]> git.immae.eu Git - perso/Immae/Config/Nix.git/blob - nixops/modules/buildbot/projects/cryptoportfolio/__init__.py
projects / perso / Immae / Config / Nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add buildbot
[perso/Immae/Config/Nix.git] / nixops / modules / buildbot / projects / cryptoportfolio / __init__.py
1 from buildbot.plugins import *
2 from buildbot_common.build_helpers import *
3 import os
4
5 __all__ = [ "configure", "E" ]
6
7 class E():
8 PROJECT = "cryptoportfolio"
9 BUILDBOT_URL = "https://git.immae.eu/buildbot/{}/".format(PROJECT)
10 SOCKET = "unix:/run/buildbot/{}.sock".format(PROJECT)
11 RELEASE_PATH = "/var/lib/ftp/release.immae.eu/{}".format(PROJECT)
12 RELEASE_URL = "https://release.immae.eu/{}".format(PROJECT)
13 GIT_URL = "https://git.immae.eu/perso/Immae/Projets/Cryptomonnaies/Cryptoportfolio/{0}.git"
14 SSH_KEY_PATH = "/var/lib/buildbot/puppet_notify"
15 LDAP_HOST = "ldap.immae.eu"
16 LDAP_DN = "cn=buildbot,ou=services,dc=immae,dc=eu"
17 LDAP_ROLES_BASE = "ou=roles,ou=hosts,dc=immae,dc=eu"
18
19 PUPPET_HOST = {
20 "production": "root@cryptoportfolio.immae.eu",
21 "integration": "root@cryptoportfolio-dev.immae.eu"
22 }
23
24 # master.cfg
25 SECRETS_FILE = os.getcwd() + "/secrets"
26 LDAP_URL = "ldaps://ldap.immae.eu:636"
27 LDAP_ADMIN_USER = "cn=buildbot,ou=services,dc=immae,dc=eu"
28 LDAP_BASE = "dc=immae,dc=eu"
29 LDAP_PATTERN = "(uid=%(username)s)"
30 LDAP_GROUP_PATTERN = "(&(memberOf=cn=groups,cn=buildbot,ou=services,dc=immae,dc=eu)(member=%(dn)s))"
31 TITLE_URL = "https://git.immae.eu"
32 TITLE = "Cryptoportfolio"
33
34 # eval .. dans .zshrc_local
35 # mkdir -p $BUILD/go
36 # export GOPATH=$BUILD/go
37 # go get -u github.com/golang/dep/cmd/dep
38 # export PATH=$PATH:$BUILD/go/bin
39 # go get git.immae.eu/Cryptoportfolio/Front.git
40 # cd $BUILD/go/src/git.immae.eu/Cryptoportfolio/Front.git
41 # git checkout dev
42 # dep ensure
43 def configure(c):
44 c["buildbotURL"] = E.BUILDBOT_URL
45 c["www"]["port"] = E.SOCKET
46
47 c['workers'].append(worker.LocalWorker("generic-worker"))
48 c['workers'].append(worker.LocalWorker("deploy-worker"))
49
50 c['schedulers'].append(hook_scheduler("Trader"))
51 c['schedulers'].append(hook_scheduler("Front"))
52 c['schedulers'].append(force_scheduler(
53 "force_cryptoportfolio", ["Trader_build", "Front_build"]))
54 c['schedulers'].append(deploy_scheduler("deploy_cryptoportfolio",
55 ["Trader_deploy", "Front_deploy"]))
56
57 c['builders'].append(factory("trader"))
58 c['builders'].append(factory("front", ignore_fails=True))
59
60 c['builders'].append(deploy_factory("trader"))
61 c['builders'].append(deploy_factory("front"))
62
63 c['services'].append(SlackStatusPush(
64 name="slack_status_cryptoportfolio",
65 builders=["Front_build", "Trader_build", "Front_deploy", "Trader_deploy"],
66 serverUrl=open(E.SECRETS_FILE + "/slack_webhook", "r").read().rstrip()))
67
68 def factory(project, ignore_fails=False):
69 release_file = "{1}/{0}/{0}_%(kw:clean_branch)s.tar.gz"
70
71 url = E.GIT_URL.format(project.capitalize())
72
73 package = util.Interpolate("{0}_%(kw:clean_branch)s.tar.gz".format(project), clean_branch=clean_branch)
74 package_dest = util.Interpolate(release_file.format(project, E.RELEASE_PATH), clean_branch=clean_branch)
75 package_url = util.Interpolate(release_file.format(project, E.RELEASE_URL), clean_branch=clean_branch)
76
77 factory = util.BuildFactory()
78 factory.addStep(steps.Git(logEnviron=False, repourl=url,
79 mode="full", method="copy"))
80 factory.addStep(steps.ShellCommand(name="make install",
81 logEnviron=False, haltOnFailure=(not ignore_fails),
82 warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails),
83 command=["make", "install"]))
84 factory.addStep(steps.ShellCommand(name="make test",
85 logEnviron=False, haltOnFailure=(not ignore_fails),
86 warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails),
87 command=["make", "test"]))
88 factory.addSteps(package_and_upload(package, package_dest, package_url))
89
90 return util.BuilderConfig(
91 name="{}_build".format(project.capitalize()),
92 workernames=["generic-worker"], factory=factory)
93
94 def compute_build_infos(project):
95 @util.renderer
96 def compute(props):
97 import re, hashlib
98 build_file = props.getProperty("build")
99 package_dest = "{2}/{0}/{1}".format(project, build_file, E.RELEASE_PATH)
100 version = re.match(r"{0}_(.*).tar.gz".format(project), build_file).group(1)
101 with open(package_dest, "rb") as f:
102 sha = hashlib.sha256(f.read()).hexdigest()
103 return {
104 "build_version": version,
105 "build_hash": sha,
106 }
107 return compute
108
109 @util.renderer
110 def puppet_host(props):
111 environment = props["environment"] if props.hasProperty("environment") else "integration"
112 return E.PUPPET_HOST.get(environment, "host.invalid")
113
114 def deploy_factory(project):
115 package_dest = util.Interpolate("{1}/{0}/%(prop:build)s".format(project, E.RELEASE_PATH))
116
117 factory = util.BuildFactory()
118 factory.addStep(steps.MasterShellCommand(command=["test", "-f", package_dest]))
119 factory.addStep(steps.SetProperties(properties=compute_build_infos(project)))
120 factory.addStep(LdapPush(environment=util.Property("environment"),
121 project=project, build_version=util.Property("build_version"),
122 build_hash=util.Property("build_hash"), ldap_password=util.Secret("ldap")))
123 factory.addStep(steps.MasterShellCommand(command=[
124 "ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no", "-o", "CheckHostIP=no", "-i", E.SSH_KEY_PATH, puppet_host]))
125 return util.BuilderConfig(name="{}_deploy".format(project.capitalize()), workernames=["deploy-worker"], factory=factory)
126
127 from twisted.internet import defer
128 from buildbot.process.buildstep import FAILURE
129 from buildbot.process.buildstep import SUCCESS
130 from buildbot.process.buildstep import BuildStep
131
132 class LdapPush(BuildStep):
133 name = "LdapPush"
134 renderables = ["environment", "project", "build_version", "build_hash", "ldap_password"]
135
136 def __init__(self, **kwargs):
137 self.environment = kwargs.pop("environment")
138 self.project = kwargs.pop("project")
139 self.build_version = kwargs.pop("build_version")
140 self.build_hash = kwargs.pop("build_hash")
141 self.ldap_password = kwargs.pop("ldap_password")
142 self.ldap_host = kwargs.pop("ldap_host", E.LDAP_HOST)
143 super().__init__(**kwargs)
144
145 def run(self):
146 import json
147 from ldap3 import Reader, Writer, Server, Connection, ObjectDef
148 server = Server(self.ldap_host)
149 conn = Connection(server,
150 user=E.LDAP_DN,
151 password=self.ldap_password)
152 conn.bind()
153 obj = ObjectDef("immaePuppetClass", conn)
154 r = Reader(conn, obj,
155 "cn=cryptoportfolio.{},{}".format(self.environment, E.LDAP_ROLES_BASE))
156 r.search()
157 if len(r) > 0:
158 w = Writer.from_cursor(r)
159 for value in w[0].immaePuppetJson.values:
160 config = json.loads(value)
161 if "role::cryptoportfolio::{}_version".format(self.project) in config:
162 config["role::cryptoportfolio::{}_version".format(self.project)] = self.build_version
163 config["role::cryptoportfolio::{}_sha256".format(self.project)] = self.build_hash
164 w[0].immaePuppetJson -= value
165 w[0].immaePuppetJson += json.dumps(config, indent=" ")
166 w.commit()
167 return defer.succeed(SUCCESS)
168 return defer.succeed(FAILURE)
My infrastructure configuration