Commit graph

105 commits

Author SHA1 Message Date
Graham Christensen
f07fb7d279 LDAP support: include BC support for the YAML based loading
Includes a refactoring of the configuration loader.
2022-02-11 10:49:38 -05:00
Janne Heß
61d74a7194 Redo LDAP config in the main configuration and add role mappings 2022-02-11 10:49:38 -05:00
Graham Christensen
d0bc0d0eda
Merge pull request #1152 from DeterminateSystems/parallel-tests
Parallel tests, fix a hydra-queue-runner race condition
2022-02-10 12:11:20 -05:00
Graham Christensen
5506962537 Test::Postgresql: update to a tagged fork to improve paralellism 2022-02-10 09:37:48 -05:00
Graham Christensen
8bce8109e3 flake.nix: drop the LDAP server test 2022-02-09 20:56:10 -05:00
Graham Christensen
e4adec36f3 Set an env var in the build environment to point to the root of openldap 2022-02-09 20:56:10 -05:00
Graham Christensen
60adee7f94 hydra check inputs: add openldap 2022-02-09 20:56:10 -05:00
Graham Christensen
68c6c3d556 flake.nix: format with nixpkgs-fmt 2022-02-09 10:43:40 -05:00
Marco Turchetto
73f2cc184f missing develop dependencies 2022-02-05 20:28:44 +01:00
Graham Christensen
89e8676d80 UUID4Tiny: init 2022-01-31 08:58:33 -08:00
Graham Christensen
3ae4b19d12 flake: update to postgres 13 for UUID commands 2022-01-28 13:07:11 -08:00
Cole Helbling
fdf6f4d3da RunCommand: use IPC::Run3::run3 instead
run3 just seems to do better handling for what we want to do, and
requires less deep-reaching changes to this plugin to get it to play
nice, as IPC::Run::run would.
2022-01-28 13:07:11 -08:00
Graham Christensen
44cd890ae3
Merge pull request #1130 from DeterminateSystems/prompt-password
hydra-create-user: support prompting for password
2022-01-21 15:38:39 -05:00
Graham Christensen
a888a57baf tests.ldap: verify the hydra_ prefix is required 2022-01-21 12:46:02 -05:00
Graham Christensen
76fbde6d6b Set noecho when reading passwords 2022-01-21 11:11:09 -05:00
Graham Christensen
aa7b37838a PerlCritic: MoreUtils -> SomeUtils 2021-12-14 10:16:25 -05:00
Graham Christensen
a658b80863 perlcritic: Readonly -> ReadonlyX 2021-12-14 10:16:25 -05:00
Cole Helbling
5659d2982c Hydra/Controller/Root: remove deprecated LocalRegex
11:38:20 hydra-server.1       | DEPRECATION WARNING: The Regex dispatch type is deprecated.
11:38:20 hydra-server.1       |   It is recommended that you convert Regex and LocalRegex
11:38:20 hydra-server.1       |   methods to Chained methods. at /nix/store/aa6gw57fnahd4824pbhmvcs0jlypmynq-hydra-perl-deps/lib/perl5/site_perl/5.32.1/Catalyst/DispatchType/Regex.pm line 210.
2021-12-03 12:12:53 -08:00
Marco Turchetto
68a9aac251 add missing develop dependency 2021-11-10 17:51:01 +01:00
Graham Christensen
c317ab0dbe shell: add pixz so NAR serving works from foreman 2021-10-20 13:09:39 -04:00
Eelco Dolstra
2745226ada
Merge pull request #1003 from DeterminateSystems/perlcritic-level-4
perlcritic: level 4
2021-09-27 20:23:55 +02:00
Graham Christensen
99161c7c53
Merge pull request #1012 from helsinki-systems/fix/ldap-test
fix ldap nixos test
2021-09-24 14:27:26 -04:00
e985a277b3 migrate to new openldap module syntax 2021-09-23 20:32:09 +02:00
Graham Christensen
85bb1c7ef9 (perlcritic) JSON::Any -> JSON::MaybeXS 2021-09-07 21:55:55 -04:00
Graham Christensen
c880888f1e File::Slurp -> File::Slurper 2021-09-06 22:13:33 -04:00
ajs124
59cb44261d fix ldap nixos test
passwords were replaced with salted sha1 instead of sha256, because I
don't want to have to figure out how to make slapd load this module

We could also just do {CLEARTEXT} for the purpose of this test
2021-08-29 01:47:34 +02:00
e36353532c
gitea-plugin: fix test
The test seems to be broken for a while[1]. The cause for this is that
in gitea 1.14 the `create-user` command got renamed to `user create`.

[1] https://hydra.nixos.org/build/151092299
2021-08-29 00:08:59 +02:00
Your Name
5d0ad5f649 hydra-notify: initial scratch take of prometheus events 2021-08-24 10:56:12 -04:00
Your Name
098e48d055 Flake: add perlcritic deps 2021-08-19 16:17:49 -04:00
Your Name
194eda28b7 flake.nix sort hydra-perl-deps inputs 2021-08-18 15:10:55 -04:00
Your Name
d311a0d002 hydraJobs.tests.notifications: fixup file reference 2021-08-16 15:51:51 -04:00
Nathan van Doorn
b63dfb7ad4 Rename version to version.txt
<version> is a standard header with C++20 which could cause issues if a library checks it exists then imports it

Because we have the root of this repo in the include path, it'd see that <version> exists (with, e.g., __has_include), and then try to include it as a header

But because it's just a file that says 0.1, this would fail

This happens with libpqxx 7
2021-07-05 19:47:58 +01:00
Amanda Cameron
b0f8a207fe
flake: stdenv.lib -> lib
Nixpkgs on unstable has removed `stdenv.lib` as they've been warning for a while now. This removes the extra references to it in the flake.nix

I'm not entirely sure if this is right, but I figured it was trivial enough to give a quick try using the GH Editor while I was waiting for a job to finish
2021-06-17 16:50:38 -04:00
Graham Christensen
71453dd341 Expose Prometheus metrics at /metrics
Exposes metrics:

* http_request_duration_seconds_bucket
* http_request_size_bytes_bucket
* http_response_size_bytes_bucket
* http_requests_total

with labels of action and controller to help identify popular
endpoints and their performance characteristics.
2021-06-10 20:02:42 -04:00
Graham Christensen
db6bad108b Use PrometheusTinyShared 2021-06-10 17:47:11 -04:00
Graham Christensen
1652631b21 Prometheus: init Tiny, TinyShared 2021-06-10 17:47:11 -04:00
Graham Christensen
c6670b805f init: HashSharedMem for Prometheus 2021-06-10 17:47:11 -04:00
Graham Christensen
b1fcc0c25b init DataRandom perl package for Prometheus stats 2021-06-10 17:47:11 -04:00
Graham Christensen
015d8298cb flake.nix: drop the API test 2021-04-28 18:32:23 -04:00
963085a04a
Add AuthenSASL to perl deps; improve email docs
The addition of AuthenSASL seems to be necessary to properly
authenticate against an SMTP server. Without this I got errors
such as

    error with Hydra::Plugin::EmailNotification=HASH(0x6ad0128)->buildFinished: SMTP auth requires MIME::Base64 and Authen::SASL
2021-04-26 18:33:57 +02:00
Graham Christensen
1da70030b7 Users: transparently upgrade passwords to Argon2
Passwords that are sha1 will be transparently upgraded to argon2,
and future comparisons will use Argon2

Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-04-15 11:35:11 -04:00
Graham Christensen
29620df85e Passwords: check in constant time
The default password comparison logic does not use
constant time validation. Switching to constant time
offers a meager improvement by removing a timing
oracle.

A prepatory step in moving to Argon2id password storage, since we'll need this change anyway after
for validating existing passwords.

Co-authored-by: Graham Christensen <graham@grahamc.com>
2021-04-15 11:34:56 -04:00
3bc5252c80
Get rid of now obsolte LD_PRELOAD hack 2021-04-03 09:56:15 +02:00
2beb1f5405
Replace TestHTTPMockServer with python script
This seems to work fine in a `nix build`-sandbox as it doesn't depend on
`getprotobyname`.
2021-04-03 01:07:07 +02:00
d16bf5b8cd
Implement yath-test for the new Gitea plugin 2021-04-02 19:11:25 +02:00
f9f5ab2fb1
Make gitea public URL configurable
Otherwise, it will be obtained from the jobset input that contains the
URL to the git repo to build.
2021-03-30 23:01:36 +02:00
eecea56131
Implement VM-test for gitea plugin 2021-03-30 22:35:39 +02:00
Cole Helbling
025be052b7
tests: move to t, allow yath test from root
By moving the tests subdirectory to t, we gain the ability to run `yath
test` with no arguments from inside `nix develop` in the root of the
the repo.

(`nix develop` is necessary in order to set the proper env vars for
`yath` to find our test libraries.)
2021-03-05 09:49:06 -08:00
Graham Christensen
9ddc6e355f
flake: add TestPostgreSQL for per-test DBs 2021-02-23 21:12:02 -05:00
Graham Christensen
bfcc50f978
Merge pull request #877 from immae/mdbook
Convert documentation to markdown / mdbook
2021-02-23 20:16:33 -05:00