scabot: supervised by runit

adriaanm · adriaanm · commit afb4f9875b8a · 2015-01-22T15:28:23.000-08:00
logs are in `~scabot/logs/current`
simply restart by `su scabot -c 'killall -1 java'`
(the scabot user runs only one java process, which will is supervised by runit)

push to deploy using git-deploy (see scabot repo)
diff --git a/README.md b/README.md
@@ -126,12 +126,26 @@ NOTE: the JSON must not have a field "id"!!!
 ### Chef user with keypair for jenkins cli access
 ```
 eval "$(chef shell-init zsh)" # use chef's ruby, which has the net/ssh gem
-ruby keypair.rb > keypair.json
+ruby chef/keypair.rb > ~/Desktop/chef-secrets/config/keypair.json
+ruby chef/keypair.rb > ~/Desktop/chef-secrets/config/scabot-keypair.json
+
+# extract private key to ~/Desktop/chef-secrets/config/scabot.pem
 
 knife vault create master scala-jenkins-keypair \
-  --json keypair.json \
+  --json ~/Desktop/chef-secrets/config/keypair.json \
   --search 'name:jenkins*' \
   --admins adriaan
+
+knife vault create master scabot-keypair \
+  --json ~/Desktop/chef-secrets/config/scabot-keypair.json \
+  --search 'name:jenkins-master' \
+  --admins adriaan
+
+knife vault create master scabot \
+  --json ~/Desktop/chef-secrets/config/scabot.json \
+  --search 'name:jenkins-master' \
+  --admins adriaan
+
 ```
 
 ### For github oauth
@@ -215,6 +229,11 @@ Host jenkins-master
   IdentityFile ~/Desktop/chef-secrets/config/chef.pem
   User ec2-user
 
+Host scabot
+  HostName jenkins-master
+  IdentityFile ~/Desktop/chef-secrets/config/scabot.pem
+  User scabot
+
 Host jenkins-worker-windows
   IdentityFile ~/Desktop/chef-secrets/jenkins-chef
   User jenkins
diff --git a/attributes/master.rb b/attributes/master.rb
@@ -32,3 +32,7 @@
   EOH
 
 default['master']['ec2-start-stop']['url']      = 'https://dl.dropboxusercontent.com/u/12862572/ec2-start-stop.hpi'
+
+
+default['scabot']['jenkins']['user']     = "scala-jenkins"
+default['scabot']['github']['repo_user'] = "adriaanm"
diff --git a/metadata.rb b/metadata.rb
@@ -22,3 +22,5 @@
 # TODO remove chef-sbt dependency, but not sure sbt-extras supports windows
 depends 'chef-sbt'
 depends 'sbt-extras'
+
+depends 'runit', '~> 1.5'
diff --git a/recipes/_master-config-scabot.rb b/recipes/_master-config-scabot.rb
@@ -0,0 +1,81 @@
+#
+# Cookbook Name:: scala-jenkins-infra
+# Recipe:: _master-init-scabot
+#
+# Copyright 2014, Typesafe, Inc.
+#
+# All rights reserved - Do Not Redistribute
+#
+
+include_recipe "git"
+include_recipe "chef-sbt"
+
+scabotHome     = "/home/scabot"
+scabotCheckout = "/home/scabot/scabot"
+scabotUser     = "scabot"
+
+user scabotUser
+
+directory scabotHome do
+  owner     scabotUser
+  mode      00755
+  action    :create
+end
+
+directory scabotCheckout do
+  owner     scabotUser
+  mode      00755
+  action    :create
+end
+
+directory "#{scabotHome}/logs" do
+  owner     scabotUser
+  mode      00755
+  action    :create
+end
+
+directory "#{scabotHome}/.ssh" do
+  owner     scabotUser
+end
+
+file "#{scabotHome}/.ssh/authorized_keys" do
+  owner     scabotUser
+  mode      '644'
+  content   ChefVault::Item.load("master", "scabot-keypair")['public_key']
+end
+
+node.set['scabot']['github']['token']  = ChefVault::Item.load("master", "scabot")['github']['token']
+node.set['scabot']['jenkins']['token'] = ChefVault::Item.load("master", "scabot")['jenkins']['token']
+
+git_user scabotUser do
+  home      scabotHome
+  # owner     scabotUser
+  full_name 'Scabot'
+  email     'adriaan@typesafe.com'
+end
+
+# scabotCheckout must be an empty dir
+git scabotCheckout do
+  user       scabotUser
+  repository "https://github.com/adriaanm/scabot.git"
+  revision   "master"
+end
+
+template "#{scabotCheckout}/scabot.conf" do
+  source    'scabot.conf.erb'
+  user      scabotUser
+  sensitive true
+end
+
+bash 'build scabot' do
+  cwd  scabotCheckout
+  user scabotUser
+  code "sbt update && sbt stage"
+end
+
+# Include runit to setup the service
+include_recipe 'runit::default'
+
+# Create runit service
+runit_service 'scabot' # see templates/default/sv-scabot-run.erb
+
diff --git a/recipes/master-config.rb b/recipes/master-config.rb
@@ -9,6 +9,8 @@
 
 require "chef-vault"
 
+include_recipe 'scala-jenkins-infra::_master-config-scabot'
+
 ruby_block 'set private key' do
   block do
     node.run_state[:jenkins_private_key] = ChefVault::Item.load("master", "scala-jenkins-keypair")['private_key']
diff --git a/templates/default/scabot.conf.erb b/templates/default/scabot.conf.erb
@@ -0,0 +1,14 @@
+scala: {
+  jenkins: {
+    job:   "scala-2.11.x-validate-main"
+    host:  "scala-ci.typesafe.com"
+    user:  "<%=node['scabot']['jenkins']['user']%>"
+    token: "<%=node['scabot']['jenkins']['token']%>"
+  }
+  github: {
+    user:  "<%=node['scabot']['github']['repo_user']%>"
+    repo:  "scala"
+    host:  "api.github.com"
+    token: "<%=node['scabot']['github']['token']%>"
+  }
+}
diff --git a/templates/default/sv-scabot-log-run.erb b/templates/default/sv-scabot-log-run.erb
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+#
+# This file was generated by Chef for <%= node['fqdn'] %>.
+# Do NOT modify this file by hand.
+#
+
+exec svlogd /home/scabot/logs
diff --git a/templates/default/sv-scabot-run.erb b/templates/default/sv-scabot-run.erb
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+#
+# This file was generated by Chef for <%= node['fqdn'] %>.
+# Do NOT modify this file by hand.
+#
+
+
+exec 2>&1
+cd /home/scabot
+touch scabot.start
+exec chpst -u scabot -U scabot \
+  env HOME=/home/scabot \
+  /home/scabot/scabot/target/universal/stage/bin/scabot
