diff options
author | tv <tv@krebsco.de> | 2018-01-02 20:58:59 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2018-01-02 20:58:59 +0100 |
commit | 493984d97e6deaee3d7b358724e83c59bccb212d (patch) | |
tree | 691e019ae0b55d48a9681d9c26ae65e6c83d1d0f /krebs/3modules | |
parent | 84fdbeba2ceee152a128f5e9013043c172c07ecf (diff) | |
parent | e48b4eb4606f6d0ec0b930016a53e7e7cfcbfb64 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'krebs/3modules')
-rw-r--r-- | krebs/3modules/ci.nix | 48 | ||||
-rw-r--r-- | krebs/3modules/iptables.nix | 9 |
2 files changed, 52 insertions, 5 deletions
diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index b56f5c543..bb19f0602 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -24,6 +24,13 @@ in List of hosts that should be build ''; }; + tests = mkOption { + type = types.listOf types.str; + default = []; + description = '' + List of tests that should be build + ''; + }; }; config = mkIf cfg.enable { @@ -56,14 +63,14 @@ in ''; scheduler = { build-scheduler = '' - # build all hosts sched.append( schedulers.SingleBranchScheduler( change_filter=util.ChangeFilter(branch_re=".*"), treeStableTimer=${toString cfg.treeStableTimer}*60, name="build-all-branches", builderNames=[ - "build-hosts" + ${optionalString (cfg.hosts != []) ''"hosts",''} + ${optionalString (cfg.tests != []) ''"tests",''} ] ) ) @@ -73,7 +80,8 @@ in schedulers.ForceScheduler( name="force", builderNames=[ - "build-hosts" + ${optionalString (cfg.hosts != []) ''"hosts",''} + ${optionalString (cfg.tests != []) ''"tests",''} ] ) ) @@ -91,7 +99,7 @@ in factory.addStep(steps.ShellCommand(**kwargs)) ''; builder = { - build-hosts = '' + hosts = mkIf (cfg.hosts != []) '' f = util.BuildFactory() f.addStep(grab_repo) @@ -120,12 +128,42 @@ in bu.append( util.BuilderConfig( - name="build-hosts", + name="hosts", slavenames=slavenames, factory=f ) ) + ''; + tests = mkIf (cfg.tests != []) '' + f = util.BuildFactory() + f.addStep(grab_repo) + def run_test(test): + addShell(f, + name="{}".format(test), + env={ + "NIX_PATH": "secrets=/var/src/stockholm/null:/var/src", + "NIX_REMOTE": "daemon", + "dummy_secrets": "true", + }, + command=[ + "nix-build", "-I", "stockholm=.", "krebs/6tests", + "-A", "{}".format(test) + ], + timeout=90001 + ) + + ${concatMapStringsSep "\n" (test: + "run_test(\"${test}\")" + ) cfg.tests} + + bu.append( + util.BuilderConfig( + name="tests", + slavenames=slavenames, + factory=f + ) + ) ''; }; enable = true; diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index d64ed86de..6298a05a5 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -61,6 +61,15 @@ let }; }; }))); + default = { + filter.INPUT.policy = "ACCEPT"; + filter.FORWARD.policy = "ACCEPT"; + filter.OUTPUT.policy = "ACCEPT"; + nat.PREROUTING.policy = "ACCEPT"; + nat.INPUT.policy = "ACCEPT"; + nat.OUTPUT.policy = "ACCEPT"; + nat.POSTROUTING.policy = "ACCEPT"; + }; }; }; |