From 6fef7342b9bbbe504d0168e113d58d3d76cba1de Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Mon, 7 Nov 2022 19:05:29 -0800 Subject: ref(gerrit): delete modules/docs/configs for gerrit/buildkite --- ops/buildkite/.gitignore | 3 --- ops/buildkite/README.org | 7 ------- ops/buildkite/buildkite.tf | 51 ---------------------------------------------- ops/buildkite/default.nix | 23 --------------------- ops/buildkite/steps.yml | 6 ------ ops/ci/README.org | 3 --- ops/ci/pipeline.yml | 25 ----------------------- ops/default.nix | 1 - 8 files changed, 119 deletions(-) delete mode 100644 ops/buildkite/.gitignore delete mode 100644 ops/buildkite/README.org delete mode 100644 ops/buildkite/buildkite.tf delete mode 100644 ops/buildkite/default.nix delete mode 100644 ops/buildkite/steps.yml delete mode 100644 ops/ci/README.org delete mode 100644 ops/ci/pipeline.yml (limited to 'ops') diff --git a/ops/buildkite/.gitignore b/ops/buildkite/.gitignore deleted file mode 100644 index 112bb96..0000000 --- a/ops/buildkite/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -# ignore the various terraform files that are generate. The state is -# stored in a GCS bucket. -.terraform* diff --git a/ops/buildkite/README.org b/ops/buildkite/README.org deleted file mode 100644 index c28acbd..0000000 --- a/ops/buildkite/README.org +++ /dev/null @@ -1,7 +0,0 @@ -This is to configure the pipelines in buildkite. - -To upload them, run =nix run .#ops.buildkite.upload=. - -The state is stored in a GCS bucket (and it needs to be created before we run this). - -The service account =terraform= needs to exist first, running =gcloud iam service-accounts list= will list them and we can verify it is defined. I might need to run =gcloud auth application-default login= in order to authenticate first. diff --git a/ops/buildkite/buildkite.tf b/ops/buildkite/buildkite.tf deleted file mode 100644 index cd74785..0000000 --- a/ops/buildkite/buildkite.tf +++ /dev/null @@ -1,51 +0,0 @@ -locals { - terraform_service_account = "terraform@fcuny-homelab.iam.gserviceaccount.com" -} - -provider "google" { - alias = "impersonation" - scopes = [ - "https://www.googleapis.com/auth/cloud-platform", - "https://www.googleapis.com/auth/userinfo.email", - ] -} - -data "google_service_account_access_token" "default" { - provider = google.impersonation - target_service_account = local.terraform_service_account - scopes = ["userinfo-email", "cloud-platform"] - lifetime = "1200s" -} - -provider "google" { - project = "fcuny-homelab" - region = "us-west1" - zone = "us-west1-c" - access_token = data.google_service_account_access_token.default.access_token - request_timeout = "60s" -} - -terraform { - required_providers { - buildkite = { - source = "buildkite/buildkite" - } - } - - backend "gcs" { - bucket = "world-tf-state" - prefix = "buildkite/state" - impersonate_service_account = "terraform@fcuny-homelab.iam.gserviceaccount.com" - } -} - -provider "buildkite" { - organization = "fcuny-dot-xyz" -} - -resource "buildkite_pipeline" "world" { - name = "world" - description = "CI pipeline for the world repository." - repository = "https://cl.fcuny.net/world" - steps = file("./steps.yml") -} diff --git a/ops/buildkite/default.nix b/ops/buildkite/default.nix deleted file mode 100644 index 8e7c05c..0000000 --- a/ops/buildkite/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ pkgs }: -let - terraform = pkgs.terraform.withPlugins (p: [ - p.buildkite - p.google - ]); -in -pkgs.stdenv.mkDerivation rec { - name = "tf-buildkite"; - src = ./.; - - upload = pkgs.writeShellScriptBin "tf-buildkite-upload" '' - set -ueo pipefail - - cd $(git rev-parse --show-toplevel)/ops/buildkite - - export BUILDKITE_API_TOKEN=$(pass api/buildkite-terraform-token) - - ${terraform}/bin/terraform init - ${terraform}/bin/terraform plan - ${terraform}/bin/terraform apply - ''; -} diff --git a/ops/buildkite/steps.yml b/ops/buildkite/steps.yml deleted file mode 100644 index 9f30b8a..0000000 --- a/ops/buildkite/steps.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -steps: - - label: ":buildkite:" - key: ":init:" - command: | - buildkite-agent pipeline upload ops/ci/pipeline.yml diff --git a/ops/ci/README.org b/ops/ci/README.org deleted file mode 100644 index 0754937..0000000 --- a/ops/ci/README.org +++ /dev/null @@ -1,3 +0,0 @@ -The default pipeline is managed by [[file:~/workspace/world/ops/buildkite/][ops/buildkite]]. When a new build starts, the buildkite agent uploads the pipeline defined in this directory. - -The configuration for the repository is managed with [[file+emacs:pipeline.yml][pipeline.yml]]. All the steps are executed in parallel except for the last one, which wait on the completion of all the previous steps. If one of the previous steps has failed, the build is marked as failed, otherwise we consider it to pass. diff --git a/ops/ci/pipeline.yml b/ops/ci/pipeline.yml deleted file mode 100644 index 4308f6a..0000000 --- a/ops/ci/pipeline.yml +++ /dev/null @@ -1,25 +0,0 @@ -env: - BUILDKITE_TOKEN_PATH: /run/agenix/buildkite/graphql -steps: - - label: ":shell:" - command: "nix develop -c pre-commit run --all-files" - - # wait for all previous steps to complete. - - wait: null - continue_on_failure: true - - - label: ":hammer:" - command: | - set -ueo pipefail - - readonly FAILED_JOBS=$(curl 'https://graphql.buildkite.com/v1' \ - --silent \ - -H "Authorization: Bearer $(cat ${BUILDKITE_TOKEN_PATH})" \ - -d "{\"query\": \"query BuildStatusQuery { build(uuid: \\\"$BUILDKITE_BUILD_ID\\\") { jobs(passed: false) { count } } }\"}" | \ - jq -r '.data.build.jobs.count') - - echo "$$FAILED_JOBS build jobs failed." - - if (( $$FAILED_JOBS > 0 )); then - exit 1 - fi diff --git a/ops/default.nix b/ops/default.nix index 194252c..64a3d68 100644 --- a/ops/default.nix +++ b/ops/default.nix @@ -1,7 +1,6 @@ { pkgs }: pkgs.lib.makeScope pkgs.newScope (pkgs: { - buildkite = pkgs.callPackage ./buildkite { }; gcp-backups = pkgs.callPackage ./gcp-backups { }; github = pkgs.callPackage ./github { }; }) -- cgit v1.2.3