summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-01-02 20:58:59 +0100
committertv <tv@krebsco.de>2018-01-02 20:58:59 +0100
commit493984d97e6deaee3d7b358724e83c59bccb212d (patch)
tree691e019ae0b55d48a9681d9c26ae65e6c83d1d0f /krebs/3modules
parent84fdbeba2ceee152a128f5e9013043c172c07ecf (diff)
parente48b4eb4606f6d0ec0b930016a53e7e7cfcbfb64 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/ci.nix48
-rw-r--r--krebs/3modules/iptables.nix9
2 files changed, 52 insertions, 5 deletions
diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix
index b56f5c543..bb19f0602 100644
--- a/krebs/3modules/ci.nix
+++ b/krebs/3modules/ci.nix
@@ -24,6 +24,13 @@ in
List of hosts that should be build
'';
};
+ tests = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ description = ''
+ List of tests that should be build
+ '';
+ };
};
config = mkIf cfg.enable {
@@ -56,14 +63,14 @@ in
'';
scheduler = {
build-scheduler = ''
- # build all hosts
sched.append(
schedulers.SingleBranchScheduler(
change_filter=util.ChangeFilter(branch_re=".*"),
treeStableTimer=${toString cfg.treeStableTimer}*60,
name="build-all-branches",
builderNames=[
- "build-hosts"
+ ${optionalString (cfg.hosts != []) ''"hosts",''}
+ ${optionalString (cfg.tests != []) ''"tests",''}
]
)
)
@@ -73,7 +80,8 @@ in
schedulers.ForceScheduler(
name="force",
builderNames=[
- "build-hosts"
+ ${optionalString (cfg.hosts != []) ''"hosts",''}
+ ${optionalString (cfg.tests != []) ''"tests",''}
]
)
)
@@ -91,7 +99,7 @@ in
factory.addStep(steps.ShellCommand(**kwargs))
'';
builder = {
- build-hosts = ''
+ hosts = mkIf (cfg.hosts != []) ''
f = util.BuildFactory()
f.addStep(grab_repo)
@@ -120,12 +128,42 @@ in
bu.append(
util.BuilderConfig(
- name="build-hosts",
+ name="hosts",
slavenames=slavenames,
factory=f
)
)
+ '';
+ tests = mkIf (cfg.tests != []) ''
+ f = util.BuildFactory()
+ f.addStep(grab_repo)
+ def run_test(test):
+ addShell(f,
+ name="{}".format(test),
+ env={
+ "NIX_PATH": "secrets=/var/src/stockholm/null:/var/src",
+ "NIX_REMOTE": "daemon",
+ "dummy_secrets": "true",
+ },
+ command=[
+ "nix-build", "-I", "stockholm=.", "krebs/6tests",
+ "-A", "{}".format(test)
+ ],
+ timeout=90001
+ )
+
+ ${concatMapStringsSep "\n" (test:
+ "run_test(\"${test}\")"
+ ) cfg.tests}
+
+ bu.append(
+ util.BuilderConfig(
+ name="tests",
+ slavenames=slavenames,
+ factory=f
+ )
+ )
'';
};
enable = true;
diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix
index d64ed86de..6298a05a5 100644
--- a/krebs/3modules/iptables.nix
+++ b/krebs/3modules/iptables.nix
@@ -61,6 +61,15 @@ let
};
};
})));
+ default = {
+ filter.INPUT.policy = "ACCEPT";
+ filter.FORWARD.policy = "ACCEPT";
+ filter.OUTPUT.policy = "ACCEPT";
+ nat.PREROUTING.policy = "ACCEPT";
+ nat.INPUT.policy = "ACCEPT";
+ nat.OUTPUT.policy = "ACCEPT";
+ nat.POSTROUTING.policy = "ACCEPT";
+ };
};
};