]>
git.immae.eu Git - perso/Immae/Config/Nix.git/blob - nixops/modules/buildbot/projects/cryptoportfolio/__init__.py
1 from buildbot
.plugins
import *
2 from buildbot_common
.build_helpers
import *
5 __all__
= [ "configure", "E" ]
8 PROJECT
= "cryptoportfolio"
9 BUILDBOT_URL
= "https://git.immae.eu/buildbot/{}/".format(PROJECT
)
10 SOCKET
= "unix:/run/buildbot/{}.sock".format(PROJECT
)
11 RELEASE_PATH
= "/var/lib/ftp/release.immae.eu/{}".format(PROJECT
)
12 RELEASE_URL
= "https://release.immae.eu/{}".format(PROJECT
)
13 GIT_URL
= "https://git.immae.eu/perso/Immae/Projets/Cryptomonnaies/Cryptoportfolio/{0}.git"
14 SSH_KEY_PATH
= "/var/lib/buildbot/puppet_notify"
15 LDAP_HOST
= "ldap.immae.eu"
16 LDAP_DN
= "cn=buildbot,ou=services,dc=immae,dc=eu"
17 LDAP_ROLES_BASE
= "ou=roles,ou=hosts,dc=immae,dc=eu"
20 "production": "root@cryptoportfolio.immae.eu",
21 "integration": "root@cryptoportfolio-dev.immae.eu"
25 SECRETS_FILE
= os
.getcwd() + "/secrets"
26 LDAP_URL
= "ldaps://ldap.immae.eu:636"
27 LDAP_ADMIN_USER
= "cn=buildbot,ou=services,dc=immae,dc=eu"
28 LDAP_BASE
= "dc=immae,dc=eu"
29 LDAP_PATTERN
= "(uid=%(username)s)"
30 LDAP_GROUP_PATTERN
= "(&(memberOf=cn=groups,cn=buildbot,ou=services,dc=immae,dc=eu)(member=%(dn)s))"
31 TITLE_URL
= "https://git.immae.eu"
32 TITLE
= "Cryptoportfolio"
34 # eval .. dans .zshrc_local
36 # export GOPATH=$BUILD/go
37 # go get -u github.com/golang/dep/cmd/dep
38 # export PATH=$PATH:$BUILD/go/bin
39 # go get git.immae.eu/Cryptoportfolio/Front.git
40 # cd $BUILD/go/src/git.immae.eu/Cryptoportfolio/Front.git
44 c
["buildbotURL"] = E
.BUILDBOT_URL
45 c
["www"]["port"] = E
.SOCKET
47 c
['workers'].append(worker
.LocalWorker("generic-worker"))
48 c
['workers'].append(worker
.LocalWorker("deploy-worker"))
50 c
['schedulers'].append(hook_scheduler("Trader"))
51 c
['schedulers'].append(hook_scheduler("Front"))
52 c
['schedulers'].append(force_scheduler(
53 "force_cryptoportfolio", ["Trader_build", "Front_build"]))
54 c
['schedulers'].append(deploy_scheduler("deploy_cryptoportfolio",
55 ["Trader_deploy", "Front_deploy"]))
57 c
['builders'].append(factory("trader"))
58 c
['builders'].append(factory("front", ignore_fails
=True))
60 c
['builders'].append(deploy_factory("trader"))
61 c
['builders'].append(deploy_factory("front"))
63 c
['services'].append(SlackStatusPush(
64 name
="slack_status_cryptoportfolio",
65 builders
=["Front_build", "Trader_build", "Front_deploy", "Trader_deploy"],
66 serverUrl
=open(E
.SECRETS_FILE
+ "/slack_webhook", "r").read().rstrip()))
68 def factory(project
, ignore_fails
=False):
69 release_file
= "{1}/{0}/{0}_%(kw:clean_branch)s.tar.gz"
71 url
= E
.GIT_URL
.format(project
.capitalize())
73 package
= util
.Interpolate("{0}_%(kw:clean_branch)s.tar.gz".format(project
), clean_branch
=clean_branch
)
74 package_dest
= util
.Interpolate(release_file
.format(project
, E
.RELEASE_PATH
), clean_branch
=clean_branch
)
75 package_url
= util
.Interpolate(release_file
.format(project
, E
.RELEASE_URL
), clean_branch
=clean_branch
)
77 factory
= util
.BuildFactory()
78 factory
.addStep(steps
.Git(logEnviron
=False, repourl
=url
,
79 mode
="full", method
="copy"))
80 factory
.addStep(steps
.ShellCommand(name
="make install",
81 logEnviron
=False, haltOnFailure
=(not ignore_fails
),
82 warnOnFailure
=ignore_fails
, flunkOnFailure
=(not ignore_fails
),
83 command
=["make", "install"]))
84 factory
.addStep(steps
.ShellCommand(name
="make test",
85 logEnviron
=False, haltOnFailure
=(not ignore_fails
),
86 warnOnFailure
=ignore_fails
, flunkOnFailure
=(not ignore_fails
),
87 command
=["make", "test"]))
88 factory
.addSteps(package_and_upload(package
, package_dest
, package_url
))
90 return util
.BuilderConfig(
91 name
="{}_build".format(project
.capitalize()),
92 workernames
=["generic-worker"], factory
=factory
)
94 def compute_build_infos(project
):
98 build_file
= props
.getProperty("build")
99 package_dest
= "{2}/{0}/{1}".format(project
, build_file
, E
.RELEASE_PATH
)
100 version
= re
.match(r
"{0}_(.*).tar.gz".format(project
), build_file
).group(1)
101 with open(package_dest
, "rb") as f
:
102 sha
= hashlib
.sha256(f
.read()).hexdigest()
104 "build_version": version
,
110 def puppet_host(props
):
111 environment
= props
["environment"] if props
.hasProperty("environment") else "integration"
112 return E
.PUPPET_HOST
.get(environment
, "host.invalid")
114 def deploy_factory(project
):
115 package_dest
= util
.Interpolate("{1}/{0}/%(prop:build)s".format(project
, E
.RELEASE_PATH
))
117 factory
= util
.BuildFactory()
118 factory
.addStep(steps
.MasterShellCommand(command
=["test", "-f", package_dest
]))
119 factory
.addStep(steps
.SetProperties(properties
=compute_build_infos(project
)))
120 factory
.addStep(LdapPush(environment
=util
.Property("environment"),
121 project
=project
, build_version
=util
.Property("build_version"),
122 build_hash
=util
.Property("build_hash"), ldap_password
=util
.Secret("ldap")))
123 factory
.addStep(steps
.MasterShellCommand(command
=[
124 "ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no", "-o", "CheckHostIP=no", "-i", E
.SSH_KEY_PATH
, puppet_host
]))
125 return util
.BuilderConfig(name
="{}_deploy".format(project
.capitalize()), workernames
=["deploy-worker"], factory
=factory
)
127 from twisted
.internet
import defer
128 from buildbot
.process
.buildstep
import FAILURE
129 from buildbot
.process
.buildstep
import SUCCESS
130 from buildbot
.process
.buildstep
import BuildStep
132 class LdapPush(BuildStep
):
134 renderables
= ["environment", "project", "build_version", "build_hash", "ldap_password"]
136 def __init__(self
, **kwargs
):
137 self
.environment
= kwargs
.pop("environment")
138 self
.project
= kwargs
.pop("project")
139 self
.build_version
= kwargs
.pop("build_version")
140 self
.build_hash
= kwargs
.pop("build_hash")
141 self
.ldap_password
= kwargs
.pop("ldap_password")
142 self
.ldap_host
= kwargs
.pop("ldap_host", E
.LDAP_HOST
)
143 super().__init
__(**kwargs
)
147 from ldap3
import Reader
, Writer
, Server
, Connection
, ObjectDef
148 server
= Server(self
.ldap_host
)
149 conn
= Connection(server
,
151 password
=self
.ldap_password
)
153 obj
= ObjectDef("immaePuppetClass", conn
)
154 r
= Reader(conn
, obj
,
155 "cn=cryptoportfolio.{},{}".format(self
.environment
, E
.LDAP_ROLES_BASE
))
158 w
= Writer
.from_cursor(r
)
159 for value
in w
[0].immaePuppetJson
.values
:
160 config
= json
.loads(value
)
161 if "role::cryptoportfolio::{}_version".format(self
.project
) in config
:
162 config
["role::cryptoportfolio::{}_version".format(self
.project
)] = self
.build_version
163 config
["role::cryptoportfolio::{}_sha256".format(self
.project
)] = self
.build_hash
164 w
[0].immaePuppetJson
-= value
165 w
[0].immaePuppetJson
+= json
.dumps(config
, indent
=" ")
167 return defer
.succeed(SUCCESS
)
168 return defer
.succeed(FAILURE
)