summaryrefslogtreecommitdiffstats
path: root/shared/2configs/shared-buildbot.nix
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2017-07-14 00:17:58 +0200
committertv <tv@krebsco.de>2017-07-14 00:21:02 +0200
commit58380c82848c3db0bd6c3d74904153f3464c2098 (patch)
treedcefa424c037ef13edba18967143b3290dc739cb /shared/2configs/shared-buildbot.nix
parentc213968c44befe32f115ec0122accebdabd89582 (diff)
merge shared into krebs
Diffstat (limited to 'shared/2configs/shared-buildbot.nix')
-rw-r--r--shared/2configs/shared-buildbot.nix178
1 files changed, 0 insertions, 178 deletions
diff --git a/shared/2configs/shared-buildbot.nix b/shared/2configs/shared-buildbot.nix
deleted file mode 100644
index 1d6883afe..000000000
--- a/shared/2configs/shared-buildbot.nix
+++ /dev/null
@@ -1,178 +0,0 @@
-{ lib, config, pkgs, ... }:
-# The buildbot config is self-contained and currently provides a way
-# to test "shared" configuration (infrastructure to be used by every krebsminister).
-
-# You can add your own test, test steps as required. Deploy the config on a
-# shared host like wolf and everything should be fine.
-
-# TODO for all users schedule a build for fast tests
-{
- # due to the fact that we actually build stuff on the box via the daemon,
- # /nix/store should be cleaned up automatically as well
- services.nginx.virtualHosts.build = {
- serverAliases = [ "build.wolf.r" ];
- locations."/".extraConfig = ''
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_pass http://localhost:${toString config.krebs.buildbot.master.web.port};
- '';
- };
-
- nix.gc.automatic = true;
- nix.gc.dates = "05:23";
- networking.firewall.allowedTCPPorts = [ 8010 9989 ];
- krebs.buildbot.master = let
- stockholm-mirror-url = http://cgit.wolf.r/stockholm-mirror ;
- in {
- secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ];
- workers = {
- testworker = "krebspass";
- };
- change_source.stockholm = ''
- stockholm_repo = '${stockholm-mirror-url}'
- cs.append(changes.GitPoller(
- stockholm_repo,
- workdir='stockholm-poller', branches=True,
- project='stockholm',
- pollinterval=60))
- '';
- scheduler = {
- force-scheduler = ''
- sched.append(schedulers.ForceScheduler(
- name="force",
- builderNames=[
- # "full-tests",
- "fast-tests",
- "build-local"
- ]))
- '';
- fast-tests-scheduler = ''
- # test everything real quick
- sched.append(schedulers.AnyBranchScheduler(
- treeStableTimer=10,
- name="fast-all-branches",
- builderNames=["fast-tests"]))
- '';
- test-cac-infest-master = ''
- # files everyone depends on or are part of the share branch
- def shared_files(change):
- r =re.compile("^((krebs|shared)/.*|Makefile|default.nix)")
- for file in change.files:
- if r.match(file):
- return True
- return False
-
- sched.append(schedulers.SingleBranchScheduler(
- change_filter=util.ChangeFilter(branch="master"),
- fileIsImportant=shared_files,
- treeStableTimer=60*60, # master was stable for the last hour
- name="full-master",
- builderNames=[
- # "full-tests",
- "build-local"
- ]))
- '';
- };
- builder_pre = ''
- # prepare grab_repo step for stockholm
- grab_repo = steps.Git(repourl=stockholm_repo, mode='incremental')
-
- env = {
- "LOGNAME": "shared",
- "NIX_REMOTE": "daemon",
- "dummy_secrets": "true",
- }
-
- # prepare nix-shell
- # the dependencies which are used by the test script
- deps = [ "gnumake", "jq", "nix",
- "(import <stockholm>).pkgs.populate",
- "(import <stockholm>).pkgs.test.infest-cac-centos7" ]
- # TODO: --pure , prepare ENV in nix-shell command:
- # SSL_CERT_FILE,LOGNAME,NIX_REMOTE
- nixshell = ["nix-shell",
- "-I", "stockholm=.",
- "-I", "nixpkgs=/var/src/nixpkgs",
- "-p" ] + deps + [ "--run" ]
-
- # prepare addShell function
- def addShell(factory,**kwargs):
- factory.addStep(steps.ShellCommand(**kwargs))
- '';
- builder = {
- fast-tests = ''
- f = util.BuildFactory()
- f.addStep(grab_repo)
-
- for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf", "test-centos7" ]:
- addShell(f,name="build-{}".format(i),env=env,
- command=nixshell + \
- ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
- make \
- test \
- target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
- method=eval \
- system={}".format(i)])
-
- bu.append(util.BuilderConfig(name="fast-tests",
- workernames=workernames,
- factory=f))
-
- '';
- # this build will try to build against local nixpkgs
- # TODO change to do a 'local' populate and use the retrieved nixpkgs
- build-local = ''
- f = util.BuildFactory()
- f.addStep(grab_repo)
-
-
- bu.append(util.BuilderConfig(name="build-local",
- workernames=workernames,
- factory=f))
- '';
-# slow-tests = ''
-# s = util.BuildFactory()
-# s.addStep(grab_repo)
-#
-# # worker needs 2 files:
-# # * cac.json
-# # * retiolum
-# s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/cac.json", workerdest="cac.json"))
-# s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/retiolum-ci.rsa_key.priv", workerdest="retiolum.rsa_key.priv"))
-# addShell(s, name="infest-cac-centos7",env=env,
-# sigtermTime=60, # SIGTERM 1 minute before SIGKILL
-# timeout=10800, # 3h
-# command=nixshell + ["infest-cac-centos7"])
-#
-# bu.append(util.BuilderConfig(name="full-tests",
-# workernames=workernames,
-# factory=s))
-# '';
- };
- enable = true;
- web = {
- enable = true;
- };
- irc = {
- enable = true;
- nick = "wolfbot";
- server = "ni.r";
- channels = [ { channel = "retiolum"; } ];
- allowForce = true;
- };
- extraConfig = ''
- c['buildbotURL'] = "http://build.wolf.r/"
- '';
- };
-
- krebs.buildbot.worker = {
- enable = true;
- masterhost = "localhost";
- username = "testworker";
- password = "krebspass";
- packages = with pkgs; [ gnumake jq nix populate ];
- # all nix commands will need a working nixpkgs installation
- extraEnviron = {
- NIX_PATH="nixpkgs=/var/src/nixpkgs:nixos-config=./shared/1systems/wolf.nix"; };
- };
-}