- Dec 15, 2024
-
-
Kristian Klausen authored
This reverts commit 466230e4. This has been fixed in pacman[1], so it is no longer unreasonably slow. Some quick testing at runner1 indicates that this only saves five seconds at best, so IMO it is not worth the complexity to continue doing this. This revert does not revert the timeout back to 60 seconds, but keeps it at 30 seconds. [1] pacman/pacman!16
-
Kristian Klausen authored
This means that there is no need to make runner-specific changes to the image, so in theory the image could be build centrally (e.g. in the arch-boxes project[1]) and then distributed to the runner hosts. This change also make the SSH keys ephemeral. [1] https://gitlab.archlinux.org/archlinux/arch-boxes
-
Kristian Klausen authored
All libvirt volume management is now handled through virsh instead of direct file system access. As a volume cannot be uploaded in an atomic way, the current active volume is now tracked in a file on disk. This may allow us to run the script with less privileges and use polkit for libvirt access control[1]. [1] https://libvirt.org/aclpolkit.html
-
Kristian Klausen authored
The prepare stage runs "echo "Running on $(hostname)...""[1], resulting in "bash: line 7: hostname: command not found" and it outputting "Running on ..." as the hostname command is provided by inetutils, which is not installed. Fix it by "monkey patching" it to use "hostnamectl hostname" and inject the hostname with SMBIOS[2][3]. Injecting creds with SMBIOS may also be useful in the future, e.g. for injecting an ephemeral SSH public key. [1] https://gitlab.com/gitlab-org/gitlab-runner/-/blob/v17.5.2/shells/bash.go?ref_type=tags#L452-L456 [2] https://systemd.io/CREDENTIALS/ [3] https://github.com/systemd/systemd/pull/30814
-
Kristian Klausen authored
This removes 13 instances of [1] and 1 instance of the IP address from the job log. The latter was fixed by no longer waiting for SSH in the "run" stage, which is unnecessary as we wait for SSH in the "prepare" stage. [1] Warning: Permanently added '192.168.122.xxx' (ED25519) to the list of known hosts.
-
Kristian Klausen authored
It was forgotten once[1] to update it in both places, so avoid that issue in the future, by moving it to a variable. [1] c370c9d0 ("gitlab_runner: Update concurreny math to reflect the new VM size")
-
Kristian Klausen authored
-
- Dec 14, 2024
-
-
Christian Heusel authored
Fixes #641 Signed-off-by:
Christian Heusel <christian@heusel.eu>
-
- Dec 12, 2024
-
-
Christian Heusel authored
The project now has a centralized landing page hosted in the root directory which we can observe instead of the docs for one specific crate. Related to signstar#124 Related to signstar!131 Signed-off-by:
Christian Heusel <christian@heusel.eu>
-
Christian Heusel authored
The project now has a centralized landing page hosted in the root directory which we can observe instead of the docs for one specific crate. Related to archlinux/alpm/alpm#76 Related to archlinux/alpm/alpm!57 Signed-off-by:
Christian Heusel <christian@heusel.eu>
-
Sven-Hendrik Haase authored
We had load problems before and this seems to fix it for now.
-
- Dec 11, 2024
-
-
Jan Alexander Steffens (heftig) authored
-
Jan Alexander Steffens (heftig) authored
-
- Dec 07, 2024
-
-
Evangelos Foutras authored
-
Levente Polyak authored
We are hitting a lot of permission problems lately for sources that are co maintained. The culprint were wrong facl permissions that have not been adjusted since we renamed TU to Packager. Reflect this change by fixing the groups in the archbuild tasks to use junior-dev and junior-packager.
-
- Dec 05, 2024
-
-
Jan Alexander Steffens (heftig) authored
-
- Dec 03, 2024
-
-
Christian Heusel authored
tf-stage1: Add GitLab Pages for Signstar See merge request !892
-
Christian Heusel authored
Requested by dvzrv[1] and implemented in this MR[2]. [1]: signstar#91 [2]: signstar!125 Signed-off-by:
Christian Heusel <christian@heusel.eu>
-
Jan Alexander Steffens (heftig) authored
-
Jan Alexander Steffens (heftig) authored
-
- Dec 02, 2024
-
-
Christian Heusel authored
tf-stage2: use 1h timeout for keycloak pw resets See merge request !889
-
Christian Heusel authored
Recently somebody complained that the email only reached them after the password reset link had already become invalid, which is definitely something that can happen with the previously set 5min timeout. 5 minutes timeout are too short aswell for any complex email analysis setup or greylisting, and we therefore bump this value to one hour, which is still short enough from a security perspective but gives our users a bit more time to act on the reset. Signed-off-by:
Christian Heusel <christian@heusel.eu>
-
- Dec 01, 2024
-
-
Levente Polyak authored
This seems to be a leftover from the migration of our packager roles. All packagers should be able to upload sources to our packages directory, hence change the permissions from the junior-dev group to the junior-packager group. Fixes #637
-
Kristian Klausen authored
The last submodule was removed in [1] more than 4 years ago. [1] d9fdafb0 ("Use archlinux-contrib over git submodule")
-
Kristian Klausen authored
The PoC has concluded. This reverts commit c56fbb55 (tf/keycloak: Add openid client for buildbot, 2022-09-01).
-
Kristian Klausen authored
The PoC has concluded. This reverts commit 37fb120a (Provision server for buildbot POC, 2022-05-12).
-
- Nov 30, 2024
-
-
Kristian Klausen authored
To my knowledge they were never used and the new buildbtw[1] project is following another path. [1] https://gitlab.archlinux.org/archlinux/buildbtw This reverts commit 3a555a1a (Provision workers (servers) for the buildbot POC, 2024-01-19).
-
Kristian Klausen authored
Fixes: 24e73359 ("Decommission patchwork.archlinux.org and replace it with a static copy[1]")
-
Kristian Klausen authored
With the last commit[1], we now lint the misc host_vars files and the indentation is off for some of the files. [1] b0f46412 ("Add missing .yml suffix to the misc host_vars files")
-
Kristian Klausen authored
The naming of yaml files should be consistent.
-
- Nov 27, 2024
-
-
Christian Heusel authored
gitlab_runner: Replace sq usage with rsop See merge request !890
-
Christian Heusel authored
Keeping up with the sequoia interface changes is no fun and has caused us work previously, therefore replace it with rsop which has a standardized interface. Co-Authored-by:
David Runge <dvzrv@archlinux.org> Signed-off-by:
Christian Heusel <christian@heusel.eu>
-
- Nov 26, 2024
-
-
Sven-Hendrik Haase authored
Add Mumble server See merge request !886
-
Sven-Hendrik Haase authored
As per my announcement to arch-devops[1] and staff, this adds a Mumble server for Arch Linux. The password for the special root user SuperAdmin is automatically generated on first launch and printed to the logs. I went ahead and added it to the vault. It should not usually be required to login as SuperAdmin though as long as there are user admins around. This uses certbot for local certificates. [1] https://lists.archlinux.org/archives/list/arch-devops@lists.archlinux.org/thread/AHAOSTGFJTLQDSXLWFORDKGR6RDVHYEI/
-
- Nov 24, 2024
-
-
Kristian Klausen authored
It never gained traction and it has been dormant for over three years. [1] https://gitlab.archlinux.org/archlinux/reproducible-archlinux-notes
-
Jan Alexander Steffens (heftig) authored
-
Jan Alexander Steffens (heftig) authored
-
Jan Alexander Steffens (heftig) authored
-
Jan Alexander Steffens (heftig) authored
-
- Nov 23, 2024
-
-
Evangelos Foutras authored
Also regenerate the list of Prometheus Blackbox targets, adding: - https://london.mirror.pkgbuild.com - https://package-maintainer-bylaws.aur.archlinux.org
-