Page MenuHomePhabricator

[keyresult] Connect Differential code review with continuous integration
Closed, ResolvedPublic

Description

Our code review process must be connected to our continuous integration process. In theory, there are different ways to approach this:

We must choose our preferred option, and implement it.

The Zuul option

Zuul is a python daemon which act as a gateway between events in Gerrit and Jenkins. Zuul establish a ssh connection with Gerrit, executing the command 'gerrit stream-events'.

Whenever an event occurs in Gerrit (a vote, a comment, git ref updated, change abandoned, new patchset, etc.) it emits a json formatted event over the ssh channel which is then consumed by Zuul.

Zuul is modular enough that we can add support for Phabricator to it. We will probably need a system to push events much like Gerrit stream-events, or we can hack something in Zuul to poll events from time to time.

We could instead overhaul the continuous integration system to have Phabricator trigger Jenkins jobs directly. But since I want to eventually phase out Jenkins entirely, I think we should keep Zuul around.

See also: T89714: Integrate Jenkins with Phabricator with Harbormaster

Details

Reference
fl56

Related Objects

Event Timeline

flimport raised the priority of this task from to Normal.
flimport set Reference to fl56.

qgil wrote on 2014-04-22 18:00:41 (UTC)

Could you check whether the Phabricator API already provides what you need, or whether we would need to request something upstream, please?

epriestley wrote on 2014-04-25 22:27:52 (UTC)

We have feed.http-hooks (config, allows you to add webhooks) and feed.query (conduit API, for polling) but no socket-ish stream.

You can subclass PhabricatorSSHWorkflow to add a new SSH workflow as a local patch if you want to stick with stream-over-ssh, although I'd guess one of the above mechanisms is a better approach.

PhabricatorBotFeedNotificationHandler, which polls feed.query to push events through the chatbot, might be a good starting point if you want to poll.

qgil wrote on 2014-04-30 15:30:07 (UTC)

Moving to "Not critical for the RfC" because it is assumed that Phabricator will need to be plugged to our continuous integration process. If the RfC is approved, then we will need to define a technical plan before going anywhere.

Qgil added a subscriber: Qgil.Sep 30 2014, 8:15 AM

Maybe we can skip Zuul altogether?

Harbormaster is marked as "prototype" today, but maybe by the time we need it, it suits our needs? In any case, after searching a bit it is clear that we are not the only ones and neither the first ones needing to connect Phabricator with Jenkins.

Qgil added a comment.Sep 30 2014, 8:22 AM

<hashar> CI is not that hard, though we need Phabricator to emit events
<hashar> and write some code in Zuul to understand those events
<qgil> hashar, or maybe we can skip Zuul altogether? See the couple of links I just posted at https://phabricator.wikimedia.org/T31#6406
<hashar> potentially
<hashar> if Phabricator has the utilities to reimplement all the logic we have in Zuul (very very unlikely)
<hashar> I am 99% sure Harbormaster does not match Zuul feature set :(
<qgil> hashar, are the features to match documented anywhere?
<hashar> the most important one is the ability to gate changes together which has a few pages documentation on http://ci.openstack.org/zuul/gating.html
<hashar> if we have change A , B which are approved with a +2 , we trigger two set of jobs. The first set test A
<hashar> the second set test A + B together
<hashar> before A get merged. Zuul speculates that A will pass so it assumes it is fine to test B with A already being merged
<hashar> if A pass it is merged, and if A + B pass it is then merged. Ie you don't have to wait for A to be merged to run tests for B
<hashar> (and changes can be in different repositories)

Qgil renamed this task from Build a binding between Phabricator and Zuul to Connect Differential code review with continuous integration.Oct 9 2014, 2:38 PM
Qgil updated the task description. (Show Details)
Qgil removed a project: Wikimedia Phabricator RfC.
Qgil set Security to None.
Qgil updated the task description. (Show Details)Oct 10 2014, 8:41 AM

Obviously, Antoine and Timo will be the people leading this decision. I haven't assigned it to them yet as (at least speaking for Antoine) we don't have time to commit to it right now.

Qgil added a comment.Oct 10 2014, 4:17 PM

Obviously! I don't think that Continuous Integration integration ;) is a key element of T560: Proof of concept of code review in Phabricator. It would be useful to have @hashar and @Krinkle in the loop to make sure that we are not making any decisions now that will hit us when someone starts working effectively on the CI part.

It would be also good to have a plan, which can be a rough plan now, and a bit more polished plan by the end of year. But still a plan. The actual work on CI is not expected to start before the checkpoint after the proof of concept and the blessing of the full code review migration plan at that point. Needless to say, such plan must take into consideration the availability of the people that needs to be involved for the tasks that we have agreed.

As Antoine mentioned, the plan to move away from Jenkins is one reason to keep an abstraction layer (e.g. middleware) between Phabricator and Zuul.

Another important reason is the need for security and authentication. Until we have sandboxed VM testing, it is crucial that only submitted code from trusted users is executed. Phabricator probably doesn't (and shouldn't have to) have a built-in mechanism for doing that. It would depend on the middleware instead (e.g. Zuul).

Qgil lowered the priority of this task from Normal to Low.Nov 27 2014, 7:57 AM

Currently Gerrit-Migration is in the queue of Phabricator subprojects after Project-Management and Gitblit-Deprecate. If someone wants to work on this task, take it and assign the priority accordingly.

Flagging it with Continuous-Integration-Infrastructure, I think we will talk about it during our January 2015 team meeting / tech summit.

jayvdb added a subscriber: jayvdb.Mar 2 2015, 10:10 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 9 2015, 3:18 PM
cscott added a subscriber: cscott.Sep 17 2015, 8:49 PM
greg moved this task from To Triage to Backlog on the Differential board.Nov 4 2015, 7:19 PM
greg raised the priority of this task from Low to Normal.
greg moved this task from To Triage to Tooling on the Gerrit-Migration board.Dec 1 2015, 4:38 PM
mmodell added a subscriber: mmodell.Dec 2 2015, 3:32 AM
greg renamed this task from Connect Differential code review with continuous integration to [keyresult] Connect Differential code review with continuous integration.Jan 20 2016, 12:15 AM
Krinkle removed a subscriber: Krinkle.Feb 23 2016, 4:51 PM
greg added a comment.Mar 10 2016, 5:17 PM

Just quoting this here so it's not lost. Regarding comments from Jenkins on build status:

One can send markup that would be interpreted by Phabricator. Ie icons from http://fortawesome.github.io/Font-Awesome/icons/

OK{icon check color=green}
OK (non voting){icon info-circle color=green}
Failed (non voting){icon info-circle color=yellow}
Failed{icon ban color=red}
Whatever else{icon info-circle color=blue}
Luke081515 added a subscriber: Luke081515.

+1 to that, that would look nice ;)

@mmodell have you managed to get phabricator working with Zuul?

We are not using Zuul for now. Phabricator triggers jobs directly in Jenkins over its REST API.

Paladox added a comment.EditedJun 17 2016, 11:17 AM

@hashar but how do we view jobs like we could in Zuul please since I found it easy the way Zuul was layout. Since it showed all jobs running for that project. May we could get upstream to add the Zuul type showing projects with how long they have been running for and how long left and underneath it could show the tests running for that project like Zuul does including progress and linked to the job. Please.

Also how can we add jobs to phabricator for each repo. Like in Zuul we have layout.yaml which made it easy for people to add tests to there repo. We should probably do the same for phabricator please.

mmodell closed this task as Resolved.
mmodell claimed this task.