From f281f65e9311ae6acb9113cbed089a20a5c19254 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 4 Feb 2016 16:38:21 +0100 Subject: ma 1: refactor buildbot config, add documentation --- shared/1systems/wolf.nix | 2 +- shared/2configs/buildbot-standalone.nix | 150 -------------------------------- shared/2configs/shared-buildbot.nix | 148 +++++++++++++++++++++++++++++++ 3 files changed, 149 insertions(+), 151 deletions(-) delete mode 100644 shared/2configs/buildbot-standalone.nix create mode 100644 shared/2configs/shared-buildbot.nix (limited to 'shared') diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index e451954..bcfbd68 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -11,7 +11,7 @@ in ../2configs/collectd-base.nix ../2configs/shack-nix-cacher.nix ../2configs/shack-drivedroid.nix - ../2configs/buildbot-standalone.nix + ../2configs/shared-buildbot.nix ../2configs/cgit-mirror.nix # ../2configs/graphite.nix ]; diff --git a/shared/2configs/buildbot-standalone.nix b/shared/2configs/buildbot-standalone.nix deleted file mode 100644 index 9982dd9..0000000 --- a/shared/2configs/buildbot-standalone.nix +++ /dev/null @@ -1,150 +0,0 @@ -{ lib, config, pkgs, ... }: - -{ - networking.firewall.allowedTCPPorts = [ 8010 9989 ]; - krebs.buildbot.master = { - secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ]; - slaves = { - testslave = "krebspass"; - }; - change_source.stockholm = '' - stockholm_repo = 'http://cgit.gum/stockholm' - cs.append(changes.GitPoller( - stockholm_repo, - workdir='stockholm-poller', branch='master', - project='stockholm', - pollinterval=120)) - ''; - scheduler = { - force-scheduler = '' - sched.append(schedulers.ForceScheduler( - name="force", - builderNames=["full-tests"])) - ''; - fast-tests-scheduler = '' - # test the master real quick - sched.append(schedulers.SingleBranchScheduler( - change_filter=util.ChangeFilter(branch="master"), - treeStableTimer=10, #only test the latest push - name="fast-master-test", - builderNames=["fast-tests"])) - ''; - test-cac-infest-master = '' - # files everyone depends on or are part of the share branch - def shared_files(change): - r =re.compile("^((krebs|shared)/.*|Makefile|default.nix)") - for file in change.files: - if r.match(file): - return True - return False - - sched.append(schedulers.SingleBranchScheduler( - change_filter=util.ChangeFilter(branch="master"), - fileIsImportant=shared_files, - treeStableTimer=60*60, # master was stable for the last hour - name="full-master-test", - builderNames=["full-tests"])) - ''; - }; - builder_pre = '' - # prepare grab_repo step for stockholm - stockholm_repo = "http://cgit.gum.retiolum/stockholm" - grab_repo = steps.Git(repourl=stockholm_repo, mode='incremental') - - env = {"LOGNAME": "shared", "NIX_REMOTE": "daemon"} - - # prepare nix-shell - # the dependencies which are used by the test script - deps = [ "gnumake", "jq","nix","rsync", - "(import {}).pkgs.test.infest-cac-centos7" ] - # TODO: --pure , prepare ENV in nix-shell command: - # SSL_CERT_FILE,LOGNAME,NIX_REMOTE - nixshell = ["nix-shell", "-I", "stockholm=.", "-p" ] + deps + [ "--run" ] - - # prepare addShell function - def addShell(factory,**kwargs): - factory.addStep(steps.ShellCommand(**kwargs)) - ''; - builder = { - fast-tests = '' - f = util.BuildFactory() - f.addStep(grab_repo) - addShell(f,name="deploy-eval-centos7",env=env, - command=nixshell + ["make -s eval get=krebs.deploy filter=json system=test-centos7"]) - - addShell(f,name="deploy-eval-wolf",env=env, - command=nixshell + ["make -s eval get=krebs.deploy filter=json system=wolf"]) - - addShell(f,name="deploy-eval-cross-check",env=env, - command=nixshell + ["! make eval get=krebs.deploy filter=json system=test-failing"]) - - addShell(f,name="instantiate-test-all-modules",env=env, - command=nixshell + \ - ["touch retiolum.rsa_key.priv; \ - nix-instantiate --eval -A \ - users.shared.test-all-krebs-modules.system \ - -I stockholm=. \ - --show-trace \ - -I secrets=. '' \ - --argstr current-user-name shared \ - --argstr current-host-name lol \ - --strict --json"]) - - addShell(f,name="instantiate-test-minimal-deploy",env=env, - command=nixshell + \ - ["nix-instantiate --eval -A \ - users.shared.test-minimal-deploy.system \ - -I stockholm=. \ - -I secrets=. '' \ - --show-trace \ - --argstr current-user-name shared \ - --argstr current-host-name lol \ - --strict --json"]) - - bu.append(util.BuilderConfig(name="fast-tests", - slavenames=slavenames, - factory=f)) - ''; - slow-tests = '' - s = util.BuildFactory() - s.addStep(grab_repo) - - # slave needs 2 files: - # * cac.json - # * retiolum - s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/cac.json", slavedest="cac.json")) - s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/retiolum-ci.rsa_key.priv", slavedest="retiolum.rsa_key.priv")) - - addShell(s, name="infest-cac-centos7",env=env, - sigtermTime=60, # SIGTERM 1 minute before SIGKILL - timeout=10800, # 3h - command=nixshell + ["infest-cac-centos7"]) - - bu.append(util.BuilderConfig(name="full-tests", - slavenames=slavenames, - factory=s)) - ''; - }; - enable = true; - web = { - enable = true; - }; - irc = { - enable = true; - nick = "shared-buildbot"; - server = "cd.retiolum"; - channels = [ "retiolum" ]; - allowForce = true; - }; - }; - - krebs.buildbot.slave = { - enable = true; - masterhost = "localhost"; - username = "testslave"; - password = "krebspass"; - packages = with pkgs;[ git nix ]; - # all nix commands will need a working nixpkgs installation - extraEnviron = { NIX_PATH="nixpkgs=${toString }"; }; - }; -} diff --git a/shared/2configs/shared-buildbot.nix b/shared/2configs/shared-buildbot.nix new file mode 100644 index 0000000..50b2790 --- /dev/null +++ b/shared/2configs/shared-buildbot.nix @@ -0,0 +1,148 @@ +{ lib, config, pkgs, ... }: +# The buildbot config is seilf-contained and provides a way to test "shared" +# configuration (infrastructure to be used by every krebsminister). + +# You can add your own test, test steps as required. Deploy the config on a +# shared host like wolf and everything should be fine. +{ + networking.firewall.allowedTCPPorts = [ 8010 9989 ]; + krebs.buildbot.master = { + secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ]; + slaves = { + testslave = "krebspass"; + }; + change_source.stockholm = '' + stockholm_repo = 'http://cgit.gum/stockholm' + cs.append(changes.GitPoller( + stockholm_repo, + workdir='stockholm-poller', branch='master', + project='stockholm', + pollinterval=120)) + ''; + scheduler = { + force-scheduler = '' + sched.append(schedulers.ForceScheduler( + name="force", + builderNames=["full-tests"])) + ''; + fast-tests-scheduler = '' + # test the master real quick + sched.append(schedulers.SingleBranchScheduler( + change_filter=util.ChangeFilter(branch="master"), + treeStableTimer=10, #only test the latest push + name="fast-master-test", + builderNames=["fast-tests"])) + ''; + test-cac-infest-master = '' + # files everyone depends on or are part of the share branch + def shared_files(change): + r =re.compile("^((krebs|shared)/.*|Makefile|default.nix)") + for file in change.files: + if r.match(file): + return True + return False + + sched.append(schedulers.SingleBranchScheduler( + change_filter=util.ChangeFilter(branch="master"), + fileIsImportant=shared_files, + treeStableTimer=60*60, # master was stable for the last hour + name="full-master-test", + builderNames=["full-tests"])) + ''; + }; + builder_pre = '' + # prepare grab_repo step for stockholm + stockholm_repo = "http://cgit.gum.retiolum/stockholm" + grab_repo = steps.Git(repourl=stockholm_repo, mode='incremental') + + env = {"LOGNAME": "shared", "NIX_REMOTE": "daemon"} + + # prepare nix-shell + # the dependencies which are used by the test script + deps = [ "gnumake", "jq","nix","rsync", + "(import {}).pkgs.test.infest-cac-centos7" ] + # TODO: --pure , prepare ENV in nix-shell command: + # SSL_CERT_FILE,LOGNAME,NIX_REMOTE + nixshell = ["nix-shell", + "-I", "stockholm=.", + "-I", "nixpkgs=/var/src/upstream-nixpkgs", + "-p" ] + deps + [ "--run" ] + + # prepare addShell function + def addShell(factory,**kwargs): + factory.addStep(steps.ShellCommand(**kwargs)) + ''; + builder = { + fast-tests = '' + f = util.BuildFactory() + f.addStep(grab_repo) + for i in [ "test-centos7", "wolf", "test-failing" ]: + addShell(f,name="populate-{}".format(i),env=env, + command=nixshell + ["set -o pipefail;{}( nix-instantiate --arg configuration shared/1systems/{}.nix --eval --readonly-mode --show-trace -A config.krebs.build.populate --strict | jq -r .)".format("!" if "failing" in i else "",i)]) + + addShell(f,name="instantiate-test-all-modules",env=env, + command=nixshell + \ + ["touch retiolum.rsa_key.priv; \ + nix-instantiate --eval -A \ + users.shared.test-all-krebs-modules.system \ + -I stockholm=. \ + --show-trace \ + -I secrets=. '' \ + --strict --json"]) + + addShell(f,name="instantiate-test-minimal-deploy",env=env, + command=nixshell + \ + ["nix-instantiate --eval -A \ + users.shared.test-minimal-deploy.system \ + -I stockholm=. \ + -I secrets=. '' \ + --show-trace \ + --strict --json"]) + + bu.append(util.BuilderConfig(name="fast-tests", + slavenames=slavenames, + factory=f)) + ''; + slow-tests = '' + s = util.BuildFactory() + s.addStep(grab_repo) + + # slave needs 2 files: + # * cac.json + # * retiolum + s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/cac.json", slavedest="cac.json")) + s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/retiolum-ci.rsa_key.priv", slavedest="retiolum.rsa_key.priv")) + + addShell(s, name="infest-cac-centos7",env=env, + sigtermTime=60, # SIGTERM 1 minute before SIGKILL + timeout=10800, # 3h + command=nixshell + ["infest-cac-centos7"]) + + bu.append(util.BuilderConfig(name="full-tests", + slavenames=slavenames, + factory=s)) + ''; + }; + enable = true; + web = { + enable = true; + }; + irc = { + enable = true; + nick = "shared-buildbot"; + server = "cd.retiolum"; + channels = [ "retiolum" ]; + allowForce = true; + }; + }; + + krebs.buildbot.slave = { + enable = true; + masterhost = "localhost"; + username = "testslave"; + password = "krebspass"; + packages = with pkgs;[ git nix ]; + # all nix commands will need a working nixpkgs installation + extraEnviron = { NIX_PATH="/var/src"; }; + }; +} -- cgit v1.2.3