about summary refs log tree commit diff
path: root/ops
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--ops/buildkite/.gitignore3
-rw-r--r--ops/buildkite/README.org7
-rw-r--r--ops/buildkite/buildkite.tf51
-rw-r--r--ops/buildkite/default.nix23
-rw-r--r--ops/buildkite/steps.yml6
-rw-r--r--ops/ci/README.org3
-rw-r--r--ops/ci/pipeline.yml25
-rw-r--r--ops/default.nix1
8 files changed, 0 insertions, 119 deletions
diff --git a/ops/buildkite/.gitignore b/ops/buildkite/.gitignore
deleted file mode 100644
index 112bb96..0000000
--- a/ops/buildkite/.gitignore
+++ /dev/null
@@ -1,3 +0,0 @@
-# ignore the various terraform files that are generate. The state is
-# stored in a GCS bucket.
-.terraform*
diff --git a/ops/buildkite/README.org b/ops/buildkite/README.org
deleted file mode 100644
index c28acbd..0000000
--- a/ops/buildkite/README.org
+++ /dev/null
@@ -1,7 +0,0 @@
-This is to configure the pipelines in buildkite.
-
-To upload them, run =nix run .#ops.buildkite.upload=.
-
-The state is stored in a GCS bucket (and it needs to be created before we run this).
-
-The service account =terraform= needs to exist first, running =gcloud iam service-accounts list= will list them and we can verify it is defined. I might need to run =gcloud auth application-default login= in order to authenticate first.
diff --git a/ops/buildkite/buildkite.tf b/ops/buildkite/buildkite.tf
deleted file mode 100644
index cd74785..0000000
--- a/ops/buildkite/buildkite.tf
+++ /dev/null
@@ -1,51 +0,0 @@
-locals {
-  terraform_service_account = "terraform@fcuny-homelab.iam.gserviceaccount.com"
-}
-
-provider "google" {
-  alias = "impersonation"
-  scopes = [
-    "https://www.googleapis.com/auth/cloud-platform",
-    "https://www.googleapis.com/auth/userinfo.email",
-  ]
-}
-
-data "google_service_account_access_token" "default" {
-  provider               = google.impersonation
-  target_service_account = local.terraform_service_account
-  scopes                 = ["userinfo-email", "cloud-platform"]
-  lifetime               = "1200s"
-}
-
-provider "google" {
-  project         = "fcuny-homelab"
-  region          = "us-west1"
-  zone            = "us-west1-c"
-  access_token    = data.google_service_account_access_token.default.access_token
-  request_timeout = "60s"
-}
-
-terraform {
-  required_providers {
-    buildkite = {
-      source = "buildkite/buildkite"
-    }
-  }
-
-  backend "gcs" {
-    bucket                      = "world-tf-state"
-    prefix                      = "buildkite/state"
-    impersonate_service_account = "terraform@fcuny-homelab.iam.gserviceaccount.com"
-  }
-}
-
-provider "buildkite" {
-  organization = "fcuny-dot-xyz"
-}
-
-resource "buildkite_pipeline" "world" {
-  name        = "world"
-  description = "CI pipeline for the world repository."
-  repository  = "https://cl.fcuny.net/world"
-  steps       = file("./steps.yml")
-}
diff --git a/ops/buildkite/default.nix b/ops/buildkite/default.nix
deleted file mode 100644
index 8e7c05c..0000000
--- a/ops/buildkite/default.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{ pkgs }:
-let
-  terraform = pkgs.terraform.withPlugins (p: [
-    p.buildkite
-    p.google
-  ]);
-in
-pkgs.stdenv.mkDerivation rec {
-  name = "tf-buildkite";
-  src = ./.;
-
-  upload = pkgs.writeShellScriptBin "tf-buildkite-upload" ''
-    set -ueo pipefail
-
-    cd $(git rev-parse --show-toplevel)/ops/buildkite
-
-    export BUILDKITE_API_TOKEN=$(pass api/buildkite-terraform-token)
-
-    ${terraform}/bin/terraform init
-    ${terraform}/bin/terraform plan
-    ${terraform}/bin/terraform apply
-  '';
-}
diff --git a/ops/buildkite/steps.yml b/ops/buildkite/steps.yml
deleted file mode 100644
index 9f30b8a..0000000
--- a/ops/buildkite/steps.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-steps:
-  - label: ":buildkite:"
-    key: ":init:"
-    command: |
-      buildkite-agent pipeline upload ops/ci/pipeline.yml
diff --git a/ops/ci/README.org b/ops/ci/README.org
deleted file mode 100644
index 0754937..0000000
--- a/ops/ci/README.org
+++ /dev/null
@@ -1,3 +0,0 @@
-The default pipeline is managed by [[file:~/workspace/world/ops/buildkite/][ops/buildkite]]. When a new build starts, the buildkite agent uploads the pipeline defined in this directory.
-
-The configuration for the repository is managed with [[file+emacs:pipeline.yml][pipeline.yml]]. All the steps are executed in parallel except for the last one, which wait on the completion of all the previous steps. If one of the previous steps has failed, the build is marked as failed, otherwise we consider it to pass.
diff --git a/ops/ci/pipeline.yml b/ops/ci/pipeline.yml
deleted file mode 100644
index 4308f6a..0000000
--- a/ops/ci/pipeline.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-env:
-  BUILDKITE_TOKEN_PATH: /run/agenix/buildkite/graphql
-steps:
-  - label: ":shell:"
-    command: "nix develop -c pre-commit run --all-files"
-
-  # wait for all previous steps to complete.
-  - wait: null
-    continue_on_failure: true
-
-  - label: ":hammer:"
-    command: |
-      set -ueo pipefail
-
-      readonly FAILED_JOBS=$(curl 'https://graphql.buildkite.com/v1' \
-        --silent \
-        -H "Authorization: Bearer $(cat ${BUILDKITE_TOKEN_PATH})" \
-        -d "{\"query\": \"query BuildStatusQuery { build(uuid: \\\"$BUILDKITE_BUILD_ID\\\") { jobs(passed: false) { count } } }\"}" | \
-        jq -r '.data.build.jobs.count')
-
-      echo "$$FAILED_JOBS build jobs failed."
-
-      if (( $$FAILED_JOBS > 0 )); then
-        exit 1
-      fi
diff --git a/ops/default.nix b/ops/default.nix
index 194252c..64a3d68 100644
--- a/ops/default.nix
+++ b/ops/default.nix
@@ -1,7 +1,6 @@
 { pkgs }:
 
 pkgs.lib.makeScope pkgs.newScope (pkgs: {
-  buildkite = pkgs.callPackage ./buildkite { };
   gcp-backups = pkgs.callPackage ./gcp-backups { };
   github = pkgs.callPackage ./github { };
 })