feat(ops/modules): Add module for running gerrit-queue
This is not yet including the secret configuration for gerrit-queue, and just expects the secret (gerrit username & password) to be available in /etc/secrets. Change-Id: Ia465ef7f3f521c70d606d7fdeba9aa83c7e1b98b
This commit is contained in:
		
							parent
							
								
									a9dd719e7c
								
							
						
					
					
						commit
						4870b1a2ff
					
				
					 2 changed files with 55 additions and 0 deletions
				
			
		|  | @ -9,6 +9,7 @@ in { | |||
|     "${depot.path}/ops/modules/atward.nix" | ||||
|     "${depot.path}/ops/modules/automatic-gc.nix" | ||||
|     "${depot.path}/ops/modules/clbot.nix" | ||||
|     "${depot.path}/ops/modules/gerrit-queue.nix" | ||||
|     "${depot.path}/ops/modules/git-serving.nix" | ||||
|     "${depot.path}/ops/modules/irccat.nix" | ||||
|     "${depot.path}/ops/modules/monorepo-gerrit.nix" | ||||
|  | @ -337,6 +338,9 @@ in { | |||
|         "/var/lib/znc" | ||||
|       ]; | ||||
|     }; | ||||
| 
 | ||||
|     # Run autosubmit bot for Gerrit | ||||
|     gerrit-queue.enable = true; | ||||
|   }; | ||||
| 
 | ||||
|   services.postgresql = { | ||||
|  |  | |||
							
								
								
									
										51
									
								
								ops/modules/gerrit-queue.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										51
									
								
								ops/modules/gerrit-queue.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,51 @@ | |||
| # Configuration for the Gerrit autosubmit bot (//third_party/gerrit-queue) | ||||
| { depot, pkgs, config, lib, ... }: | ||||
| 
 | ||||
| let | ||||
|   cfg = config.services.depot.gerrit-queue; | ||||
|   description = "gerrit-queue - autosubmit bot for Gerrit"; | ||||
|   mkStringOption = default: lib.mkOption { | ||||
|     inherit default; | ||||
|     type = lib.types.str; | ||||
|   }; | ||||
| in { | ||||
|   options.services.depot.gerrit-queue = { | ||||
|     enable = lib.mkEnableOption description; | ||||
|     gerritUrl = mkStringOption "https://cl.tvl.fyi"; | ||||
|     gerritProject = mkStringOption "depot"; | ||||
|     gerritBranch = mkStringOption "canon"; | ||||
| 
 | ||||
|     interval = with lib; mkOption { | ||||
|       type = types.int; | ||||
|       default = 60; | ||||
|       description = "Interval (in seconds) for submit queue checks"; | ||||
|     }; | ||||
| 
 | ||||
|     secretsFile = with lib; mkOption { | ||||
|       description = "Path to a systemd EnvironmentFile containing secrets"; | ||||
|       default = "/run/agenix/gerrit-queue"; | ||||
|       type = types.str; | ||||
|     }; | ||||
|   }; | ||||
| 
 | ||||
|   config = lib.mkIf cfg.enable { | ||||
|     systemd.services.gerrit-queue = { | ||||
|       inherit description; | ||||
|       wantedBy = [ "multi-user.target" ]; | ||||
| 
 | ||||
|       serviceConfig = { | ||||
|         ExecStart = "${depot.third_party.gerrit-queue}/bin/gerrit-queue"; | ||||
|         DynamicUser = true; | ||||
|         Restart = "always"; | ||||
|         EnvironmentFile = cfg.secretsFile; | ||||
|       }; | ||||
| 
 | ||||
|       environment = { | ||||
|         GERRIT_URL = cfg.gerritUrl; | ||||
|         GERRIT_PROJECT = cfg.gerritProject; | ||||
|         GERRIT_BRANCH = cfg.gerritBranch; | ||||
|         SUBMIT_QUEUE_TRIGGER_INTERVAL = toString cfg.interval; | ||||
|       }; | ||||
|     }; | ||||
|   }; | ||||
| } | ||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue