opendev/system-config
Code Issues Proposed changes
d3570b6442
system-config/doc/source/jeepyb.rst
Ian Wienand 654c287367 doc/jeepyb: further cleanups 
Follow-on to I07ca2b18d2da7e6261389696a0eae13d20d2cb22

* Github issues are now closed via the
  maintain-github-openstack-mirror which Zuul runs periodically

* manage-projects also runs from Zuul

* run-mirror hasn't been used since If5935b356e222c2f4d474a2cec8add3cc66b6010

* I'm not sure what the ssh key stuff is talking about, it's not
  really relevant now.

Change-Id: If4d8a1ac98c35c494090564d94f3a8c082cea900
2022-04-12 09:29:37 +10:00

144 lines
4.9 KiB
ReStructuredText
Raw Blame History

:title: Jeepyb
.. _jeepyb:
Jeepyb
######
Jeepyb is a collection of tools which make managing Gerrit easier.
Specifically, management of Gerrit projects and their associated
upstream integration with things like Github and Launchpad.
At a Glance
===========
:Hosts:
* http://review.opendev.org
:Puppet:
* https://opendev.org/opendev/puppet-jeepyb
* :git_file:`modules/openstack_project/manifests/review.pp`
* :git_file:`modules/openstack_project/manifests/review_dev.pp`
:Configuration:
* :git_file:`modules/openstack_project/templates/review.projects.ini.erb`
* :config:`gerrit/projects.yaml`
:Projects:
* https://opendev.org/opendev/jeepyb
:Bugs:
* https://storyboard.openstack.org/#!/project/722
Gerrit Project Configuration
============================
The ``manage-projects`` command in Jeepyb is able to create a new
project in Gerrit, create the new project on Github, create a local
git replica on the Gerrit host, configure the project Access Controls,
and create new groups in Gerrit.
The global configuration data needed for ``manage-projects`` to know how to
connect to things or how to operate is in
:git_file:`modules/openstack_project/templates/review.projects.ini.erb`.
#. Config values::
[projects]
homepage=http://example.org
gerrit-host=review.example.org
gerrit-user=example-project-creator
gerrit-key=/home/gerrit2/.ssh/example_project_id_rsa
github-config=/etc/github/github-projects.secure.config
has-wiki=False
has-issues=False
has-pull-requests=False
has-downloads=False
OpenStack Gerrit projects are configured in the
:config:`gerrit/projects.yaml`. file. When this file is updated,
``manage-projects`` is run automatically.
#. Project definition::
- project: example/gerrit
description: Fork of Gerrit used by Example
remote: https://gerrit.googlesource.com/gerrit
- project: example/project1
description: Best project ever.
has-wiki: True
acl-config: /path/to/acl/file
The above config gives puppet and its related scripts enough
information to create new projects, but not enough to add access
controls to each project. To add access control you need to have an
``acl-config`` option for the project in ``projects.yaml``. That
option should have a value that is a path to the ``project.config``
for that project.
That is the high level view of how we can configure projects using the
puppet repository. To create an actual change that does all of this for
a single project you will want to do the following:
#. Add a ``gerrit/acls/organization/project-name.config`` file to the
``project-config`` repo. The contents will probably end up looking like
the block below (note that the sections are in alphabetical order)::
[access "refs/heads/*"]
label-Code-Review = -2..+2 group project-name-core
label-Workflow = -1..+1 group project-name-core
[receive]
requireChangeId = true
requireContributorAgreement = true
[submit]
mergeContent = true
#. Add a project entry for the project in ``gerrit/projects.yaml`` in
the ``project-config`` repo.::
- project: organization/project-name
acl-config: /home/gerrit2/acls/organization/project-name.config
#. If there is an existing repo that is being replaced by this new
project you can set the upstream value for the project. When an
upstream is set, that upstream will be cloned and pushed into Gerrit
instead of an empty repository. e.g.::
- project: organization/project-name
acl-config: /home/gerrit2/acls/organization/project-name.config
upstream: git://github.com/awesumsauce/project-name.git
That is all you need to do. Push the change to gerrit and if necessary
modify group membership for the groups you configured in the
``project.config`` through Launchpad.
Commit Hooks
============
Launchpad Bug Integration
-------------------------
The ``update-bug`` Jeepyb command is installed as a Gerrit commit hook
so that it runs each time a patchset is created. It updates Launchpad
bugs based on information that it finds in the commit message. It
also contains a manual mapping of Gerrit to Launchpad project names
for projects that use a different Launchpad project for their bugs.
Launchpad Blueprint Integration
-------------------------------
The ``update-blueprint`` Jeepyb command is installed as a Gerrit
commit hook so that it runs each time a patchset is created. It
updates Launchpad blueprints based on information that it finds in the
commit message.
Trivial Rebase Hook
-------------------
The ``trivial-rebase`` commit hook runs when new patchsets are
uploaded and detects whether the new patchset is merely a rebase onto
a new parent, or is a substantial change. If it is a rebase, it
restores previous review votes and leaves a comment in Gerrit. It
uses Gerrit's own SSH host key as the private key for access in order
to gain the "superuser" permissions needed to impersonate other users
in reviews.
View Git Blame Copy Permalink