[tor-browser-build/master] Bug 25318: Add Tor Browser nightly builds email notification - tbb-commits

8 May 2018

commit 4580c03c937e8ccab86446d60a0d4ee29b7c07c8
Author: Nicolas Vigier boklm@torproject.org
Date:   Mon Apr 23 13:35:39 2018 +0200
Bug 25318: Add Tor Browser nightly builds email notification
Authentication configuration for the email setup is stored in
    group_vars/boklm-tbb-nightly/dma-auth.yml, encrypted using
    ansible-vault. The file contains the dma_auth_conf variable, which is
    the content of the /etc/dma/auth.conf file.
---
 tools/ansible/Makefile                                 |  2 +-
 tools/ansible/boklm-tbb-nightly-build.yml              |  1 +
 .../ansible/group_vars/boklm-tbb-nightly/dma-auth.yml  | 10 ++++++++++
 tools/ansible/group_vars/boklm-tbb-nightly/dma.yml     |  8 ++++++++
 .../group_vars/boklm-tbb-nightly/tbb-nightly-build.yml |  2 ++
 tools/ansible/roles/mta/tasks/main.yml                 | 18 ++++++++++++++++++
 .../roles/tbb-nightly-build/templates/testsuite-config |  5 +++++
 7 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/tools/ansible/Makefile b/tools/ansible/Makefile
index 72deb5b..ea63a44 100644
--- a/tools/ansible/Makefile
+++ b/tools/ansible/Makefile
@@ -5,4 +5,4 @@ fpcentral:
    ANSIBLE_CONFIG='$(@D)/ansible-fpcentral.cfg' ansible-playbook -i inventory --ask-become-pass fpcentral.yml
boklm-tbb-nightly-build:
-	ansible-playbook -i inventory boklm-tbb-nightly-build.yml
+	ansible-playbook --vault-password-file=~/ansible-vault/boklm-tbb-nightly -i inventory boklm-tbb-nightly-build.yml
diff --git a/tools/ansible/boklm-tbb-nightly-build.yml b/tools/ansible/boklm-tbb-nightly-build.yml
index cc37e23..2fe48cd 100644
--- a/tools/ansible/boklm-tbb-nightly-build.yml
+++ b/tools/ansible/boklm-tbb-nightly-build.yml
@@ -5,3 +5,4 @@
       - role: tbb-builder
       - role: tbb-nightly-build
       - role: unattended-upgrades
+      - role: mta
diff --git a/tools/ansible/group_vars/boklm-tbb-nightly/dma-auth.yml b/tools/ansible/group_vars/boklm-tbb-nightly/dma-auth.yml
new file mode 100644
index 0000000..254291c
--- /dev/null
+++ b/tools/ansible/group_vars/boklm-tbb-nightly/dma-auth.yml
@@ -0,0 +1,10 @@
+$ANSIBLE_VAULT;1.1;AES256
+64353537366566623534653938363036396164303631616138313130663766626463303034336564
+6339346639633765383534653561646366626665393333340a343533636436333838633039363265
+33393762363563323338356634396137393466616336326337323761643332363438313735646135
+6633326462616261310a663738306463613237326164663533326230316662333935333361636334
+61336433633964643631653230633861393131646532666536653738376261386535356636666262
+30303761333230623662323037376130386134373939613861343233363038636464623132363135
+66386532346165303839346563383934633462386534383330636432356166666238383332353930
+39316439653733376239343661373265303033323237366132366161316535636165336539333130
+3033
diff --git a/tools/ansible/group_vars/boklm-tbb-nightly/dma.yml b/tools/ansible/group_vars/boklm-tbb-nightly/dma.yml
new file mode 100644
index 0000000..b210a3a
--- /dev/null
+++ b/tools/ansible/group_vars/boklm-tbb-nightly/dma.yml
@@ -0,0 +1,8 @@
+---
+dma_conf: |
+    SMARTHOST mail.riseup.net
+    AUTHPATH /etc/dma/auth.conf
+    SECURETRANSFER
+    STARTTLS
+    MAILNAME /etc/mailname
+    MASQUERADE boklm-tbb-nightly@riseup.net
diff --git a/tools/ansible/group_vars/boklm-tbb-nightly/tbb-nightly-build.yml b/tools/ansible/group_vars/boklm-tbb-nightly/tbb-nightly-build.yml
index ebaadfe..77c4ad6 100644
--- a/tools/ansible/group_vars/boklm-tbb-nightly/tbb-nightly-build.yml
+++ b/tools/ansible/group_vars/boklm-tbb-nightly/tbb-nightly-build.yml
@@ -1,3 +1,5 @@
 ---
 nightly_build_hostname: f4amtbsowhix7rrf.onion
 nightly_build_url: 'http://%7B%7B nightly_build_hostname }}'
+nightly_build_email_from: "'Tor Browser Nightly Builds (boklm) boklm-tbb-nightly@riseup.net',"
+nightly_build_email_to: "[ 'boklm@torproject.org', 'gk@torproject.org' ],"
diff --git a/tools/ansible/roles/mta/tasks/main.yml b/tools/ansible/roles/mta/tasks/main.yml
index de469d8..9c5ac49 100644
--- a/tools/ansible/roles/mta/tasks/main.yml
+++ b/tools/ansible/roles/mta/tasks/main.yml
@@ -4,3 +4,21 @@
   apt:
       name: dma
       state: present
+
+- name: create dma auth.conf
+  copy:
+      dest: /etc/dma/auth.conf
+      mode: 0640
+      owner: root
+      group: mail
+      content: "{{ dma_auth_conf }}"
+  when: dma_auth_conf is defined
+
+- name: create dma.conf
+  copy:
+      dest: /etc/dma/dma.conf
+      mode: 0640
+      owner: root
+      group: mail
+      content: "{{ dma_conf }}"
+  when: dma_conf is defined
diff --git a/tools/ansible/roles/tbb-nightly-build/templates/testsuite-config b/tools/ansible/roles/tbb-nightly-build/templates/testsuite-config
index b537f56..c07c52c 100644
--- a/tools/ansible/roles/tbb-nightly-build/templates/testsuite-config
+++ b/tools/ansible/roles/tbb-nightly-build/templates/testsuite-config
@@ -23,5 +23,10 @@ my %res = (
     name => $name,
     args => [ $testsuite ],
     tags => [ 'nightly' ],
+    'reports-url' => '{{ nightly_build_url }}/reports/',
+    'email-subject' => '[build result: [% success ? "ok" : "failed" %]] [% options.name %]',
+    {% if nightly_build_email_to is defined %}'email-report' => 1,{% endif %}
+    {% if nightly_build_email_to is defined %}'email-to' => {{ nightly_build_email_to }}{% endif %}
+    {% if nightly_build_email_from is defined %}'email-from' => {{ nightly_build_email_from }}{% endif %}
 );
 %res;

    