| James E. Blair | eff5a9d | 2017-06-20 00:00:37 -0700 | [diff] [blame] | 1 | :title: Gerrit Driver |
| 2 | |
| 3 | Gerrit |
| 4 | ====== |
| 5 | |
| 6 | `Gerrit`_ is a code review system. The Gerrit driver supports |
| 7 | sources, triggers, and reporters. |
| 8 | |
| 9 | .. _Gerrit: https://www.gerritcodereview.com/ |
| 10 | |
| 11 | Zuul will need access to a Gerrit user. |
| 12 | |
| 13 | Create an SSH keypair for Zuul to use if there isn't one already, and |
| 14 | create a Gerrit user with that key:: |
| 15 | |
| 16 | cat ~/id_rsa.pub | ssh -p29418 review.example.com gerrit create-account --ssh-key - --full-name Zuul zuul |
| 17 | |
| 18 | Give that user whatever permissions will be needed on the projects you |
| 19 | want Zuul to report on. For instance, you may want to grant |
| 20 | ``Verified +/-1`` and ``Submit`` to the user. Additional categories |
| 21 | or values may be added to Gerrit. Zuul is very flexible and can take |
| 22 | advantage of those. |
| 23 | |
| 24 | Connection Configuration |
| 25 | ------------------------ |
| 26 | |
| 27 | The supported options in zuul.conf connections are: |
| 28 | |
| 29 | **driver=gerrit** |
| 30 | |
| 31 | **server** |
| 32 | FQDN of Gerrit server. |
| 33 | ``server=review.example.com`` |
| 34 | |
| 35 | **canonical_hostname** |
| 36 | The canonical hostname associated with the git repos on the Gerrit |
| 37 | server. Defaults to the value of **server**. This is used to |
| 38 | identify repos from this connection by name and in preparing repos |
| James E. Blair | 4d5dd25 | 2017-06-23 21:40:56 +0100 | [diff] [blame^] | 39 | on the filesystem for use by jobs. This only needs to be set in the |
| 40 | case where the canonical public location of the git repos is not the |
| 41 | same as the Gerrit server and it would be incorrect to refer to |
| 42 | those repos in configuration and build scripts using the Gerrit |
| 43 | server hostname. |
| James E. Blair | eff5a9d | 2017-06-20 00:00:37 -0700 | [diff] [blame] | 44 | ``canonical_hostname=git.example.com`` |
| 45 | |
| 46 | **port** |
| 47 | Optional: Gerrit server port. |
| 48 | ``port=29418`` |
| 49 | |
| 50 | **baseurl** |
| 51 | Optional: path to Gerrit web interface. Defaults to ``https://<value |
| 52 | of server>/``. ``baseurl=https://review.example.com/review_site/`` |
| 53 | |
| 54 | **user** |
| 55 | User name to use when logging into above server via ssh. |
| 56 | ``user=zuul`` |
| 57 | |
| 58 | **sshkey** |
| 59 | Path to SSH key to use when logging into above server. |
| 60 | ``sshkey=/home/zuul/.ssh/id_rsa`` |
| 61 | |
| 62 | **keepalive** |
| 63 | Optional: Keepalive timeout, 0 means no keepalive. |
| 64 | ``keepalive=60`` |
| 65 | |
| 66 | Trigger Configuration |
| 67 | --------------------- |
| 68 | |
| 69 | Zuul works with standard versions of Gerrit by invoking the ``gerrit |
| 70 | stream-events`` command over an SSH connection. It also reports back |
| 71 | to Gerrit using SSH. |
| 72 | |
| 73 | If using Gerrit 2.7 or later, make sure the user is a member of a group |
| 74 | that is granted the ``Stream Events`` permission, otherwise it will not |
| 75 | be able to invoke the ``gerrit stream-events`` command over SSH. |
| 76 | |
| 77 | The supported pipeline trigger options are: |
| 78 | |
| 79 | **event** |
| 80 | The event name from gerrit. Examples: ``patchset-created``, |
| 81 | ``comment-added``, ``ref-updated``. This field is treated as a |
| 82 | regular expression. |
| 83 | |
| 84 | **branch** |
| 85 | The branch associated with the event. Example: ``master``. This |
| 86 | field is treated as a regular expression, and multiple branches may |
| 87 | be listed. |
| 88 | |
| 89 | **ref** |
| 90 | On ref-updated events, the branch parameter is not used, instead the |
| 91 | ref is provided. Currently Gerrit has the somewhat idiosyncratic |
| 92 | behavior of specifying bare refs for branch names (e.g., ``master``), |
| 93 | but full ref names for other kinds of refs (e.g., ``refs/tags/foo``). |
| 94 | Zuul matches what you put here exactly against what Gerrit |
| 95 | provides. This field is treated as a regular expression, and |
| 96 | multiple refs may be listed. |
| 97 | |
| 98 | **ignore-deletes** |
| 99 | When a branch is deleted, a ref-updated event is emitted with a newrev |
| 100 | of all zeros specified. The ``ignore-deletes`` field is a boolean value |
| 101 | that describes whether or not these newrevs trigger ref-updated events. |
| 102 | The default is True, which will not trigger ref-updated events. |
| 103 | |
| 104 | **approval** |
| 105 | This is only used for ``comment-added`` events. It only matches if |
| 106 | the event has a matching approval associated with it. Example: |
| 107 | ``code-review: 2`` matches a ``+2`` vote on the code review category. |
| 108 | Multiple approvals may be listed. |
| 109 | |
| 110 | **email** |
| 111 | This is used for any event. It takes a regex applied on the performer |
| 112 | email, i.e. Gerrit account email address. If you want to specify |
| 113 | several email filters, you must use a YAML list. Make sure to use non |
| 114 | greedy matchers and to escapes dots! |
| 115 | Example: ``email: ^.*?@example\.org$``. |
| 116 | |
| 117 | **email_filter** (deprecated) |
| 118 | A deprecated alternate spelling of *email*. Only one of *email* or |
| 119 | *email_filter* should be used. |
| 120 | |
| 121 | **username** |
| 122 | This is used for any event. It takes a regex applied on the performer |
| 123 | username, i.e. Gerrit account name. If you want to specify several |
| 124 | username filters, you must use a YAML list. Make sure to use non greedy |
| 125 | matchers and to escapes dots! |
| 126 | Example: ``username: ^jenkins$``. |
| 127 | |
| 128 | **username_filter** (deprecated) |
| 129 | A deprecated alternate spelling of *username*. Only one of *username* or |
| 130 | *username_filter* should be used. |
| 131 | |
| 132 | **comment** |
| 133 | This is only used for ``comment-added`` events. It accepts a list of |
| 134 | regexes that are searched for in the comment string. If any of these |
| 135 | regexes matches a portion of the comment string the trigger is |
| 136 | matched. ``comment: retrigger`` will match when comments |
| 137 | containing 'retrigger' somewhere in the comment text are added to a |
| 138 | change. |
| 139 | |
| 140 | **comment_filter** (deprecated) |
| 141 | A deprecated alternate spelling of *comment*. Only one of *comment* or |
| 142 | *comment_filter* should be used. |
| 143 | |
| 144 | *require-approval* |
| 145 | This may be used for any event. It requires that a certain kind |
| 146 | of approval be present for the current patchset of the change (the |
| 147 | approval could be added by the event in question). It follows the |
| 148 | same syntax as the :ref:`"approval" pipeline requirement |
| 149 | <pipeline-require-approval>`. For each specified criteria there must |
| 150 | exist a matching approval. |
| 151 | |
| 152 | *reject-approval* |
| 153 | This takes a list of approvals in the same format as |
| 154 | *require-approval* but will fail to enter the pipeline if there is |
| 155 | a matching approval. |
| 156 | |
| 157 | Reporter Configuration |
| 158 | ---------------------- |
| 159 | |
| 160 | Zuul works with standard versions of Gerrit by invoking the |
| 161 | ``gerrit`` command over an SSH connection. It reports back to |
| 162 | Gerrit using SSH. |
| 163 | |
| 164 | The dictionary passed to the Gerrit reporter is used for ``gerrit |
| 165 | review`` arguments, with the boolean value of ``true`` simply |
| 166 | indicating that the argument should be present without following it |
| 167 | with a value. For example, ``verified: 1`` becomes ``gerrit review |
| 168 | --verified 1`` and ``submit: true`` becomes ``gerrit review |
| 169 | --submit``. |
| 170 | |
| 171 | A :ref:`connection<connections>` that uses the gerrit driver must be |
| 172 | supplied to the trigger. |