]>
git.immae.eu Git - perso/Immae/Config/Nix.git/blob - modules/private/buildbot/projects/caldance/__init__.py
1 from buildbot
.plugins
import *
2 from buildbot_common
.build_helpers
import *
4 from buildbot
.util
import bytes2unicode
7 __all__
= [ "configure", "E" ]
11 BUILDBOT_URL
= "https://git.immae.eu/buildbot/{}/".format(PROJECT
)
12 SOCKET
= "unix:/run/buildbot/{}.sock".format(PROJECT
)
13 PB_SOCKET
= "unix:address=/run/buildbot/{}_pb.sock".format(PROJECT
)
14 RELEASE_PATH
= "/var/lib/ftp/release.immae.eu/{}".format(PROJECT
)
15 RELEASE_URL
= "https://release.immae.eu/{}".format(PROJECT
)
16 GIT_URL
= "gitolite@git.immae.eu:perso/simon_descarpentries/www.cal-dance.com"
17 SSH_KEY_PATH
= "/var/lib/buildbot/buildbot_key"
18 SSH_HOST_KEY
= "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFbhFTl2A2RJn5L51yxJM4XfCS2ZaiSX/jo9jFSdghF"
19 LDAP_HOST
= "ldap.immae.eu"
20 LDAP_DN
= "cn=buildbot,ou=services,dc=immae,dc=eu"
21 LDAP_ROLES_BASE
= "ou=roles,ou=hosts,dc=immae,dc=eu"
22 XMPP_RECIPIENTS
= os
.environ
["BUILDBOT_XMPP_RECIPIENTS"].split(" ")
25 "integration": "root@caldance.immae.eu",
29 SECRETS_FILE
= os
.getcwd() + "/secrets"
30 LDAP_URL
= "ldaps://ldap.immae.eu:636"
31 LDAP_ADMIN_USER
= "cn=buildbot,ou=services,dc=immae,dc=eu"
32 LDAP_BASE
= "dc=immae,dc=eu"
33 LDAP_PATTERN
= "(uid=%(username)s)"
34 LDAP_GROUP_PATTERN
= "(&(memberOf=cn=groups,ou=caldance,cn=buildbot,ou=services,dc=immae,dc=eu)(member=%(dn)s))"
35 TITLE_URL
= "https://caldance.immae.eu"
38 class CustomBase(webhooks
.base
):
39 def getChanges(self
, request
):
41 content
= request
.content
.read()
42 args
= json
.loads(bytes2unicode(content
))
43 except Exception as e
:
44 raise ValueError("Error loading JSON: " + str(e
))
46 args
.setdefault("comments", "")
47 args
.setdefault("repository", "")
48 args
.setdefault("author", args
.get("who", "unknown"))
50 if args
["category"] == "deploy_webhook":
52 "category": "deploy_webhook",
56 "project": "Caldance",
58 "environment": args
.get("environment", "integration"),
59 "build": "caldance_{}.tar.gz".format(args
.get("build", "master"))
65 def deploy_hook_scheduler(project
, timer
=1):
66 return schedulers
.AnyBranchScheduler(
67 change_filter
=util
.ChangeFilter(category
="deploy_webhook", project
=project
),
68 name
="{}_deploy".format(project), treeStableTimer=timer, builderNames=["{}_deploy".format(project
)])
71 c
["buildbotURL"] = E
.BUILDBOT_URL
72 c
["www"]["port"] = E
.SOCKET
74 c
["www"]["change_hook_dialects"]["base"] = {
75 "custom_class": CustomBase
77 c
['workers'].append(worker
.LocalWorker("generic-worker"))
78 c
['workers'].append(worker
.LocalWorker("deploy-worker"))
80 db_lock
= util
.MasterLock("deploy_after_build")
82 c
['schedulers'].append(hook_scheduler("Caldance", timer
=1))
83 c
['schedulers'].append(force_scheduler("force_caldance", ["Caldance_build"]))
84 c
['schedulers'].append(deploy_scheduler("deploy_caldance", ["Caldance_deploy"]))
85 c
['schedulers'].append(deploy_hook_scheduler("Caldance", timer
=1))
87 c
['builders'].append(factory("caldance", locks
=[db_lock
.access('exclusive')]))
89 c
['builders'].append(deploy_factory("caldance", locks
=[db_lock
.access('exclusive')]))
91 c
['services'].append(SlackStatusPush(
92 name
="slack_status_caldance",
93 builders
=["Caldance_build", "Caldance_deploy"],
94 serverUrl
=open(E
.SECRETS_FILE
+ "/slack_webhook", "r").read().rstrip()))
95 c
['services'].append(XMPPStatusPush(
96 name
="xmpp_status_caldance",
97 builders
=["Caldance_build", "Caldance_deploy"],
98 recipients
=E
.XMPP_RECIPIENTS
,
99 password
=open(E
.SECRETS_FILE
+ "/notify_xmpp_password", "r").read().rstrip()))
101 def factory(project
, locks
=[], ignore_fails
=False):
102 release_file
= "{1}/{0}_%(kw:clean_branch)s.tar.gz"
104 package
= util
.Interpolate("{0}_%(kw:clean_branch)s.tar.gz".format(project
), clean_branch
=clean_branch
)
105 package_dest
= util
.Interpolate(release_file
.format(project
, E
.RELEASE_PATH
), clean_branch
=clean_branch
)
106 package_url
= util
.Interpolate(release_file
.format(project
, E
.RELEASE_URL
), clean_branch
=clean_branch
)
108 factory
= util
.BuildFactory()
109 factory
.addStep(steps
.Git(logEnviron
=False, repourl
=E
.GIT_URL
,
110 sshPrivateKey
=open(E
.SSH_KEY_PATH
).read().rstrip(),
111 sshHostKey
=E
.SSH_HOST_KEY
, mode
="full", method
="copy"))
112 factory
.addSteps(package_and_upload(package
, package_dest
, package_url
))
114 return util
.BuilderConfig(
115 name
="{}_build".format(project
.capitalize()),
117 workernames
=["generic-worker"], factory
=factory
)
119 def compute_build_infos(project
):
123 build_file
= props
.getProperty("build")
124 package_dest
= "{1}/{0}".format(build_file
, E
.RELEASE_PATH
)
125 version
= re
.match(r
"{0}_(.*).tar.gz".format(project
), build_file
).group(1)
126 with open(package_dest
, "rb") as f
:
127 sha
= hashlib
.sha256(f
.read()).hexdigest()
129 "build_version": version
,
135 def puppet_host(props
):
136 environment
= props
["environment"] if props
.hasProperty("environment") else "integration"
137 return E
.PUPPET_HOST
.get(environment
, "host.invalid")
139 def deploy_factory(project
, locks
=[]):
140 package_dest
= util
.Interpolate("{0}/%(prop:build)s".format(E
.RELEASE_PATH
))
142 factory
= util
.BuildFactory()
143 factory
.addStep(steps
.MasterShellCommand(command
=["test", "-f", package_dest
]))
144 factory
.addStep(steps
.SetProperties(properties
=compute_build_infos(project
)))
145 factory
.addStep(LdapPush(environment
=util
.Property("environment"),
146 project
=project
, build_version
=util
.Property("build_version"),
147 build_hash
=util
.Property("build_hash"), ldap_password
=util
.Secret("ldap")))
148 factory
.addStep(steps
.MasterShellCommand(command
=[
149 "ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no", "-o", "CheckHostIP=no", "-i", E
.SSH_KEY_PATH
, puppet_host
]))
150 return util
.BuilderConfig(
151 name
="{}_deploy".format(project
.capitalize()),
153 workernames
=["deploy-worker"], factory
=factory
)
155 from twisted
.internet
import defer
156 from buildbot
.process
.buildstep
import FAILURE
157 from buildbot
.process
.buildstep
import SUCCESS
158 from buildbot
.process
.buildstep
import BuildStep
160 class LdapPush(BuildStep
):
162 renderables
= ["environment", "project", "build_version", "build_hash", "ldap_password"]
164 def __init__(self
, **kwargs
):
165 self
.environment
= kwargs
.pop("environment")
166 self
.project
= kwargs
.pop("project")
167 self
.build_version
= kwargs
.pop("build_version")
168 self
.build_hash
= kwargs
.pop("build_hash")
169 self
.ldap_password
= kwargs
.pop("ldap_password")
170 self
.ldap_host
= kwargs
.pop("ldap_host", E
.LDAP_HOST
)
171 super().__init
__(**kwargs
)
175 from ldap3
import Reader
, Writer
, Server
, Connection
, ObjectDef
176 server
= Server(self
.ldap_host
)
177 conn
= Connection(server
,
179 password
=self
.ldap_password
)
181 obj
= ObjectDef("immaePuppetClass", conn
)
182 r
= Reader(conn
, obj
,
183 "cn=caldance.{},{}".format(self
.environment
, E
.LDAP_ROLES_BASE
))
186 w
= Writer
.from_cursor(r
)
187 for value
in w
[0].immaePuppetJson
.values
:
188 config
= json
.loads(value
)
189 if "role::caldance::{}_version".format(self
.project
) in config
:
190 config
["role::caldance::{}_version".format(self
.project
)] = self
.build_version
191 config
["role::caldance::{}_sha256".format(self
.project
)] = self
.build_hash
192 w
[0].immaePuppetJson
-= value
193 w
[0].immaePuppetJson
+= json
.dumps(config
, indent
=" ")
195 return defer
.succeed(SUCCESS
)
196 return defer
.succeed(FAILURE
)