Age | Commit message (Collapse) | Author | Files | Lines |
|
This was in //ops for legacy reasons, but this is really not necessary.
Change-Id: I758b257838993ef0f7d55809c137118826e2ba85
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12483
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Required to bump past the broken time crate.
Change-Id: Ied9e3367f5fc69db0671732a75f2e410f4f234f6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12407
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
This points to a "GitHub App" now
("https://github.com/organizations/tvlfyi/settings/apps"), rather than an
"OAuth App"
("https://github.com/organizations/tvlfyi/settings/applications").
Apparently this makes a big difference, and we should be using a "GitHub
App", not an "OAuth App".
The defails on why are in
https://github.com/keycloak/keycloak/issues/9429#issuecomment-1578953468
The App can be configured at
https://github.com/organizations/tvlfyi/settings/apps/tvl-keycloak .
With this, we should get rid of spurious Exceptions with some GitHub
users trying to log in, hopefully fixing https://b.tvl.fyi/issues/201.
Change-Id: I25d0d6cd1b05ad54ed3d760d3a48ce1f430c0e7d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12413
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Without this, terraform wants to recreate the resource, just because we
do /not/ want to delete the default mappers:
```
# keycloak_ldap_user_federation.tvl_ldap must be replaced
-/+ resource "keycloak_ldap_user_federation" "tvl_ldap" {
+ delete_default_mappers = false # forces replacement
~ id = "4e68e9f0-7aba-4465-8357-f2af6a55fd0e" -> (known after apply)
name = "tvl-ldap"
~ use_truststore_spi = "ALWAYS" -> "ONLY_FOR_LDAPS"
# (27 unchanged attributes hidden)
}
```
Keycloak lists the a few mappers. which are likely the default ones,
but in any case, we don't want to recreate this resource.
Change-Id: I170a91a44b2efa426fae268cf7fc97a7f28a5760
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12412
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
|
|
The docs mention this applies to "users of the legacy distribution of keycloak".
However, we get a "failed to perform initial login to Keycloak: error
sending POST request to https://auth.tvl.fyi/realms/master/protocol/openid-connect/token: 404 Not Found"
if we don't set this.
With this, the provider is able to talk to the API, as long as the
secrets are sourced.
Change-Id: I0b9cdd45b1628aa0870a1673491c12c07bf7f8d6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12411
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
The same fix from cl/11021 also needs to be applied to other states.
Change-Id: I205b03aab49130639c79702f4bf16f0bf28d89ab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12410
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
|
|
The same fix from cl/11021 also needs to be applied to other states.
Change-Id: I0df3ee2e8970e0d08a119ecc6347f24aef0448c2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12409
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
Change-Id: I4d10a17b43918857188c2b1f1babb8890346d9c0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12397
Reviewed-by: Ilan Joselevich <personal@ilanjoselevich.com>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
Change-Id: Id943cbb486073173a8391074c326749bffb990f7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12361
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: yl3dy <aleksandr.kiselyov@gmail•com>
Tested-by: BuildkiteCI
|
|
Change-Id: Idf8083d7f48fb1eca40596003fad1552b87bcef4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12364
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I05a11bb1f3496680c22b31a4450e4675d028c59d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12350
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Change-Id: I4df81b7f08e173d3c887bc89f869889a7901dbf0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12347
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I3b0a4695f69ef24a4f1f6280402c8a72223ff0c9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12344
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: mrflos <mrflos@yeswiki.pro>
|
|
Change-Id: I40a4e7b9b993b2af57b03da1036ddeca2a0d298a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12343
Reviewed-by: mrflos <mrflos@yeswiki.pro>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Change-Id: I5b5bb98f591e7bf3b1f16673f7f670b758444066
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12327
Reviewed-by: mrflos <mrflos@yeswiki.pro>
Tested-by: BuildkiteCI
|
|
This was deleted when removing the Sourcegraph module, but it turns out it is
also needed by panettone.
Change-Id: I8f14165bf783743247894c2b64882fbb032ffbf8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12295
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
Patch submitted via public inbox.
Change-Id: I5dc2d86aefd909216e8a16f428fc2cf818a125c2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12296
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Patch submitted to me IRL.
Change-Id: Idd8aa75313ba73d5c1e92b98d390e43e7108c6b6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12292
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Change-Id: I4ee9a5a69c90e2050c60b2ef8483431d691b499f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12287
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
Change-Id: I4d03f98e79de5e3a9c8c4a33682d5c78e3e0f028
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12286
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
Patch submitted to me IRL.
Change-Id: I43805e3932ccbe383fb5ec7780a29fae187f64db
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12290
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Patch submitted to me IRL.
Change-Id: I4cbfb138f616adf8635ca84f25cb77f8b8af7959
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12289
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Goodbye, Sourcegraph.
Relates to b/290.
Change-Id: Ic1cf3c1cf52ae17cdcc18c675b4c01d477644a3c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12285
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
See https://b.tvl.fyi/issues/409 for details.
Change-Id: Ibb54fab7a78e0e5f708c2a7dc8bb26ac0b2b4689
Signed-off-by: Armin Schlegel <a.schlegel@gridx.de>
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11972
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
cl/12228 did enable automatic retries for some flaky tests, which
generally did work, as can be seen in
https://buildkite.com/tvl/depot/builds/35893
However, ":duck:" still reports as failing, because we check the number
of steps to be nonzero, which is not the case if retries have happened.
We cannot check for the overall status of the build, as it's still
"RUNNING", but instead of counting all failed steps so far, we can query
all failed jobs and then filter out the ones that were already retried.
Change-Id: Ib9d27587c8a8ba7970850812c4302fecdc4482e7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12233
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I18492d6e6167f3c010e8f66670a127807ac7d99c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12183
Reviewed-by: aspen <root@gws.fyi>
Autosubmit: aspen <root@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: I54c47f8119d38f7403e27cbc23efd919dcf8e8d5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12006
Reviewed-by: yuka <yuka@yuka.dev>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
Change-Id: Ie25e2f1f0b7557be01b6f78142f1a40952988e53
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11792
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I6e5d0b56e932427e6285556106fba277e05a26cd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11785
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Give some more context about what these mean. Mostly copied from the
descriptions in nix-eval.sh
Change-Id: I845f4227206f7035bcd185a708c14877a040c46a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11778
Tested-by: BuildkiteCI
Reviewed-by: Ilan Joselevich <personal@ilanjoselevich.com>
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: flokli <flokli@flokli.de>
|
|
This switches to [Go modules](https://go.dev/blog/using-go-modules), which have now been the standard for dependency management in Go codebases for a while. In addition to initializing a new Go module, it also updates the paths of some gopkg.in dependencies, which are deprecated as well.
Change-Id: Ie5c9faa415a65ab76cbe59f4afb437a9250be392
Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11773
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: Ib83f22b8ee4c79b61b9be9d8cd176d759f6081ab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11772
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
In #tvix-dev, we want to display only CLs that relate to tvix and
related projects.
So use a pretty dumb allow-list for which CLs to display in that
channel.
Change-Id: I3ef50b64e3d7fbc27a6690be6a10f1b55c04cd6e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11658
Reviewed-by: flokli <flokli@flokli.de>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: I7b06473f67ee630a02676b19ff42ef02dd4014ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11742
Tested-by: BuildkiteCI
Reviewed-by: aspen <root@gws.fyi>
Autosubmit: aspen <root@gws.fyi>
|
|
For the duration of the sprint, this bot will take care of
synchronising the IRC channel with the Telegram group.
After the sprint, it will be removed again.
Change-Id: I6d5b1316fc85ddd26adf55e31f6bff742907fc24
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11727
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
https://inbox.tvl.su/depot/20240505153017.26572-1-benjaminedwardwebb@gmail.com/T/#u
Change-Id: I6cf47468750afbf7fa703bb2800e7b67a17c2a70
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11686
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I4526339648958e4e633ca8259b93513dc9406362
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11664
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
|
|
Change-Id: I0b695f0104bc587b1c5b7591c8d512a265d96873
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11534
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
The change we need has been released and propagated to nixos channels.
Change-Id: Ib10a1d42d7ef6deaf5665a13b72ece345e83d7dc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11457
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
Change-Id: Ia41fbff390a2b1df0926ab33e9f4f66b1fd92512
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11533
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I3d907589c75939c86faa3c1276e4023126ad3d17
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11513
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This relates to nixery#167.
Using our GC module is much more reliable than what we were doing previously.
Change-Id: I1956457812a3a847a7c8a1f4e7e91e50fad08ac0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11453
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: flokli <flokli@flokli.de>
|
|
I accidentally deallocated the previous public IP, and had to make a
new one :(
Change-Id: Ie30305bdfdb8443e058270e5324baf555343441c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11452
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: flokli <flokli@flokli.de>
|
|
We just had a minor incident where apparently our build cache for the
critical security fix was deleted by automatic-gc (which I had stopped
manually) being reenabled by an unrelated whitby deploy.
This adds a new mechanism where by touching a file called
`/run/stop-automatic-gc` the GC can be prevented from running.
We might want to configure an occasional alert or something if this
file exists, so we don't forget about it when we are using it.
Change-Id: I041e57e24b2b684696164a2d516581d7f5696ef0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11326
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: flokli <flokli@flokli.de>
|
|
A Framework laptop
Change-Id: I646e705d12b76c83e8cdcf11c618d07db3a21f0c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11235
Reviewed-by: aspen <root@gws.fyi>
Tested-by: BuildkiteCI
|
|
At least terraform wants all parameters passed via JSON to be strings.
It can't accept maps.
This means, allowing to pass a `argstr` JSON dict isn't really possible.
However, terraform is perfectly able to JSON-encode a map. So accept a
`argstr_json` argument instead, which `jq` will JSON-decode before
further processing it.
I dropped `argstr` support again so the jq expression still fits on my
screen, if anyone else (started) using this, I'm happy to review a CL
adding this. We should probably move the jq expression to some multiline
format then, though.
Change-Id: I5ab7a1169ab7305d3ab02db31c27732d9d1ab4e8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11228
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
If this is set to true (and only then), also invoke `nix-build` on the
previously-instantiated .drv to cause builds/substitutions on the local
machine.
There's no terraform example for this in here, but this is useful if you
want to perform builds locally, for example to upload nix-built blobs
elsewhere through terraform.
Change-Id: Idcf7b8527aa9c27f6f9ca60ca607c29d82e1cce9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11215
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
We already did all the instantiation, grabbing the calculated output
path too is cheap.
Change-Id: Id591865c65159409da739f706a9de29a9f50456a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11214
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
|
|
This documents the input and output format, and also removes some
references to Terraform and evaluating NixOS system configurations.
It can be used to evaluate anything.
Change-Id: I8492cc3e386f89b299469c78e586644ee82a708f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11213
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
In hope that iwlwifi works again on this commit, and I don't actually
have to debug it.
Includes following changes:
* users/aspen: home-manager is shuffling around pinentry options again
* users/flokli: rebase ipu6-softisp patches to Linux 6.8
make cl/11097 a separate patch
* ops/modules: remove unused (and now broken) v4l2loopback module
Co-Authored-By: Florian Klink <flokli@flokli.de>
Change-Id: I763f1f075778f2ed8db7803f87248c9dabde4213
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11174
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: aspen <root@gws.fyi>
Reviewed-by: flokli <flokli@flokli.de>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|