]>
Commit | Line | Data |
---|---|---|
9fb4205e IB |
1 | from buildbot.plugins import * |
2 | from buildbot_common.build_helpers import * | |
3 | import os | |
4 | ||
5 | __all__ = [ "configure", "E" ] | |
6 | ||
7 | class E(): | |
8 | PROJECT = "cryptoportfolio" | |
9 | BUILDBOT_URL = "https://git.immae.eu/buildbot/{}/".format(PROJECT) | |
10 | SOCKET = "unix:/run/buildbot/{}.sock".format(PROJECT) | |
11 | RELEASE_PATH = "/var/lib/ftp/release.immae.eu/{}".format(PROJECT) | |
12 | RELEASE_URL = "https://release.immae.eu/{}".format(PROJECT) | |
13 | GIT_URL = "https://git.immae.eu/perso/Immae/Projets/Cryptomonnaies/Cryptoportfolio/{0}.git" | |
14 | SSH_KEY_PATH = "/var/lib/buildbot/puppet_notify" | |
15 | LDAP_HOST = "ldap.immae.eu" | |
16 | LDAP_DN = "cn=buildbot,ou=services,dc=immae,dc=eu" | |
17 | LDAP_ROLES_BASE = "ou=roles,ou=hosts,dc=immae,dc=eu" | |
18 | ||
19 | PUPPET_HOST = { | |
20 | "production": "root@cryptoportfolio.immae.eu", | |
21 | "integration": "root@cryptoportfolio-dev.immae.eu" | |
22 | } | |
23 | ||
24 | # master.cfg | |
25 | SECRETS_FILE = os.getcwd() + "/secrets" | |
26 | LDAP_URL = "ldaps://ldap.immae.eu:636" | |
27 | LDAP_ADMIN_USER = "cn=buildbot,ou=services,dc=immae,dc=eu" | |
28 | LDAP_BASE = "dc=immae,dc=eu" | |
29 | LDAP_PATTERN = "(uid=%(username)s)" | |
30 | LDAP_GROUP_PATTERN = "(&(memberOf=cn=groups,cn=buildbot,ou=services,dc=immae,dc=eu)(member=%(dn)s))" | |
31 | TITLE_URL = "https://git.immae.eu" | |
32 | TITLE = "Cryptoportfolio" | |
33 | ||
34 | # eval .. dans .zshrc_local | |
35 | # mkdir -p $BUILD/go | |
36 | # export GOPATH=$BUILD/go | |
37 | # go get -u github.com/golang/dep/cmd/dep | |
38 | # export PATH=$PATH:$BUILD/go/bin | |
39 | # go get git.immae.eu/Cryptoportfolio/Front.git | |
40 | # cd $BUILD/go/src/git.immae.eu/Cryptoportfolio/Front.git | |
41 | # git checkout dev | |
42 | # dep ensure | |
43 | def configure(c): | |
44 | c["buildbotURL"] = E.BUILDBOT_URL | |
45 | c["www"]["port"] = E.SOCKET | |
46 | ||
47 | c['workers'].append(worker.LocalWorker("generic-worker")) | |
48 | c['workers'].append(worker.LocalWorker("deploy-worker")) | |
49 | ||
50 | c['schedulers'].append(hook_scheduler("Trader")) | |
51 | c['schedulers'].append(hook_scheduler("Front")) | |
52 | c['schedulers'].append(force_scheduler( | |
53 | "force_cryptoportfolio", ["Trader_build", "Front_build"])) | |
54 | c['schedulers'].append(deploy_scheduler("deploy_cryptoportfolio", | |
55 | ["Trader_deploy", "Front_deploy"])) | |
56 | ||
57 | c['builders'].append(factory("trader")) | |
58 | c['builders'].append(factory("front", ignore_fails=True)) | |
59 | ||
60 | c['builders'].append(deploy_factory("trader")) | |
61 | c['builders'].append(deploy_factory("front")) | |
62 | ||
63 | c['services'].append(SlackStatusPush( | |
64 | name="slack_status_cryptoportfolio", | |
65 | builders=["Front_build", "Trader_build", "Front_deploy", "Trader_deploy"], | |
66 | serverUrl=open(E.SECRETS_FILE + "/slack_webhook", "r").read().rstrip())) | |
67 | ||
68 | def factory(project, ignore_fails=False): | |
69 | release_file = "{1}/{0}/{0}_%(kw:clean_branch)s.tar.gz" | |
70 | ||
71 | url = E.GIT_URL.format(project.capitalize()) | |
72 | ||
73 | package = util.Interpolate("{0}_%(kw:clean_branch)s.tar.gz".format(project), clean_branch=clean_branch) | |
74 | package_dest = util.Interpolate(release_file.format(project, E.RELEASE_PATH), clean_branch=clean_branch) | |
75 | package_url = util.Interpolate(release_file.format(project, E.RELEASE_URL), clean_branch=clean_branch) | |
76 | ||
77 | factory = util.BuildFactory() | |
78 | factory.addStep(steps.Git(logEnviron=False, repourl=url, | |
79 | mode="full", method="copy")) | |
80 | factory.addStep(steps.ShellCommand(name="make install", | |
81 | logEnviron=False, haltOnFailure=(not ignore_fails), | |
82 | warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails), | |
83 | command=["make", "install"])) | |
84 | factory.addStep(steps.ShellCommand(name="make test", | |
85 | logEnviron=False, haltOnFailure=(not ignore_fails), | |
86 | warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails), | |
87 | command=["make", "test"])) | |
88 | factory.addSteps(package_and_upload(package, package_dest, package_url)) | |
89 | ||
90 | return util.BuilderConfig( | |
91 | name="{}_build".format(project.capitalize()), | |
92 | workernames=["generic-worker"], factory=factory) | |
93 | ||
94 | def compute_build_infos(project): | |
95 | @util.renderer | |
96 | def compute(props): | |
97 | import re, hashlib | |
98 | build_file = props.getProperty("build") | |
99 | package_dest = "{2}/{0}/{1}".format(project, build_file, E.RELEASE_PATH) | |
100 | version = re.match(r"{0}_(.*).tar.gz".format(project), build_file).group(1) | |
101 | with open(package_dest, "rb") as f: | |
102 | sha = hashlib.sha256(f.read()).hexdigest() | |
103 | return { | |
104 | "build_version": version, | |
105 | "build_hash": sha, | |
106 | } | |
107 | return compute | |
108 | ||
109 | @util.renderer | |
110 | def puppet_host(props): | |
111 | environment = props["environment"] if props.hasProperty("environment") else "integration" | |
112 | return E.PUPPET_HOST.get(environment, "host.invalid") | |
113 | ||
114 | def deploy_factory(project): | |
115 | package_dest = util.Interpolate("{1}/{0}/%(prop:build)s".format(project, E.RELEASE_PATH)) | |
116 | ||
117 | factory = util.BuildFactory() | |
118 | factory.addStep(steps.MasterShellCommand(command=["test", "-f", package_dest])) | |
119 | factory.addStep(steps.SetProperties(properties=compute_build_infos(project))) | |
120 | factory.addStep(LdapPush(environment=util.Property("environment"), | |
121 | project=project, build_version=util.Property("build_version"), | |
122 | build_hash=util.Property("build_hash"), ldap_password=util.Secret("ldap"))) | |
123 | factory.addStep(steps.MasterShellCommand(command=[ | |
124 | "ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no", "-o", "CheckHostIP=no", "-i", E.SSH_KEY_PATH, puppet_host])) | |
125 | return util.BuilderConfig(name="{}_deploy".format(project.capitalize()), workernames=["deploy-worker"], factory=factory) | |
126 | ||
127 | from twisted.internet import defer | |
128 | from buildbot.process.buildstep import FAILURE | |
129 | from buildbot.process.buildstep import SUCCESS | |
130 | from buildbot.process.buildstep import BuildStep | |
131 | ||
132 | class LdapPush(BuildStep): | |
133 | name = "LdapPush" | |
134 | renderables = ["environment", "project", "build_version", "build_hash", "ldap_password"] | |
135 | ||
136 | def __init__(self, **kwargs): | |
137 | self.environment = kwargs.pop("environment") | |
138 | self.project = kwargs.pop("project") | |
139 | self.build_version = kwargs.pop("build_version") | |
140 | self.build_hash = kwargs.pop("build_hash") | |
141 | self.ldap_password = kwargs.pop("ldap_password") | |
142 | self.ldap_host = kwargs.pop("ldap_host", E.LDAP_HOST) | |
143 | super().__init__(**kwargs) | |
144 | ||
145 | def run(self): | |
146 | import json | |
147 | from ldap3 import Reader, Writer, Server, Connection, ObjectDef | |
148 | server = Server(self.ldap_host) | |
149 | conn = Connection(server, | |
150 | user=E.LDAP_DN, | |
151 | password=self.ldap_password) | |
152 | conn.bind() | |
153 | obj = ObjectDef("immaePuppetClass", conn) | |
154 | r = Reader(conn, obj, | |
155 | "cn=cryptoportfolio.{},{}".format(self.environment, E.LDAP_ROLES_BASE)) | |
156 | r.search() | |
157 | if len(r) > 0: | |
158 | w = Writer.from_cursor(r) | |
159 | for value in w[0].immaePuppetJson.values: | |
160 | config = json.loads(value) | |
161 | if "role::cryptoportfolio::{}_version".format(self.project) in config: | |
162 | config["role::cryptoportfolio::{}_version".format(self.project)] = self.build_version | |
163 | config["role::cryptoportfolio::{}_sha256".format(self.project)] = self.build_hash | |
164 | w[0].immaePuppetJson -= value | |
165 | w[0].immaePuppetJson += json.dumps(config, indent=" ") | |
166 | w.commit() | |
167 | return defer.succeed(SUCCESS) | |
168 | return defer.succeed(FAILURE) |