[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
02/02: hydra: services: Add service for the QA Frontpage.
|
From: |
Christopher Baines |
|
Subject: |
02/02: hydra: services: Add service for the QA Frontpage. |
|
Date: |
Sat, 14 Jan 2023 18:11:17 -0500 (EST) |
cbaines pushed a commit to branch master
in repository maintenance.
commit 8c17ac564447aa5448fc6eca40001c5b68c17d61
Author: Christopher Baines <mail@cbaines.net>
AuthorDate: Sat Jan 14 23:06:16 2023 +0000
hydra: services: Add service for the QA Frontpage.
This has been running on bayfront, but so far without a shepherd
service. These changes address that.
I did attempt using the least-authority-wrapper, but ran in to
problems getting SSH working.
* hydra/modules/sysadmin/packages.scm: New file.
* hydra/modules/sysadmin/services.scm (qa-frontpage-configuration,
qa-frontpage-configuration?, qa-frontpage-configuration-package,
qa-frontpage-configuration-port, qa-frontpage-configuration-host,
qa-frontpage-configuration-database,
qa-frontpage-configuration-submit-builds?,
qa-frontpage-configuration-manage-patch-branches?): New procedures.
(qa-frontpage-service-type): New variable.
* hydra/bayfront.scm <services>: Add the QA Frontpage.
---
hydra/bayfront.scm | 5 ++
hydra/modules/sysadmin/packages.scm | 101 ++++++++++++++++++++++++++++
hydra/modules/sysadmin/services.scm | 129 +++++++++++++++++++++++++++++++++++-
3 files changed, 234 insertions(+), 1 deletion(-)
diff --git a/hydra/bayfront.scm b/hydra/bayfront.scm
index 923f19b..a4c7a21 100644
--- a/hydra/bayfront.scm
+++ b/hydra/bayfront.scm
@@ -1104,6 +1104,11 @@ add_header Content-Type text/plain;")))
"#bootstrappable"
"#ocapn" "#spritely"))))
+ (service qa-frontpage-service-type
+ (qa-frontpage-configuration
+ (submit-builds? #t)
+ (manage-patch-branches? #t)))
+
(service mcron-service-type
(mcron-configuration
(jobs
diff --git a/hydra/modules/sysadmin/packages.scm
b/hydra/modules/sysadmin/packages.scm
new file mode 100644
index 0000000..135cfb8
--- /dev/null
+++ b/hydra/modules/sysadmin/packages.scm
@@ -0,0 +1,101 @@
+;;; Packages for GNU Guix project systems.
+;;;
+;;; Copyright © 2023 Christopher Baines <mail@cbaines.net>
+;;;
+;;; This program is free software: you can redistribute it and/or modify
+;;; it under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation, either version 3 of the License, or
+;;; (at your option) any later version.
+;;;
+;;; This program is distributed in the hope that it will be useful,
+;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (sysadmin packages)
+ #:use-module (guix packages)
+ #:use-module (guix git-download)
+ #:use-module (guix build-system gnu)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (gnu packages web)
+ #:use-module (gnu packages ssh)
+ #:use-module (gnu packages guile)
+ #:use-module (gnu packages guile-xyz)
+ #:use-module (gnu packages autotools)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages package-management))
+
+(define-public qa-frontpage
+ (let ((commit "509df07cacfaa413ce27ec93073adeddba323f19")
+ (revision "0"))
+ (package
+ (name "guix-qa-frontpage")
+ (version (git-version "0" revision commit))
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://git.cbaines.net/guix/qa-frontpage";)
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "0gd1a4yiy9x33k87xym71sqz3ly44niaq727sx5sqkzy8nbaw0mh"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:modules (((guix build guile-build-system)
+ #:select (target-guile-effective-version))
+ ,@%gnu-build-system-modules)
+ #:imported-modules ((guix build guile-build-system)
+ ,@%gnu-build-system-modules)
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'install 'wrap-executable
+ (lambda* (#:key inputs outputs target #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (guile (assoc-ref inputs "guile"))
+ (version (target-guile-effective-version))
+ (scm (string-append out "/share/guile/site/" version))
+ (go (string-append out "/lib/guile/" version
"/site-ccache")))
+ (for-each
+ (lambda (file)
+ (simple-format (current-error-port) "wrapping: ~A\n" file)
+ (wrap-program file
+ `("PATH" ":" prefix
+ (,(string-append (assoc-ref inputs "git")
+ "/bin")
+ ,(string-append (assoc-ref inputs "openssh")
+ "/bin")))
+ `("GUILE_LOAD_PATH" ":" prefix
+ (,scm ,(getenv "GUILE_LOAD_PATH")))
+ `("GUILE_LOAD_COMPILED_PATH" ":" prefix
+ (,go ,(getenv "GUILE_LOAD_COMPILED_PATH")))))
+ (find-files bin))))))))
+ (inputs
+ (list guix
+ guix-data-service
+ guile-json-4
+ guile-fibers-1.1
+ guile-kolam
+ guile-git
+ guile-readline
+ guile-prometheus
+ guix-build-coordinator
+ (car (assoc-ref (package-native-inputs guix) "guile"))
+ git
+ openssh))
+ (native-inputs
+ (list autoconf
+ automake
+ pkg-config))
+ (synopsis "QA Frontpage for Guix")
+ (description
+ "This service assists with quality assurance within Guix. Currently
+that means assisting with testing patches, but in the intended scope
+is any and all quality assurance tasks.")
+ (home-page "https://git.cbaines.net/guix/qa-frontpage";)
+ (license license:agpl3+))))
diff --git a/hydra/modules/sysadmin/services.scm
b/hydra/modules/sysadmin/services.scm
index 87d4d15..e44a464 100644
--- a/hydra/modules/sysadmin/services.scm
+++ b/hydra/modules/sysadmin/services.scm
@@ -50,6 +50,7 @@
#:use-module (gnu packages tls)
#:use-module (gnu packages web)
#:use-module (sysadmin people)
+ #:use-module (sysadmin packages)
#:use-module (srfi srfi-1)
#:use-module (ice-9 match)
#:export (firewall-service
@@ -63,7 +64,18 @@
goggles-service-type
goggles-bot-service-type
goggles-bot-configuration
- crash-dump-service-type))
+ crash-dump-service-type
+
+ qa-frontpage-configuration
+ qa-frontpage-configuration?
+ qa-frontpage-configuration-package
+ qa-frontpage-configuration-port
+ qa-frontpage-configuration-host
+ qa-frontpage-configuration-database
+ qa-frontpage-configuration-submit-builds?
+ qa-frontpage-configuration-manage-patch-branches?
+
+ qa-frontpage-service-type))
(define not-config?
;; Select (guix …) and (gnu …) modules, except (guix config).
@@ -1002,3 +1014,118 @@ to a selected directory.")
;; Install the machines file.
(symlink #$(local-file "../../machines-for-berlin.scm")
"/etc/guix/machines.scm")))))
+
+�
+;;;
+;;; QA Frontpage
+;;;
+
+(define-record-type* <qa-frontpage-configuration>
+ qa-frontpage-configuration make-qa-frontpage-configuration
+ qa-frontpage-configuration?
+ (package qa-frontpage-configuration-package
+ (default qa-frontpage))
+ (port qa-frontpage-configuration-port
+ (default 8765))
+ (host qa-frontpage-configuration-host
+ (default "127.0.0.1"))
+ (database qa-frontpage-configuration-database
+ (default "/var/lib/qa-frontpage/guix_qa_frontpage.db"))
+ (submit-builds? qa-frontpage-configuration-submit-builds?
+ (default #f))
+ (manage-patch-branches?
+ qa-frontpage-configuration-manage-patch-branches?
+ (default #f)))
+
+(define (qa-frontpage-shepherd-services config)
+ (match-record config <qa-frontpage-configuration>
+ (package port host database submit-builds? manage-patch-branches?)
+
+ (define log-directory "/var/log/qa-frontpage")
+
+ (define program/wrapped
+ (least-authority-wrapper
+ (file-append package "/bin/guix-qa-frontpage")
+ #:name "qa-frontpage"
+ #:mappings (list (file-system-mapping
+ (source log-directory)
+ (target log-directory)
+ (writable? #t))
+ (file-system-mapping
+ (source "/var/lib/qa-frontpage")
+ (target source)
+ (writable? #t))
+ (file-system-mapping
+ (source "/etc/ssl/certs")
+ (target source))
+ (file-system-mapping
+ (source "/gnu/store")
+ (target source))
+ (file-system-mapping
+ (source (file-append glibc-utf8-locales
"/lib/locale"))
+ (target "/run/current-system/locale")))
+ #:directory "/var/lib/qa-frontpage"
+ #:namespaces (delq 'net %namespaces)
+ #:preserved-environment-variables '("GUIX_LOCPATH" "LC_ALL" "HOME"
+ "GIT_SSL_CAINFO"
+ "SSL_CERT_DIR" "SSL_CERT_FILE")))
+
+ (list (shepherd-service
+ (provision '(qa-frontpage))
+ (requirement '(user-processes networking))
+ (start #~(make-forkexec-constructor
+ (list
+ ;; TODO: SSH has problems with the least authority
wrapper
+ ;; git fetch --prune patches
+ ;; No user exists for uid 1000
+ ;; #$program/wrapped
+ #$(file-append package "/bin/guix-qa-frontpage")
+ #$@(if port
+ #~(#$(simple-format #f "--port=~A" port))
+ '())
+ #$@(if host
+ #~(#$(string-append "--host=" host))
+ '())
+ #$@(if database
+ #~(#$(string-append "--database=" database))
+ '())
+ #$@(if submit-builds?
+ '("--submit-builds")
+ '())
+ #$@(if manage-patch-branches?
+ '("--manage-patch-branches")
+ '()))
+ #:user "qa-frontpage" #:group "qa-frontpage"
+ #:log-file "/var/log/qa-frontpage/main.log"
+ #:directory "/var/lib/qa-frontpage"
+ #:environment-variables
+ (list "GUIX_LOCPATH=/run/current-system/locale"
+ "LC_ALL=en_US.utf8"
+ "HOME=/var/lib/qa-frontpage"
+ "GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt"
+ "SSL_CERT_DIR=/etc/ssl/certs"
+
"SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt")))
+ (stop #~(make-kill-destructor))
+ (documentation "Run the QA Frontpage.")))))
+
+(define %qa-frontpage-accounts
+ (list (user-account
+ (name "qa-frontpage")
+ (group "qa-frontpage")
+ (home-directory "/var/lib/qa-frontpage")
+ (shell (file-append shadow "/sbin/nologin"))
+ (comment "The QA Frontpage.")
+ (system? #t))
+ (user-group
+ (name "qa-frontpage")
+ (system? #t))))
+
+(define qa-frontpage-service-type
+ (service-type
+ (name 'qa-frontpage)
+ (extensions (list (service-extension account-service-type
+ (const %qa-frontpage-accounts))
+ (service-extension shepherd-root-service-type
+ qa-frontpage-shepherd-services)))
+ (default-value (qa-frontpage-configuration))
+ (description "Run the QA frontpage.")))