco Dolstra ec82bc2517 Add /eval/NNN/store-paths action to return store paths in an eval
Needed by the NixOS channel scripts since we can no longer get a
MANIFEST from Hydra.
2016-03-02 15:17:22 +01:00
Eelco Dolstra a74251af2b Disable channels on binary cached based Hydra instances 2016-03-02 15:08:53 +01:00
Shea Levy 0f5937503e SlackNotification: Use bigger images 2016-03-01 11:25:18 -05:00
Shea Levy 006ac1fc03 Add slack plugin.
Respects <slack> blocks in the hydra config, with attributes:

* jobs: a regexp matching the job name (in the format project:jobset:job)
* url: The URL to a slack incoming webhook
* force: If true, always send messages. Otherwise, only when the build status changes

Multiple <slack> blocks are allowed
2016-02-29 14:48:36 -05:00
Eelco Dolstra bc958c508b Merge branch 'binary-cache' 2016-02-29 18:29:07 +01:00
Eelco Dolstra e8cdfe5171 hydra-server: Don't barf if the binary cache public key can't be read 2016-02-26 21:14:40 +01:00
Eelco Dolstra 07e5fc5618 Hackery to make downloads work when using a binary cache 2016-02-26 17:28:26 +01:00
Eelco Dolstra b00bdefa98 Fix hydra-server signing 2016-02-26 17:28:16 +01:00
Eelco Dolstra 9de336de7c Proxy local binary caches via hydra-server 2016-02-26 17:27:30 +01:00
Eelco Dolstra 00a7be13a2 Make queue runner internal status available under /queue-runner-status 2016-02-18 17:11:46 +01:00
Michael Mortensen d9a4f7a211 Construct uri using uri_for, which respects X-Request-Base. 2016-02-17 21:27:44 +01:00
Eelco Dolstra d7a123fcd4 Keep track of the time we spend copying to/from build machines 2016-02-17 10:30:23 +01:00
Eelco Dolstra e46acbf05b Remove the errorMsg column from the Builds table
The queue runner no longer uses this field, and it doesn't provide
very interesting historical data (mostly SSH failures), but it takes
up a lot of space. Also, it contained some bad UTF-8 which was
preventing an upgrade to Postgres 9.5, so a good occasion to get rid
of it.
2016-02-12 17:21:55 +01:00
Eelco Dolstra 5c5bb3762c Fix display of builds that don't have an eval
Like http://hydra.nixos.org/build/22872.
2016-02-12 16:27:25 +01:00
Eelco Dolstra 993647d1e3 Use Google's verifier 2016-01-14 12:54:47 +01:00
Eelco Dolstra 5a580b1bb2 Add support for logging in via a Google account
The required configuration in hydra.conf:

  enable_google_login = 1
  google_client_id = 238429sdjkds....apps.googleusercontent.com

and optionally persona_allowed_domains to restrict to one or more
domains.
2016-01-13 17:32:52 +01:00
Eelco Dolstra f11ce7e219 Bump evaluation timeout to 6 hours
This is necessary given the current size of the Nixpkgs/NixOS
jobsets. Once we have a Nix store + Postgres on SSD, we can reduce
this again.

Should really make this configurable...
2016-01-07 16:19:54 +01:00
Eelco Dolstra 29db16bc69 Fix 'Can't locate object method "buildstepoutputs"'
Template::Toolkit braindamage strikes again. See
8f85fe67d4.
2015-12-15 11:55:57 +01:00
Eelco Dolstra b081133dcc Move GC roots to /nix/var/nix/gcroots/hydra
The uid split a while back caused the web interface to create GC roots
in /nix/var/nix/gcroots/per-user/hydra-www, where they wouldn't be
purged by hydra-update-gc-roots. Thus restarted builds would
accumulate forever. The fix is to keep the roots in a shared directory
with gid=hydra.
2015-12-14 13:31:24 +01:00
Eelco Dolstra 8f7614030e Better fix for dots in jobset names 2015-11-17 11:31:11 +01:00
Eelco Dolstra ea80a75204 Move getBaseUrl 2015-11-17 11:21:20 +01:00
Rob Vermaas dddb9a281d Allow dots in job specifier of input type 'Previous build' 2015-11-17 08:36:46 +00:00
Eelco Dolstra b6d2c6f03a Further fix for the channel regression 2015-11-02 14:58:23 +01:00
aszlig 20b412224e ListBuilds: Fix legacy channel URLs.
Regression introduced by 1fdc258de0.

The commit introduced a channel/custom PathPart which uses the new
custom channel expressions, but I forgot to remove CaptureArgs, so the
URL really is channel/latest/ignored-value.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Reported-by: Peter Simons <simons@cryp.to>
2015-11-02 14:51:42 +01:00
Eelco Dolstra e1f9a209c5 Fix cancelling non-current builds 2015-11-02 14:20:27 +01:00
Eelco Dolstra 19b52e907f Add action to restart all failed builds in an eval 2015-10-28 15:04:12 +01:00
Eelco Dolstra b9ebd38edf Fix restarting builds
Failed paths were not cleared because the $builds query becomes empty
as soon as the "finished" flag has been cleared. So this needs to be
done last.
2015-10-28 14:54:54 +01:00
Eelco Dolstra 4d1816b152 Remove obsolete Builds columns and provide accurate "Running builds"
This removes the "busy", "locker" and "logfile" columns, which are no
longer used by the queue runner. The "Running builds" page now only
shows builds that have an active build step.
2015-10-27 15:37:17 +01:00
Eelco Dolstra 9fb91460e3 Restart jobset evals efficiently
Fixes

  DBIx::Class::Storage::DBI::_dbh_execute(): DBI Exception: DBD::Pg::st execute failed: ERROR: stack depth limit exceeded
  HINT: Increase the configuration parameter "max_stack_depth" (currently 2048kB), after ensuring the platform's stack depth limit is adequate. [for Statement "UPDATE Builds SET busy = ?, finished = ?, iscachedbuild = ?, locker = ? WHERE ( ( id = ? OR id = ? OR ...
2015-10-27 13:43:19 +01:00
Eelco Dolstra 30823078c4 Merge branch 'custom-channels' of https://github.com/aszlig/hydra 2015-10-16 17:00:29 +02:00
Eelco Dolstra 1a92f971d4 Restart: Clear failed dependencies 2015-10-09 15:39:41 +02:00
Eelco Dolstra 3fa3e6414c Fix "Use of uninitialized value $mode" 2015-10-09 15:06:57 +02:00
Eelco Dolstra ca58e97691 Prevent inputs from being garbage collected during evaluation
There is still a tiny window between the calls to nix-prefetch-* and
addTempRoot. This could be eliminated by adding a "-o" option to
nix-prefetch-*, or by not using those scripts at all (and use
addToStore directly).
2015-10-09 12:50:23 +02:00
Eelco Dolstra d959afebe1 Store unset descriptions etc. as nulls 2015-10-08 12:37:56 +02:00
aszlig 8b4f51f657
Channel.pm: Actually deliver channel expressions.
So this is the final part which is needed in order to be able to deliver
custom channels, everything else is now just polishing.

We do this by simply redirecting to the build product download URL and
we use binary_cache_url the same way as in NixChannel.pm.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:39:55 +02:00
aszlig db0ef9e49b
Tie custom channels into channel-contents.tt.
We should now get an overview and help text on how to add a particular
channel and also a bit of information about the builds that are required
for a channel to get upgraded.

Right now we only select the latest successful build in the latest
successful evaluation, so if someone wants to have more information about
which channel has failed, (s)he still has to look at the "Channels" tab
of the jobset.

We can make this more fancy at some later point if this is really
needed, because right now we're only interested in the latest build,
because it's the only thing necessary to deliver the channel contents.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:39:55 +02:00
aszlig c9aadd8b7d
Jobset.pm: Factor out build->eval mapping.
We now have a searchBuildsAndEvalsForJobset, which creates such a
mapping for us, so we don't need to duplicate code in jobs_tab and
channels_tab.

Also, we're going to use this for the overview of a particular channel
as well, so it makes sense to put it in CatalystUtils instead of
directly in Jobset.pm.

Instead of eval->jobs, it's now eval->builds, because it's really an
aggregate over the builds schema, rather than the job schema.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:38:45 +02:00
aszlig 1fdc258de0
ListBuilds: Simplify nix channel dispatcher.
We only allow channel/latest anyway, so it really doesn't make sense to
explicitly specify this in the PathPart and provide other dispatcher
once we have more than just "latest", which greatly simplifies the
dispatch tree.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:38:44 +02:00
aszlig ed361a0145
Build.pm: Don't get isChannel using buildproducts.
We now have a column for that, so no need for counting rows which was a
bit inefficient anyway, because we only would have needed the first row
in the result.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:38:44 +02:00
aszlig ba7402ed6c
Jobset.pm: Don't show channels in "Jobs" tab.
Now that we have our dedicated "Channels" tab, there is no need anymore
to show redundant information.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:36:38 +02:00
aszlig 8f7486cd9c
Jobset.pm: Detect channels by isChannel attribute.
We now no longer need that additional join of the build outputs and can
solely use the isChannel column of the Builds table to determine whether
it's a channel build.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:36:38 +02:00
aszlig 06b76ab275
Add isChannel column and meta attribute.
This is to properly separate channels from regular jobs and also make
sure that we can always iterate on them, no matter whether the build has
failed. The reason why we were not able to do this until now was because
we were iterating on the build products, and whenever some constituent
of a channel job has failed, we didn't get a build output.

So whenever there is a meta.isHydraChannel, we can now properly
distinguish it from the other jobs.

I still don't have any clue, why "make -C src/sql update-dbix" without
*any* modifications tries to create additional schema definitions. But
I've checked the md5sums of the existing schema definitions and they
don't seem to match, so it seems that they already have been tampered
with.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:36:38 +02:00
aszlig a235de3ad7
Make channels a product type instead of subtype.
Now we can provide different channel expressions for one particular
channel build. Not sure yet how this would be useful, but I found it
more appropriate to use a type instead of a subtype of "file".

This should get us consistent with the provious commit.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:12:13 +02:00
aszlig f6bb8afc30
Show build products on aggregates with channels.
This is to get a bit more consistency among channel builds but doesn't
do a radical change on the display. Ideally we may want to have a
channel overview with all the constituents and a small help showing how
the user can add the channel.

Unfortunately, this also introduces an inconsistency: We previously used
the *subtype* "channel", but now we're expecting "channel" as the type
of the product, so we need to change this for the channels overview as
well.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:12:12 +02:00
aszlig 7b60aed5ed
jobset: Add a new "channels" tab.
It's very similar to "jobs" and the code is pretty much the same, except
that we don't do filtering on it. At least it doesn't waste space for a
filter option when there are usually WAY less channel jobs than ordinary
jobs.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-09-10 17:08:24 +02:00
Eelco Dolstra c1dd3fe4be Machine status page: Show disabled machines and some machine stats 2015-09-09 16:51:43 +02:00
Eelco Dolstra 2d116d758a Return JSON for /eval 2015-09-02 13:13:55 +02:00
Eelco Dolstra 4f018b0612 Include the eval IDs in the JSON /build result 2015-09-02 12:57:58 +02:00
Eelco Dolstra 88d7eb5247 Remove double entry for localhost on machines status page 2015-08-26 13:01:45 +02:00
Eelco Dolstra 7aa52517e9 Support multiple machines files
This is primarily useful for the Hydra provisioner, which can write
its machines to another file than /etc/nix/machines.
2015-08-25 15:34:53 +02:00
Eelco Dolstra b0c8eecd37 Merge branch 'build-ng' 2015-08-12 20:32:48 +02:00
Eelco Dolstra 62cd9d18b6 Check for a valid number of shares 2015-08-12 15:36:55 +02:00
Eelco Dolstra 2e3899ed27 Don't set Expires header for logs of unfinished builds/steps 2015-08-12 12:22:14 +02:00
Shea Levy 1705ca41e7 Remove unneeded camelcase 2015-08-10 13:59:22 -04:00
Shea Levy 163e696813 Copy-paste error 2015-08-10 13:52:40 -04:00
Shea Levy 882b6b3377 Pass a build's drv path as a store path 2015-08-10 13:48:09 -04:00
Shea Levy ce5ffa9fba Only pass the drv path if it is still valid 2015-08-10 13:47:39 -04:00
Eelco Dolstra 08739a2a5a Allow bumping an entire evaluation to the front of the queue
This is mostly useful if we need to prioritize (say) a nixos-stable
eval that has some critical security bug fix.
2015-08-10 18:57:59 +02:00
Eelco Dolstra eb13007fe6 Allow build to be bumped to the front of the queue via the web interface
Builds now have a "Bump up" action. This will cause the queue runner
to prioritise the steps of the build above all other steps.
2015-08-10 16:19:47 +02:00