No description

Find a file

Christian Kühnel 1cc3b54c10 improved documentation on Phabricator integration		2019-10-29 11:12:03 +01:00
containers	removed redundant entry	2019-10-24 05:39:30 -07:00
docs	added deployment diagram	2019-10-29 09:37:27 +01:00
Jenkins	fixed missing environment variables in Phabricator pipeline	2019-10-29 10:15:38 +01:00
kubernetes	fixed urls after moving to new project	2019-10-29 09:43:00 +01:00
scripts	Merge pull request #34 from google/print-shell-commands	2019-10-28 09:25:31 -07:00
.gitignore	initial import of configuration files	2019-10-04 10:26:20 +02:00
k8s_config	configuration for new GCP project (#31 )	2019-10-28 09:35:49 -07:00
LICENSE	added license	2019-10-04 14:31:57 +02:00
local_setup.sh	Add 2 more jenkins nodes.	2019-10-14 12:22:25 +02:00
README.md	improved documentation on Phabricator integration	2019-10-29 11:12:03 +01:00

README.md

Overview

This repository contains the configuration files for the merge guards for the LLVM project. It configures a cluster of build machines that are used to check all incoming commits to the LLVM project.

Merge guards

TODO(@christiankuehnel): describe objective of merge guards

Cluster overview

The cluster consists of these services:

Jenkins build server: http://jenkins.llvm-merge-guard.org
a set of Jenkins agents running the builds
an nginx server with the build results/logs http://results.llvm-merge-guard.org

Jenkins-Phabricator integration

The Jenkins-Phabricator is based on the instructions provided with the Phabricator-Jenkins Plugin.

On the Phabricator side these things were configured:

the Harbormaster build plan
the Herald rule
the merge_guards_bot user writing the comments

On the Jenkins side:

in the Jenkins configuration page as explained in the instrucitons
in the build job
The Phabricator pluging is not used, as it's not flexible enough. Rather Phabricator just triggers the build via an HTTP request. The arc patch operations by scripts. The build feedback is also uploaded by scripts via the harbormaster.sendmessage and differential.revision.edit APIs.

There is no backup of the credentials. If you need to change it, generate a new one and update it in Jenkins and Phabricator.

Playbooks

deployment to a clean infrastructure

General remarks:

GCP does not route any traffic to your services unless the service is "healthy". It might take a few minutes after startup before the services is classified as healthy. Until then you will only see some generic error message.

These are the steps to set up the build server on a clean infrastructure:

Configure the tools on your local machine:
```
./local_setup.sh
```

Delete the old cluster, if it still exists:

cd kubernetes/cluster
./cluster_delete.sh

Create the cluster:

cd kubernetes/cluster
./cluster_create.sh

Create the disk storage, if it does not yet exist:
```
cd kubernetes/cluster
./disk_create.sh
```

SSH into the VM instance mounting the volume, find the mount point and then set

# go to the mount point of the volume
cd  /var/lib/kubelet/plugins/kubernetes.io/gce-pd/mounts/jenkins-home
# change the permissions
sudo chmod a+rwx

Push the docker images to gcr.io:

cd containers
#for each subfolder:
./build_deploy.sh <foldername>

Deploy the stack:
```
cd kubernetes
./deploy.sh
```
Configure it

creating basic authentication for reverse proxy

create auth file, based on ingress-nginx documentation

cd kubernetes/reverse-proxy
htpasswd -c auth <username>
# enter password at prompt
# add more users as required
kubectl create secret generic proxy-auth --from-file=auth --namespace=jenkins

License

This project is licensed unter the "Apache 2.0 with LLVM Exception" license. See LICENSE for details.