--- /dev/null
+from buildbot.plugins import *
+from buildbot_common.build_helpers import *
+import os
+
+__all__ = [ "configure", "E" ]
+
+class E():
+ PROJECT = "cryptoportfolio"
+ BUILDBOT_URL = "https://git.immae.eu/buildbot/{}/".format(PROJECT)
+ SOCKET = "unix:/run/buildbot/{}.sock".format(PROJECT)
+ RELEASE_PATH = "/var/lib/ftp/release.immae.eu/{}".format(PROJECT)
+ RELEASE_URL = "https://release.immae.eu/{}".format(PROJECT)
+ GIT_URL = "https://git.immae.eu/perso/Immae/Projets/Cryptomonnaies/Cryptoportfolio/{0}.git"
+ SSH_KEY_PATH = "/var/lib/buildbot/puppet_notify"
+ LDAP_HOST = "ldap.immae.eu"
+ LDAP_DN = "cn=buildbot,ou=services,dc=immae,dc=eu"
+ LDAP_ROLES_BASE = "ou=roles,ou=hosts,dc=immae,dc=eu"
+
+ PUPPET_HOST = {
+ "production": "root@cryptoportfolio.immae.eu",
+ "integration": "root@cryptoportfolio-dev.immae.eu"
+ }
+
+ # master.cfg
+ SECRETS_FILE = os.getcwd() + "/secrets"
+ LDAP_URL = "ldaps://ldap.immae.eu:636"
+ LDAP_ADMIN_USER = "cn=buildbot,ou=services,dc=immae,dc=eu"
+ LDAP_BASE = "dc=immae,dc=eu"
+ LDAP_PATTERN = "(uid=%(username)s)"
+ LDAP_GROUP_PATTERN = "(&(memberOf=cn=groups,cn=buildbot,ou=services,dc=immae,dc=eu)(member=%(dn)s))"
+ TITLE_URL = "https://git.immae.eu"
+ TITLE = "Cryptoportfolio"
+
+# eval .. dans .zshrc_local
+# mkdir -p $BUILD/go
+# export GOPATH=$BUILD/go
+# go get -u github.com/golang/dep/cmd/dep
+# export PATH=$PATH:$BUILD/go/bin
+# go get git.immae.eu/Cryptoportfolio/Front.git
+# cd $BUILD/go/src/git.immae.eu/Cryptoportfolio/Front.git
+# git checkout dev
+# dep ensure
+def configure(c):
+ c["buildbotURL"] = E.BUILDBOT_URL
+ c["www"]["port"] = E.SOCKET
+
+ c['workers'].append(worker.LocalWorker("generic-worker"))
+ c['workers'].append(worker.LocalWorker("deploy-worker"))
+
+ c['schedulers'].append(hook_scheduler("Trader"))
+ c['schedulers'].append(hook_scheduler("Front"))
+ c['schedulers'].append(force_scheduler(
+ "force_cryptoportfolio", ["Trader_build", "Front_build"]))
+ c['schedulers'].append(deploy_scheduler("deploy_cryptoportfolio",
+ ["Trader_deploy", "Front_deploy"]))
+
+ c['builders'].append(factory("trader"))
+ c['builders'].append(factory("front", ignore_fails=True))
+
+ c['builders'].append(deploy_factory("trader"))
+ c['builders'].append(deploy_factory("front"))
+
+ c['services'].append(SlackStatusPush(
+ name="slack_status_cryptoportfolio",
+ builders=["Front_build", "Trader_build", "Front_deploy", "Trader_deploy"],
+ serverUrl=open(E.SECRETS_FILE + "/slack_webhook", "r").read().rstrip()))
+
+def factory(project, ignore_fails=False):
+ release_file = "{1}/{0}/{0}_%(kw:clean_branch)s.tar.gz"
+
+ url = E.GIT_URL.format(project.capitalize())
+
+ package = util.Interpolate("{0}_%(kw:clean_branch)s.tar.gz".format(project), clean_branch=clean_branch)
+ package_dest = util.Interpolate(release_file.format(project, E.RELEASE_PATH), clean_branch=clean_branch)
+ package_url = util.Interpolate(release_file.format(project, E.RELEASE_URL), clean_branch=clean_branch)
+
+ factory = util.BuildFactory()
+ factory.addStep(steps.Git(logEnviron=False, repourl=url,
+ mode="full", method="copy"))
+ factory.addStep(steps.ShellCommand(name="make install",
+ logEnviron=False, haltOnFailure=(not ignore_fails),
+ warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails),
+ command=["make", "install"]))
+ factory.addStep(steps.ShellCommand(name="make test",
+ logEnviron=False, haltOnFailure=(not ignore_fails),
+ warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails),
+ command=["make", "test"]))
+ factory.addSteps(package_and_upload(package, package_dest, package_url))
+
+ return util.BuilderConfig(
+ name="{}_build".format(project.capitalize()),
+ workernames=["generic-worker"], factory=factory)
+
+def compute_build_infos(project):
+ @util.renderer
+ def compute(props):
+ import re, hashlib
+ build_file = props.getProperty("build")
+ package_dest = "{2}/{0}/{1}".format(project, build_file, E.RELEASE_PATH)
+ version = re.match(r"{0}_(.*).tar.gz".format(project), build_file).group(1)
+ with open(package_dest, "rb") as f:
+ sha = hashlib.sha256(f.read()).hexdigest()
+ return {
+ "build_version": version,
+ "build_hash": sha,
+ }
+ return compute
+
+@util.renderer
+def puppet_host(props):
+ environment = props["environment"] if props.hasProperty("environment") else "integration"
+ return E.PUPPET_HOST.get(environment, "host.invalid")
+
+def deploy_factory(project):
+ package_dest = util.Interpolate("{1}/{0}/%(prop:build)s".format(project, E.RELEASE_PATH))
+
+ factory = util.BuildFactory()
+ factory.addStep(steps.MasterShellCommand(command=["test", "-f", package_dest]))
+ factory.addStep(steps.SetProperties(properties=compute_build_infos(project)))
+ factory.addStep(LdapPush(environment=util.Property("environment"),
+ project=project, build_version=util.Property("build_version"),
+ build_hash=util.Property("build_hash"), ldap_password=util.Secret("ldap")))
+ factory.addStep(steps.MasterShellCommand(command=[
+ "ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no", "-o", "CheckHostIP=no", "-i", E.SSH_KEY_PATH, puppet_host]))
+ return util.BuilderConfig(name="{}_deploy".format(project.capitalize()), workernames=["deploy-worker"], factory=factory)
+
+from twisted.internet import defer
+from buildbot.process.buildstep import FAILURE
+from buildbot.process.buildstep import SUCCESS
+from buildbot.process.buildstep import BuildStep
+
+class LdapPush(BuildStep):
+ name = "LdapPush"
+ renderables = ["environment", "project", "build_version", "build_hash", "ldap_password"]
+
+ def __init__(self, **kwargs):
+ self.environment = kwargs.pop("environment")
+ self.project = kwargs.pop("project")
+ self.build_version = kwargs.pop("build_version")
+ self.build_hash = kwargs.pop("build_hash")
+ self.ldap_password = kwargs.pop("ldap_password")
+ self.ldap_host = kwargs.pop("ldap_host", E.LDAP_HOST)
+ super().__init__(**kwargs)
+
+ def run(self):
+ import json
+ from ldap3 import Reader, Writer, Server, Connection, ObjectDef
+ server = Server(self.ldap_host)
+ conn = Connection(server,
+ user=E.LDAP_DN,
+ password=self.ldap_password)
+ conn.bind()
+ obj = ObjectDef("immaePuppetClass", conn)
+ r = Reader(conn, obj,
+ "cn=cryptoportfolio.{},{}".format(self.environment, E.LDAP_ROLES_BASE))
+ r.search()
+ if len(r) > 0:
+ w = Writer.from_cursor(r)
+ for value in w[0].immaePuppetJson.values:
+ config = json.loads(value)
+ if "role::cryptoportfolio::{}_version".format(self.project) in config:
+ config["role::cryptoportfolio::{}_version".format(self.project)] = self.build_version
+ config["role::cryptoportfolio::{}_sha256".format(self.project)] = self.build_hash
+ w[0].immaePuppetJson -= value
+ w[0].immaePuppetJson += json.dumps(config, indent=" ")
+ w.commit()
+ return defer.succeed(SUCCESS)
+ return defer.succeed(FAILURE)
projects / perso / Immae / Config / Nix.git / blobdiff