blob: 8467ed871ca473aaa9dfa09c23e8592e19f79fa7 [file] [log] [blame]
James E. Blaireff5a9d2017-06-20 00:00:37 -07001:title: Gerrit Driver
2
3Gerrit
4======
5
6`Gerrit`_ is a code review system. The Gerrit driver supports
7sources, triggers, and reporters.
8
9.. _Gerrit: https://www.gerritcodereview.com/
10
11Zuul will need access to a Gerrit user.
12
13Create an SSH keypair for Zuul to use if there isn't one already, and
14create a Gerrit user with that key::
15
16 cat ~/id_rsa.pub | ssh -p29418 review.example.com gerrit create-account --ssh-key - --full-name Zuul zuul
17
18Give that user whatever permissions will be needed on the projects you
19want Zuul to report on. For instance, you may want to grant
20``Verified +/-1`` and ``Submit`` to the user. Additional categories
21or values may be added to Gerrit. Zuul is very flexible and can take
22advantage of those.
23
24Connection Configuration
25------------------------
26
James E. Blaird23f45d2017-08-03 16:37:13 -070027The supported options in ``zuul.conf`` connections are:
James E. Blaireff5a9d2017-06-20 00:00:37 -070028
James E. Blaird23f45d2017-08-03 16:37:13 -070029.. attr:: <gerrit connection>
James E. Blaireff5a9d2017-06-20 00:00:37 -070030
James E. Blaird23f45d2017-08-03 16:37:13 -070031 .. attr:: driver
32 :required:
James E. Blaireff5a9d2017-06-20 00:00:37 -070033
James E. Blaird23f45d2017-08-03 16:37:13 -070034 .. value:: gerrit
James E. Blaireff5a9d2017-06-20 00:00:37 -070035
James E. Blaird23f45d2017-08-03 16:37:13 -070036 The connection must set ``driver=gerrit`` for Gerrit connections.
James E. Blaireff5a9d2017-06-20 00:00:37 -070037
James E. Blaird23f45d2017-08-03 16:37:13 -070038 .. attr:: server
James E. Blaireff5a9d2017-06-20 00:00:37 -070039
James E. Blaird23f45d2017-08-03 16:37:13 -070040 Fully qualified domain name of Gerrit server.
James E. Blaireff5a9d2017-06-20 00:00:37 -070041
James E. Blaird23f45d2017-08-03 16:37:13 -070042 .. attr:: canonical_hostname
James E. Blaireff5a9d2017-06-20 00:00:37 -070043
James E. Blaird23f45d2017-08-03 16:37:13 -070044 The canonical hostname associated with the git repos on the
45 Gerrit server. Defaults to the value of
46 :attr:`<gerrit connection>.server`. This is used to identify
47 projects from this connection by name and in preparing repos on
48 the filesystem for use by jobs. Note that Zuul will still only
49 communicate with the Gerrit server identified by ``server``;
50 this option is useful if users customarily use a different
51 hostname to clone or pull git repos so that when Zuul places
52 them in the job's working directory, they appear under this
53 directory name.
54
55 .. attr:: port
56 :default: 29418
57
58 Gerrit server port.
59
60 .. attr:: baseurl
61
62 Path to Gerrit web interface.
63
64 .. attr:: user
65 :default: zuul
66
67 User name to use when logging into Gerrit via ssh.
68
69 .. attr:: sshkey
70 :default: ~zuul/.ssh/id_rsa
71
72 Path to SSH key to use when logging into Gerrit.
73
74 .. attr:: keepalive
75 :default: 60
76
77 SSH connection keepalive timeout; ``0`` disables.
James E. Blaireff5a9d2017-06-20 00:00:37 -070078
79Trigger Configuration
80---------------------
81
82Zuul works with standard versions of Gerrit by invoking the ``gerrit
83stream-events`` command over an SSH connection. It also reports back
84to Gerrit using SSH.
85
86If using Gerrit 2.7 or later, make sure the user is a member of a group
87that is granted the ``Stream Events`` permission, otherwise it will not
88be able to invoke the ``gerrit stream-events`` command over SSH.
89
James E. Blaird23f45d2017-08-03 16:37:13 -070090.. attr:: pipeline.trigger.<gerrit source>
James E. Blaireff5a9d2017-06-20 00:00:37 -070091
James E. Blaird23f45d2017-08-03 16:37:13 -070092 The dictionary passed to the Gerrit pipeline `trigger` attribute
93 supports the following attributes:
James E. Blaireff5a9d2017-06-20 00:00:37 -070094
James E. Blaird23f45d2017-08-03 16:37:13 -070095 .. attr:: event
96 :required:
James E. Blaireff5a9d2017-06-20 00:00:37 -070097
James E. Blaird23f45d2017-08-03 16:37:13 -070098 The event name from gerrit. Examples: ``patchset-created``,
99 ``comment-added``, ``ref-updated``. This field is treated as a
100 regular expression.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700101
James E. Blaird23f45d2017-08-03 16:37:13 -0700102 .. attr:: branch
James E. Blaireff5a9d2017-06-20 00:00:37 -0700103
James E. Blaird23f45d2017-08-03 16:37:13 -0700104 The branch associated with the event. Example: ``master``.
105 This field is treated as a regular expression, and multiple
106 branches may be listed.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700107
James E. Blaird23f45d2017-08-03 16:37:13 -0700108 .. attr:: ref
James E. Blaireff5a9d2017-06-20 00:00:37 -0700109
James E. Blaird23f45d2017-08-03 16:37:13 -0700110 On ref-updated events, the branch parameter is not used, instead
111 the ref is provided. Currently Gerrit has the somewhat
112 idiosyncratic behavior of specifying bare refs for branch names
113 (e.g., ``master``), but full ref names for other kinds of refs
114 (e.g., ``refs/tags/foo``). Zuul matches this value exactly
115 against what Gerrit provides. This field is treated as a
116 regular expression, and multiple refs may be listed.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700117
James E. Blaird23f45d2017-08-03 16:37:13 -0700118 .. attr:: ignore-deletes
119 :default: true
James E. Blaireff5a9d2017-06-20 00:00:37 -0700120
James E. Blaird23f45d2017-08-03 16:37:13 -0700121 When a branch is deleted, a ref-updated event is emitted with a
122 newrev of all zeros specified. The ``ignore-deletes`` field is a
123 boolean value that describes whether or not these newrevs
124 trigger ref-updated events.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700125
James E. Blaird23f45d2017-08-03 16:37:13 -0700126 .. attr:: approval
James E. Blaireff5a9d2017-06-20 00:00:37 -0700127
James E. Blaird23f45d2017-08-03 16:37:13 -0700128 This is only used for ``comment-added`` events. It only matches
129 if the event has a matching approval associated with it.
130 Example: ``Code-Review: 2`` matches a ``+2`` vote on the code
131 review category. Multiple approvals may be listed.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700132
James E. Blaird23f45d2017-08-03 16:37:13 -0700133 .. attr:: email
James E. Blaireff5a9d2017-06-20 00:00:37 -0700134
James E. Blaird23f45d2017-08-03 16:37:13 -0700135 This is used for any event. It takes a regex applied on the
136 performer email, i.e. Gerrit account email address. If you want
137 to specify several email filters, you must use a YAML list.
138 Make sure to use non greedy matchers and to escapes dots!
139 Example: ``email: ^.*?@example\.org$``.
140
141 .. attr:: username
142
143 This is used for any event. It takes a regex applied on the
144 performer username, i.e. Gerrit account name. If you want to
145 specify several username filters, you must use a YAML list.
146 Make sure to use non greedy matchers and to escapes dots.
147 Example: ``username: ^zuul$``.
148
149 .. attr:: comment
150
151 This is only used for ``comment-added`` events. It accepts a
152 list of regexes that are searched for in the comment string. If
153 any of these regexes matches a portion of the comment string the
154 trigger is matched. ``comment: retrigger`` will match when
155 comments containing ``retrigger`` somewhere in the comment text
156 are added to a change.
157
158 .. attr:: require-approval
159
160 This may be used for any event. It requires that a certain kind
161 of approval be present for the current patchset of the change
162 (the approval could be added by the event in question). It
163 follows the same syntax as :attr:`pipeline.require.<gerrit
164 source>.approval`. For each specified criteria there must exist
165 a matching approval.
166
167 .. attr:: reject-approval
168
169 This takes a list of approvals in the same format as
170 :attr:`pipeline.trigger.<gerrit source>.require-approval` but
171 will fail to enter the pipeline if there is a matching approval.
James E. Blaireff5a9d2017-06-20 00:00:37 -0700172
173Reporter Configuration
174----------------------
175
176Zuul works with standard versions of Gerrit by invoking the
177``gerrit`` command over an SSH connection. It reports back to
178Gerrit using SSH.
179
180The dictionary passed to the Gerrit reporter is used for ``gerrit
181review`` arguments, with the boolean value of ``true`` simply
182indicating that the argument should be present without following it
183with a value. For example, ``verified: 1`` becomes ``gerrit review
184--verified 1`` and ``submit: true`` becomes ``gerrit review
185--submit``.
186
187A :ref:`connection<connections>` that uses the gerrit driver must be
188supplied to the trigger.
James E. Blaird134c6d2017-07-26 16:09:34 -0700189
190Requirements Configuration
191--------------------------
192
James E. Blair32c52482017-07-29 07:49:03 -0700193As described in :attr:`pipeline.require` and :attr:`pipeline.reject`,
194pipelines may specify that items meet certain conditions in order to
195be enqueued into the pipeline. These conditions vary according to the
196source of the project in question. To supply requirements for changes
James E. Blaird23f45d2017-08-03 16:37:13 -0700197from a Gerrit source named ``my-gerrit``, create a configuration such
198as the following:
James E. Blaird134c6d2017-07-26 16:09:34 -0700199
James E. Blaird23f45d2017-08-03 16:37:13 -0700200.. code-block:: yaml
201
202 pipeline:
203 require:
204 my-gerrit:
205 approval:
206 - Code-Review: 2
James E. Blaird134c6d2017-07-26 16:09:34 -0700207
208This indicates that changes originating from the Gerrit connection
James E. Blaird23f45d2017-08-03 16:37:13 -0700209named ``my-gerrit`` must have a ``Code-Review`` vote of ``+2`` in
210order to be enqueued into the pipeline.
James E. Blaird134c6d2017-07-26 16:09:34 -0700211
James E. Blair94375912017-07-28 17:20:27 -0700212.. attr:: pipeline.require.<gerrit source>
James E. Blaird134c6d2017-07-26 16:09:34 -0700213
214 The dictionary passed to the Gerrit pipeline `require` attribute
215 supports the following attributes:
216
James E. Blair94375912017-07-28 17:20:27 -0700217 .. attr:: approval
James E. Blaird134c6d2017-07-26 16:09:34 -0700218
219 This requires that a certain kind of approval be present for the
220 current patchset of the change (the approval could be added by
221 the event in question). It takes several sub-parameters, all of
222 which are optional and are combined together so that there must
223 be an approval matching all specified requirements.
224
James E. Blair94375912017-07-28 17:20:27 -0700225 .. attr:: username
James E. Blaird134c6d2017-07-26 16:09:34 -0700226
227 If present, an approval from this username is required. It is
228 treated as a regular expression.
229
James E. Blair94375912017-07-28 17:20:27 -0700230 .. attr:: email
James E. Blaird134c6d2017-07-26 16:09:34 -0700231
232 If present, an approval with this email address is required. It is
233 treated as a regular expression.
234
James E. Blair94375912017-07-28 17:20:27 -0700235 .. attr:: older-than
James E. Blaird134c6d2017-07-26 16:09:34 -0700236
237 If present, the approval must be older than this amount of time
238 to match. Provide a time interval as a number with a suffix of
239 "w" (weeks), "d" (days), "h" (hours), "m" (minutes), "s"
240 (seconds). Example ``48h`` or ``2d``.
241
James E. Blair94375912017-07-28 17:20:27 -0700242 .. attr:: newer-than
James E. Blaird134c6d2017-07-26 16:09:34 -0700243
244 If present, the approval must be newer than this amount
245 of time to match. Same format as "older-than".
246
247 Any other field is interpreted as a review category and value
248 pair. For example ``Verified: 1`` would require that the
249 approval be for a +1 vote in the "Verified" column. The value
250 may either be a single value or a list: ``Verified: [1, 2]``
251 would match either a +1 or +2 vote.
252
James E. Blair94375912017-07-28 17:20:27 -0700253 .. attr:: open
James E. Blaird134c6d2017-07-26 16:09:34 -0700254
255 A boolean value (``true`` or ``false``) that indicates whether
256 the change must be open or closed in order to be enqueued.
257
James E. Blair94375912017-07-28 17:20:27 -0700258 .. attr:: current-patchset
James E. Blaird134c6d2017-07-26 16:09:34 -0700259
260 A boolean value (``true`` or ``false``) that indicates whether the
261 change must be the current patchset in order to be enqueued.
262
James E. Blair94375912017-07-28 17:20:27 -0700263 .. attr:: status
James E. Blaird134c6d2017-07-26 16:09:34 -0700264
265 A string value that corresponds with the status of the change
266 reported by the trigger.
267
James E. Blair94375912017-07-28 17:20:27 -0700268.. attr:: pipeline.reject.<gerrit source>
James E. Blaird134c6d2017-07-26 16:09:34 -0700269
270 The `reject` attribute is the mirror of the `require` attribute. It
271 also accepts a dictionary under the connection name. This
272 dictionary supports the following attributes:
273
James E. Blair94375912017-07-28 17:20:27 -0700274 .. attr:: approval
James E. Blaird134c6d2017-07-26 16:09:34 -0700275
276 This takes a list of approvals. If an approval matches the
277 provided criteria the change can not be entered into the
James E. Blair91fe4832017-07-28 17:28:26 -0700278 pipeline. It follows the same syntax as
279 :attr:`pipeline.require.<gerrit source>.approval`.
James E. Blaird134c6d2017-07-26 16:09:34 -0700280
James E. Blaird23f45d2017-08-03 16:37:13 -0700281 Example to reject a change with any negative vote:
James E. Blaird134c6d2017-07-26 16:09:34 -0700282
James E. Blaird23f45d2017-08-03 16:37:13 -0700283 .. code-block:: yaml
284
285 reject:
286 my-gerrit:
287 approval:
288 - Code-Review: [-1, -2]