about summary refs log tree commit diff
path: root/ops/modules/monorepo-gerrit.nix
diff options
context:
space:
mode:
Diffstat (limited to 'ops/modules/monorepo-gerrit.nix')
-rw-r--r--ops/modules/monorepo-gerrit.nix25
1 files changed, 17 insertions, 8 deletions
diff --git a/ops/modules/monorepo-gerrit.nix b/ops/modules/monorepo-gerrit.nix
index 67be5410dc..b335fe61d5 100644
--- a/ops/modules/monorepo-gerrit.nix
+++ b/ops/modules/monorepo-gerrit.nix
@@ -9,7 +9,7 @@ let
     exec -a ${name} ${depot.ops.besadii}/bin/besadii "$@"
   '';
 
-  gerritHooks = pkgs.runCommandNoCC "gerrit-hooks" { } ''
+  gerritHooks = pkgs.runCommand "gerrit-hooks" { } ''
     mkdir -p $out
     ln -s ${besadiiWithConfig "change-merged"} $out/change-merged
     ln -s ${besadiiWithConfig "patchset-created"} $out/patchset-created
@@ -28,7 +28,7 @@ in
     ];
 
     plugins = with depot.third_party.gerrit_plugins; [
-      owners
+      code-owners
       oauth
       depot.ops.gerrit-tvl
     ];
@@ -42,7 +42,7 @@ in
     # Gerrit.
     #
     # TODO(tazjin): Update Gerrit and remove this when possible.
-    jvmPackage = pkgs.openjdk11_headless;
+    jvmPackage = pkgs.openjdk17_headless;
 
     settings = {
       core.packedGitLimit = "100m";
@@ -87,26 +87,35 @@ in
 
       # Auto-link panettone bug links
       commentlink.panettone = {
-        match = "b/(\\\\d+)";
-        html = "<a href=\"https://b.tvl.fyi/issues/$1\">b/$1</a>";
+        match = "b/(\\d+)";
+        link = "https://b.tvl.fyi/issues/$1";
       };
 
       # Auto-link other CLs
       commentlink.gerrit = {
-        match = "cl/(\\\\d+)";
-        html = "<a href=\"https://cl.tvl.fyi/$1\">cl/$1</a>";
+        match = "cl/(\\d+)";
+        link = "https://cl.tvl.fyi/$1";
       };
 
       # Configures integration with Keycloak, which then integrates with a
       # variety of backends.
       auth.type = "OAUTH";
       plugin.gerrit-oauth-provider-keycloak-oauth = {
-        root-url = "https://auth.tvl.fyi";
+        root-url = "https://auth.tvl.fyi/auth";
         realm = "TVL";
         client-id = "gerrit";
         # client-secret is set in /var/lib/gerrit/etc/secure.config.
       };
 
+      plugin.code-owners = {
+        # A Code-Review +2 vote is required from a code owner.
+        requiredApproval = "Code-Review+2";
+        # The OWNERS check can be overriden using an Owners-Override vote.
+        overrideApproval = "Owners-Override+1";
+        # People implicitly approve their own changes automatically.
+        enableImplicitApprovals = "TRUE";
+      };
+
       # Allow users to add additional email addresses to their accounts.
       oauth.allowRegisterNewEmail = true;
generated by cgit-pink 1.4.1 (git 2.44.0) at 2024-05-04T10ยท16+0000