summaryrefslogtreecommitdiff
path: root/per-service
AgeCommit message (Collapse)Author
2017-01-05Jenkins: Upgrade LTS versionBen Copeland
Change-Id: I47792ab08a8a09bc201476bb38d417471b4514f3 Reviewed-on: https://review.linaro.org/16615 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2017-01-04gerrit: Increase perm memory and packedGitLimitBen Copeland
Recent gerrit upgrade caused perm memory issues, mainly when indexing. core.packedGitLimit should also be set, as default 10M is too small, should be increased with more perm memory. https://git.help.collab.net/hc/en-us/articles/234122407-Memory-settings-in-Gerrit-configuration Change-Id: I97d305f0522ffc9d71d9c01980c81164ea17ce13 Reviewed-on: https://review.linaro.org/16571 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-12-18jenkins: plugins updateFathi Boudra
include AnsiColor plugin Change-Id: Ib35088a8806abbfa8d10356fc5313c9ac3009e16 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/16476
2016-12-16gerrit: update dev-private-review values for cgitAndy Doan
Change-Id: Icee5ab28a2a24ade066606c99b9247df439d79cd
2016-12-16cgit: convert dev-private-gitAndy Doan
This converts dev-private-git over to cgit. It requires a new option we've patched into our version of cgit: https://git.linaro.org/infrastructure/cgit.git/commit/?h=linaro-patches&id=f85c40c4ed1c8bfca09acd1fccaf9bb77baa0c0f As the "allowed-repos.sh" script and sudo entry are harmless for a non-private server, I just install them always to keep our playbook logic simple. Change-Id: I7e11f5bdc4c4be12341cc5f62d2d71c4ae655055 Reviewed-on: https://review.linaro.org/15530 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-12-15git-servers/mirroring-gerrit: Mirror LITE Aeolus sub-projects.Paul Sokolovsky
JerryScript, Zephyr.js, MicroPython, all from github. Change-Id: Ie3ef2be380cae0bd0f4183545c8fd7d6a8925ed4 Reviewed-on: https://review.linaro.org/16438 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-12-06jenkins: add erp-16.12-staable and erp-16.12-staging to dput.cfFathi Boudra
Change-Id: Id0abb5f11a62707541731fb4c7f9c38464cd8426 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/16112
2016-12-04jenkins: plugins updateFathi Boudra
Change-Id: I02ed4eb5577d94fb360436be1beb4020b0a67fd0 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/16050
2016-12-01jenkins: upgrade to Jenkins LTS 2.19.4Fathi Boudra
Change-Id: I12e09974cc8dc8fef0c4830dc947f2814252b0e3 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15993
2016-11-25jenkins: revert credentials plugin to 2.1.9Fathi Boudra
It seems 2.1.10 is busted and breaks jenkins startup. Change-Id: I4ae689ca54694129bf45f8d398e523f71243ae5f Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15841
2016-11-25jenkins: plugins updateFathi Boudra
y-a-d plugin update fixes an important bug on overprovisioning. The other updates are regular updates. Change-Id: I4d7422e8281e4269938b992a3dbf8ce575233168 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15836
2016-11-20jenkins: pin pam-auth and windows-slaves pluginsFathi Boudra
Change-Id: I4c8c2b06de0683a65a6e5885c36f86e9d4acc4f8 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15669
2016-11-20jenkins: update git pluginFathi Boudra
Change-Id: I4eb1616698c54ab3580afe7d893fdd82eed9fd2d Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15667
2016-11-20jenkins: update jenkins lts to 2.19.3Fathi Boudra
Fix SECURITY-360 / CVE-2016-9299 An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java object to the Jenkins CLI, making Jenkins connect to an attacker-controlled LDAP server, which in turn can send a serialized payload leading to code execution, bypassing existing protection mechanisms. Change-Id: I7ef082865b304915c4ce818e6e813231a31ecf3b Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15666
2016-11-18git: update references to grokmirror manifest fileAndy Doan
Part of the cgit changes required us to make manifest.js.gz accessible via /srv/repositories. I hacked around that at the time by placing a symlink from /srv/repositories/manifest.js.gz -> /var/www/git.linar.org/manifest.js.gz. With cgit in place on all grok master's we now need to update code references from the old location to the new one so we can get rid of this symlink hack. Change-Id: I67744f6fa2d8476ac605c7b39d919c3f3fbe0c9d Reviewed-on: https://review.linaro.org/15525 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-11-18jenkins: plugins updateFathi Boudra
Change-Id: I709fb84f6ee51b426e4b06cd0608e1f4779475e4 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15645 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-11-16jenkins: add the VPN for ART to ansibleAndy Doan
Change-Id: Ie1ada4fe4b15f6dd6012a995f61b11fcec119898
2016-11-11jenkins: add missing plugin dependencyBen Copeland
Change-Id: Icc7f86644c562e45edbe10d5dff7974ac754f5c9 Reviewed-on: https://review.linaro.org/15471 Reviewed-by: Fathi Boudra <fathi.boudra@linaro.org>
2016-11-11jenkins: plugins updateFathi Boudra
Change-Id: Ia579a59d059c9018481d444ab68e1181d3014a67 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15468
2016-11-10android-review: convert to using cgit linksAndy Doan
Change-Id: Ie0758aec5065916b5ee76e176d575545d51c6ade
2016-11-10cgit: convert android-git over to cgitAndy Doan
Change-Id: I1b24f257ddaaac23749a8bd230ad8a2538e12739 Reviewed-on: https://review.linaro.org/15429 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-11-10android git: consolidate common group variablesAndy Doan
Each android git server has a few variables that are really common to one another. This makes it easier to manage them. Change-Id: I7dcedf9951afb2c05354bfc15b466413fa601efd Reviewed-on: https://review.linaro.org/15428 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-11-10cgit: add more configuration options to cgitrcAndy Doan
Android git servers need a few options defined differently. Change-Id: I0e1b1b8103e107b15bf4c094c2dabe2a7eaa3a21 Reviewed-on: https://review.linaro.org/15427 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-11-10git: remove apache 2.2 checksAndy Doan
We've moved all servers to Trusty and no longer have to deal with Apache 2.2 Change-Id: Ic09fbae04750d5dbff31c61a07ec625d3930f8bd Reviewed-on: https://review.linaro.org/15425 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-11-10android git-dumb: add Last-Modified headerAndy Doan
Copying logic from: 9b85205183e495902e679a3afd246b8bb2b71f4e Change-Id: I94cb333408ba6bbc66d2916b00087adc7146458b Reviewed-on: https://review.linaro.org/15426 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-11-08gitolite: fix repo permissionsBen Copeland
When we deploy a fresh git server, testing.git doesn't show up due to wrong permissions. Change-Id: I8140dcba57941ba49b9325922c935b3a092acd30 Reviewed-on: https://review.linaro.org/15377 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-11-08gerrit: Add ability to install pluginsBen Copeland
Plugins can now be installed into gerrit via Ansible. It requires a user to upload the .jar file in following format {{url}}/{{gerrit_version}}/plugin.jar. When we upgrade versions of gerrit, the plugin.jar will get overwritten with the newer version. Change-Id: I682afc9981d5c83a72dde419be26ee52f9af8a37 Reviewed-on: https://review.linaro.org/15368 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-11-07gerrit: update default versionBen Copeland
We should upgrade to 2.13.2, this commit just updates our playbook to the current version. Change-Id: I596846617955c68b79dd546ae4c2375be2bc26a8 Reviewed-on: https://review.linaro.org/15339 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-11-07gerrit: fix playbook orderingBen Copeland
Due to the current ordering, a fresh deployment of gerrit fails due to not being able to enable proxy_http. Change-Id: I7d0c0ccdc071de3e5958ede871f67492feec2786 Reviewed-on: https://review.linaro.org/15338 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-11-05jenkins: plugins updateFathi Boudra
Change-Id: Ia0f14f31f16effdce7887ae12748f507d33691ab Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15276
2016-11-05jenkins: plugins updateFathi Boudra
Change-Id: I508d910098491082c34ef7ef80c7c21c6b6f830f Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15231 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-11-05jenkins: update to LTS 2.19.2Fathi Boudra
Change-Id: I782b0604f67f5840f996348550a07cf7dfa90174 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15230 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-11-04ansible-lint: Fix linting error ANSIBLE0017Ben Copeland
When using become_user, become: True must be set, otherwise the role will fail. Change-Id: Ia0b2925fa0dc66144f86d7fe4a14d22bcde52796 Reviewed-on: https://review.linaro.org/15159 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-10-30jenkins: plugins updateFathi Boudra
Update plugins to their latest version except gerrit trigger plugin. Downgrade gerrit plugin to previous known working wersion since there's several reports about comments-added event support is broken. Change-Id: Ibf714cf7e5a483313d63db2e729a718ad3911893 Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/15090 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-10-29cgit: provide real readme supportAndy Doan
readme support with gitweb and git-mirrors has been broken forever. gitweb requires a readme.html file in a given repo which doesn't get mirrored by grokmirror. With the move to cgit, we can now make a gitolite local command that puts the readme in a "hidden" type branch (like a gerrit review works). This will then get sunk to all mirror servers. Change-Id: I1d44e97bdfb792f263b14abbb7fd2a8e3077a6f5 Reviewed-on: https://review.linaro.org/15110 Reviewed-by: Andy Doan <andy.doan@linaro.org>
2016-10-28git-dumb: add Last-Modified headerAndy Doan
The change to move the manifest location to repo_root: https://review.linaro.org/#/c/15100/ Requires that last-modified headers be available when browsing that directory. I found a good source about git http hosting and they say Last-Modified is fine to provide: https://gist.github.com/schacon/6092633#file-git-http-proto-txt-L133 Change-Id: I7c992d2e56184339d5ad4249ed394e6ae1ebbd5e Reviewed-on: https://review.linaro.org/15103 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-10-28gerrit: update to use new cgit urlsAndy Doan
Change-Id: I863bc93dbea38cb92be54b2429485e55d51026a4
2016-10-28cgit/grok: enable manifest.js.gz linkAndy Doan
Now that we don't server /var/www/git.l.o we need to make the link to our grok manifest http://git.l.o/manifest.js.gz accessible. This is actually a 2 part change. This is the simple part that stops the bleeding. It actually required me to put an adhoc symlink from /srv/reposistories/manifest.js.gz to the file under /var/www/git.l.o The next part is the more complex one, where I have to actually update all grokmirror hooks to use this new file location and not require the symlink. Change-Id: Iefa94c3151d100d07d63044995e74bcd0d15cd74 Reviewed-on: https://review.linaro.org/15100 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-10-28cgit: fix the git-http-backendAndy Doan
Now that we don't expose the old gitweb apache directory, we need to handle git http smart protocol requests. This copies the template and task from the apache-website role. Once we convert everything over to cgit, there will be no need for this role, so I think this is the easiest path forward. Change-Id: I58c9657d7cb2ea16504a3aa4d1ad9f4509e42ea0 Reviewed-on: https://review.linaro.org/15099 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-10-28cgit: fix virtual-rootAndy Doan
cgit is now served at the root of git.l.o, so this needs to match that. Change-Id: I17053e0afe7e44cd11a0990f9fb7337d69b772f5 Reviewed-on: https://review.linaro.org/15098 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-10-28cgit: chown back to rootAndy Doan
Now that we no longer use suexec in our apache config, we can keep files sensibly owned by root Change-Id: I8f691f207c36de3cea5003c6eb4e4aed0021d372 Reviewed-on: https://review.linaro.org/15097 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-10-28cgit: add rewrite rule for old gitweb "raw" linksAndy Doan
People have bookmarks to "raw" file downloads and we also have a lot of CI tooling built around old gitweb links. This preserves backwards compatibility while we go around and fix them. Change-Id: Ic29edc3bdd2c7b14f51bc269854090ef216bbb9a Reviewed-on: https://review.linaro.org/15096 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-10-28git.l.o: move to only using CGITAndy Doan
This removes the usage of gitweb from git.l.o servers. Long term we probably want /var/www/cgit to be in /var/www/git.linaro.org, but we can't do that until we first move all our Git servers to CGIT. Change-Id: Iecf8b2a168f5ed01042c0f4bdd777b44087fab12 Reviewed-on: https://review.linaro.org/14772 Reviewed-by: Ben Copeland <ben.copeland@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-10-21oops - last commit was badAndy Doan
Change-Id: Id6490037095582cd2d978f732a9430aee29a90c8
2016-10-21lhg-review: update apache configAndy Doan
The configuration for this was using some old caching logic we've known doesn't work well. I've removed all of it to make it more in-line with the configuration of dev-private-review.linaro.org. Change-Id: I8dcd689c0e1af4fa02f17103c478ae9c64344894 Reviewed-on: https://review.linaro.org/14964 Reviewed-by: Ben Copeland <ben.copeland@linaro.org>
2016-10-18cgit: minor header changesAndy Doan
Ensure we only show arrows for reposections and also include google analytics Change-Id: Ic4a964b43777e2b920363d12e696ef80dac6bff0
2016-10-18cgit: manage the git-linaro.png imageAndy Doan
This was never put into VCS and just happens to work for git.l.o. This puts the file under source control and deploys it where cgit will use it. Change-Id: Ia9cab14d0fa8b77b11c97017154da9d06c2fe264 Reviewed-on: https://review.linaro.org/14771 Reviewed-by: Ben Copeland <ben.copeland@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-10-18git: git.l.o has no need for SuexecAndy Doan
All files we serve have o+rx permissions, so there's no need to become the git user on this host. Change-Id: Ib6783ac11c243449f0c3fe2f5177dd041457b73f Reviewed-on: https://review.linaro.org/14770 Reviewed-by: Ben Copeland <ben.copeland@linaro.org> Reviewed-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
2016-10-18jenkins: update plugins dependenciesFathi Boudra
Change-Id: Ib48689ddf7d29c6722d8f43ec13333e095b4bd3e Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org> Reviewed-on: https://review.linaro.org/14841
2016-10-18Jenkins: add plugins dependenciesBen Copeland
Change-Id: Ic016ba85d2da16c7b7ad7195be8d0a0e202e39e5 Reviewed-on: https://review.linaro.org/14837 Reviewed-by: Fathi Boudra <fathi.boudra@linaro.org>