Move rest of the modules outside of nixops

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-22 20:55:28 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-22 20:55:28 +0200
commit: 8d213e2b1c934f6861f76aad5eb7c11097fa97de (patch)
tree: 23f8a2d5692deaeffffa1ab5f098b2d24b9e2217 /modules/private/buildbot/projects/cryptoportfolio
parent: a1a8649a2be768685eb04c246c114fce36b8096f (diff)
download: Nix-8d213e2b1c934f6861f76aad5eb7c11097fa97de.tar.gz
Nix-8d213e2b1c934f6861f76aad5eb7c11097fa97de.tar.zst
Nix-8d213e2b1c934f6861f76aad5eb7c11097fa97de.zip
1 files changed, 169 insertions, 0 deletions
diff --git a/modules/private/buildbot/projects/cryptoportfolio/__init__.py b/modules/private/buildbot/projects/cryptoportfolio/__init__.py
new file mode 100644
index 0000000..5d70f95
--- /dev/null
+++ b/modules/private/buildbot/projects/cryptoportfolio/__init__.py
@@ -0,0 +1,169 @@
+from buildbot.plugins import *
+from buildbot_common.build_helpers import *
+import os
+__all__ = [ "configure", "E" ]
+class E():
+    PROJECT       = "cryptoportfolio"
+    BUILDBOT_URL  = "https://git.immae.eu/buildbot/{}/".format(PROJECT)
+    SOCKET        = "unix:/run/buildbot/{}.sock".format(PROJECT)
+    PB_SOCKET     = "unix:address=/run/buildbot/{}_pb.sock".format(PROJECT)
+    RELEASE_PATH  = "/var/lib/ftp/release.immae.eu/{}".format(PROJECT)
+    RELEASE_URL   = "https://release.immae.eu/{}".format(PROJECT)
+    GIT_URL       = "https://git.immae.eu/perso/Immae/Projets/Cryptomonnaies/Cryptoportfolio/{0}.git"
+    SSH_KEY_PATH  = "/var/lib/buildbot/buildbot_key"
+    LDAP_HOST     = "ldap.immae.eu"
+    LDAP_DN       = "cn=buildbot,ou=services,dc=immae,dc=eu"
+    LDAP_ROLES_BASE = "ou=roles,ou=hosts,dc=immae,dc=eu"
+    PUPPET_HOST = {
+            "production": "root@cryptoportfolio.immae.eu",
+            "integration": "root@cryptoportfolio-dev.immae.eu"
+            }
+    # master.cfg
+    SECRETS_FILE       = os.getcwd() + "/secrets"
+    LDAP_URL           = "ldaps://ldap.immae.eu:636"
+    LDAP_ADMIN_USER    = "cn=buildbot,ou=services,dc=immae,dc=eu"
+    LDAP_BASE          = "dc=immae,dc=eu"
+    LDAP_PATTERN       = "(uid=%(username)s)"
+    LDAP_GROUP_PATTERN = "(&(memberOf=cn=groups,ou=cryptoportfolio,cn=buildbot,ou=services,dc=immae,dc=eu)(member=%(dn)s))"
+    TITLE_URL          = "https://git.immae.eu"
+    TITLE              = "Cryptoportfolio"
+# eval .. dans .zshrc_local
+# mkdir -p $BUILD/go
+# export GOPATH=$BUILD/go
+# go get -u github.com/golang/dep/cmd/dep
+# export PATH=$PATH:$BUILD/go/bin
+# go get git.immae.eu/Cryptoportfolio/Front.git
+# cd $BUILD/go/src/git.immae.eu/Cryptoportfolio/Front.git
+# git checkout dev
+# dep ensure
+def configure(c):
+    c["buildbotURL"] = E.BUILDBOT_URL
+    c["www"]["port"] = E.SOCKET
+    c['workers'].append(worker.LocalWorker("generic-worker"))
+    c['workers'].append(worker.LocalWorker("deploy-worker"))
+    c['schedulers'].append(hook_scheduler("Trader"))
+    c['schedulers'].append(hook_scheduler("Front"))
+    c['schedulers'].append(force_scheduler(
+        "force_cryptoportfolio", ["Trader_build", "Front_build"]))
+    c['schedulers'].append(deploy_scheduler("deploy_cryptoportfolio",
+        ["Trader_deploy", "Front_deploy"]))
+    c['builders'].append(factory("trader"))
+    c['builders'].append(factory("front", ignore_fails=True))
+    c['builders'].append(deploy_factory("trader"))
+    c['builders'].append(deploy_factory("front"))
+    c['services'].append(SlackStatusPush(
+        name="slack_status_cryptoportfolio",
+        builders=["Front_build", "Trader_build", "Front_deploy", "Trader_deploy"],
+        serverUrl=open(E.SECRETS_FILE + "/slack_webhook", "r").read().rstrip()))
+def factory(project, ignore_fails=False):
+    release_file = "{1}/{0}/{0}_%(kw:clean_branch)s.tar.gz"
+    url = E.GIT_URL.format(project.capitalize())
+    package = util.Interpolate("{0}_%(kw:clean_branch)s.tar.gz".format(project), clean_branch=clean_branch)
+    package_dest = util.Interpolate(release_file.format(project, E.RELEASE_PATH), clean_branch=clean_branch)
+    package_url = util.Interpolate(release_file.format(project, E.RELEASE_URL), clean_branch=clean_branch)
+    factory = util.BuildFactory()
+    factory.addStep(steps.Git(logEnviron=False, repourl=url,
+        mode="full", method="copy"))
+    factory.addStep(steps.ShellCommand(name="make install",
+        logEnviron=False, haltOnFailure=(not ignore_fails),
+        warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails),
+        command=["make", "install"]))
+    factory.addStep(steps.ShellCommand(name="make test",
+        logEnviron=False, haltOnFailure=(not ignore_fails),
+        warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails),
+        command=["make", "test"]))
+    factory.addSteps(package_and_upload(package, package_dest, package_url))
+    return util.BuilderConfig(
+            name="{}_build".format(project.capitalize()),
+            workernames=["generic-worker"], factory=factory)
+def compute_build_infos(project):
+    @util.renderer
+    def compute(props):
+        import re, hashlib
+        build_file = props.getProperty("build")
+        package_dest = "{2}/{0}/{1}".format(project, build_file, E.RELEASE_PATH)
+        version = re.match(r"{0}_(.*).tar.gz".format(project), build_file).group(1)
+        with open(package_dest, "rb") as f:
+            sha = hashlib.sha256(f.read()).hexdigest()
+        return {
+                "build_version": version,
+                "build_hash": sha,
+                }
+    return compute
+@util.renderer
+def puppet_host(props):
+    environment = props["environment"] if props.hasProperty("environment") else "integration"
+    return E.PUPPET_HOST.get(environment, "host.invalid")
+def deploy_factory(project):
+    package_dest = util.Interpolate("{1}/{0}/%(prop:build)s".format(project, E.RELEASE_PATH))
+    factory = util.BuildFactory()
+    factory.addStep(steps.MasterShellCommand(command=["test", "-f", package_dest]))
+    factory.addStep(steps.SetProperties(properties=compute_build_infos(project)))
+    factory.addStep(LdapPush(environment=util.Property("environment"),
+        project=project, build_version=util.Property("build_version"),
+        build_hash=util.Property("build_hash"), ldap_password=util.Secret("ldap")))
+    factory.addStep(steps.MasterShellCommand(command=[
+        "ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no", "-o", "CheckHostIP=no", "-i", E.SSH_KEY_PATH, puppet_host]))
+    return util.BuilderConfig(name="{}_deploy".format(project.capitalize()), workernames=["deploy-worker"], factory=factory)
+from twisted.internet import defer
+from buildbot.process.buildstep import FAILURE
+from buildbot.process.buildstep import SUCCESS
+from buildbot.process.buildstep import BuildStep
+class LdapPush(BuildStep):
+    name = "LdapPush"
+    renderables = ["environment", "project", "build_version", "build_hash", "ldap_password"]
+    def __init__(self, **kwargs):
+        self.environment = kwargs.pop("environment")
+        self.project = kwargs.pop("project")
+        self.build_version = kwargs.pop("build_version")
+        self.build_hash = kwargs.pop("build_hash")
+        self.ldap_password = kwargs.pop("ldap_password")
+        self.ldap_host = kwargs.pop("ldap_host", E.LDAP_HOST)
+        super().__init__(**kwargs)
+    def run(self):
+        import json
+        from ldap3 import Reader, Writer, Server, Connection, ObjectDef
+        server = Server(self.ldap_host)
+        conn = Connection(server,
+                user=E.LDAP_DN,
+                password=self.ldap_password)
+        conn.bind()
+        obj = ObjectDef("immaePuppetClass", conn)
+        r = Reader(conn, obj,
+                "cn=cryptoportfolio.{},{}".format(self.environment, E.LDAP_ROLES_BASE))
+        r.search()
+        if len(r) > 0:
+            w = Writer.from_cursor(r)
+            for value in w[0].immaePuppetJson.values:
+                config = json.loads(value)
+                if "role::cryptoportfolio::{}_version".format(self.project) in config:
+                    config["role::cryptoportfolio::{}_version".format(self.project)] = self.build_version
+                    config["role::cryptoportfolio::{}_sha256".format(self.project)] = self.build_hash
+                    w[0].immaePuppetJson -= value
+                    w[0].immaePuppetJson += json.dumps(config, indent="  ")
+                    w.commit()
+                    return defer.succeed(SUCCESS)
+        return defer.succeed(FAILURE)
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-22 20:55:28 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-22 20:55:28 +0200
commit	8d213e2b1c934f6861f76aad5eb7c11097fa97de (patch)
tree	23f8a2d5692deaeffffa1ab5f098b2d24b9e2217 /modules/private/buildbot/projects/cryptoportfolio
parent	a1a8649a2be768685eb04c246c114fce36b8096f (diff)
download	Nix-8d213e2b1c934f6861f76aad5eb7c11097fa97de.tar.gz Nix-8d213e2b1c934f6861f76aad5eb7c11097fa97de.tar.zst Nix-8d213e2b1c934f6861f76aad5eb7c11097fa97de.zip

diff --git a/modules/private/buildbot/projects/cryptoportfolio/__init__.py b/modules/private/buildbot/projects/cryptoportfolio/__init__.py new file mode 100644 index 0000000..5d70f95 --- /dev/null +++ b/modules/private/buildbot/projects/cryptoportfolio/__init__.py
@@ -0,0 +1,169 @@
	1	from buildbot.plugins import *
	2	from buildbot_common.build_helpers import *
	3	import os
	4
	5	__all__ = [ "configure", "E" ]
	6
	7	class E():
	8	PROJECT = "cryptoportfolio"
	9	BUILDBOT_URL = "https://git.immae.eu/buildbot/{}/".format(PROJECT)
	10	SOCKET = "unix:/run/buildbot/{}.sock".format(PROJECT)
	11	PB_SOCKET = "unix:address=/run/buildbot/{}_pb.sock".format(PROJECT)
	12	RELEASE_PATH = "/var/lib/ftp/release.immae.eu/{}".format(PROJECT)
	13	RELEASE_URL = "https://release.immae.eu/{}".format(PROJECT)
	14	GIT_URL = "https://git.immae.eu/perso/Immae/Projets/Cryptomonnaies/Cryptoportfolio/{0}.git"
	15	SSH_KEY_PATH = "/var/lib/buildbot/buildbot_key"
	16	LDAP_HOST = "ldap.immae.eu"
	17	LDAP_DN = "cn=buildbot,ou=services,dc=immae,dc=eu"
	18	LDAP_ROLES_BASE = "ou=roles,ou=hosts,dc=immae,dc=eu"
	19
	20	PUPPET_HOST = {
	21	"production": "root@cryptoportfolio.immae.eu",
	22	"integration": "root@cryptoportfolio-dev.immae.eu"
	23	}
	24
	25	# master.cfg
	26	SECRETS_FILE = os.getcwd() + "/secrets"
	27	LDAP_URL = "ldaps://ldap.immae.eu:636"
	28	LDAP_ADMIN_USER = "cn=buildbot,ou=services,dc=immae,dc=eu"
	29	LDAP_BASE = "dc=immae,dc=eu"
	30	LDAP_PATTERN = "(uid=%(username)s)"
	31	LDAP_GROUP_PATTERN = "(&(memberOf=cn=groups,ou=cryptoportfolio,cn=buildbot,ou=services,dc=immae,dc=eu)(member=%(dn)s))"
	32	TITLE_URL = "https://git.immae.eu"
	33	TITLE = "Cryptoportfolio"
	34
	35	# eval .. dans .zshrc_local
	36	# mkdir -p $BUILD/go
	37	# export GOPATH=$BUILD/go
	38	# go get -u github.com/golang/dep/cmd/dep
	39	# export PATH=$PATH:$BUILD/go/bin
	40	# go get git.immae.eu/Cryptoportfolio/Front.git
	41	# cd $BUILD/go/src/git.immae.eu/Cryptoportfolio/Front.git
	42	# git checkout dev
	43	# dep ensure
	44	def configure(c):
	45	c["buildbotURL"] = E.BUILDBOT_URL
	46	c["www"]["port"] = E.SOCKET
	47
	48	c['workers'].append(worker.LocalWorker("generic-worker"))
	49	c['workers'].append(worker.LocalWorker("deploy-worker"))
	50
	51	c['schedulers'].append(hook_scheduler("Trader"))
	52	c['schedulers'].append(hook_scheduler("Front"))
	53	c['schedulers'].append(force_scheduler(
	54	"force_cryptoportfolio", ["Trader_build", "Front_build"]))
	55	c['schedulers'].append(deploy_scheduler("deploy_cryptoportfolio",
	56	["Trader_deploy", "Front_deploy"]))
	57
	58	c['builders'].append(factory("trader"))
	59	c['builders'].append(factory("front", ignore_fails=True))
	60
	61	c['builders'].append(deploy_factory("trader"))
	62	c['builders'].append(deploy_factory("front"))
	63
	64	c['services'].append(SlackStatusPush(
	65	name="slack_status_cryptoportfolio",
	66	builders=["Front_build", "Trader_build", "Front_deploy", "Trader_deploy"],
	67	serverUrl=open(E.SECRETS_FILE + "/slack_webhook", "r").read().rstrip()))
	68
	69	def factory(project, ignore_fails=False):
	70	release_file = "{1}/{0}/{0}_%(kw:clean_branch)s.tar.gz"
	71
	72	url = E.GIT_URL.format(project.capitalize())
	73
	74	package = util.Interpolate("{0}_%(kw:clean_branch)s.tar.gz".format(project), clean_branch=clean_branch)
	75	package_dest = util.Interpolate(release_file.format(project, E.RELEASE_PATH), clean_branch=clean_branch)
	76	package_url = util.Interpolate(release_file.format(project, E.RELEASE_URL), clean_branch=clean_branch)
	77
	78	factory = util.BuildFactory()
	79	factory.addStep(steps.Git(logEnviron=False, repourl=url,
	80	mode="full", method="copy"))
	81	factory.addStep(steps.ShellCommand(name="make install",
	82	logEnviron=False, haltOnFailure=(not ignore_fails),
	83	warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails),
	84	command=["make", "install"]))
	85	factory.addStep(steps.ShellCommand(name="make test",
	86	logEnviron=False, haltOnFailure=(not ignore_fails),
	87	warnOnFailure=ignore_fails, flunkOnFailure=(not ignore_fails),
	88	command=["make", "test"]))
	89	factory.addSteps(package_and_upload(package, package_dest, package_url))
	90
	91	return util.BuilderConfig(
	92	name="{}_build".format(project.capitalize()),
	93	workernames=["generic-worker"], factory=factory)
	94
	95	def compute_build_infos(project):
	96	@util.renderer
	97	def compute(props):
	98	import re, hashlib
	99	build_file = props.getProperty("build")
	100	package_dest = "{2}/{0}/{1}".format(project, build_file, E.RELEASE_PATH)
	101	version = re.match(r"{0}_(.*).tar.gz".format(project), build_file).group(1)
	102	with open(package_dest, "rb") as f:
	103	sha = hashlib.sha256(f.read()).hexdigest()
	104	return {
	105	"build_version": version,
	106	"build_hash": sha,
	107	}
	108	return compute
	109
	110	@util.renderer
	111	def puppet_host(props):
	112	environment = props["environment"] if props.hasProperty("environment") else "integration"
	113	return E.PUPPET_HOST.get(environment, "host.invalid")
	114
	115	def deploy_factory(project):
	116	package_dest = util.Interpolate("{1}/{0}/%(prop:build)s".format(project, E.RELEASE_PATH))
	117
	118	factory = util.BuildFactory()
	119	factory.addStep(steps.MasterShellCommand(command=["test", "-f", package_dest]))
	120	factory.addStep(steps.SetProperties(properties=compute_build_infos(project)))
	121	factory.addStep(LdapPush(environment=util.Property("environment"),
	122	project=project, build_version=util.Property("build_version"),
	123	build_hash=util.Property("build_hash"), ldap_password=util.Secret("ldap")))
	124	factory.addStep(steps.MasterShellCommand(command=[
	125	"ssh", "-o", "UserKnownHostsFile=/dev/null", "-o", "StrictHostKeyChecking=no", "-o", "CheckHostIP=no", "-i", E.SSH_KEY_PATH, puppet_host]))
	126	return util.BuilderConfig(name="{}_deploy".format(project.capitalize()), workernames=["deploy-worker"], factory=factory)
	127
	128	from twisted.internet import defer
	129	from buildbot.process.buildstep import FAILURE
	130	from buildbot.process.buildstep import SUCCESS
	131	from buildbot.process.buildstep import BuildStep
	132
	133	class LdapPush(BuildStep):
	134	name = "LdapPush"
	135	renderables = ["environment", "project", "build_version", "build_hash", "ldap_password"]
	136
	137	def __init__(self, **kwargs):
	138	self.environment = kwargs.pop("environment")
	139	self.project = kwargs.pop("project")
	140	self.build_version = kwargs.pop("build_version")
	141	self.build_hash = kwargs.pop("build_hash")
	142	self.ldap_password = kwargs.pop("ldap_password")
	143	self.ldap_host = kwargs.pop("ldap_host", E.LDAP_HOST)
	144	super().__init__(**kwargs)
	145
	146	def run(self):
	147	import json
	148	from ldap3 import Reader, Writer, Server, Connection, ObjectDef
	149	server = Server(self.ldap_host)
	150	conn = Connection(server,
	151	user=E.LDAP_DN,
	152	password=self.ldap_password)
	153	conn.bind()
	154	obj = ObjectDef("immaePuppetClass", conn)
	155	r = Reader(conn, obj,
	156	"cn=cryptoportfolio.{},{}".format(self.environment, E.LDAP_ROLES_BASE))
	157	r.search()
	158	if len(r) > 0:
	159	w = Writer.from_cursor(r)
	160	for value in w[0].immaePuppetJson.values:
	161	config = json.loads(value)
	162	if "role::cryptoportfolio::{}_version".format(self.project) in config:
	163	config["role::cryptoportfolio::{}_version".format(self.project)] = self.build_version
	164	config["role::cryptoportfolio::{}_sha256".format(self.project)] = self.build_hash
	165	w[0].immaePuppetJson -= value
	166	w[0].immaePuppetJson += json.dumps(config, indent=" ")
	167	w.commit()
	168	return defer.succeed(SUCCESS)
	169	return defer.succeed(FAILURE)