Create the Buildbot master:
buildbot@master $ buildbot create-master -r <basedir>
buildbot@master $ git clone https://github.com/eric-ch/openxt-buildbot.git .
You will need to register your buildbot-workers by editing master.cfg
:
c['workers'] = [
worker.Worker("worker-name", "password"),
]
This needs to match each worker configuration.
buildbot@worker $ buildbot-worker create-worker --umask=0o22 <basedir> <master-host>:9989 "worker-name" "password"
As well, the master needs some configuration, edit the main dictionaries for various worker groups, e.g:
workers_oe_10['names'] = [ 'debian10-0' ]
workers_oe_10['workdir'] = "/var/builds/openxt"
workers_oe_10['deploydir'] = "/srv/http/OpenXT/auto"
workers_win_10['names'] = ["OpenXT-Win-0"]
workers_win_10['workdir'] = "c:\\builds"
workers_win_10['deploydir'] = "/srv/http/OpenXT/auto/windows"
Note: This uses rsync/scp to copy the built artefacts with urlhost:urlpath
as
destination.
Create at least an admin user for the Buildbot interface:
buildbot@master $ ls buildbot.tac master.cfg
buildbot.tac master.cfg
buildbot@master $ htpasswd -c .htpasswd user passwd
Start the master:
root@master $ systemctl start buildbot@<basedir>.service
Depending on your setup, allow TCP traffic to port 8010 (Buildbot HTTP UI) and 9989 (Buildbot Worker registration service). The following example should be narrowed down depending on your network structure (filter local IPs and what not).
root@master # iptables -A INPUT -p tcp -m tcp --dport 8010
root@master # iptables -A INPUT -p tcp -m tcp --dport 9989
Deploy your certificates.
Using the default path: /var/builds/openxt/certs
will be where the .pem
files should be found.
Example with a self signed certificate:
buildbot@worker $ cd /var/builds/openxt
buildbot@worker $ mkdir certs
buildbot@worker $ openssl genrsa -out certs/prod-cakey.pem 2048
buildbot@worker $ openssl genrsa -out certs/dev-cakey.pem 2048
buildbot@worker $ openssl req -new -x509 -key certs/prod-cakey.pem -out certs/prod-cacert.pem -days 1095
buildbot@worker $ openssl req -new -x509 -key certs/dev-cakey.pem -out certs/dev-cacert.pem -days 1095
The OpenXT Auto-Builder is split in different files:
config_*.py
with the default repository configurations for various builds.config.py
with helpers to aggregate these for Buildbot consumption.schedulers.py
holds the schedulers definition, including forced interfaces.factories_openxt.py
has the builders factories definitions for the OE components.factories_wintools.py
has the builders factories definitions for Windows components.
- Push the certificate to the worker from the build-master.
repo_quick
should be fixed, see inline comments.- Replace Buildbot Upload steps with Rsync
- Easier/Safer to manage
authorized_keys
with the hosting component fetching.