stockholm/krebs/2configs/shared-buildbot.nix

181 lines
6.2 KiB
Nix
Raw Normal View History

2015-12-22 19:36:19 +01:00
{ lib, config, pkgs, ... }:
2017-07-22 14:50:01 +02:00
# The buildbot config is self-contained and currently provides a way
2017-07-14 00:17:58 +02:00
# to test "krebs" configuration (infrastructure to be used by every krebsminister).
2016-01-18 16:59:44 +01:00
# You can add your own test, test steps as required. Deploy the config on a
2017-07-14 00:17:58 +02:00
# krebs host like wolf and everything should be fine.
2016-02-15 14:25:30 +01:00
# TODO for all users schedule a build for fast tests
2017-07-22 14:50:01 +02:00
let
hostname = config.networking.hostName;
in {
2016-02-16 18:03:18 +01:00
# due to the fact that we actually build stuff on the box via the daemon,
# /nix/store should be cleaned up automatically as well
services.nginx.virtualHosts.build = {
2017-07-22 14:50:01 +02:00
serverAliases = [ "build.${hostname}.r" ];
locations."/".extraConfig = ''
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://127.0.0.1:${toString config.krebs.buildbot.master.web.port};
'';
};
2016-02-16 18:03:18 +01:00
nix.gc.automatic = true;
nix.gc.dates = "05:23";
2015-12-24 20:50:23 +01:00
networking.firewall.allowedTCPPorts = [ 8010 9989 ];
2016-02-15 14:25:30 +01:00
krebs.buildbot.master = let
2017-07-22 14:50:01 +02:00
stockholm-mirror-url = "http://cgit.${hostname}.r/stockholm" ;
2016-02-15 14:25:30 +01:00
in {
2015-12-30 02:45:47 +01:00
secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ];
2016-11-11 01:34:18 +01:00
workers = {
testworker = "krebspass";
};
change_source.stockholm = ''
2016-02-15 14:25:30 +01:00
stockholm_repo = '${stockholm-mirror-url}'
cs.append(changes.GitPoller(
stockholm_repo,
2016-02-11 21:03:30 +01:00
workdir='stockholm-poller', branches=True,
project='stockholm',
2016-06-13 21:00:38 +02:00
pollinterval=60))
'';
scheduler = {
force-scheduler = ''
sched.append(schedulers.ForceScheduler(
name="force",
builderNames=[
# "full-tests",
"fast-tests",
"build-local"
]))
'';
fast-tests-scheduler = ''
# test everything real quick
2016-11-15 23:26:03 +01:00
sched.append(schedulers.AnyBranchScheduler(
2016-06-13 21:00:38 +02:00
treeStableTimer=10,
2016-02-16 18:03:18 +01:00
name="fast-all-branches",
builderNames=["fast-tests"]))
'';
2015-12-24 20:50:23 +01:00
test-cac-infest-master = ''
# files everyone depends on or are part of the share branch
def shared_files(change):
2017-07-14 00:17:58 +02:00
r =re.compile("^(krebs/.*|Makefile|default.nix|shell.nix)")
for file in change.files:
if r.match(file):
return True
return False
sched.append(schedulers.SingleBranchScheduler(
change_filter=util.ChangeFilter(branch="master"),
fileIsImportant=shared_files,
2015-12-24 20:50:23 +01:00
treeStableTimer=60*60, # master was stable for the last hour
2016-02-16 18:03:18 +01:00
name="full-master",
builderNames=[
# "full-tests",
"build-local"
]))
'';
};
builder_pre = ''
# prepare grab_repo step for stockholm
grab_repo = steps.Git(repourl=stockholm_repo, mode='incremental')
2016-08-05 13:30:27 +02:00
env = {
2017-07-14 00:17:58 +02:00
"LOGNAME": "krebs",
2016-08-05 13:30:27 +02:00
"NIX_REMOTE": "daemon",
"dummy_secrets": "true",
}
# prepare nix-shell
# the dependencies which are used by the test script
deps = [ "gnumake", "jq", "nix",
"(import <stockholm>).pkgs.populate",
"(import <stockholm>).pkgs.test.infest-cac-centos7" ]
# TODO: --pure , prepare ENV in nix-shell command:
# SSL_CERT_FILE,LOGNAME,NIX_REMOTE
nixshell = ["nix-shell",
"-I", "stockholm=.",
"-I", "nixpkgs=/var/src/nixpkgs",
"-p" ] + deps + [ "--run" ]
# prepare addShell function
def addShell(factory,**kwargs):
factory.addStep(steps.ShellCommand(**kwargs))
'';
builder = {
fast-tests = ''
2016-08-05 00:03:41 +02:00
f = util.BuildFactory()
f.addStep(grab_repo)
for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf", "test-centos7" ]:
2016-08-05 00:03:41 +02:00
addShell(f,name="build-{}".format(i),env=env,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
method=eval \
system={}".format(i)])
2015-12-30 02:45:47 +01:00
2016-08-05 00:03:41 +02:00
bu.append(util.BuilderConfig(name="fast-tests",
2016-11-11 01:34:18 +01:00
workernames=workernames,
2016-08-05 00:03:41 +02:00
factory=f))
2015-12-30 14:47:40 +01:00
2016-08-05 00:03:41 +02:00
'';
2016-02-16 18:03:18 +01:00
# this build will try to build against local nixpkgs
# TODO change to do a 'local' populate and use the retrieved nixpkgs
build-local = ''
f = util.BuildFactory()
f.addStep(grab_repo)
bu.append(util.BuilderConfig(name="build-local",
2016-11-11 01:34:18 +01:00
workernames=workernames,
2016-02-16 18:03:18 +01:00
factory=f))
'';
# slow-tests = ''
# s = util.BuildFactory()
# s.addStep(grab_repo)
#
2016-11-11 01:34:18 +01:00
# # worker needs 2 files:
# # * cac.json
# # * retiolum
2016-11-11 01:34:18 +01:00
# s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/cac.json", workerdest="cac.json"))
# s.addStep(steps.FileDownload(mastersrc="${config.krebs.buildbot.master.workDir}/retiolum-ci.rsa_key.priv", workerdest="retiolum.rsa_key.priv"))
# addShell(s, name="infest-cac-centos7",env=env,
# sigtermTime=60, # SIGTERM 1 minute before SIGKILL
# timeout=10800, # 3h
# command=nixshell + ["infest-cac-centos7"])
#
# bu.append(util.BuilderConfig(name="full-tests",
2016-11-11 01:34:18 +01:00
# workernames=workernames,
# factory=s))
# '';
};
2015-12-22 19:36:19 +01:00
enable = true;
web = {
enable = true;
};
2015-12-22 19:36:19 +01:00
irc = {
enable = true;
2017-07-22 14:50:01 +02:00
nick = "${hostname}bot";
2016-11-11 08:47:46 +01:00
server = "ni.r";
2016-11-11 01:34:18 +01:00
channels = [ { channel = "retiolum"; } ];
2015-12-22 19:36:19 +01:00
allowForce = true;
};
extraConfig = ''
2017-07-22 14:50:01 +02:00
c['buildbotURL'] = "http://build.${hostname}.r/"
'';
2015-12-22 19:36:19 +01:00
};
2016-11-11 01:34:18 +01:00
krebs.buildbot.worker = {
2015-12-22 19:36:19 +01:00
enable = true;
masterhost = "localhost";
2016-11-11 01:34:18 +01:00
username = "testworker";
2015-12-22 19:36:19 +01:00
password = "krebspass";
packages = with pkgs; [ gnumake jq nix populate ];
2015-12-30 04:43:16 +01:00
# all nix commands will need a working nixpkgs installation
extraEnviron = {
2017-07-22 14:50:01 +02:00
NIX_PATH="nixpkgs=/var/src/nixpkgs:nixos-config=./krebs/1systems/${hostname}/config.nix:stockholm=./"; };
2015-12-22 19:36:19 +01:00
};
}