refactor(ops/pipelines): Configurable GraphQL token location
For external users of the pipeline construction, the token might be in a different path than `/run/agenix/buildkite-graphql-token`. It is made configurable through the BUILDKITE_TOKEN_PATH environment variable. This should be configured on the pipeline level to apply to all steps. Change-Id: I23c52e2d705e4134b8b013f8603f92e5533a6e44 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5424 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: asmundo <asmundo@gmail.com>
This commit is contained in:
parent
3badee71bb
commit
e70428e75b
2 changed files with 5 additions and 2 deletions
|
@ -14,6 +14,7 @@ set -ueo pipefail
|
||||||
# build all targets.
|
# build all targets.
|
||||||
|
|
||||||
: ${DRVMAP_PATH:=pipeline/drvmap.json}
|
: ${DRVMAP_PATH:=pipeline/drvmap.json}
|
||||||
|
: ${BUILDKITE_TOKEN_PATH:=~/buildkite-token}
|
||||||
|
|
||||||
git fetch -v origin "${BUILDKITE_PIPELINE_DEFAULT_BRANCH}"
|
git fetch -v origin "${BUILDKITE_PIPELINE_DEFAULT_BRANCH}"
|
||||||
|
|
||||||
|
@ -25,7 +26,7 @@ function most_relevant_builds {
|
||||||
set -u
|
set -u
|
||||||
curl 'https://graphql.buildkite.com/v1' \
|
curl 'https://graphql.buildkite.com/v1' \
|
||||||
--silent \
|
--silent \
|
||||||
-H "Authorization: Bearer $(cat /run/agenix/buildkite-graphql-token)" \
|
-H "Authorization: Bearer $(cat ${BUILDKITE_TOKEN_PATH})" \
|
||||||
-d "{\"query\": \"query { pipeline(slug: \\\"$BUILDKITE_ORGANIZATION_SLUG/$BUILDKITE_PIPELINE_SLUG\\\") { builds(commit: [\\\"$FIRST\\\",\\\"$SECOND\\\",\\\"$THIRD\\\"]) { edges { node { uuid }}}}}\"}" | \
|
-d "{\"query\": \"query { pipeline(slug: \\\"$BUILDKITE_ORGANIZATION_SLUG/$BUILDKITE_PIPELINE_SLUG\\\") { builds(commit: [\\\"$FIRST\\\",\\\"$SECOND\\\",\\\"$THIRD\\\"]) { edges { node { uuid }}}}}\"}" | \
|
||||||
jq -r '.data.pipeline.builds.edges[] | .node.uuid'
|
jq -r '.data.pipeline.builds.edges[] | .node.uuid'
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,6 +4,8 @@
|
||||||
# If something fails during the creation of the pipeline, the fallback
|
# If something fails during the creation of the pipeline, the fallback
|
||||||
# is executed instead which will simply report an error to Gerrit.
|
# is executed instead which will simply report an error to Gerrit.
|
||||||
---
|
---
|
||||||
|
env:
|
||||||
|
BUILDKITE_TOKEN_PATH: /run/agenix/buildkite-graphql-token
|
||||||
steps:
|
steps:
|
||||||
# Run pipeline for tvl-kit when new commits arrive on canon. Since
|
# Run pipeline for tvl-kit when new commits arrive on canon. Since
|
||||||
# it is not part of the depot build tree, this is a useful
|
# it is not part of the depot build tree, this is a useful
|
||||||
|
@ -85,7 +87,7 @@ steps:
|
||||||
|
|
||||||
readonly FAILED_JOBS=$(curl 'https://graphql.buildkite.com/v1' \
|
readonly FAILED_JOBS=$(curl 'https://graphql.buildkite.com/v1' \
|
||||||
--silent \
|
--silent \
|
||||||
-H "Authorization: Bearer $(cat /run/agenix/buildkite-graphql-token)" \
|
-H "Authorization: Bearer $(cat ${BUILDKITE_TOKEN_PATH})" \
|
||||||
-d "{\"query\": \"query BuildStatusQuery { build(uuid: \\\"$BUILDKITE_BUILD_ID\\\") { jobs(passed: false) { count } } }\"}" | \
|
-d "{\"query\": \"query BuildStatusQuery { build(uuid: \\\"$BUILDKITE_BUILD_ID\\\") { jobs(passed: false) { count } } }\"}" | \
|
||||||
jq -r '.data.build.jobs.count')
|
jq -r '.data.build.jobs.count')
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue