diff options
Diffstat (limited to 'ops/modules/monorepo-gerrit.nix')
-rw-r--r-- | ops/modules/monorepo-gerrit.nix | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/ops/modules/monorepo-gerrit.nix b/ops/modules/monorepo-gerrit.nix index 67be5410dc..b335fe61d5 100644 --- a/ops/modules/monorepo-gerrit.nix +++ b/ops/modules/monorepo-gerrit.nix @@ -9,7 +9,7 @@ let exec -a ${name} ${depot.ops.besadii}/bin/besadii "$@" ''; - gerritHooks = pkgs.runCommandNoCC "gerrit-hooks" { } '' + gerritHooks = pkgs.runCommand "gerrit-hooks" { } '' mkdir -p $out ln -s ${besadiiWithConfig "change-merged"} $out/change-merged ln -s ${besadiiWithConfig "patchset-created"} $out/patchset-created @@ -28,7 +28,7 @@ in ]; plugins = with depot.third_party.gerrit_plugins; [ - owners + code-owners oauth depot.ops.gerrit-tvl ]; @@ -42,7 +42,7 @@ in # Gerrit. # # TODO(tazjin): Update Gerrit and remove this when possible. - jvmPackage = pkgs.openjdk11_headless; + jvmPackage = pkgs.openjdk17_headless; settings = { core.packedGitLimit = "100m"; @@ -87,26 +87,35 @@ in # Auto-link panettone bug links commentlink.panettone = { - match = "b/(\\\\d+)"; - html = "<a href=\"https://b.tvl.fyi/issues/$1\">b/$1</a>"; + match = "b/(\\d+)"; + link = "https://b.tvl.fyi/issues/$1"; }; # Auto-link other CLs commentlink.gerrit = { - match = "cl/(\\\\d+)"; - html = "<a href=\"https://cl.tvl.fyi/$1\">cl/$1</a>"; + match = "cl/(\\d+)"; + link = "https://cl.tvl.fyi/$1"; }; # Configures integration with Keycloak, which then integrates with a # variety of backends. auth.type = "OAUTH"; plugin.gerrit-oauth-provider-keycloak-oauth = { - root-url = "https://auth.tvl.fyi"; + root-url = "https://auth.tvl.fyi/auth"; realm = "TVL"; client-id = "gerrit"; # client-secret is set in /var/lib/gerrit/etc/secure.config. }; + plugin.code-owners = { + # A Code-Review +2 vote is required from a code owner. + requiredApproval = "Code-Review+2"; + # The OWNERS check can be overriden using an Owners-Override vote. + overrideApproval = "Owners-Override+1"; + # People implicitly approve their own changes automatically. + enableImplicitApprovals = "TRUE"; + }; + # Allow users to add additional email addresses to their accounts. oauth.allowRegisterNewEmail = true; |