stockholm/lass/2configs/buildbot-standalone.nix

214 lines
6.7 KiB
Nix
Raw Normal View History

2015-12-30 02:05:14 +01:00
{ lib, config, pkgs, ... }:
2016-06-18 13:26:22 +02:00
2016-10-20 20:54:38 +02:00
with import <stockholm/lib>;
2016-06-18 13:26:22 +02:00
let
2016-07-23 19:19:18 +02:00
sshHostConfig = pkgs.writeText "ssh-config" ''
ControlMaster auto
ControlPath /tmp/%u_sshmux_%r@%h:%p
ControlPersist 4h
'';
2016-06-18 13:26:22 +02:00
in {
config.krebs.buildbot.master = let
stockholm-mirror-url = http://cgit.prism/stockholm ;
in {
2015-12-30 02:05:14 +01:00
slaves = {
testslave = "lasspass";
};
change_source.stockholm = ''
stockholm_repo = '${stockholm-mirror-url}'
2015-12-30 02:05:14 +01:00
cs.append(changes.GitPoller(
stockholm_repo,
workdir='stockholm-poller', branches=True,
2015-12-30 02:05:14 +01:00
project='stockholm',
pollinterval=120))
'';
scheduler = {
2016-06-25 10:39:35 +02:00
build-scheduler = ''
# build all hosts
2016-06-25 09:58:00 +02:00
sched.append(schedulers.SingleBranchScheduler(
2016-06-25 10:39:35 +02:00
change_filter=util.ChangeFilter(branch_re=".*"),
treeStableTimer=10,
2016-08-09 22:49:17 +02:00
name="build-all-branches",
builderNames=["build-all", "build-pkgs"]))
'';
2015-12-30 02:05:14 +01:00
};
builder_pre = ''
# prepare grab_repo step for stockholm
grab_repo = steps.Git(repourl=stockholm_repo, mode='incremental')
# TODO: get nixpkgs/stockholm paths from krebs
env_lass = {
2016-06-18 13:26:22 +02:00
"LOGNAME": "lass",
"NIX_REMOTE": "daemon",
"dummy_secrets": "true",
}
2016-06-25 09:58:00 +02:00
env_makefu = {
"LOGNAME": "makefu",
"NIX_REMOTE": "daemon",
"dummy_secrets": "true",
}
2016-08-03 08:19:47 +02:00
env_shared = {
"LOGNAME": "shared",
"NIX_REMOTE": "daemon",
"dummy_secrets": "true",
}
2015-12-30 02:05:14 +01:00
# prepare nix-shell
# the dependencies which are used by the test script
deps = [ "gnumake", "jq", "nix", "(import <stockholm>).pkgs.populate", "openssh" ]
2015-12-30 02:05:14 +01:00
# TODO: --pure , prepare ENV in nix-shell command:
# SSL_CERT_FILE,LOGNAME,NIX_REMOTE
nixshell = ["nix-shell",
"-I", "stockholm=.",
"-I", "nixpkgs=/var/src/nixpkgs",
"-p" ] + deps + [ "--run" ]
2015-12-30 02:05:14 +01:00
# prepare addShell function
def addShell(factory,**kwargs):
factory.addStep(steps.ShellCommand(**kwargs))
'';
builder = {
build-all = ''
f = util.BuildFactory()
f.addStep(grab_repo)
for i in [ "mors", "uriel", "shodan", "helios", "cloudkrebs", "echelon", "dishfire", "prism" ]:
addShell(f,name="build-{}".format(i),env=env_lass,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
2016-06-18 13:26:22 +02:00
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
method=build \
2016-06-18 13:26:22 +02:00
system={}".format(i)])
2016-07-28 12:58:54 +02:00
for i in [ "x", "wry", "vbob", "wbob", "shoney" ]:
2016-06-25 09:58:00 +02:00
addShell(f,name="build-{}".format(i),env=env_makefu,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
2016-06-25 09:58:00 +02:00
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
2016-06-25 09:58:00 +02:00
method=build \
system={}".format(i)])
bu.append(util.BuilderConfig(name="build-all",
2016-06-25 09:58:00 +02:00
slavenames=slavenames,
factory=f))
2016-08-09 22:49:17 +02:00
'';
2016-08-09 22:49:17 +02:00
build-pkgs = ''
f = util.BuildFactory()
f.addStep(grab_repo)
for i in [
"apt-cacher-ng",
"bepasty-client-cli",
"cac-api",
"cac-cert",
"cac-panel",
"charybdis",
"collectd-connect-time",
"dic",
"drivedroid-gen-repo",
"exim",
"fortclientsslvpn",
"get",
"git-hooks",
"github-hosts-sync",
"go",
"hashPassword",
"haskellPackages.blessings",
"haskellPackages.email-header",
"haskellPackages.scanner",
"haskellPackages.xmonad-stockholm",
"krebspaste",
"krebszones",
"logf",
"much",
"newsbot-js",
"noVNC",
"passwdqc-utils",
"populate",
"posix-array",
"pssh",
"push",
"Reaktor",
"realwallpaper",
"repo-sync",
"retiolum-bootstrap",
"tarantool",
"test",
"tinc_graphs",
"translate-shell",
"urlwatch",
"with-tmpdir",
"youtube-tools",
]:
addShell(f,name="build-{}".format(i),env=env_lass,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make system=prism pkgs.{}".format(i)])
2016-08-09 22:49:17 +02:00
bu.append(util.BuilderConfig(name="build-pkgs",
slavenames=slavenames,
factory=f))
'';
2015-12-30 02:05:14 +01:00
};
enable = true;
web.enable = true;
irc = {
enable = true;
nick = "buildbot-lass";
2016-11-11 08:47:46 +01:00
server = "ni.r";
2016-11-11 01:34:18 +01:00
channels = [ { channels = "retiolum"; } ];
2015-12-30 02:05:14 +01:00
allowForce = true;
};
};
2016-06-18 13:26:22 +02:00
config.krebs.buildbot.slave = {
2015-12-30 02:05:14 +01:00
enable = true;
masterhost = "localhost";
username = "testslave";
password = "lasspass";
packages = with pkgs; [ gnumake jq nix populate ];
extraEnviron = {
2016-07-19 21:05:24 +02:00
NIX_PATH="/var/src";
};
};
2016-06-18 13:26:22 +02:00
config.krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 8010"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport 9989"; target = "ACCEPT"; }
];
};
2015-12-30 02:05:14 +01:00
};
2016-06-18 13:26:22 +02:00
#ssh workaround for make test
options.lass.build-ssh-privkey = mkOption {
type = types.secret-file;
default = {
path = "${config.users.users.buildbotSlave.home}/ssh.privkey";
owner = { inherit (config.users.users.buildbotSlave ) name uid;};
source-path = toString <secrets> + "/build.ssh.key";
};
};
config.krebs.secret.files = {
build-ssh-privkey = config.lass.build-ssh-privkey;
};
config.users.users = {
build = {
name = "build";
uid = genid "build";
home = "/home/build";
useDefaultShell = true;
createHome = true;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP lass@mors"
];
};
};
2015-12-30 02:05:14 +01:00
}