2015-12-22 18:36:19 +00:00
|
|
|
{ lib, config, pkgs, ... }:
|
2016-02-15 13:25:30 +00:00
|
|
|
# The buildbot config is self-contained and currently provides a way
|
2017-07-13 22:17:58 +00:00
|
|
|
# to test "krebs" configuration (infrastructure to be used by every krebsminister).
|
2016-01-18 15:59:44 +00:00
|
|
|
|
2016-02-04 15:38:21 +00:00
|
|
|
# You can add your own test, test steps as required. Deploy the config on a
|
2017-07-13 22:17:58 +00:00
|
|
|
# krebs host like wolf and everything should be fine.
|
2016-02-15 13:25:30 +00:00
|
|
|
|
|
|
|
# TODO for all users schedule a build for fast tests
|
2016-01-18 15:59:44 +00:00
|
|
|
{
|
2016-02-16 17:03:18 +00:00
|
|
|
# due to the fact that we actually build stuff on the box via the daemon,
|
|
|
|
# /nix/store should be cleaned up automatically as well
|
2017-04-19 08:06:36 +00:00
|
|
|
services.nginx.virtualHosts.build = {
|
|
|
|
serverAliases = [ "build.wolf.r" ];
|
|
|
|
locations."/".extraConfig = ''
|
|
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
|
|
proxy_set_header Connection "upgrade";
|
|
|
|
proxy_pass http://localhost:${toString config.krebs.buildbot.master.web.port};
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2016-02-16 17:03:18 +00:00
|
|
|
nix.gc.automatic = true;
|
|
|
|
nix.gc.dates = "05:23";
|
2015-12-24 19:50:23 +00:00
|
|
|
networking.firewall.allowedTCPPorts = [ 8010 9989 ];
|
2016-02-15 13:25:30 +00:00
|
|
|
krebs.buildbot.master = let
|
2017-04-19 08:06:36 +00:00
|
|
|
stockholm-mirror-url = http://cgit.wolf.r/stockholm-mirror ;
|
2016-02-15 13:25:30 +00:00
|
|
|
in {
|
2015-12-30 01:45:47 +00:00
|
|
|
secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ];
|
2016-11-11 00:34:18 +00:00
|
|
|
workers = {
|
|
|
|
testworker = "krebspass";
|
2015-12-23 23:02:59 +00:00
|
|
|
};
|
|
|
|
change_source.stockholm = ''
|
2016-02-15 13:25:30 +00:00
|
|
|
stockholm_repo = '${stockholm-mirror-url}'
|
2015-12-23 23:02:59 +00:00
|
|
|
cs.append(changes.GitPoller(
|
|
|
|
stockholm_repo,
|
2016-02-11 20:03:30 +00:00
|
|
|
workdir='stockholm-poller', branches=True,
|
2015-12-23 23:02:59 +00:00
|
|
|
project='stockholm',
|
2016-06-13 19:00:38 +00:00
|
|
|
pollinterval=60))
|
2015-12-23 23:02:59 +00:00
|
|
|
'';
|
|
|
|
scheduler = {
|
|
|
|
force-scheduler = ''
|
|
|
|
sched.append(schedulers.ForceScheduler(
|
|
|
|
name="force",
|
2016-06-06 19:27:29 +00:00
|
|
|
builderNames=[
|
|
|
|
# "full-tests",
|
|
|
|
"fast-tests",
|
|
|
|
"build-local"
|
|
|
|
]))
|
2015-12-23 23:02:59 +00:00
|
|
|
'';
|
|
|
|
fast-tests-scheduler = ''
|
2016-02-15 13:02:44 +00:00
|
|
|
# test everything real quick
|
2016-11-15 22:26:03 +00:00
|
|
|
sched.append(schedulers.AnyBranchScheduler(
|
2016-06-13 19:00:38 +00:00
|
|
|
treeStableTimer=10,
|
2016-02-16 17:03:18 +00:00
|
|
|
name="fast-all-branches",
|
2015-12-23 23:02:59 +00:00
|
|
|
builderNames=["fast-tests"]))
|
|
|
|
'';
|
2015-12-24 19:50:23 +00:00
|
|
|
test-cac-infest-master = ''
|
2015-12-23 23:02:59 +00:00
|
|
|
# files everyone depends on or are part of the share branch
|
|
|
|
def shared_files(change):
|
2017-07-13 22:17:58 +00:00
|
|
|
r =re.compile("^(krebs/.*|Makefile|default.nix|shell.nix)")
|
2015-12-23 23:02:59 +00:00
|
|
|
for file in change.files:
|
|
|
|
if r.match(file):
|
|
|
|
return True
|
|
|
|
return False
|
|
|
|
|
|
|
|
sched.append(schedulers.SingleBranchScheduler(
|
|
|
|
change_filter=util.ChangeFilter(branch="master"),
|
|
|
|
fileIsImportant=shared_files,
|
2015-12-24 19:50:23 +00:00
|
|
|
treeStableTimer=60*60, # master was stable for the last hour
|
2016-02-16 17:03:18 +00:00
|
|
|
name="full-master",
|
2016-06-06 19:27:29 +00:00
|
|
|
builderNames=[
|
|
|
|
# "full-tests",
|
|
|
|
"build-local"
|
|
|
|
]))
|
2015-12-23 23:02:59 +00:00
|
|
|
'';
|
|
|
|
};
|
|
|
|
builder_pre = ''
|
|
|
|
# prepare grab_repo step for stockholm
|
|
|
|
grab_repo = steps.Git(repourl=stockholm_repo, mode='incremental')
|
|
|
|
|
2016-08-05 11:30:27 +00:00
|
|
|
env = {
|
2017-07-13 22:17:58 +00:00
|
|
|
"LOGNAME": "krebs",
|
2016-08-05 11:30:27 +00:00
|
|
|
"NIX_REMOTE": "daemon",
|
|
|
|
"dummy_secrets": "true",
|
|
|
|
}
|
2015-12-23 23:02:59 +00:00
|
|
|
|
|
|
|
# prepare nix-shell
|
|
|
|
# the dependencies which are used by the test script
|
2016-07-16 19:43:38 +00:00
|
|
|
deps = [ "gnumake", "jq", "nix",
|
|
|
|
"(import <stockholm>).pkgs.populate",
|
2016-02-15 15:57:15 +00:00
|
|
|
"(import <stockholm>).pkgs.test.infest-cac-centos7" ]
|
2015-12-23 23:02:59 +00:00
|
|
|
# TODO: --pure , prepare ENV in nix-shell command:
|
|
|
|
# SSL_CERT_FILE,LOGNAME,NIX_REMOTE
|
2016-02-04 15:38:21 +00:00
|
|
|
nixshell = ["nix-shell",
|
|
|
|
"-I", "stockholm=.",
|
2016-02-15 19:14:31 +00:00
|
|
|
"-I", "nixpkgs=/var/src/nixpkgs",
|
2016-02-04 15:38:21 +00:00
|
|
|
"-p" ] + deps + [ "--run" ]
|
2015-12-23 23:02:59 +00:00
|
|
|
|
|
|
|
# prepare addShell function
|
|
|
|
def addShell(factory,**kwargs):
|
|
|
|
factory.addStep(steps.ShellCommand(**kwargs))
|
|
|
|
'';
|
|
|
|
builder = {
|
|
|
|
fast-tests = ''
|
2016-08-04 22:03:41 +00:00
|
|
|
f = util.BuildFactory()
|
|
|
|
f.addStep(grab_repo)
|
2015-12-23 23:02:59 +00:00
|
|
|
|
2016-08-05 14:52:28 +00:00
|
|
|
for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf", "test-centos7" ]:
|
2016-08-04 22:03:41 +00:00
|
|
|
addShell(f,name="build-{}".format(i),env=env,
|
|
|
|
command=nixshell + \
|
|
|
|
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
|
|
|
|
make \
|
|
|
|
test \
|
|
|
|
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
|
|
|
|
method=eval \
|
|
|
|
system={}".format(i)])
|
2015-12-30 01:45:47 +00:00
|
|
|
|
2016-08-04 22:03:41 +00:00
|
|
|
bu.append(util.BuilderConfig(name="fast-tests",
|
2016-11-11 00:34:18 +00:00
|
|
|
workernames=workernames,
|
2016-08-04 22:03:41 +00:00
|
|
|
factory=f))
|
2015-12-30 13:47:40 +00:00
|
|
|
|
2016-08-04 22:03:41 +00:00
|
|
|
'';
|
2016-02-16 17:03:18 +00:00
|
|
|
# this build will try to build against local nixpkgs
|
|
|
|
# TODO change to do a 'local' populate and use the retrieved nixpkgs
|
|
|
|
build-local = ''
|
|
|
|
f = util.BuildFactory()
|
|
|
|
f.addStep(grab_repo)
|
|
|
|
|
|
|
|
|
|
|
|
bu.append(util.BuilderConfig(name="build-local",
|
2016-11-11 00:34:18 +00:00
|
|
|
workernames=workernames,
|
2016-02-16 17:03:18 +00:00
|
|
|
factory=f))
|
|
|
|
'';
|
2016-06-06 19:27:29 +00:00
|
|
|
# slow-tests = ''
|
|
|
|
# s = util.BuildFactory()
|
|
|
|
# s.addStep(grab_repo)
|
|
|
|
#
|
2016-11-11 00:34:18 +00:00
|
|
|
# # worker needs 2 files:
|
2016-06-06 19:27:29 +00:00
|
|
|
# # * cac.json
|
|
|
|
# # * retiolum
|
2016-11-11 00:34:18 +00:00
|
|
|
# s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/cac.json", workerdest="cac.json"))
|
|
|
|
# s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/retiolum-ci.rsa_key.priv", workerdest="retiolum.rsa_key.priv"))
|
2016-06-06 19:27:29 +00:00
|
|
|
# addShell(s, name="infest-cac-centos7",env=env,
|
|
|
|
# sigtermTime=60, # SIGTERM 1 minute before SIGKILL
|
|
|
|
# timeout=10800, # 3h
|
|
|
|
# command=nixshell + ["infest-cac-centos7"])
|
|
|
|
#
|
|
|
|
# bu.append(util.BuilderConfig(name="full-tests",
|
2016-11-11 00:34:18 +00:00
|
|
|
# workernames=workernames,
|
2016-06-06 19:27:29 +00:00
|
|
|
# factory=s))
|
|
|
|
# '';
|
2015-12-23 23:02:59 +00:00
|
|
|
};
|
2015-12-22 18:36:19 +00:00
|
|
|
enable = true;
|
2015-12-23 23:02:59 +00:00
|
|
|
web = {
|
|
|
|
enable = true;
|
|
|
|
};
|
2015-12-22 18:36:19 +00:00
|
|
|
irc = {
|
|
|
|
enable = true;
|
2016-02-15 13:02:44 +00:00
|
|
|
nick = "wolfbot";
|
2016-11-11 07:47:46 +00:00
|
|
|
server = "ni.r";
|
2016-11-11 00:34:18 +00:00
|
|
|
channels = [ { channel = "retiolum"; } ];
|
2015-12-22 18:36:19 +00:00
|
|
|
allowForce = true;
|
|
|
|
};
|
2017-04-19 08:06:36 +00:00
|
|
|
extraConfig = ''
|
|
|
|
c['buildbotURL'] = "http://build.wolf.r/"
|
|
|
|
'';
|
2015-12-22 18:36:19 +00:00
|
|
|
};
|
|
|
|
|
2016-11-11 00:34:18 +00:00
|
|
|
krebs.buildbot.worker = {
|
2015-12-22 18:36:19 +00:00
|
|
|
enable = true;
|
|
|
|
masterhost = "localhost";
|
2016-11-11 00:34:18 +00:00
|
|
|
username = "testworker";
|
2015-12-22 18:36:19 +00:00
|
|
|
password = "krebspass";
|
2016-07-16 19:43:38 +00:00
|
|
|
packages = with pkgs; [ gnumake jq nix populate ];
|
2015-12-30 03:43:16 +00:00
|
|
|
# all nix commands will need a working nixpkgs installation
|
2016-02-15 13:02:44 +00:00
|
|
|
extraEnviron = {
|
2017-07-13 22:17:58 +00:00
|
|
|
NIX_PATH="nixpkgs=/var/src/nixpkgs:nixos-config=./krebs/1systems/wolf.nix"; };
|
2015-12-22 18:36:19 +00:00
|
|
|
};
|
|
|
|
}
|