Continuous integration with buildbot

Stephen Finucane stephen at that.guru
Sat Oct 7 03:43:13 AEDT 2017 

On Fri, 2017-10-06 at 13:36 +0200, David Demelier wrote:
> Hello all,
> 
> I'm guessing if one of you successfully enabled some linking between
> patchwork and buildbot [0].
> 
> According to the patchwork documentation, checks must be done using the
> REST API.

This blog would be a good place to start, though it might be slightly outdated:

  https://that.guru/blog/patchwork-and-ci-in-a-tree/

Off the top of my head, the way you want to do this is something like so:

1. Poll the 'events' endpoint for 'series-completed' events

     GET /events?category=series-completed&project={PROJECT_LINKNAME_OR_ID}

   Record the time you made this request: it will be useful later.
  
2. Parse this and iterate through each event. They contain basic information
   about the event *including the patch check URL*. Use this URL to create a
   'pending' check: this indicates that a build is running:

     POST $PATCH_CHECKS_URL_FROM_EVENT
     {
       "state": "pending",
       "target_url": "YOUR_BUILD_OUTPUT_URL",
       "context": "YOUR_CI_NAME",
       "description": "A_DESCRIPTION"
     }

3. Run your build

4. Once done, post a new check with the resulting test status:

     POST $PATCH_CHECKS_URL_FROM_EVENT
     {
       "state": "success",
       "target_url": "YOUR_BUILD_OUTPUT_URL",
       "context": "YOUR_CI_NAME",
       "description": "A_DESCRIPTION"
     }

5. Repeat 1-4 again, but this time add a 'since' parameter to prevent you
   picking up the same events:

     GET /events?category=series-completed\
       &project={PROJECT_LINKNAME_OR_ID}&since=2017-10-06T16:33:21Z

> Does that mean we must implement a poller in the buildbot that checks
> for new patches? I have a few concerns:
> 
>   1. I need to check how buildbot knows that a patch has already been
>      tested to avoid rebuilding over and over,

See above. This is a polling model so you need to keep track of the last time
you polled to do this.

>   2. I should also check how to make buildbot as secure as possible
>      since tests can be ran with insecure code sent via mails.

The best practices I see (in the OpenStack community) is to run everything in
isolated containers or VMs that are created afresh for every build and wiped
post build, saving only some build artifacts (logs etc.). This would probably
mean using "slave" machines, if buildbot offers such a system. However, I'm no
expert here so Google might be your friend.

> Any advices are welcome,

I'd love to see any progress you make with this. If you need any more help
here, feel free to ping me here or on IRC (freenode: stephenfin)

Stephen

> Regards,
> 
> [0]: http://buildbot.net
>

More information about the Patchwork mailing list