LDAP_DN = "cn=buildbot,ou=services,dc=immae,dc=eu"
LDAP_ROLES_BASE = "ou=roles,ou=hosts,dc=immae,dc=eu"
- PUPPET_HOST = {
+ DEPLOY_HOSTS = {
"production": "root@cryptoportfolio.immae.eu",
"integration": "root@cryptoportfolio-dev.immae.eu"
}
c["buildbotURL"] = E.BUILDBOT_URL
c["www"]["port"] = E.SOCKET
- c['workers'].append(worker.LocalWorker("generic-worker"))
- c['workers'].append(worker.LocalWorker("deploy-worker"))
+ configure_build(c)
+ configure_deploy(c)
+ configure_slack_push(c, E.SECRETS_FILE, all_builder_names(c))
- c['schedulers'].append(hook_scheduler("Trader"))
- c['schedulers'].append(hook_scheduler("Front"))
- c['schedulers'].append(force_scheduler(
- "force_cryptoportfolio", ["Trader_build", "Front_build"]))
- c['schedulers'].append(deploy_scheduler("deploy_cryptoportfolio",
- ["Trader_deploy", "Front_deploy"]))
+def configure_build(c):
+ front_builder_name = "Front_build"
+ trader_builder_name = "Trader_build"
+ worker_name = "cryptoportfolio-build"
- c['builders'].append(factory("trader"))
- c['builders'].append(factory("front", ignore_fails=True))
+ c['schedulers'].append(force_scheduler("force_cryptoportfolio", [front_builder_name,trader_builder_name]))
+ c['schedulers'].append(git_hook_scheduler("Trader", [trader_builder_name]))
+ c['schedulers'].append(git_hook_scheduler("Front", [front_builder_name]))
- c['builders'].append(deploy_factory("trader"))
- c['builders'].append(deploy_factory("front"))
+ c['workers'].append(worker.LocalWorker(worker_name))
- c['services'].append(SlackStatusPush(
- name="slack_status_cryptoportfolio",
- builders=["Front_build", "Trader_build", "Front_deploy", "Trader_deploy"],
- serverUrl=open(E.SECRETS_FILE + "/slack_webhook", "r").read().rstrip()))
+ c['builders'].append(util.BuilderConfig(name=trader_builder_name, workernames=[worker_name], factory=build_factory("trader")))
+ c['builders'].append(util.BuilderConfig(name=front_builder_name, workernames=[worker_name], factory=build_factory("front", ignore_fails=True)))
-def factory(project, ignore_fails=False):
+def configure_deploy(c):
+ front_builder_name = "Front_deploy"
+ trader_builder_name = "Trader_deploy"
+ worker_name = "cryptoportfolio-deploy"
+
+ c['schedulers'].append(deploy_scheduler("deploy_cryptoportfolio", [front_builder_name, trader_builder_name]))
+
+ c['workers'].append(worker.LocalWorker(worker_name))
+
+ c['builders'].append(util.BuilderConfig(name=front_builder_name, workernames=[worker_name], factory=deploy_factory("front")))
+ c['builders'].append(util.BuilderConfig(name=trader_builder_name, workernames=[worker_name], factory=deploy_factory("trader")))
+
+def build_factory(project, ignore_fails=False):
release_file = "{1}/{0}/{0}_%(kw:clean_branch)s.tar.gz"
url = E.GIT_URL.format(project.capitalize())
factory = util.BuildFactory()
factory.addStep(steps.Git(logEnviron=False, repourl=url,
- mode="full", method="copy"))
+ mode="full", method="fresh"))
factory.addStep(steps.ShellCommand(name="make install",
logEnviron=False, haltOnFailure=(not ignore_fails),
warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails),
command=["make", "test"]))
factory.addSteps(package_and_upload(package, package_dest, package_url))
- return util.BuilderConfig(
- name="{}_build".format(project.capitalize()),
- workernames=["generic-worker"], factory=factory)
-
-def compute_build_infos(project):
- @util.renderer
- def compute(props):
- import re, hashlib
- build_file = props.getProperty("build")
- package_dest = "{2}/{0}/{1}".format(project, build_file, E.RELEASE_PATH)
- version = re.match(r"{0}_(.*).tar.gz".format(project), build_file).group(1)
- with open(package_dest, "rb") as f:
- sha = hashlib.sha256(f.read()).hexdigest()
- return {
- "build_version": version,
- "build_hash": sha,
- }
- return compute
-
-@util.renderer
-def puppet_host(props):
- environment = props["environment"] if props.hasProperty("environment") else "integration"
- return E.PUPPET_HOST.get(environment, "host.invalid")
+ return factory
def deploy_factory(project):
package_dest = util.Interpolate("{1}/{0}/%(prop:build)s".format(project, E.RELEASE_PATH))
factory = util.BuildFactory()
factory.addStep(steps.MasterShellCommand(command=["test", "-f", package_dest]))
- factory.addStep(steps.SetProperties(properties=compute_build_infos(project)))
- factory.addStep(LdapPush(environment=util.Property("environment"),
- project=project, build_version=util.Property("build_version"),
- build_hash=util.Property("build_hash"), ldap_password=util.Secret("ldap")))
- factory.addStep(steps.MasterShellCommand(command=[
- "ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no", "-o", "CheckHostIP=no", "-i", E.SSH_KEY_PATH, puppet_host]))
- return util.BuilderConfig(name="{}_deploy".format(project.capitalize()), workernames=["deploy-worker"], factory=factory)
-
-from twisted.internet import defer
-from buildbot.process.buildstep import FAILURE
-from buildbot.process.buildstep import SUCCESS
-from buildbot.process.buildstep import BuildStep
-
-class LdapPush(BuildStep):
- name = "LdapPush"
- renderables = ["environment", "project", "build_version", "build_hash", "ldap_password"]
-
- def __init__(self, **kwargs):
- self.environment = kwargs.pop("environment")
- self.project = kwargs.pop("project")
- self.build_version = kwargs.pop("build_version")
- self.build_hash = kwargs.pop("build_hash")
- self.ldap_password = kwargs.pop("ldap_password")
- self.ldap_host = kwargs.pop("ldap_host", E.LDAP_HOST)
- super().__init__(**kwargs)
-
- def run(self):
- import json
- from ldap3 import Reader, Writer, Server, Connection, ObjectDef
- server = Server(self.ldap_host)
- conn = Connection(server,
- user=E.LDAP_DN,
- password=self.ldap_password)
- conn.bind()
- obj = ObjectDef("immaePuppetClass", conn)
- r = Reader(conn, obj,
- "cn=cryptoportfolio.{},{}".format(self.environment, E.LDAP_ROLES_BASE))
- r.search()
- if len(r) > 0:
- w = Writer.from_cursor(r)
- for value in w[0].immaePuppetJson.values:
- config = json.loads(value)
- if "role::cryptoportfolio::{}_version".format(self.project) in config:
- config["role::cryptoportfolio::{}_version".format(self.project)] = self.build_version
- config["role::cryptoportfolio::{}_sha256".format(self.project)] = self.build_hash
- w[0].immaePuppetJson -= value
- w[0].immaePuppetJson += json.dumps(config, indent=" ")
- w.commit()
- return defer.succeed(SUCCESS)
- return defer.succeed(FAILURE)
+ factory.addStep(steps.SetProperties(properties=compute_build_infos(project, "{}/{}".format(E.RELEASE_PATH, project))))
+ factory.addStep(LdapEdit(environment=util.Property("environment"),
+ build_version=util.Property("build_version"),
+ build_hash=util.Property("build_hash"),
+ config_key="role::cryptoportfolio::{}".format(project),
+ ldap_host=E.LDAP_HOST, ldap_roles_base=E.LDAP_ROLES_BASE, ldap_dn=E.LDAP_DN,
+ ldap_cn_template="cryptoportfolio.{}", ldap_password=util.Secret("ldap")))
+ factory.addStep(steps.MasterShellCommand(command=deploy_ssh_command(E.SSH_KEY_PATH, E.DEPLOY_HOSTS)))
+ return factory
projects / perso / Immae / Config / Nix.git / blobdiff