SVN post-commit hook for jenkins

Assume that you have a svn repository with branches, tags and trunk and you only want to run your jenkins-ci runs on the trunk repository.

In that case you want te be sure that commits to branches / tags do not trigger a testrun, so the commit hook needs to take care of that.

Below is an (yet untested) version of an commit hook that should take care of that. It will only trigger jenkins in the case of commits to a trunk subdirectory of a svn repo.

#!/bin/bash

REPOS="$1"
REV="$2"
UUID=`svnlook uuid $REPOS`
SERVER='http://localhost'
JENKINS_USER='jenkins'
JENKINS_PASSWORD='wachtwoord'

svnlook dirs-changed -r $REV $REPOS | grep trunk | while read line
do
    /usr/bin/wget \
        --auth-no-challenge \
        --no-check-certificate \
        --http-user=${JENKINS_USER} \
        --http-password=${JENKINS_PASSWORD} \
        --header "Content-Type:text/plain;charset=UTF-8" \
        --post-data "`svnlook changed -r $REV $REPOS`" \
        --output-document "-" \
        --timeout=2 \
        ${SERVER}/subversion/${UUID}/notifyCommit?rev=$REV
    [ $? -ne 0 ] && exit 1
done

This script does make use of authentication. To remove this, omit the --http- lines of the wget command.

Jenkins-ci and python

On the internet it is easy to find several references on how to use Jenkins-ci in combination with python.
But most of the blogs that you can find depend on an 'older' module called SetEnv. This module does not exists anymore.

But the bright side of this all is, that there is a new module that can be used with the name ShiningPanda Plugin
This plugin does allow you to make a virtualenv environment to install the dependent modules is e.g. using pip. The setup of this module is done by choosing 'Virtualenv Builder' as the buildstep of the project.
Any code written in the 'dialog box' below with the name: Command will be executed in the virtualenv environment. The commando's that I issue are:

 pip install -r pip-requires.txt
 nosetests --with-xunit

This does also mean that I include a file pip-requirements.txt in the version control software which lists all the modules that are needed for this project to work.
I hope that this information is helpfull for those that want to use the power of jenkins for python development.
Using nosetests with the --with-xunit means that a junit compatible xml file will be generated. This file can be parsed by jenkins when using **/nosetests.xml as the junit input file in the Post-Build action step.

Checking modulus in pyOpenSSL

More then a year ago I wrote a small patch for pyOpenSSL.

This patch makes it possible to compare the modulus of both the private key ande public key, in order to confirm a cryptographic match between them.
As I have not (yet) made some unit tests, this code is not in them main release.

But as the code is in use in my companies systems, this blog will make it a bit more findable, and maybe more people are interested in this interface addition.

Details can be found using the link below. https://bugs.launchpad.net/pyopenssl/+bug/735449

Using uniquely defined key-value on a central server in puppet

In the previous post I wrote about an application capable of storing key-value pairs in an hierarchical way.

As this application has an rest interface to request the elements I also wrote an pupper hiera backend. This backend does allow one to use the key-value pairs defined in the application to be used in puppet manifests.

This plugin can be found on github https://github.com/woutervb/hiera-central_property.

The installation is quite simple, using the following steps:

1. git clone  https://github.com/woutervb/hiera-central_property.git
2. cd hiera-central*
3. rake
4. cd pkg
5. gem install *.gem

After these steps the regular hiera call's can be used in manifests to retrieve the data.

Have fun

Central application to store key-value pairs

For a project I needed to have a central server that could hold key-value pairs.
These key-value pairs are meant to be defined once in a hierarchie and have to potential to be overruled higher up in the hierarchie.

So if we take a simple tree, using reverse dns names we get something like this:

1. nl
2.  vanbommelonline
3.   hostname

At each of these levels I want to be able to define a parameter, which can be overwritten when the tree becomes more host specific.

E.g. a key-value pair called dnsservers defined at 1 is global, but redefining this at 3 means that this host can have a host specific setting.

Another requirement is that if a request is made for an host that does not exist no errors are produced, but the collection of defined key-value pairs up to the last defined element are returned.
So calling all key-value pairs for a host with the name: "www.vanbommelonline.nl", which is not defined in the example above, will retun all key-value pairs defined at the level of 'nl', combined with those at 'vanbommelonline'.

As key-value pair definitions are unique. It is possible to assign them at multiple locations in the tree.

This whole project is written in Django and can be found on github at:
https://github.com/woutervb/central_property.

I hope that this project is usefull for more people.

Shorewall6 webmin module released

After a few days of hacking the sourcecode I am proud to provide you all with a shorewall6 module for webmin.
This module (rev 1) is included in the main development stream of webmin. The current version (rev 2) has been submitted moments ago.

The development takes place using webmin and can be found here: https://github.com/woutervb/webmin.

But obviously one can also wait for the next webmin release to appear or use the main development branch from webmin itself (https://github.com/webmin/webmin).

I hope you all enjoy this piece of code and start building ipv6 firewalls

(The code has only been tested om ubuntu 12.04 lts, but since it is based on the original shorewall webmin module not to many problems are expected)

Updating the firmware of an OCZ Vertex 3 on ubuntu

Updating a SSD firmware might seem like a big step on linux, as the biggest audience for the ssd manifacturers are windows users.

This means that a lot of tooling and documentation is around on the internet explaing on how todo this on a windows based system.

In the case of OCZ the tool used to update the firmware is linux based, or at least there is a linux based version available. This tool can be used to update the ssd from (Ubuntu) linux, even if it is the primairy disk drive. The steps involved are simple:

1. Download the tool from OCZ http://www.ocztechnology.com/files/ssd_tools/fwupd_v2.12.05.tar.gz
2. Unpack the tool: tar xfvz fwup*
3. Execute the tool as root: sudo ./linux[32|64]/fwupd
4. Reboot the machine