about summary refs log tree commit diff
path: root/third_party/gerrit_plugins
AgeCommit message (Collapse)AuthorFilesLines
2024-07-08 r/8359 chore(3p/gerrit): downgrade mina SSHd againLuke Granger-Brown1-1/+1
This breaks it with "ssh_dispatch_run_fatal: Connection to 2a01:4f8:242:5b21:0:feed:edef:beef port 29418: incorrect signature" Change-Id: I9bafc5fb6d4743ce4f097158ec14fecc791366ca Reviewed-on: https://cl.tvl.fyi/c/depot/+/11965 Tested-by: BuildkiteCI Autosubmit: lukegb <lukegb@tvl.fyi> Reviewed-by: flokli <flokli@flokli.de> Reviewed-by: lukegb <lukegb@tvl.fyi>
2024-07-08 r/8358 chore(3p/gerrit): create buildBazelPackageNG and migrate gerrit to itLuke Granger-Brown3-20/+22
This bumps Gerrit to 3.10.0, and also introduces a new mechanism for building it that should hopefully have some more stable hashes than the previous bodgery. In this world, we only cache what we explicitly want to. There are some hooks implemented for `rules_java` and `rules_nodejs` (before version 6) that force use of local binaries; this means we can drop the use of the FHSUserEnv and use the java and nodejs binaries provided by nixpkgs instead. detzip is deleted; it hasn't been used in yonks. We also add https://gerrit-review.googlesource.com/c/gerrit/+/431977, which bumps the SSHd version so that we can have U2F-based SSH keys. Change-Id: Ie12a9a33bbb1e4bd96aa252580aca3b8bc4a1205 Reviewed-on: https://cl.tvl.fyi/c/depot/+/11963 Reviewed-by: lukegb <lukegb@tvl.fyi> Autosubmit: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI
2024-02-12 r/7503 chore(3p/gerrit): 3.8.2 -> 3.9.1Luke Granger-Brown2-4/+4
Change-Id: I8fa10b52c44bd3d5efb0fff740ad6d5da6e96831 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10802 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-10-16 r/6821 chore(3p/gerrit): 3.7.0-rc4 -> 3.8.2Luke Granger-Brown3-40/+31
Bump gerrit plugins dep hashes, and for code-owners rebase it against master. Change-Id: If7da0ca391b4a5c0102560ca8d52b6f5a2dfd223 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9734 Autosubmit: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2023-04-26 r/6112 chore(3p/sources): Bump channels & overlayssterni1-1/+1
* //3p/sources: Note that emacs-overlay is not updated for now, as changes in emacs HEAD break //users/sterni/emacs. * //3p/gerrit_plugins/code-owners: deps hash changed once again or was no longer in the Nix store. Unfortunately, building the deps derivations from scratch for gerrit and the gerrit plugins no longer works due to a nixpkgs regression: Due to a (operator precedence) mistake in the way the deps derivation's installPhase is computed, it would append extra code to the installPhase provided by us, causing a bash syntax error. I have proposed a fix for this upstream (<https://github.com/NixOS/nixpkgs/pull/228305>). Adding a workaround in the repo would be possible, but a bit annoying. Since the derivations are fixed output anyways, I've opted to build the missing deps derivation (for code-owners) locally using the fixed nixpkgs, updated the sha256 and copied the result into whitby's Nix store. Hopefully by the next time we'll be rebuilding the deps derivations again the fix will have propagated into the NixOS unstable channel. * //users/grfn/system/system:roswellSystem: Use mysql80 from stable. See also https://github.com/NixOS/nixpkgs/issues/226673. Change-Id: I9b9d57f589be4cdc3fd4f39729c170a25a655b74 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8483 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-04-09 r/6087 chore(3p/sources): Bump channels & overlayssterni2-2/+2
* //3p/gerrit{,_plugins}: adjust for API change to buildBazelPackage https://github.com/NixOS/nixpkgs/commit/440b4de588d950e7fcf7add3b049fb209f097367 * //3p/gerrit_plugins: update hash of deps jar Change-Id: I131d5846acbce718126fb47671893a568d1020dd Reviewed-on: https://cl.tvl.fyi/c/depot/+/8445 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-11-06 r/5257 chore(gerrit): bump to 3.7.0-rc4Luke Granger-Brown3-25/+2
Change-Id: Ib6f4fd5817fb5415cff5ea1d8c75c8c9a08d56b4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7185 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-11-06 r/5256 fix(code-owners): put a user in the context for group resolution.Luke Granger-Brown1-28/+84
We need a user in the context when we ask the groups backend to look up groups by name, so for now if we don't have a _real_ user in the context (such as during change indexing), then populate the context with the anonymous user just for the duration of the groups backend calls. Change-Id: If961d84fe57443cb95deb59628802658585ed1cb Reviewed-on: https://cl.tvl.fyi/c/depot/+/7172 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-09-19 r/4921 feat(gerrit): add code-owners pluginLuke Granger-Brown3-7/+453
This is the New Thing that is intended to replace the find-owners and owners plugins. In particular: * It inserts a submit requirement rather than providing a Prolog predicate. * The default OWNERS file formats are suspiciously Googley. * It provides a neat UI for finding OWNERS and tracking approval state on a per-file basis. When we fully migrate to using the code-owners plugin, a few things will need to land, which I will likely do "offline" directly to the Gerrit backing Git repos: * Add the corresponding Gerrit config * Replace OWNERS files depot-wide * Add OWNERS files to the refs/meta/config branch * Introduce the Owners-Override label, settable by depot-interventions The enclosed patch adds two extra pieces of functionality that we need in tvldepot but aren't upstream: 1. The ability to just specify usernames rather than email addresses 2. The ability to specify `group:GROUPNAME`, _as long as_ that group is visible to everyone. This is a restriction intended to avoid having the plugin just leak group membership. Change-Id: I27d92b6cb7449af83030b9015f09a1571aa8452f Reviewed-on: https://cl.tvl.fyi/c/depot/+/6664 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Reviewed-by: sterni <sternenseemann@systemli.org>
2022-09-11 r/4817 chore(3p): gerrit: 3.4.0 -> 3.6.1Luke Granger-Brown3-83/+6
This change cannot be deployed OOTB: you must upgrade by 3.5.2+ first, and run copy-approvals. Change-Id: Ia2e49da4d801a21a3db59e2d5b054eeb46d7dc79 Reviewed-on: https://cl.tvl.fyi/c/depot/+/6505 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2022-03-30 r/3923 chore(3p/sources): Bump channels & overlayssterni1-1/+1
* //3p/gerrit_plugins:owners: update output sha256 Change-Id: I1dded4b0abbf1bfab546040f9e84295663a0b2cc Reviewed-on: https://cl.tvl.fyi/c/depot/+/5400 Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su>
2022-01-31 r/3723 style: format entire depot with nixpkgs-fmtVincent Ambo3-30/+34
This CL can be used to compare the style of nixpkgs-fmt against other formatters (nixpkgs, alejandra). Change-Id: I87c6abff6bcb546b02ead15ad0405f81e01b6d9e Reviewed-on: https://cl.tvl.fyi/c/depot/+/4397 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: wpcarro <wpcarro@gmail.com> Reviewed-by: Profpatsch <mail@profpatsch.de> Reviewed-by: kanepyork <rikingcoding@gmail.com> Reviewed-by: tazjin <tazjin@tvl.su> Reviewed-by: cynthia <cynthia@tvl.fyi> Reviewed-by: edef <edef@edef.eu> Reviewed-by: eta <tvl@eta.st> Reviewed-by: grfn <grfn@gws.fyi>
2021-12-15 r/3252 chore(3p): bump NixOS channels to 2021-12-15sterni1-1/+1
* Switch from (unused) NixOS 21.05 to newly released NixOS 21.11 channel. * grfn/machines/yeren: Linux 5.14.x -> 5.15.x * 3p/gerrit, 3p/gerrit_plugin/oauth: update dependency bundle output hashes to what whitby comes up with now. Change-Id: Id3bfe3d07b9223f77ec628954783a6b0a48f4086 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4310 Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>
2021-11-23 r/3088 refactor(readTree): Move 'drvTargets' into readTreeVincent Ambo1-1/+1
This function is also generally useful for readTree consumers that have the concept of subtargets. Change-Id: Ic7fc03380dec6953fb288763a28e50ab3624d233
2021-08-28 r/2798 feat(3p/gerrit): Upgrade Gerrit and plugins to v3.4.0Vincent Ambo2-15/+4
Brings us back to a stable version of Gerrit instead of a random commit. Note that Gerrit 3.4.1 is out, but due to a bug it can not be built publicly because it accidentally points at a private submodule (this is being fixed upstream). Change-Id: I0376c63a649498cef999dfa99bfccba511f2c8da Reviewed-on: https://cl.tvl.fyi/c/depot/+/3444 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2021-05-25 r/2630 chore(nixpkgs): Bump channels to 2021-05-25Vincent Ambo2-3/+3
* users/grfn/system/home/yeren: remove obsolete awscli2 overrides * ops: make new isSystemUser || isNormalUser assertion happy * users/grfn/system/system/mugwump: make buildkite agents system users * users/tazjin/nixos/camden: set isSystemUser = true for git * users/tazjin/emacs: Remove missing & broken packages * third_party/openldap: remove, as the argon2 module is now enabled upstream * third_party/gerrit_plugins: Pinned new unstable hashes * third_party/nix, third_party/grpc: Disabled CI as these are broken * third_party/overlays/emacs: Bumped version to stay in sync with channel * third_party/buzz: Update LIBCLANG_PATH to reference libclang.lib, since libclang's default output no longer contains libclang.so * users/grfn/system/home: Install julia-stable instead of julia (which aliases to julia-lts), as the latter depends on an insecure version of libgit Change-Id: Iff33b0ecb0ef07a82d1de35e23c40d2f4bf0f8ed Reviewed-on: https://cl.tvl.fyi/c/depot/+/3001 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2021-04-12 r/2499 fix(3p/gerrit_plugins/oauth): adapt to CAS "flat" attributesLuke Granger-Brown1-14/+42
CAS nested attributes produce a key called "attributes", which is disliked by Grafana, because it expects any key called attributes to be a map<string, list<string>>, whereas CAS just produces a map<string, string>. As part of setting up Grafana SSO we need therefore to fix Gerrit so it can adapt to the new syntax that we're adopting. Change-Id: Ia79dae78c0eae6e21135a06cd5850606f82bcdb8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2981 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-04-06 r/2450 chore(3p/gerrit): update gerrit and pluginsLuke Granger-Brown2-7/+7
This reverts commit 9551b628d02323b01ecb80220342eea488f7200e (i.e. this is a rollfoward for https://cl.tvl.fyi/c/depot/+/2817) Change-Id: Iaffcf1cdbe119d26ecb09cc88f9a56436b374c08 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2870 Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI
2021-04-04 r/2424 revert(3p/gerrit): chore(3p/gerrit): update gerrit and pluginslukegb2-7/+7
This reverts commit f59c6214c4b1812120bd500a23d1cb6e160d6665. Reason for revert: new gerrit's JS appears to not have compiled correctly; rolling back until I can figure out why Change-Id: If16fe341aad25bef30ed7be8c6ac49cadf2a732c Reviewed-on: https://cl.tvl.fyi/c/depot/+/2821 Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI
2021-04-04 r/2423 chore(3p/gerrit): update gerrit and pluginsLuke Granger-Brown2-7/+7
Yeet. Change-Id: I4de6453419f520a44af19d561a36d242195a64e9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2817 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-03 r/2415 chore(3p/gerrit_plugins): init oauthLuke Granger-Brown3-0/+72
Add the OAuth gerrit plugin to our mini collection of Gerrit plugins. This includes a patch to make the plugin work correctly with CAS 6.x, which has changed the attributes into a JSON object with the attributes nested inside, instead of a JSON list. Change-Id: I4741f137cca9c8eb45b9ea660fb4cbf6962be9a4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2782 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-04-03 r/2412 chore(3p/gerrit_plugins): attempt to stabilise hashes a bitLuke Granger-Brown1-7/+3
I'm dropping the leaveDotGit and deepClone bits; they were set like that purely to try to make the build stamping work. In practice, not only does the build stamping not work, but it also means we hit some inconveniently-different hashes from time to time when gitiles does... something??? on its backend. I'm also putting some gcroots for these on whitby, which should also help a bit, although it's a bit of a hack. Change-Id: Ie6082248393e62795c18b1971fc2d16f4e8cc81d Reviewed-on: https://cl.tvl.fyi/c/depot/+/2781 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-03-21 r/2304 chore(3p/gerrit_plugins): Build plugins separately in CIVincent Ambo1-2/+1
Change-Id: I76aeaa879e43b1fd08440f60a4f320bb7b48c6ab Reviewed-on: https://cl.tvl.fyi/c/depot/+/2630 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2021-03-21 r/2303 chore(3p/gerrit): Update pinned dependency hashVincent Ambo1-2/+2
Change-Id: I1807ac1771d23b00e3a78cc36fb2f82a12900993 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2629 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-02-01 r/2177 chore(3p/gerrit_plugins): fix fixed-output sha256 of checksterni1-1/+1
Once again the sha256 of the fetchgit fixed output derivation for check changed which was brought to light by the recent GC on whitby. Change-Id: Ib3c3b5b489717ac6d73631282f27e4363d4ac5c1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2481 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-01-09 r/2065 chore(3p): Bump NixOS channels to 2020-12-28Vincent Ambo1-2/+2
Changes: * ops/nixos/tvl-slapd: The NixOS module for OpenLDAP has removed the ability to configure OpenLDAP directly and now forces users to use some kind of weird Nix->OLC mapping that is mostly undocumented. This moves the config we need to the new format in a way that may or may not work and does the other arbitrary dance steps that someone decided to impose on us. Note that this now throws lots of warnings, but I can't be bothered to fix them. * 3p: Random package removals accomodated * users/glittershark: Pin grfn's kernel to 5.9, because the CK patch is not yet updated for 5.10 * users/glittershark: Update vendor hash for pg-dump-upsert, I suspect this changed because of something in the Go build machinery in nixpkgs. The deleteVendor flag also has no effect anymore and has been removed. * users/glittershark: agda build is broken, commenting out development home-manager environment until it can be fixed * third_party/haskell_overlay: updating random needs upper boundarles of a few dependencies relaxed (curse them) * third_party/gerrit_plugins: for some cursed reason the fixed-output hash of the gerrit owners plugin fetchgit changed, updated. Same for the checks plugin. Change-Id: Ica37995fe8039d3ba80eab643867f98795c56734 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2295 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de> Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>
2020-12-20 r/2016 chore(3p/gerrit): bump to latest version deployed on gerrit-reviewLuke Granger-Brown1-4/+4
Change-Id: I0aee39b21346f378964bab69bd903e8f43b7e7e8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2265 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2020-11-29 r/1957 chore(3p/gerrit): update to latest upstream HEADLuke Granger-Brown1-4/+4
Change-Id: Ia7b17ca83ace164881a4dd8b0288741489bc467c Reviewed-on: https://cl.tvl.fyi/c/depot/+/2164 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>
2020-08-02 r/1536 chore(gerrit): Update to latest HEAD.Luke Granger-Brown1-4/+4
Change-Id: I650777bbbd24a1922f26967fbbd7da06d14b6786 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1516 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-27 r/1489 feat(3p/gerrit_plugins): init Gerrit checks pluginLuke Granger-Brown1-0/+13
The Gerrit Checks plugin adds a new tab to the Gerrit UI, which is intended for display of status of automated checks which are being run. We can use this for e.g. reporting the run status of our CI builds/other stuff. Change-Id: Ib0d9a8ae68061a76191a56d467d915100b766e1b Reviewed-on: https://cl.tvl.fyi/c/depot/+/1462 Tested-by: BuildkiteCI Reviewed-by: kanepyork <rikingcoding@gmail.com> Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-27 r/1488 chore(3p/gerrit_plugins): add machinery for compiling Gerrit plugins from sourceLuke Granger-Brown2-7/+50
This looks particularly obnoxious for the owners plugin, because it's actually two plugins with a common library in the same repo. Other plugins are much cleaner to deal with (hence the default for overlayPluginCmd). Change-Id: Ibb9588c8a29b63e8509436fcbb70054e89349712 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1461 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-06-15 r/961 chore(monorepo-gerrit): Remove 'owners-autoassign' pluginVincent Ambo1-6/+0
This plugin just blindly assigns everyone and, as q3k has already pointed out, just isn't particularly useful. We might want to roll our own, for example: 19: 40:41 <+Remosi> I want the virtual owner thing, we could call it Gerrit Workgroup Synthesizer Queuing, or gwsq for short. Change-Id: Ib12a921ae4047ac6a734035dd0900c8964fb12d8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/350 Reviewed-by: riking <rikingcoding@gmail.com>
2020-06-14 r/953 chore(3p/gerrit_plugins): Update plugins for Gerrit 3.2Vincent Ambo1-4/+4
Change-Id: I0b1a2871768a8369dac7a3e2b06a38c07741e945 Reviewed-on: https://cl.tvl.fyi/c/depot/+/281 Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-06-13 r/935 feat(3p/gerrit_plugins): Add derivations for Gerrit owners pluginVincent Ambo1-0/+16
Change-Id: I319f812746aea6069c45727f5afae8b9b79effdd Reviewed-on: https://cl.tvl.fyi/c/depot/+/221 Reviewed-by: q3k <q3k@q3k.org> Reviewed-by: lukegb <lukegb@tvl.fyi>