summaryrefslogtreecommitdiff
path: root/per-service
AgeCommit message (Collapse)Author
2016-05-27dev-private-review.linaro.org: Run gerrit on 8080 internal port.Paul Sokolovsky
For consistency with the main servers like review.linaro.org, android-review.l.o. Other servers on 8081 port need to be migrated too. Change-Id: I244ac5aedeb442f8e6cfcc7b415f1b0b4646eb56 Reviewed-on: https://review.linaro.org/12277 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-05-24gerrit: Call git-multimail from ref-updated hook.Paul Sokolovsky
Gerrit doesn't honor standard git hooks, which means that a git-multimail setup made via gitolite doesn't work when changes are pushed or merged via Gerrit. Make them work using Gerrit ref-updated hook, following git-multimail official docs: https://github.com/git-multimail/git-multimail/blob/master/doc/gerrit.rst Change-Id: I7a1e5d4e69c7c1e2ac55b664986ef1a37e8954a1 Reviewed-on: https://review.linaro.org/12160 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-05-20git-servers: dejagnu, glibc mirror is now handled by git-gerrit-mirror.Paul Sokolovsky
And that completes migration of adhoc toolchain mirrors to git-gerrit-mirror ones, so toolchain mirror cron is also removed. Change-Id: I39731c3052f56433e848c43ba2295d6854ccf1b9 Reviewed-on: https://review.linaro.org/12085 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-05-13git-servers: gcc mirror is now handled by git-gerrit-mirror.Paul Sokolovsky
Change-Id: I10f9c0f20d29bcab9f8410861cfe82b712234475 Reviewed-on: https://review.linaro.org/11965 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-05-11git-servers: Install update_gerrit_parents.py config.Paul Sokolovsky
Change-Id: Iefec170b6e4129faee616136e649f850eaaf55e8 Reviewed-on: https://review.linaro.org/11922 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-05-11git-servers: binutils-gdb & newlib mirrors are now handled by git-gerrit-mirror.Paul Sokolovsky
Make their handling more consistent and fixes issue where gerrit metadata was removed each time adhoc mirroring happened. Change-Id: Ie6b7617bec411bc87ef4128c0e23b0e75965fdd4 Reviewed-on: https://review.linaro.org/11924 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-05-11gerrit 2.12: add project-created hookAndy Doan
With Gerrit 2.12 we can finally support the project-created hook. This allows repos created via gerrit to automatically be included by grokmirror and replicated across all regional servers. Change-Id: I2049523c05e53eeb1ccab6f34c846e561bc9fba1 Reviewed-on: https://review.linaro.org/11810 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org> Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-04-30review.linaro.org: Set default "submit type" for new projects to "Rebase".Paul Sokolovsky
Gerrit doesn't allow to inherit submit type from a parent project (as many of the other settings), and allows to just set default value for all newly created projects: https://review.linaro.org/Documentation/config-gerrit.html#repository https://code.google.com/p/gerrit/issues/detail?id=2257 https://gerrit-review.googlesource.com/#/c/51848/ Change-Id: I3ce232c1025c387d65798db290d441df2d85f83d Reviewed-on: https://review.linaro.org/11693 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-04-19mirroring-gerrit: git-us.linaro.org: Add LLVM mirror.Paul Sokolovsky
This is first setup of mirror using git-gerrit-mirror tool on git.linaro.org, previously only adhoc TCWG mirroring ran there. TODO: Migrate as many as possible adhoc mirroring targets to this generic setup. Change-Id: Ibd93c890ee68b27776193e544244e99b58b31501 Reviewed-on: https://review.linaro.org/11462 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-04-13roles/apache-auth: Allow to override Apache webroot owner.Paul Sokolovsky
There's new var for this, {{apache_root_owner}}. It defaults to {{apache_user}}, but e.g. git-servers override it to {{git_user}} (required for grokmirror). Change-Id: Ia934c85cd612f08113606309678576f5048e291c Reviewed-on: https://review.linaro.org/11351 Reviewed-by: Andy Doan <andy.doan@linaro.org> Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-04-12git-servers/roles/git-config: Add http.cookiefile.Paul Sokolovsky
Set default location of cookie file. If it doesn't exist, there doesn't seem to be a problem. Change-Id: I6f1b16b9bd316d8016787b8dac18e6f7ab6a6c77 Reviewed-on: https://review.linaro.org/11344 Reviewed-by: Andy Doan <andy.doan@linaro.org> Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-04-12mirroring-gerrit: Move mirroring configs for private servers to private repo.Paul Sokolovsky
Change-Id: I91f64e3b8aaa4d13d17483821262933e89b283fc Reviewed-on: https://review.linaro.org/11343 Reviewed-by: Andy Doan <andy.doan@linaro.org> Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-04-12Add leading 0 to file permissionsBen Copeland
Ansible 2.0 breaks on 3 digit octal permissions. Adding leading 0 to octal permissions will pass lint checks. Change-Id: Ica56b2fd00be4f123f39f68401fea547f901931a Signed-off-by: Ben Copeland <ben.copeland@linaro.org> Reviewed-on: https://review.linaro.org/11314 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-04-06git-servers: Don't use bare variables in with_items: clauses.Paul Sokolovsky
Gives warning with Ansible 2.0. Change-Id: I081314dc657d5f2512beffa1233a2c1c999e13de Reviewed-on: https://review.linaro.org/11210 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-04-05toolchain-mirror.cron: Don't swallow errors for update_dejagnu_mirror.Paul Sokolovsky
We already have code in toolchain-tools script to filter out normal output and let thru only errors, so stop sending them to /dev/null. Change-Id: Ia0a70c5bb088b6657ebad39018d7e00f10ae7e24 TODO: Review other jobs here for similar issues. Reviewed-on: https://review.linaro.org/11198 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org> Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-04-05jenkins: Don't use bare variables in with_items: clauses.Paul Sokolovsky
Gives warning with Ansible 2.0. Change-Id: I5d90cbdf8f0d6fd7ebb007a48795e3cfc95d4ff6 Reviewed-on: https://review.linaro.org/11197 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-04-02jenkins: plugins updateFathi Boudra
Plugins updated: * Credentials Plugin 1.26 * Durable Task Plugin 1.9 * Folders Plugin 5.6 * Gerrit Trigger 2.19.0 * Git client plugin 1.19.6 * Git plugin 2.4.4 * GitHub API Plugin 1.72.1 * GitHub plugin 1.18.1 * IRC Plugin 2.27 * Jackson 2 API Plugin 2.7.3 * JavaScript GUI Lib: ACE Editor bundle plugin 1.1 * JavaScript GUI Lib: jQuery bundles (jQuery and jQuery UI) plugin 1.2.1 * Job Configuration History Plugin 2.13 * Multijob plugin 1.21 * Naginator 1.17 * Node and Label parameter plugin 1.7.2 * Pipeline 1.15 * Pipeline: API 1.15 * Pipeline: Basic Steps 1.15 * Pipeline: Durable Task Step 1.15 * Pipeline: Execution Support 1.15 * Pipeline: Global Shared Library for CPS pipeline 1.15 * Pipeline: Groovy CPS Execution 1.15 * Pipeline: Job 1.15 * Pipeline: SCM Step 1.15 * Pipeline: Step API 1.15 * Publish Over SSH 1.14 * SCM API Plugin 1.1 * SSH Agent Plugin 1.10 * Static Analysis Utilities 1.76 * Warnings Plug-in 4.52 * Xvfb plugin 1.1.3 Plugins added: * Docker Pipeline plugin (and its dependencies: docker-commons, authentication-tokens) * Metadata plugin Change-Id: I76a110f931dc52ee56b8a3f8474fbd680a43c3c1 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/11163 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-04-01patchwork: move to commonAndy Doan
Its mostly just moving/renaming files and then updating a few corresponding references to variable names. Change-Id: Ic5e2538a377a430ea5cc0a570ee8f6436be8bf1e Reviewed-on: https://review.linaro.org/11107 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-03-31jenkins: Upgrade Jenkins to 1.642.3 LTS.Paul Sokolovsky
Change-Id: I9397d9db9395d7cf4b2d6fcb99bd0b144f81655a Reviewed-on: https://review.linaro.org/11144 Reviewed-by: Ben Copeland <ben.copeland@linaro.org> Reviewed-by: Ricardo Salveti <ricardo.salveti@linaro.org>
2016-03-30qa-reports: remove from playbookAndy Doan
The QA team wants to manage this on their own and have the code forked into their own repository. This removes it from ours to eliminate confusion. Change-Id: If76e3174c56efc1446d34d84001bc5c41c81c275 Reviewed-on: https://review.linaro.org/11102 Reviewed-by: Ben Copeland <ben.copeland@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-03-30patchwork: remove use of patchwork role run after djangoAndy Doan
The only thing we really did after the django role was run that couldn't be done in the "pre" role was running the "ensure_projects" script. In practice that task isn't really useful or needed. This removes that task, and adds the others to the "pre" role tasks. Change-Id: I2ec0a4f47d3201cf1779afdac4cf393d31357aee Reviewed-on: https://review.linaro.org/11106 Reviewed-by: Ben Copeland <ben.copeland@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org> Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-03-30django: remove "django_apt" supportAndy Doan
Now that qa-reports has been removed, we can remove variables related to that option and rename django_pypi.yml -> main.yml Change-Id: Ic6f64af0a5f6afed40089546a0f5def57ce27c0c Reviewed-on: https://review.linaro.org/11104 Reviewed-by: Ben Copeland <ben.copeland@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-03-30patchwork: remove ssl-certs roleAndy Doan
This should have been removed with commit: <https://git.linaro.org/infrastructure/ansible-playbooks.git/commit/9d982964117d7decf39ad2833d464ff1200a9cfc> Change-Id: I8e3d0601a92e688e79ac24d7730e0060e64ac2ec Reviewed-on: https://review.linaro.org/11105 Reviewed-by: Ben Copeland <ben.copeland@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-03-29mirroring-gerrit: projectara-git.linaro.org: Disable Marvell mirroring.Paul Sokolovsky
There's no access for quite some time apparently, so entire mirroring just times out. Change-Id: I53d1662a7aee2b116e9f93da7f7f93389c963e27 Reviewed-on: https://review.linaro.org/11067 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-03-23geo services: don't log route53 checksAndy Doan
Route 53 health checks flood the access log over 3 per second. It makes our logs big, gives weblogs a lot more useless stuff to process/filter, and makes it harder to debug odd issues by tailing the log. This removes Route 53 health checks from our Apache access logs Change-Id: I3a883ec838513958cb5e1728bd28abf08a731884 Reviewed-on: https://review.linaro.org/11005 Reviewed-by: Ben Copeland <ben.copeland@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-03-10apache_conf: use proper Ansible moduleBen Copeland
Instead of using command to enable Apache modules, we should use the Ansible's apache2_module. Change-Id: I8fb6f43b23e246ef012631597c8d8e38b6496ec1 Reviewed-on: https://review.linaro.org/10866 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-03-09patchwork: become_userBen Copeland
Update our playbook to use become_user instead of sudo_user to be Ansible 2.0 compliant Change-Id: I4a5737145c3861a0a682fd7176e5670130565d84 Reviewed-on: https://review.linaro.org/10863 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-03-09jenkins: become_userBen Copeland
Update our playbook to use become_user instead of sudo_user to be Ansible 2.0 compliant Change-Id: I69ae2dc7ddc4b8cb2d7a4912bdcdb6a63cf29bfa Reviewed-on: https://review.linaro.org/10862 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org> Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-03-04patchwork: ITS now manages ODP certsAndy Doan
We had managed these in the past, but it causes confusion. ITS now owns this issue.
2016-03-03jenkins: Configure Jetty session timeout to 8hrs.Paul Sokolovsky
The default is 30 mins, which is the source of session timeout issues previously attributed to Crowd plugin. Note that this switches Ansible to set Jenkins parameters in /etc/defaults/jenkins to a value from playbook, instead of trying to append to it using regex magic getting more and more dirty. This should be ok, just occasionally need to pay attention on upgrades (hopefully, there's little a new package version can bring on that side). Change-Id: Ia92b6eee2dd81623a5bb1a11ec7a3d27064c7b7e Reviewed-on: https://review.linaro.org/10794 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-02-29mirroring-gerrit: device/linaro/hikey is now in AOSP.Paul Sokolovsky
Change-Id: I8e8a29c74fc80478dbd8794a5263df15cef06831 Reviewed-on: https://review.linaro.org/10739 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-02-28jenkins: Install ace-editor and jquery-detached plugins.Paul Sokolovsky
Dependencies of the latest versions of Workflow aka Pipeline plugins. Change-Id: I884cfa8341e987e97dbf60203b33905d3a8c300b Reviewed-on: https://review.linaro.org/10693 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-02-27jenkins: update pluginsFathi Boudra
Updated plugins: * build timeout plugin 1.16 * Claim Plugin 2.8 * Coverity plugin 1.7.1 * Credentials Plugin 1.25 * Email Extension Plugin 2.41.3 * Embeddable Build Status Plugin 1.9 * Gerrit Trigger 2.18.3 * Git client plugin 1.19.5 * Git plugin 2.4.2 * GitHub API Plugin 1.72 * GitHub plugin 1.17.1 * HTML Publisher plugin 1.11 * JUnit Plugin 1.11 * Matrix Authorization Strategy Plugin 1.3.2 * Metrics Plugin 3.1.2.7 * Node and Label parameter plugin 1.7.1 * Parameterized Trigger plugin 2.30 * Pipeline: API 1.14 * Pipeline: Basic Steps 1.14 * Pipeline: Durable Task Step 1.14 * Pipeline: Execution Support 1.14 * Pipeline: Job 1.14 * Pipeline: SCM Step 1.14 * Pipeline: Step API 1.14 * REPO plugin 1.10.0 * Script Security Plugin 1.17 * Subversion Plug-in 2.5.7 * Timestamper 1.7.4 Added plugins: * CloudBee folder Plugin - new pulled dependency * Icon Shim Plugin - new pulled dependency * Multiple SCMs Plugin - required by OpenJDK CI Change-Id: I57789fea55f66ee080f03fb5e6a5acdfe67cf3a5 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/10677 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-02-26jenkins: upgrade to latest LTS version (1.642.2)Fathi Boudra
Change-Id: Idcf9d52d84b52a8b46b8a7d337093b9231edea5a Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/10676 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org> Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-02-24patchwork: update the patchwork role to use becomeBen Copeland
sudo is deprecated. This commit updates our patchwork playbook to use the new become method. Change-Id: I6c2fb2daacccf5c02f70619855e755fdc293f361 Reviewed-on: https://review.linaro.org/10635 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-02-24jenkins: update the jenkins role to use becomeBen Copeland
sudo is deprecated. This commit updates our jenkins playbook to use the new become method. This is a second patch, as this uses "sudo: true" instead of "sudo: yes." Change-Id: Id31da303cbf96fb62ab9d899273e42927198a354 Reviewed-on: https://review.linaro.org/10626 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org> Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-02-24qa-reports: update the qa-reports role to use becomeBen Copeland
sudo is deprecated. This commit updates our qa-reports playbook to use the new become method. Change-Id: I455620898ea1cdb5673b711cf4454bf83a561ee8 Reviewed-on: https://review.linaro.org/10625 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org> Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-02-24jenkins: Remove commented out entry for testing Docker plugun build.Paul Sokolovsky
Long superceded, no longer available. Change-Id: I3e0a5d27598e78e2f83f6ada3e6e05be52aafbca
2016-02-23jenkins: update the jenkins role to use becomeBen Copeland
sudo is deprecated. This commit updates our jenkins playbook to use the new become method. Change-Id: I5779d82b1ca90bfbe275e3b5237a0a7b49b9b35e Reviewed-on: https://review.linaro.org/10606 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-02-23bugzilla: update the bugzilla role to use becomeBen Copeland
sudo is deprecated. This commit updates our bugzilla playbook to use the new become method. Change-Id: I47e913cf6b5c469bac5d35c4e41ca0f3c971bc37 Reviewed-on: https://review.linaro.org/10604 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-02-23git-servers: update the git-servers playbook to use become_userBen Copeland
sudo_user is deprecated. This commit updates our git-servers playbook to use the new become_user method. Change-Id: Iad88796235e775b8f651cc39eceb7046c77696a9 Reviewed-on: https://review.linaro.org/10601 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-02-22git-servers: update the git-servers playbook to use becomeBen Copeland
sudo is deprecated. This commit updates our git-servers playbook to use the new become method. Change-Id: I610382951dc4473823abe76dff4b2512c4f6b03d Reviewed-on: https://review.linaro.org/10559 Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org> Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-02-19git-servers/gitolite: Fix detection of when initial key fetch is needed.Paul Sokolovsky
I'm not sure if gitolite upgrade "broke" it (likely), or we didn't have idempotency before, but now all keys are suffixed with @key_N.pub, not just multiple keys for the same user. Change-Id: I8b0b49813c8a6a47c26d460e626790f64aa20de4 Reviewed-on: https://review.linaro.org/10575 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-02-18patchwork: update to latest versionAndy Doan
This includes the CRLF hack to make the UI look nicer. Change-Id: Iead25928837aa2875fd56630c3b8f245a47c360c
2016-02-18patchwork: pass BasicAuth info to wsgi appAndy Doan
This is needed for the XMLRPC interface Change-Id: Ic8e615cad59a72eb3b0fd4f699a3f0b6077f83fe
2016-02-18git-servers: Add git-config role to setup default git config.Paul Sokolovsky
The main point of this config is to set git pack parameters to ease system load a bit, based on previous investigations. The config template is taken as-is for git-us.linaro.org (and may need further small tweaks later). Change-Id: I78519ff71a8e53e10bb7629ab2b5fb4d1db531d0 Reviewed-on: https://review.linaro.org/10533 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-02-17git: users: Write task description in English.Paul Sokolovsky
Change-Id: Ie5bc7b461aa9a8faead321b07558b22628196220
2016-02-16gitolite: Upgrade to 731d5521b, which is latest master.Paul Sokolovsky
This adds a clear error message when user specifies a repo path with trailing ".git", which is not required by gitolite (it unconditionally appends ".git" itself), instead of ofetntimes failing with confusing messages (like "not authorized"). Change-Id: I96f77d838a8b5c37f71a9ce0c5d0a3641f4adfae
2016-02-13gitolite: Upgrade to 2015-01-03 commit.Paul Sokolovsky
Specific interest is this commit: https://github.com/sitaramc/gitolite/commit/1c61d578ce07715ef5bf54eec25acb5fdd654210 which tightens repo path validation for gitolite commands. Unfortunately, it tightens it not enough, so what's I'm really interested in is applying patch on top of that commit (will be proposed and discussed separately). I manually reviewed code changes dc8b590a05..1c61d578ce and they look ok - tightening some other checks and adding few new features (disabled by default). Change-Id: I79072a7b1e92d9198666b2d38d99c11c2e6c3787 Reviewed-on: https://review.linaro.org/10436 Reviewed-by: Andy Doan <andy.doan+gerrit@linaro.org>
2016-02-09patchwork: update to latest version of patchworkAndy Doan
Change-Id: I740a686535b5c00d5727b57c81d495a964d7f341