From rsalz at akamai.com Tue Apr 13 12:57:10 2021 From: rsalz at akamai.com (Salz, Rich) Date: Tue, 13 Apr 2021 12:57:10 +0000 Subject: [buildbot-admin] Akamai buildbot form Message-ID: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> See attached. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: worker-request-form-akamai.txt URL: From matt at openssl.org Tue Apr 13 17:17:48 2021 From: matt at openssl.org (Matt Caswell) Date: Tue, 13 Apr 2021 18:17:48 +0100 Subject: [buildbot-admin] Akamai buildbot form In-Reply-To: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> References: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> Message-ID: Thanks Rich. My first attempt at setting up a buildbot worker. Hopefully I got it right. Details you need below: Hi, Thank you for offering workers to us! To be able to set up your worker, you must use version 2.6.0 or higher. Older version do not support TLS-protected connections. Please see these instructions for installing the buildbot worker software: http://docs.buildbot.net/latest/manual/installation/worker.html When buildbot has been installed on the platform where the buildbot worker is to be run, this is how a worker is created: $ buildbot-worker --use-tls create-worker BASEDIR \ buildbot.openssl.org:9989 akamai-AKA-01 gedtyHyd3Od\ where BASEDIR is determined by you. See further down for a few notes on TLS. To run a buildbot worker, you do this: $ buildbot-worker start BASEDIR Apart from the software needed to run a buildbot worker, and the utilities that are the normal part of the operating system, you also need to ensure that the following components are available: - toolchains, i.e. C compiler, linker, make. If you have specified toolchains in the worker request form, you need to ensure that all of them are installed. - git Regarding TLS, it may be that the buildbot worker platform doesn't have the appropriate certification verification roots set up. In that case, you may need to apply the attached buildbot.tac patch, and store the attached PEM files in a directory of your choice. Finish up by find the string '/PATH/TO/ssl-roots-dir' and replace its contents with the path of directory where you stored the PEM files. On 13/04/2021 13:57, Salz, Rich wrote: > See attached. > > > _______________________________________________ > buildbot-admin mailing list > buildbot-admin at openssl.org > https://mta.openssl.org/mailman/listinfo/buildbot-admin > -------------- next part -------------- A non-text attachment was scrubbed... Name: buildbot.tac.diff Type: text/x-patch Size: 958 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: isrg-root-x1.pem Type: application/x-x509-ca-cert Size: 1939 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: lets-encrypt-r3.pem Type: application/x-x509-ca-cert Size: 1826 bytes Desc: not available URL: From matt at openssl.org Tue Apr 13 17:19:40 2021 From: matt at openssl.org (Matt Caswell) Date: Tue, 13 Apr 2021 18:19:40 +0100 Subject: [buildbot-admin] Akamai buildbot form In-Reply-To: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> References: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> Message-ID: <377c182d-9a15-6c80-6d35-8f551f639efc@openssl.org> buildbot-admin only: I've set this up. Do we need to store the forms we've received somewhere? Matt On 13/04/2021 13:57, Salz, Rich wrote: > See attached. > > > _______________________________________________ > buildbot-admin mailing list > buildbot-admin at openssl.org > https://mta.openssl.org/mailman/listinfo/buildbot-admin > From levitte at openssl.org Wed Apr 14 08:43:08 2021 From: levitte at openssl.org (Richard Levitte) Date: Wed, 14 Apr 2021 10:43:08 +0200 Subject: [buildbot-admin] Akamai buildbot form In-Reply-To: References: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> Message-ID: <87fszt9rz7.wl-levitte@openssl.org> One thing lacking in our response template seems to be the buildbot status page. It is https://fips.buildbot.openssl.org/ Also, looking at the create-worker line, I can see that it does look a bit strange, we simply didn't think of the case where we'd generate certain "strange" password characters... so to clarify, the backslash at the end of the password is actually part of the password. Cheers, Richard On Tue, 13 Apr 2021 19:17:48 +0200, Matt Caswell wrote: > > Thanks Rich. My first attempt at setting up a buildbot > worker. Hopefully I got it right. Details you need below: > > Hi, > > Thank you for offering workers to us! > > To be able to set up your worker, you must use version 2.6.0 or > higher. Older version do not support TLS-protected connections. > > Please see these instructions for installing the buildbot worker > software: > > http://docs.buildbot.net/latest/manual/installation/worker.html > > When buildbot has been installed on the platform where the buildbot > worker is to be run, this is how a worker is created: > > $ buildbot-worker --use-tls create-worker BASEDIR \ > buildbot.openssl.org:9989 akamai-AKA-01 gedtyHyd3Od\ > > where BASEDIR is determined by you. See further down for a few notes > on TLS. > > To run a buildbot worker, you do this: > > $ buildbot-worker start BASEDIR > > Apart from the software needed to run a buildbot worker, and the > utilities that are the normal part of the operating system, you also > need to ensure that the following components are available: > > - toolchains, i.e. C compiler, linker, make. If you have specified > toolchains in the worker request form, you need to ensure that all > of them are installed. > > - git > > Regarding TLS, it may be that the buildbot worker platform doesn't > have the appropriate certification verification roots set up. In that > case, you may need to apply the attached buildbot.tac patch, and store > the attached PEM files in a directory of your choice. Finish up by > find the string '/PATH/TO/ssl-roots-dir' and replace its contents with > the path of directory where you stored the PEM files. -- Richard Levitte levitte at openssl.org OpenSSL Project http://www.openssl.org/~levitte/ From rsalz at akamai.com Thu Apr 15 21:07:03 2021 From: rsalz at akamai.com (Salz, Rich) Date: Thu, 15 Apr 2021 21:07:03 +0000 Subject: [buildbot-admin] Akamai buildbot form In-Reply-To: <87fszt9rz7.wl-levitte@openssl.org> References: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> <87fszt9rz7.wl-levitte@openssl.org> Message-ID: Thanks for the clarification about the password. I'm going to try to bring up the client tomorrow. ?On 4/14/21, 4:43 AM, "Richard Levitte" wrote: One thing lacking in our response template seems to be the buildbot status page. It is https://urldefense.com/v3/__https://fips.buildbot.openssl.org/__;!!GjvTz_vk!E0FF67mdugvkwwJvwyEjlyjjakJMx2KSwVy9nly_1iHIiljxRgYAtgIDJbao$ Also, looking at the create-worker line, I can see that it does look a bit strange, we simply didn't think of the case where we'd generate certain "strange" password characters... so to clarify, the backslash at the end of the password is actually part of the password. Cheers, Richard On Tue, 13 Apr 2021 19:17:48 +0200, Matt Caswell wrote: > > Thanks Rich. My first attempt at setting up a buildbot > worker. Hopefully I got it right. Details you need below: > > Hi, > > Thank you for offering workers to us! > > To be able to set up your worker, you must use version 2.6.0 or > higher. Older version do not support TLS-protected connections. > > Please see these instructions for installing the buildbot worker > software: > > https://urldefense.com/v3/__http://docs.buildbot.net/latest/manual/installation/worker.html__;!!GjvTz_vk!E0FF67mdugvkwwJvwyEjlyjjakJMx2KSwVy9nly_1iHIiljxRgYAtnQoKdiy$ > > When buildbot has been installed on the platform where the buildbot > worker is to be run, this is how a worker is created: > > $ buildbot-worker --use-tls create-worker BASEDIR \ > buildbot.openssl.org:9989 akamai-AKA-01 gedtyHyd3Od\ > > where BASEDIR is determined by you. See further down for a few notes > on TLS. > > To run a buildbot worker, you do this: > > $ buildbot-worker start BASEDIR > > Apart from the software needed to run a buildbot worker, and the > utilities that are the normal part of the operating system, you also > need to ensure that the following components are available: > > - toolchains, i.e. C compiler, linker, make. If you have specified > toolchains in the worker request form, you need to ensure that all > of them are installed. > > - git > > Regarding TLS, it may be that the buildbot worker platform doesn't > have the appropriate certification verification roots set up. In that > case, you may need to apply the attached buildbot.tac patch, and store > the attached PEM files in a directory of your choice. Finish up by > find the string '/PATH/TO/ssl-roots-dir' and replace its contents with > the path of directory where you stored the PEM files. -- Richard Levitte levitte at openssl.org OpenSSL Project https://urldefense.com/v3/__http://www.openssl.org/*levitte/__;fg!!GjvTz_vk!E0FF67mdugvkwwJvwyEjlyjjakJMx2KSwVy9nly_1iHIiljxRgYAtnTrlbwT$ From levitte at openssl.org Mon Apr 19 09:20:51 2021 From: levitte at openssl.org (Richard Levitte) Date: Mon, 19 Apr 2021 11:20:51 +0200 Subject: [buildbot-admin] Akamai buildbot form In-Reply-To: References: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> <87fszt9rz7.wl-levitte@openssl.org> Message-ID: <87h7k2aavg.wl-levitte@openssl.org> How goes the battle? On Thu, 15 Apr 2021 23:07:03 +0200, Salz, Rich wrote: > > Thanks for the clarification about the password. > > I'm going to try to bring up the client tomorrow. > > ?On 4/14/21, 4:43 AM, "Richard Levitte" wrote: > > One thing lacking in our response template seems to be the buildbot > status page. It is https://urldefense.com/v3/__https://fips.buildbot.openssl.org/__;!!GjvTz_vk!E0FF67mdugvkwwJvwyEjlyjjakJMx2KSwVy9nly_1iHIiljxRgYAtgIDJbao$ > > Also, looking at the create-worker line, I can see that it does look a > bit strange, we simply didn't think of the case where we'd generate > certain "strange" password characters... so to clarify, the backslash > at the end of the password is actually part of the password. > > Cheers, > Richard > > On Tue, 13 Apr 2021 19:17:48 +0200, > Matt Caswell wrote: > > > > Thanks Rich. My first attempt at setting up a buildbot > > worker. Hopefully I got it right. Details you need below: > > > > Hi, > > > > Thank you for offering workers to us! > > > > To be able to set up your worker, you must use version 2.6.0 or > > higher. Older version do not support TLS-protected connections. > > > > Please see these instructions for installing the buildbot worker > > software: > > > > https://urldefense.com/v3/__http://docs.buildbot.net/latest/manual/installation/worker.html__;!!GjvTz_vk!E0FF67mdugvkwwJvwyEjlyjjakJMx2KSwVy9nly_1iHIiljxRgYAtnQoKdiy$ > > > > When buildbot has been installed on the platform where the buildbot > > worker is to be run, this is how a worker is created: > > > > $ buildbot-worker --use-tls create-worker BASEDIR \ > > buildbot.openssl.org:9989 akamai-AKA-01 gedtyHyd3Od\ > > > > where BASEDIR is determined by you. See further down for a few notes > > on TLS. > > > > To run a buildbot worker, you do this: > > > > $ buildbot-worker start BASEDIR > > > > Apart from the software needed to run a buildbot worker, and the > > utilities that are the normal part of the operating system, you also > > need to ensure that the following components are available: > > > > - toolchains, i.e. C compiler, linker, make. If you have specified > > toolchains in the worker request form, you need to ensure that all > > of them are installed. > > > > - git > > > > Regarding TLS, it may be that the buildbot worker platform doesn't > > have the appropriate certification verification roots set up. In that > > case, you may need to apply the attached buildbot.tac patch, and store > > the attached PEM files in a directory of your choice. Finish up by > > find the string '/PATH/TO/ssl-roots-dir' and replace its contents with > > the path of directory where you stored the PEM files. > > -- > Richard Levitte levitte at openssl.org > OpenSSL Project https://urldefense.com/v3/__http://www.openssl.org/*levitte/__;fg!!GjvTz_vk!E0FF67mdugvkwwJvwyEjlyjjakJMx2KSwVy9nly_1iHIiljxRgYAtnTrlbwT$ > -- Richard Levitte levitte at openssl.org OpenSSL Project http://www.openssl.org/~levitte/ From rsalz at akamai.com Mon Apr 19 17:40:50 2021 From: rsalz at akamai.com (Salz, Rich) Date: Mon, 19 Apr 2021 17:40:50 +0000 Subject: [buildbot-admin] Akamai buildbot form In-Reply-To: References: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> Message-ID: <110F9B6F-3E06-4E5D-A815-EFD1188067DF@akamai.com> When buildbot has been installed on the platform where the buildbot worker is to be run, this is how a worker is created: $ buildbot-worker --use-tls create-worker BASEDIR \ buildbot.openssl.org:9989 akamai-AKA-01 gedtyHyd3Od\ I get 'option --use-tls not recognized' BTW, that trailing slash on the password sucks. I have both python2 and python3 installed on this machine. I installed pip3 and then used it to install "buildbot[tls]" and "buildbot-worker" Those seem to be correct as they all start with "#!/usr/bin/python3" By looking at your ".tac.diff" patch, it seems you at least tested a Windows worker. Have you run it on Linux? Do you have any suggestions, or should I go looking for the forums to post there? From rsalz at akamai.com Mon Apr 19 18:02:37 2021 From: rsalz at akamai.com (Salz, Rich) Date: Mon, 19 Apr 2021 18:02:37 +0000 Subject: [buildbot-admin] Akamai buildbot form In-Reply-To: <110F9B6F-3E06-4E5D-A815-EFD1188067DF@akamai.com> References: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> <110F9B6F-3E06-4E5D-A815-EFD1188067DF@akamai.com> Message-ID: So the problem is with your command-line. It should have sad buildbot-worker create-worker --use-tls BASEDIR \ Fixing that, I got to the next issue. "unauthorized login check worker; name and password" These are the relevant lines from my buildbot.tac file: buildmaster_host = 'buildbot.openssl.org' port = 9989 workername = 'akamai-AKA-01' passwd = 'gedtyHyd30d\\' I can reach the server by doing openssl s_client -connect buildbot.openssl.org:9989 but the protocol appears to be binary so I can't try to login. Can you confirm that akamai's buildbot is registered with the server? ?On 4/19/21, 1:40 PM, "Salz, Rich" wrote: When buildbot has been installed on the platform where the buildbot worker is to be run, this is how a worker is created: $ buildbot-worker --use-tls create-worker BASEDIR \ buildbot.openssl.org:9989 akamai-AKA-01 gedtyHyd3Od\ I get 'option --use-tls not recognized' BTW, that trailing slash on the password sucks. I have both python2 and python3 installed on this machine. I installed pip3 and then used it to install "buildbot[tls]" and "buildbot-worker" Those seem to be correct as they all start with "#!/usr/bin/python3" By looking at your ".tac.diff" patch, it seems you at least tested a Windows worker. Have you run it on Linux? Do you have any suggestions, or should I go looking for the forums to post there? From Tim.Chevalier at netapp.com Mon Apr 19 19:13:08 2021 From: Tim.Chevalier at netapp.com (Chevalier, Tim) Date: Mon, 19 Apr 2021 19:13:08 +0000 Subject: [buildbot-admin] NetApp Debian build bot Message-ID: <4F4F29A6-29C6-43A5-89A1-5506EC09A1E2@netapp.com> * Worker tag [OPTIONAL]: NetApp_Debian * Worker platform type [MANDATORY]: unix (accepted values: 'unix', 'windows') * Worker platform identity [OPTIONAL]: debian11 (examples: 'ubuntu', 'ios', 'android', 'win10') * Worker platform architecture [OPTIONAL]: x86_64 (examples: 'x86', 'x86_64', 'arm', 'ppc') * Worker Purpose [MANDATORY, more than one choice allowed]: build+test (accepted values: 'build+test', 'build', 'test') * Worker toolchains for building [RECOMMENDED, more than one choice allowed]: clang (examples: 'default', 'gcc', 'clang', 'vs2017', 'vs2019') * Necessary environment variables [OPTIONAL]: * Necessary configuration target name [OPTIONAL]: * Necessary configuration options [OPTIONAL]: * Max number of concurrent builds [OPTIONAL]: --Tim -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: worker-request_NetApp_Debian.txt URL: From Tim.Chevalier at netapp.com Mon Apr 19 19:13:49 2021 From: Tim.Chevalier at netapp.com (Chevalier, Tim) Date: Mon, 19 Apr 2021 19:13:49 +0000 Subject: [buildbot-admin] NetApp FreeBSD buildbot Message-ID: <04A6EB94-962D-4105-9A4F-F9A915294BBF@netapp.com> * Worker tag [OPTIONAL]: NetApp_FreeBSD * Worker platform type [MANDATORY]: unix (accepted values: 'unix', 'windows') * Worker platform identity [OPTIONAL]: freebsd13 (examples: 'ubuntu', 'ios', 'android', 'win10') * Worker platform architecture [OPTIONAL]: x86_64 (examples: 'x86', 'x86_64', 'arm', 'ppc') * Worker Purpose [MANDATORY, more than one choice allowed]: build+test (accepted values: 'build+test', 'build', 'test') * Worker toolchains for building [RECOMMENDED, more than one choice allowed]: clang (examples: 'default', 'gcc', 'clang', 'vs2017', 'vs2019') * Necessary environment variables [OPTIONAL]: * Necessary configuration target name [OPTIONAL]: * Necessary configuration options [OPTIONAL]: * Max number of concurrent builds [OPTIONAL]: --Tim -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: worker-request_NetApp_FreeBSD.txt URL: From mmaskara at vmware.com Tue Apr 20 23:56:35 2021 From: mmaskara at vmware.com (Manoj Maskara) Date: Tue, 20 Apr 2021 23:56:35 +0000 Subject: [buildbot-admin] [fips-sponsors] Buildbot workers In-Reply-To: <87k0p89dfr.wl-levitte@openssl.org> References: <87k0p89dfr.wl-levitte@openssl.org> Message-ID: Hi Tim & Richard, We have filled out the worker-request-form for 2 of our platforms, one unix type and other Windows. Also, the platforms, for your convenience am listing here: 1) Photon OS 4.0 running on ESXi 7.0 on Intel Xeon Gold 6230R on Dell PowerEdge R740 (Platform type: Unix, x86_64, build+test, gcc) 2) Windows Server 2019 running on ESXi 7.0 on Intel Xeon Gold 6230R on Dell PowerEdge R740 (Platform type: Windows, x86_64, build+test, vs2017) Please provide the credentials and instruction on setting up the buildbot worker. Thanks, Manoj -----Original Message----- From: fips-sponsors On Behalf Of Richard Levitte Sent: Monday, April 12, 2021 12:20 AM To: fips-sponsors at openssl.org Subject: [fips-sponsors] Buildbot workers Hi, We are finally ready to start getting buildbot worker requests. The way this will work is that we're asking you to answer a form with details for each worker you want to set up for us, such as what platform, what architecture, and where relevant, what toolchains are installed. The form is attached below, and include explanations for all the fields to fill in. Please send it to buildbot-admin at openssl.org. In response, you will receive an email with the name and password we assign your worker(s), and instructions how to set the worker up. -- Richard Levitte levitte at openssl.org OpenSSL Project https://nam04.safelinks.protection.outlook.com/?url=http:%2F%2Fwww.openssl.org%2F~levitte%2F&data=04%7C01%7Cmmaskara%40vmware.com%7C801e62cfe8c04ecbf2f508d8fd837459%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C637538088565250614%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=chdLSQzIUf2PajXrwRYZcrds1svW%2B44uJzLUlNPz1oo%3D&reserved=0 From matt at openssl.org Wed Apr 21 11:01:58 2021 From: matt at openssl.org (Matt Caswell) Date: Wed, 21 Apr 2021 12:01:58 +0100 Subject: [buildbot-admin] NetApp Debian build bot In-Reply-To: <4F4F29A6-29C6-43A5-89A1-5506EC09A1E2@netapp.com> References: <4F4F29A6-29C6-43A5-89A1-5506EC09A1E2@netapp.com> Message-ID: Hi, Thank you for offering workers to us! To be able to set up your worker, you must use version 2.6.0 or higher. Older version do not support TLS-protected connections. Please see these instructions for installing the buildbot worker software: http://docs.buildbot.net/latest/manual/installation/worker.html When buildbot has been installed on the platform where the buildbot worker is to be run, this is how a worker is created: $ buildbot-worker create-worker --use-tls BASEDIR \ buildbot.openssl.org:9989 netapp-debian Ib6avnamIv where BASEDIR is determined by you. See further down for a few notes on TLS. To run a buildbot worker, you do this: $ buildbot-worker start BASEDIR Apart from the software needed to run a buildbot worker, and the utilities that are the normal part of the operating system, you also need to ensure that the following components are available: - toolchains, i.e. C compiler, linker, make. If you have specified toolchains in the worker request form, you need to ensure that all of them are installed. - git Regarding TLS, it may be that the buildbot worker platform doesn't have the appropriate certification verification roots set up. In that case, you may need to apply the attached buildbot.tac patch, and store the attached PEM files in a directory of your choice. Finish up by find the string '/PATH/TO/ssl-roots-dir' and replace its contents with the path of directory where you stored the PEM files. On 19/04/2021 20:13, Chevalier, Tim wrote: > *?? Worker tag [OPTIONAL]: NetApp_Debian > > *?? Worker platform type [MANDATORY]: unix > > ??? (accepted values: 'unix', 'windows') > > *?? Worker platform identity [OPTIONAL]: debian11 > > ??? (examples: 'ubuntu', 'ios', 'android', 'win10') > > *?? Worker platform architecture [OPTIONAL]: x86_64 > > ??? (examples: 'x86', 'x86_64', 'arm', 'ppc') > > *?? Worker Purpose [MANDATORY, more than one choice allowed]: build+test > > ??? (accepted values: 'build+test', 'build', 'test') > > *?? Worker toolchains for building [RECOMMENDED, more than one choice > allowed]: clang > > ??? (examples: 'default', 'gcc', 'clang', 'vs2017', 'vs2019') > > *?? Necessary environment variables [OPTIONAL]: > > *?? Necessary configuration target name [OPTIONAL]: > > *?? Necessary configuration options [OPTIONAL]: > > *?? Max number of concurrent builds [OPTIONAL]: > > --Tim > > > _______________________________________________ > buildbot-admin mailing list > buildbot-admin at openssl.org > https://mta.openssl.org/mailman/listinfo/buildbot-admin > -------------- next part -------------- A non-text attachment was scrubbed... Name: buildbot.tac.diff Type: text/x-patch Size: 958 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: isrg-root-x1.pem Type: application/x-x509-ca-cert Size: 1939 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: lets-encrypt-r3.pem Type: application/x-x509-ca-cert Size: 1826 bytes Desc: not available URL: From levitte at openssl.org Wed Apr 21 11:04:34 2021 From: levitte at openssl.org (Richard Levitte) Date: Wed, 21 Apr 2021 13:04:34 +0200 Subject: [buildbot-admin] Akamai buildbot form In-Reply-To: References: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> <110F9B6F-3E06-4E5D-A815-EFD1188067DF@akamai.com> Message-ID: <87czunaofx.wl-levitte@openssl.org> Hi, we currently assume that the backslash is screwing things up in ways we don't control, so we changed yours. OtBoos,quod2 Cheers, Richard On Mon, 19 Apr 2021 20:02:37 +0200, Salz, Rich wrote: > > So the problem is with your command-line. It should have sad > buildbot-worker create-worker --use-tls BASEDIR \ > > Fixing that, I got to the next issue. "unauthorized login check worker; name and password" > > These are the relevant lines from my buildbot.tac file: > buildmaster_host = 'buildbot.openssl.org' > port = 9989 > workername = 'akamai-AKA-01' > passwd = 'gedtyHyd30d\\' > > I can reach the server by doing > openssl s_client -connect buildbot.openssl.org:9989 > but the protocol appears to be binary so I can't try to login. Can you confirm that akamai's buildbot is registered with the server? > > > ?On 4/19/21, 1:40 PM, "Salz, Rich" wrote: > > When buildbot has been installed on the platform where the buildbot > worker is to be run, this is how a worker is created: > > $ buildbot-worker --use-tls create-worker BASEDIR \ > buildbot.openssl.org:9989 akamai-AKA-01 gedtyHyd3Od\ > > I get 'option --use-tls not recognized' > > BTW, that trailing slash on the password sucks. > > I have both python2 and python3 installed on this machine. I installed pip3 and then used it to install "buildbot[tls]" and "buildbot-worker" > Those seem to be correct as they all start with "#!/usr/bin/python3" > > By looking at your ".tac.diff" patch, it seems you at least tested a Windows worker. Have you run it on Linux? > > Do you have any suggestions, or should I go looking for the forums to post there? > > > > _______________________________________________ > buildbot-admin mailing list > buildbot-admin at openssl.org > https://mta.openssl.org/mailman/listinfo/buildbot-admin -- Richard Levitte levitte at openssl.org OpenSSL Project http://www.openssl.org/~levitte/ From matt at openssl.org Wed Apr 21 11:08:04 2021 From: matt at openssl.org (Matt Caswell) Date: Wed, 21 Apr 2021 12:08:04 +0100 Subject: [buildbot-admin] NetApp FreeBSD buildbot In-Reply-To: <04A6EB94-962D-4105-9A4F-F9A915294BBF@netapp.com> References: <04A6EB94-962D-4105-9A4F-F9A915294BBF@netapp.com> Message-ID: <7b6a9014-9e85-d03d-4f03-bcfaa695990d@openssl.org> Hi, Thank you for offering workers to us! To be able to set up your worker, you must use version 2.6.0 or higher. Older version do not support TLS-protected connections. Please see these instructions for installing the buildbot worker software: http://docs.buildbot.net/latest/manual/installation/worker.html When buildbot has been installed on the platform where the buildbot worker is to be run, this is how a worker is created: $ buildbot-worker create-worker --use-tls BASEDIR \ buildbot.openssl.org:9989 netapp-freebsd13 kiwreig-Hak5 where BASEDIR is determined by you. See further down for a few notes on TLS. To run a buildbot worker, you do this: $ buildbot-worker start BASEDIR Apart from the software needed to run a buildbot worker, and the utilities that are the normal part of the operating system, you also need to ensure that the following components are available: - toolchains, i.e. C compiler, linker, make. If you have specified toolchains in the worker request form, you need to ensure that all of them are installed. - git Regarding TLS, it may be that the buildbot worker platform doesn't have the appropriate certification verification roots set up. In that case, you may need to apply the attached buildbot.tac patch, and store the attached PEM files in a directory of your choice. Finish up by find the string '/PATH/TO/ssl-roots-dir' and replace its contents with the path of directory where you stored the PEM files. On 19/04/2021 20:13, Chevalier, Tim wrote: > *?? Worker tag [OPTIONAL]: NetApp_FreeBSD > > *?? Worker platform type [MANDATORY]: unix > > ??? (accepted values: 'unix', 'windows') > > *?? Worker platform identity [OPTIONAL]: freebsd13 > > ??? (examples: 'ubuntu', 'ios', 'android', 'win10') > > *?? Worker platform architecture [OPTIONAL]: x86_64 > > ??? (examples: 'x86', 'x86_64', 'arm', 'ppc') > > *?? Worker Purpose [MANDATORY, more than one choice allowed]: build+test > > ??? (accepted values: 'build+test', 'build', 'test') > > *?? Worker toolchains for building [RECOMMENDED, more than one choice > allowed]: clang > > ??? (examples: 'default', 'gcc', 'clang', 'vs2017', 'vs2019') > > *?? Necessary environment variables [OPTIONAL]: > > *?? Necessary configuration target name [OPTIONAL]: > > *?? Necessary configuration options [OPTIONAL]: > > *?? Max number of concurrent builds [OPTIONAL]: > > --Tim > > > _______________________________________________ > buildbot-admin mailing list > buildbot-admin at openssl.org > https://mta.openssl.org/mailman/listinfo/buildbot-admin > -------------- next part -------------- A non-text attachment was scrubbed... Name: buildbot.tac.diff Type: text/x-patch Size: 958 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: isrg-root-x1.pem Type: application/x-x509-ca-cert Size: 1939 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: lets-encrypt-r3.pem Type: application/x-x509-ca-cert Size: 1826 bytes Desc: not available URL: From matt at openssl.org Wed Apr 21 11:17:42 2021 From: matt at openssl.org (Matt Caswell) Date: Wed, 21 Apr 2021 12:17:42 +0100 Subject: [buildbot-admin] [fips-sponsors] Buildbot workers In-Reply-To: References: <87k0p89dfr.wl-levitte@openssl.org> Message-ID: Thanks Manoj. To be able to set up your worker, you must use version 2.6.0 or higher. Older version do not support TLS-protected connections. Please see these instructions for installing the buildbot worker software: http://docs.buildbot.net/latest/manual/installation/worker.html When buildbot has been installed on the platform where the buildbot worker is to be run, this is how a worker is created (for your PhotonOS worker): $ buildbot-worker create-worker --use-tls BASEDIR \ buildbot.openssl.org:9989 vmware-photonos40 nifs0Tweex_ And for your Windows server: $ buildbot-worker create-worker --use-tls BASEDIR \ buildbot.openssl.org:9989 vmware-winserver2019 Efyin.Freg0 where BASEDIR is determined by you. See further down for a few notes on TLS. To run a buildbot worker, you do this: $ buildbot-worker start BASEDIR Apart from the software needed to run a buildbot worker, and the utilities that are the normal part of the operating system, you also need to ensure that the following components are available: - toolchains, i.e. C compiler, linker, make. If you have specified toolchains in the worker request form, you need to ensure that all of them are installed. - git Regarding TLS, it may be that the buildbot worker platform doesn't have the appropriate certification verification roots set up. In that case, you may need to apply the attached buildbot.tac patch, and store the attached PEM files in a directory of your choice. Finish up by find the string '/PATH/TO/ssl-roots-dir' and replace its contents with the path of directory where you stored the PEM files. Matt On 21/04/2021 00:56, Manoj Maskara wrote: > Hi Tim & Richard, > > We have filled out the worker-request-form for 2 of our platforms, one unix type and other Windows. Also, the platforms, for your convenience am listing here: > > 1) Photon OS 4.0 running on ESXi 7.0 on Intel Xeon Gold 6230R on Dell PowerEdge R740 (Platform type: Unix, x86_64, build+test, gcc) > 2) Windows Server 2019 running on ESXi 7.0 on Intel Xeon Gold 6230R on Dell PowerEdge R740 (Platform type: Windows, x86_64, build+test, vs2017) > > Please provide the credentials and instruction on setting up the buildbot worker. > > Thanks, > Manoj > > > -----Original Message----- > From: fips-sponsors On Behalf Of Richard Levitte > Sent: Monday, April 12, 2021 12:20 AM > To: fips-sponsors at openssl.org > Subject: [fips-sponsors] Buildbot workers > > Hi, > > We are finally ready to start getting buildbot worker requests. > > The way this will work is that we're asking you to answer a form with details for each worker you want to set up for us, such as what platform, what architecture, and where relevant, what toolchains are installed. > > The form is attached below, and include explanations for all the fields to fill in. Please send it to buildbot-admin at openssl.org. > > In response, you will receive an email with the name and password we assign your worker(s), and instructions how to set the worker up. > -------------- next part -------------- A non-text attachment was scrubbed... Name: buildbot.tac.diff Type: text/x-patch Size: 958 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: isrg-root-x1.pem Type: application/x-x509-ca-cert Size: 1939 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: lets-encrypt-r3.pem Type: application/x-x509-ca-cert Size: 1826 bytes Desc: not available URL: From rsalz at akamai.com Wed Apr 21 20:01:44 2021 From: rsalz at akamai.com (Salz, Rich) Date: Wed, 21 Apr 2021 20:01:44 +0000 Subject: [buildbot-admin] Akamai buildbot form In-Reply-To: <87czunaofx.wl-levitte@openssl.org> References: <96987234-0881-4EC9-A692-BD01A3C617A1@contoso.com> <110F9B6F-3E06-4E5D-A815-EFD1188067DF@akamai.com> <87czunaofx.wl-levitte@openssl.org> Message-ID: <54B1887D-E3E2-4636-97D4-0BEA065EA9B8@akamai.com> Thanks, seems to work. But now I have to change things around since it's all done in a virtual build environment. That will take me a day or two. Is there a way to specify a command that must be run *before* anything else happens? Time to read buildbot docs. ?On 4/21/21, 7:04 AM, "Richard Levitte" wrote: Hi, we currently assume that the backslash is screwing things up in ways we don't control, so we changed yours. OtBoos,quod2 Cheers, Richard On Mon, 19 Apr 2021 20:02:37 +0200, Salz, Rich wrote: > > So the problem is with your command-line. It should have sad > buildbot-worker create-worker --use-tls BASEDIR \ > > Fixing that, I got to the next issue. "unauthorized login check worker; name and password" > > These are the relevant lines from my buildbot.tac file: > buildmaster_host = 'buildbot.openssl.org' > port = 9989 > workername = 'akamai-AKA-01' > passwd = 'gedtyHyd30d\\' > > I can reach the server by doing > openssl s_client -connect buildbot.openssl.org:9989 > but the protocol appears to be binary so I can't try to login. Can you confirm that akamai's buildbot is registered with the server? > > > On 4/19/21, 1:40 PM, "Salz, Rich" wrote: > > When buildbot has been installed on the platform where the buildbot > worker is to be run, this is how a worker is created: > > $ buildbot-worker --use-tls create-worker BASEDIR \ > buildbot.openssl.org:9989 akamai-AKA-01 gedtyHyd3Od\ > > I get 'option --use-tls not recognized' > > BTW, that trailing slash on the password sucks. > > I have both python2 and python3 installed on this machine. I installed pip3 and then used it to install "buildbot[tls]" and "buildbot-worker" > Those seem to be correct as they all start with "#!/usr/bin/python3" > > By looking at your ".tac.diff" patch, it seems you at least tested a Windows worker. Have you run it on Linux? > > Do you have any suggestions, or should I go looking for the forums to post there? > > > > _______________________________________________ > buildbot-admin mailing list > buildbot-admin at openssl.org > https://urldefense.com/v3/__https://mta.openssl.org/mailman/listinfo/buildbot-admin__;!!GjvTz_vk!FgNH9sZNdouttikzyR5BfiWs50s9CEFQ09fhI2J5uZsR22u7hd4OSdZ1LCEt$ -- Richard Levitte levitte at openssl.org OpenSSL Project https://urldefense.com/v3/__http://www.openssl.org/*levitte/__;fg!!GjvTz_vk!FgNH9sZNdouttikzyR5BfiWs50s9CEFQ09fhI2J5uZsR22u7hd4OSSDfr_XK$ From waliam at vmware.com Mon Apr 26 18:25:34 2021 From: waliam at vmware.com (Madhur Walia) Date: Mon, 26 Apr 2021 18:25:34 +0000 Subject: [buildbot-admin] [fips-sponsors] Buildbot workers In-Reply-To: References: <87k0p89dfr.wl-levitte@openssl.org> Message-ID: <1FE019AC-49B6-4737-A1DF-E11B3345D82A@vmware.com> Hi Matt, Thank you for the instructions. However, we are facing couple of issues while starting buildbot-worker, For both platforms, we pointed Certificate/SSL settings to a custom directory in buildbot.tac as per your recommendation. We also tried importing both certs, isrg-root-xi & lets-encrypt-r3 to trust store of OS but no luck. Photon, Getting error, " builtins.NameError: name 'optionsForClientTLS' is not defined" as shown in Photon1 screenshot attached. Also ran a curl command to check SSL connectivity, seems to be failing, attached screenshot Photon2. Windows, Getting, "Unicode error" as shown in Windows1 screenshot attached. Also ran a curl command to check SSL connectivity, seems to be failing, attached screenshot Windows2. Do you have any pointers on these errors? Please let us know. Thanks & Regards, Madhur ------------------------------------------------------------------ ?On 21/04/21, 4:47 PM, "Matt Caswell" wrote: Thanks Manoj. To be able to set up your worker, you must use version 2.6.0 or higher. Older version do not support TLS-protected connections. Please see these instructions for installing the buildbot worker software: https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdocs.buildbot.net%2Flatest%2Fmanual%2Finstallation%2Fworker.html&data=04%7C01%7Cwaliam%40vmware.com%7Ccf23c19e05b642051b0e08d904b71682%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C637546006695636962%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WicGMU2oEIjvbJIEAGDBTUAnbEc4s72LnVZXTxMyXlw%3D&reserved=0 When buildbot has been installed on the platform where the buildbot worker is to be run, this is how a worker is created (for your PhotonOS worker): $ buildbot-worker create-worker --use-tls BASEDIR \ buildbot.openssl.org:9989 vmware-photonos40 nifs0Tweex_ And for your Windows server: $ buildbot-worker create-worker --use-tls BASEDIR \ buildbot.openssl.org:9989 vmware-winserver2019 Efyin.Freg0 where BASEDIR is determined by you. See further down for a few notes on TLS. To run a buildbot worker, you do this: $ buildbot-worker start BASEDIR Apart from the software needed to run a buildbot worker, and the utilities that are the normal part of the operating system, you also need to ensure that the following components are available: - toolchains, i.e. C compiler, linker, make. If you have specified toolchains in the worker request form, you need to ensure that all of them are installed. - git Regarding TLS, it may be that the buildbot worker platform doesn't have the appropriate certification verification roots set up. In that case, you may need to apply the attached buildbot.tac patch, and store the attached PEM files in a directory of your choice. Finish up by find the string '/PATH/TO/ssl-roots-dir' and replace its contents with the path of directory where you stored the PEM files. Matt On 21/04/2021 00:56, Manoj Maskara wrote: > Hi Tim & Richard, > > We have filled out the worker-request-form for 2 of our platforms, one unix type and other Windows. Also, the platforms, for your convenience am listing here: > > 1) Photon OS 4.0 running on ESXi 7.0 on Intel Xeon Gold 6230R on Dell PowerEdge R740 (Platform type: Unix, x86_64, build+test, gcc) > 2) Windows Server 2019 running on ESXi 7.0 on Intel Xeon Gold 6230R on Dell PowerEdge R740 (Platform type: Windows, x86_64, build+test, vs2017) > > Please provide the credentials and instruction on setting up the buildbot worker. > > Thanks, > Manoj > > > -----Original Message----- > From: fips-sponsors On Behalf Of Richard Levitte > Sent: Monday, April 12, 2021 12:20 AM > To: fips-sponsors at openssl.org > Subject: [fips-sponsors] Buildbot workers > > Hi, > > We are finally ready to start getting buildbot worker requests. > > The way this will work is that we're asking you to answer a form with details for each worker you want to set up for us, such as what platform, what architecture, and where relevant, what toolchains are installed. > > The form is attached below, and include explanations for all the fields to fill in. Please send it to buildbot-admin at openssl.org. > > In response, you will receive an email with the name and password we assign your worker(s), and instructions how to set the worker up. > -------------- next part -------------- A non-text attachment was scrubbed... Name: Photon1.png Type: image/png Size: 992153 bytes Desc: Photon1.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Photon2.png Type: image/png Size: 248631 bytes Desc: Photon2.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Windows1.png Type: image/png Size: 492566 bytes Desc: Windows1.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Windows2.png Type: image/png Size: 378258 bytes Desc: Windows2.png URL: From chris.brych at oracle.com Mon Apr 26 20:31:47 2021 From: chris.brych at oracle.com (Chris Brych) Date: Mon, 26 Apr 2021 20:31:47 +0000 Subject: [buildbot-admin] Oracle Build Bot Workers Message-ID: Hi Richard and Tim, Attached you will find some build bot configuration details as best we know. Oracle teams have been trying to ramp up and learn a little about build bot so be patient if we are missing some details. I think that for Solaris, it is pretty straight forward but for ILOM, the team still have some questions. 1. Because ILOM is an embedded device that runs on ARM, the team builds on an X86 machine and then tests within its ARM platform. Does this mean that they will require 2 build bot workers? ie one to build and one to test? 2. It would be very convenient for Oracle if they will allow our arm worker to run in a qemu VM rather than real arm hardware. Is this possible? 3. Although ILOM runs oracle linux, the "command line utilities [that] can be expected" are severely limited (and most of those are busybox, not OL native--that means they work differently and/or have limited functionality). Can you elaborate on which command line utilities that are required? 4. "Necessary environment variables". We set dozens of them for ILOM builds. I don't know which (if any) are required for building OpenSSL standalone. Are there any environment variables that are necessary for building OpenSSL 3.0? Thanks. Cheers, Chris [Oracle] Chris Brych | Senior Principal Security Analyst Oracle Security Evaluations - Global Product Security Ottawa, Ontario | Canada +1-905-267-9352 (O) | +1-613-867-1241 (M) [Green Oracle] Oracle is committed to developing practices and products that help protect the environment -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 1296 bytes Desc: image005.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.jpg Type: image/jpeg Size: 866 bytes Desc: image006.jpg URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ILOM-Build-worker-request-form.txt URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ILOM-Test-worker-request-form.txt URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: worker-request-form-SolarisSPARC_v2.txt URL: From shane.lontis at oracle.com Mon Apr 26 23:34:33 2021 From: shane.lontis at oracle.com (SHANE LONTIS) Date: Tue, 27 Apr 2021 09:34:33 +1000 Subject: [buildbot-admin] Oracle Build Bot Workers In-Reply-To: References: Message-ID: <404E3D4F-9388-457E-85D7-FA79DC565FF0@oracle.com> Hi Chris, 1) Seems fairly clear to me if the form is read?. * Worker purpose: What this worker should be used for. This can be used to have different workers work together with different tasks, for various reasons. The accepted values are: build+test This denotes a "do everything" worker, i.e. it will get to do 'Configure', 'make' and 'make test'. build This denotes a worker that will only build, but not test. In other words, only 'Configure' and 'make' will be performed. If there is any matching worker that's denoted 'test', the programs and libraries created by this 'build' worker will be shipped to the worker that is assigned to perform the test. test This denotes a worker that will only test, but not build. In other words, only 'make test' will be performed. The separate 'build' and 'test' purposes can be used to have one worker cross compile for some target architecture, and shipping the result to a worker that is of that architecture and that will perform the tests. Cheers, Shane > On 27 Apr 2021, at 6:31 am, Chris Brych wrote: > > Hi Richard and Tim, > > Attached you will find some build bot configuration details as best we know. Oracle teams have been trying to ramp up and learn a little about build bot so be patient if we are missing some details. I think that for Solaris, it is pretty straight forward but for ILOM, the team still have some questions. > > 1. Because ILOM is an embedded device that runs on ARM, the team builds on an X86 machine and then tests within its ARM platform. Does this mean that they will require 2 build bot workers? ie one to build and one to test? > 2. It would be very convenient for Oracle if they will allow our arm worker to run in a qemu VM rather than real arm hardware. Is this possible? > 3. Although ILOM runs oracle linux, the "command line utilities [that] can be expected" are severely limited (and most of those are busybox, not OL native--that means they work differently and/or have limited functionality). Can you elaborate on which command line utilities that are required? > 4. "Necessary environment variables". We set dozens of them for ILOM builds. I don't know which (if any) are required for building OpenSSL standalone. Are there any environment variables that are necessary for building OpenSSL 3.0? > > Thanks. > > Cheers, > > Chris > > > Chris Brych | Senior Principal Security Analyst > Oracle Security Evaluations - Global Product Security > Ottawa, Ontario | Canada > +1-905-267-9352 (O) | +1-613-867-1241 (M) > > Oracle is committed to developing practices and products that help protect the environment > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From waliam at vmware.com Tue Apr 27 07:39:36 2021 From: waliam at vmware.com (Madhur Walia) Date: Tue, 27 Apr 2021 07:39:36 +0000 Subject: [buildbot-admin] [fips-sponsors] Buildbot workers In-Reply-To: <1FE019AC-49B6-4737-A1DF-E11B3345D82A@vmware.com> References: <87k0p89dfr.wl-levitte@openssl.org> <1FE019AC-49B6-4737-A1DF-E11B3345D82A@vmware.com> Message-ID: ++ Also, We are able to establish SSL handshake on port 443, buildbot.openssl.org but not on port 9989. This also means that OS is trusting the Server certificates. Is server running fine on port 9989? Are other vendors able to successfully test their buildbot-worker connections? (Attaching Screenshots of successful SSL Handshakes on port 443) Thanks & Regards, Madhur -------------------------------------------------------------------- ?On 26/04/21, 11:55 PM, "Madhur Walia" wrote: Hi Matt, Thank you for the instructions. However, we are facing couple of issues while starting buildbot-worker, For both platforms, we pointed Certificate/SSL settings to a custom directory in buildbot.tac as per your recommendation. We also tried importing both certs, isrg-root-xi & lets-encrypt-r3 to trust store of OS but no luck. Photon, Getting error, " builtins.NameError: name 'optionsForClientTLS' is not defined" as shown in Photon1 screenshot attached. Also ran a curl command to check SSL connectivity, seems to be failing, attached screenshot Photon2. Windows, Getting, "Unicode error" as shown in Windows1 screenshot attached. Also ran a curl command to check SSL connectivity, seems to be failing, attached screenshot Windows2. Do you have any pointers on these errors? Please let us know. Thanks & Regards, Madhur ------------------------------------------------------------------ On 21/04/21, 4:47 PM, "Matt Caswell" wrote: Thanks Manoj. To be able to set up your worker, you must use version 2.6.0 or higher. Older version do not support TLS-protected connections. Please see these instructions for installing the buildbot worker software: https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdocs.buildbot.net%2Flatest%2Fmanual%2Finstallation%2Fworker.html&data=04%7C01%7Cwaliam%40vmware.com%7Ccf23c19e05b642051b0e08d904b71682%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C637546006695636962%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WicGMU2oEIjvbJIEAGDBTUAnbEc4s72LnVZXTxMyXlw%3D&reserved=0 When buildbot has been installed on the platform where the buildbot worker is to be run, this is how a worker is created (for your PhotonOS worker): $ buildbot-worker create-worker --use-tls BASEDIR \ buildbot.openssl.org:9989 vmware-photonos40 nifs0Tweex_ And for your Windows server: $ buildbot-worker create-worker --use-tls BASEDIR \ buildbot.openssl.org:9989 vmware-winserver2019 Efyin.Freg0 where BASEDIR is determined by you. See further down for a few notes on TLS. To run a buildbot worker, you do this: $ buildbot-worker start BASEDIR Apart from the software needed to run a buildbot worker, and the utilities that are the normal part of the operating system, you also need to ensure that the following components are available: - toolchains, i.e. C compiler, linker, make. If you have specified toolchains in the worker request form, you need to ensure that all of them are installed. - git Regarding TLS, it may be that the buildbot worker platform doesn't have the appropriate certification verification roots set up. In that case, you may need to apply the attached buildbot.tac patch, and store the attached PEM files in a directory of your choice. Finish up by find the string '/PATH/TO/ssl-roots-dir' and replace its contents with the path of directory where you stored the PEM files. Matt On 21/04/2021 00:56, Manoj Maskara wrote: > Hi Tim & Richard, > > We have filled out the worker-request-form for 2 of our platforms, one unix type and other Windows. Also, the platforms, for your convenience am listing here: > > 1) Photon OS 4.0 running on ESXi 7.0 on Intel Xeon Gold 6230R on Dell PowerEdge R740 (Platform type: Unix, x86_64, build+test, gcc) > 2) Windows Server 2019 running on ESXi 7.0 on Intel Xeon Gold 6230R on Dell PowerEdge R740 (Platform type: Windows, x86_64, build+test, vs2017) > > Please provide the credentials and instruction on setting up the buildbot worker. > > Thanks, > Manoj > > > -----Original Message----- > From: fips-sponsors On Behalf Of Richard Levitte > Sent: Monday, April 12, 2021 12:20 AM > To: fips-sponsors at openssl.org > Subject: [fips-sponsors] Buildbot workers > > Hi, > > We are finally ready to start getting buildbot worker requests. > > The way this will work is that we're asking you to answer a form with details for each worker you want to set up for us, such as what platform, what architecture, and where relevant, what toolchains are installed. > > The form is attached below, and include explanations for all the fields to fill in. Please send it to buildbot-admin at openssl.org. > > In response, you will receive an email with the name and password we assign your worker(s), and instructions how to set the worker up. > -------------- next part -------------- A non-text attachment was scrubbed... Name: Photon3.png Type: image/png Size: 970434 bytes Desc: Photon3.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Windows3.png Type: image/png Size: 186022 bytes Desc: Windows3.png URL: From tjh at openssl.org Tue Apr 27 08:00:11 2021 From: tjh at openssl.org (Tim Hudson) Date: Tue, 27 Apr 2021 18:00:11 +1000 Subject: [buildbot-admin] [fips-sponsors] Buildbot workers In-Reply-To: References: <87k0p89dfr.wl-levitte@openssl.org> <1FE019AC-49B6-4737-A1DF-E11B3345D82A@vmware.com> Message-ID: Run a tool that actually provides diagnostic output (curl does not). *openssl s_client -state -debug -connect buildbot.openssl.org:9989 * I suspect you will find you might have outgoing connections to port 9989 blocked in your corporate firewall setup. The result of the openssl command above will provide the details. If you get something like this then you aren't getting access (using a windows client). *SSL_connect:SSLv3/TLS write client hello* *read from 0x1671970 [0x1607e93] (5 bytes => -1 (0xFFFFFFFF))* *SSL_connect:error in SSLv3/TLS write client hello* *write:errno=10054* Buildbot's workers connect on port 9989 - the web server for status at port 443 is not used by the worker. Tim. On Tue, Apr 27, 2021 at 5:39 PM Madhur Walia wrote: > ++ Also, We are able to establish SSL handshake on port 443, > buildbot.openssl.org but not on port 9989. This also means that OS is > trusting the Server certificates. > > Is server running fine on port 9989? Are other vendors able to > successfully test their buildbot-worker connections? > > (Attaching Screenshots of successful SSL Handshakes on port 443) > > Thanks & Regards, > Madhur > > -------------------------------------------------------------------- > > ?On 26/04/21, 11:55 PM, "Madhur Walia" wrote: > > Hi Matt, > > Thank you for the instructions. However, we are facing couple of > issues while starting buildbot-worker, > > For both platforms, we pointed Certificate/SSL settings to a custom > directory in buildbot.tac as per your recommendation. We also tried > importing both certs, isrg-root-xi & lets-encrypt-r3 to trust store of OS > but no luck. > > Photon, > Getting error, " builtins.NameError: name 'optionsForClientTLS' is > not defined" as shown in Photon1 screenshot attached. > Also ran a curl command to check SSL connectivity, seems to be > failing, attached screenshot Photon2. > > Windows, > Getting, "Unicode error" as shown in Windows1 screenshot attached. > Also ran a curl command to check SSL connectivity, seems to be > failing, attached screenshot Windows2. > > Do you have any pointers on these errors? Please let us know. > > Thanks & Regards, > Madhur > > ------------------------------------------------------------------ > > On 21/04/21, 4:47 PM, "Matt Caswell" wrote: > > Thanks Manoj. > > To be able to set up your worker, you must use version 2.6.0 or > higher. Older version do not support TLS-protected connections. > > Please see these instructions for installing the buildbot worker > software: > > > https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdocs.buildbot.net%2Flatest%2Fmanual%2Finstallation%2Fworker.html&data=04%7C01%7Cwaliam%40vmware.com%7Ccf23c19e05b642051b0e08d904b71682%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C637546006695636962%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WicGMU2oEIjvbJIEAGDBTUAnbEc4s72LnVZXTxMyXlw%3D&reserved=0 > > When buildbot has been installed on the platform where the buildbot > worker is to be run, this is how a worker is created (for your > PhotonOS > worker): > > $ buildbot-worker create-worker --use-tls BASEDIR \ > buildbot.openssl.org:9989 vmware-photonos40 nifs0Tweex_ > > And for your Windows server: > > $ buildbot-worker create-worker --use-tls BASEDIR \ > buildbot.openssl.org:9989 vmware-winserver2019 > Efyin.Freg0 > > > where BASEDIR is determined by you. See further down for a few > notes > on TLS. > > To run a buildbot worker, you do this: > > $ buildbot-worker start BASEDIR > > Apart from the software needed to run a buildbot worker, and the > utilities that are the normal part of the operating system, you > also > need to ensure that the following components are available: > > - toolchains, i.e. C compiler, linker, make. If you have > specified > toolchains in the worker request form, you need to ensure > that all > of them are installed. > > - git > > Regarding TLS, it may be that the buildbot worker platform doesn't > have the appropriate certification verification roots set up. In > that > case, you may need to apply the attached buildbot.tac patch, and > store > the attached PEM files in a directory of your choice. Finish up by > find the string '/PATH/TO/ssl-roots-dir' and replace its contents > with > the path of directory where you stored the PEM files. > > Matt > > On 21/04/2021 00:56, Manoj Maskara wrote: > > Hi Tim & Richard, > > > > We have filled out the worker-request-form for 2 of our > platforms, one unix type and other Windows. Also, the platforms, for your > convenience am listing here: > > > > 1) Photon OS 4.0 running on ESXi 7.0 on Intel Xeon Gold 6230R on > Dell PowerEdge R740 (Platform type: Unix, x86_64, build+test, gcc) > > 2) Windows Server 2019 running on ESXi 7.0 on Intel Xeon Gold > 6230R on Dell PowerEdge R740 (Platform type: Windows, x86_64, build+test, > vs2017) > > > > Please provide the credentials and instruction on setting up the > buildbot worker. > > > > Thanks, > > Manoj > > > > > > -----Original Message----- > > From: fips-sponsors On > Behalf Of Richard Levitte > > Sent: Monday, April 12, 2021 12:20 AM > > To: fips-sponsors at openssl.org > > Subject: [fips-sponsors] Buildbot workers > > > > Hi, > > > > We are finally ready to start getting buildbot worker requests. > > > > The way this will work is that we're asking you to answer a form > with details for each worker you want to set up for us, such as what > platform, what architecture, and where relevant, what toolchains are > installed. > > > > The form is attached below, and include explanations for all the > fields to fill in. Please send it to buildbot-admin at openssl.org. > > > > In response, you will receive an email with the name and > password we assign your worker(s), and instructions how to set the worker > up. > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From waliam at vmware.com Tue Apr 27 08:04:28 2021 From: waliam at vmware.com (Madhur Walia) Date: Tue, 27 Apr 2021 08:04:28 +0000 Subject: [buildbot-admin] [fips-sponsors] Buildbot workers In-Reply-To: References: <87k0p89dfr.wl-levitte@openssl.org> <1FE019AC-49B6-4737-A1DF-E11B3345D82A@vmware.com> Message-ID: <1A475631-B47D-4371-89FB-E4E1A20B1813@vmware.com> Hi Tim, Thank you. Yes, that?s what we inspect as well. We tested connections on port 9989 from a different machine and it works. I will get this checked on our corporate firewall and update you if we still face any issues. Regards, Madhur From: Tim Hudson Date: Tuesday, 27 April 2021 at 1:30 PM To: Madhur Walia Cc: Matt Caswell , Manoj Maskara , "buildbot-admin at openssl.org" , Sunil Kumar Yadav Subject: Re: [buildbot-admin] [fips-sponsors] Buildbot workers Run a tool that actually provides diagnostic output (curl does not). openssl s_client -state -debug -connect buildbot.openssl.org:9989 I suspect you will find you might have outgoing connections to port 9989 blocked in your corporate firewall setup. The result of the openssl command above will provide the details. If you get something like this then you aren't getting access (using a windows client). SSL_connect:SSLv3/TLS write client hello read from 0x1671970 [0x1607e93] (5 bytes => -1 (0xFFFFFFFF)) SSL_connect:error in SSLv3/TLS write client hello write:errno=10054 Buildbot's workers connect on port 9989 - the web server for status at port 443 is not used by the worker. Tim. On Tue, Apr 27, 2021 at 5:39 PM Madhur Walia > wrote: ++ Also, We are able to establish SSL handshake on port 443, buildbot.openssl.org but not on port 9989. This also means that OS is trusting the Server certificates. Is server running fine on port 9989? Are other vendors able to successfully test their buildbot-worker connections? (Attaching Screenshots of successful SSL Handshakes on port 443) Thanks & Regards, Madhur -------------------------------------------------------------------- On 26/04/21, 11:55 PM, "Madhur Walia" > wrote: Hi Matt, Thank you for the instructions. However, we are facing couple of issues while starting buildbot-worker, For both platforms, we pointed Certificate/SSL settings to a custom directory in buildbot.tac as per your recommendation. We also tried importing both certs, isrg-root-xi & lets-encrypt-r3 to trust store of OS but no luck. Photon, Getting error, " builtins.NameError: name 'optionsForClientTLS' is not defined" as shown in Photon1 screenshot attached. Also ran a curl command to check SSL connectivity, seems to be failing, attached screenshot Photon2. Windows, Getting, "Unicode error" as shown in Windows1 screenshot attached. Also ran a curl command to check SSL connectivity, seems to be failing, attached screenshot Windows2. Do you have any pointers on these errors? Please let us know. Thanks & Regards, Madhur ------------------------------------------------------------------ On 21/04/21, 4:47 PM, "Matt Caswell" > wrote: Thanks Manoj. To be able to set up your worker, you must use version 2.6.0 or higher. Older version do not support TLS-protected connections. Please see these instructions for installing the buildbot worker software: https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdocs.buildbot.net%2Flatest%2Fmanual%2Finstallation%2Fworker.html&data=04%7C01%7Cwaliam%40vmware.com%7Ccf23c19e05b642051b0e08d904b71682%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C637546006695636962%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WicGMU2oEIjvbJIEAGDBTUAnbEc4s72LnVZXTxMyXlw%3D&reserved=0 When buildbot has been installed on the platform where the buildbot worker is to be run, this is how a worker is created (for your PhotonOS worker): $ buildbot-worker create-worker --use-tls BASEDIR \ buildbot.openssl.org:9989 vmware-photonos40 nifs0Tweex_ And for your Windows server: $ buildbot-worker create-worker --use-tls BASEDIR \ buildbot.openssl.org:9989 vmware-winserver2019 Efyin.Freg0 where BASEDIR is determined by you. See further down for a few notes on TLS. To run a buildbot worker, you do this: $ buildbot-worker start BASEDIR Apart from the software needed to run a buildbot worker, and the utilities that are the normal part of the operating system, you also need to ensure that the following components are available: - toolchains, i.e. C compiler, linker, make. If you have specified toolchains in the worker request form, you need to ensure that all of them are installed. - git Regarding TLS, it may be that the buildbot worker platform doesn't have the appropriate certification verification roots set up. In that case, you may need to apply the attached buildbot.tac patch, and store the attached PEM files in a directory of your choice. Finish up by find the string '/PATH/TO/ssl-roots-dir' and replace its contents with the path of directory where you stored the PEM files. Matt On 21/04/2021 00:56, Manoj Maskara wrote: > Hi Tim & Richard, > > We have filled out the worker-request-form for 2 of our platforms, one unix type and other Windows. Also, the platforms, for your convenience am listing here: > > 1) Photon OS 4.0 running on ESXi 7.0 on Intel Xeon Gold 6230R on Dell PowerEdge R740 (Platform type: Unix, x86_64, build+test, gcc) > 2) Windows Server 2019 running on ESXi 7.0 on Intel Xeon Gold 6230R on Dell PowerEdge R740 (Platform type: Windows, x86_64, build+test, vs2017) > > Please provide the credentials and instruction on setting up the buildbot worker. > > Thanks, > Manoj > > > -----Original Message----- > From: fips-sponsors > On Behalf Of Richard Levitte > Sent: Monday, April 12, 2021 12:20 AM > To: fips-sponsors at openssl.org > Subject: [fips-sponsors] Buildbot workers > > Hi, > > We are finally ready to start getting buildbot worker requests. > > The way this will work is that we're asking you to answer a form with details for each worker you want to set up for us, such as what platform, what architecture, and where relevant, what toolchains are installed. > > The form is attached below, and include explanations for all the fields to fill in. Please send it to buildbot-admin at openssl.org. > > In response, you will receive an email with the name and password we assign your worker(s), and instructions how to set the worker up. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From tjh at openssl.org Wed Apr 28 09:45:13 2021 From: tjh at openssl.org (Tim Hudson) Date: Wed, 28 Apr 2021 19:45:13 +1000 Subject: [buildbot-admin] Fwd: [fips-sponsors] Buildbot workers In-Reply-To: References: <87k0p89dfr.wl-levitte@openssl.org> <1FE019AC-49B6-4737-A1DF-E11B3345D82A@vmware.com> <1A475631-B47D-4371-89FB-E4E1A20B1813@vmware.com> <29E8FDB9-F1C6-47F9-829D-CFCC66EB60EE@vmware.com> Message-ID: FYI Tim. ---------- Forwarded message --------- From: Tim Hudson Date: Wed, Apr 28, 2021 at 6:12 AM Subject: Re: [buildbot-admin] [fips-sponsors] Buildbot workers To: Madhur Walia Correct. Outbound traffic only. Tim. On Tue, 27 Apr 2021, 23:04 Madhur Walia, wrote: > Thanks Tim. Unfortunately, our IT team is under a change freeze at the > moment but I?m trying to get outbound port 9989 opened for Outbound > connections to *buildbot.openssl.org * > though our firewall . Hopefully, the setup will work post change. Which is > why I confirmed the timelines. > > Confirming, we don?t need port 9989 allowed for inbound connections as > well. > > > Regards > > Madhur > > > > *From: *Tim Hudson > *Date: *Tuesday, 27 April 2021 at 5:20 PM > *To: *Madhur Walia > *Subject: *Re: [buildbot-admin] [fips-sponsors] Buildbot workers > > > > We provided for three weeks at which time we will start having to look at > dropping platforms. > > The next meeting is the three week window. > > > > Note we plan to treat all vendors the same way so it is important you get > all the platforms available so we can kick off builds and start to get a > sense of how we are doing on each platform and that we maintain building > and testing for all changes that go into the tree. > > > > Once your worker is configured we will be sending updates for it to > process for checking automatically. > > > > Tim > > > > > > On Tue, Apr 27, 2021 at 9:40 PM Madhur Walia wrote: > > Great, thank you. > > Last question, By what date do we need to get this working & OSF will test? > > > > Thanks & Regards > > Madhur > > > > *From: *Tim Hudson > *Date: *Tuesday, 27 April 2021 at 1:51 PM > *To: *Madhur Walia > *Subject: *Re: [buildbot-admin] [fips-sponsors] Buildbot workers > > > > You only need 9989 for buildbot. > > > > Tim. > > > > > > On Tue, Apr 27, 2021 at 6:16 PM Madhur Walia wrote: > > Yes, it seems they have allowed ports 443, 80 and 22 but I will check > again. I hope we would only need to open 9989 for this? Or any other port > as well? > > > > We have python 3.9.x installed on both machines. Once port 9989 is opened, > I will recheck both connections. > > > > Thanks & Regards, > > Madhur > > > > *From: *Tim Hudson > *Date: *Tuesday, 27 April 2021 at 1:38 PM > *To: *Madhur Walia > *Subject: *Re: [buildbot-admin] [fips-sponsors] Buildbot workers > > > > You can also ask what ports are currently open for outgoing connections - > that would be useful to be aware of. > > However hopefully adding another port to the list is relatively straight > forward. > > > > On the other python noted issue with an unknown option - you need a later > version of python installed. > > > > Tim. > > > > > > On Tue, Apr 27, 2021 at 6:04 PM Madhur Walia wrote: > > Hi Tim, > > > > Thank you. Yes, that?s what we inspect as well. We tested connections on > port 9989 from a different machine and it works. > I will get this checked on our corporate firewall and update you if we > still face any issues. > > > > Regards, > > Madhur > > > > *From: *Tim Hudson > *Date: *Tuesday, 27 April 2021 at 1:30 PM > *To: *Madhur Walia > *Cc: *Matt Caswell , Manoj Maskara , > "buildbot-admin at openssl.org" , Sunil Kumar > Yadav > *Subject: *Re: [buildbot-admin] [fips-sponsors] Buildbot workers > > > > Run a tool that actually provides diagnostic output (curl does not). > > > > *openssl s_client -state -debug -connect buildbot.openssl.org:9989 > * > > > > I suspect you will find you might have outgoing connections to port 9989 > blocked in your corporate firewall setup. > > The result of the openssl command above will provide the details. > > > > If you get something like this then you aren't getting access (using a > windows client). > > > > *SSL_connect:SSLv3/TLS write client hello* > > *read from 0x1671970 [0x1607e93] (5 bytes => -1 (0xFFFFFFFF))* > > *SSL_connect:error in SSLv3/TLS write client hello* > > *write:errno=10054* > > > > Buildbot's workers connect on port 9989 - the web server for status at > port 443 is not used by the worker. > > > > Tim. > > > > > > > > On Tue, Apr 27, 2021 at 5:39 PM Madhur Walia wrote: > > ++ Also, We are able to establish SSL handshake on port 443, > buildbot.openssl.org > > but not on port 9989. This also means that OS is trusting the Server > certificates. > > Is server running fine on port 9989? Are other vendors able to > successfully test their buildbot-worker connections? > > (Attaching Screenshots of successful SSL Handshakes on port 443) > > Thanks & Regards, > Madhur > > -------------------------------------------------------------------- > > On 26/04/21, 11:55 PM, "Madhur Walia" wrote: > > Hi Matt, > > Thank you for the instructions. However, we are facing couple of > issues while starting buildbot-worker, > > For both platforms, we pointed Certificate/SSL settings to a custom > directory in buildbot.tac as per your recommendation. We also tried > importing both certs, isrg-root-xi & lets-encrypt-r3 to trust store of OS > but no luck. > > Photon, > Getting error, " builtins.NameError: name 'optionsForClientTLS' is > not defined" as shown in Photon1 screenshot attached. > Also ran a curl command to check SSL connectivity, seems to be > failing, attached screenshot Photon2. > > Windows, > Getting, "Unicode error" as shown in Windows1 screenshot attached. > Also ran a curl command to check SSL connectivity, seems to be > failing, attached screenshot Windows2. > > Do you have any pointers on these errors? Please let us know. > > Thanks & Regards, > Madhur > > ------------------------------------------------------------------ > > On 21/04/21, 4:47 PM, "Matt Caswell" wrote: > > Thanks Manoj. > > To be able to set up your worker, you must use version 2.6.0 or > higher. Older version do not support TLS-protected connections. > > Please see these instructions for installing the buildbot worker > software: > > > https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdocs.buildbot.net%2Flatest%2Fmanual%2Finstallation%2Fworker.html&data=04%7C01%7Cwaliam%40vmware.com%7Ccf23c19e05b642051b0e08d904b71682%7Cb39138ca3cee4b4aa4d6cd83d9dd62f0%7C0%7C0%7C637546006695636962%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WicGMU2oEIjvbJIEAGDBTUAnbEc4s72LnVZXTxMyXlw%3D&reserved=0 > > > When buildbot has been installed on the platform where the buildbot > worker is to be run, this is how a worker is created (for your > PhotonOS > worker): > > $ buildbot-worker create-worker --use-tls BASEDIR \ > buildbot.openssl.org:9989 > > vmware-photonos40 nifs0Tweex_ > > And for your Windows server: > > $ buildbot-worker create-worker --use-tls BASEDIR \ > buildbot.openssl.org:9989 > > vmware-winserver2019 Efyin.Freg0 > > > where BASEDIR is determined by you. See further down for a few > notes > on TLS. > > To run a buildbot worker, you do this: > > $ buildbot-worker start BASEDIR > > Apart from the software needed to run a buildbot worker, and the > utilities that are the normal part of the operating system, you > also > need to ensure that the following components are available: > > - toolchains, i.e. C compiler, linker, make. If you have > specified > toolchains in the worker request form, you need to ensure > that all > of them are installed. > > - git > > Regarding TLS, it may be that the buildbot worker platform doesn't > have the appropriate certification verification roots set up. In > that > case, you may need to apply the attached buildbot.tac patch, and > store > the attached PEM files in a directory of your choice. Finish up by > find the string '/PATH/TO/ssl-roots-dir' and replace its contents > with > the path of directory where you stored the PEM files. > > Matt > > On 21/04/2021 00:56, Manoj Maskara wrote: > > Hi Tim & Richard, > > > > We have filled out the worker-request-form for 2 of our > platforms, one unix type and other Windows. Also, the platforms, for your > convenience am listing here: > > > > 1) Photon OS 4.0 running on ESXi 7.0 on Intel Xeon Gold 6230R on > Dell PowerEdge R740 (Platform type: Unix, x86_64, build+test, gcc) > > 2) Windows Server 2019 running on ESXi 7.0 on Intel Xeon Gold > 6230R on Dell PowerEdge R740 (Platform type: Windows, x86_64, build+test, > vs2017) > > > > Please provide the credentials and instruction on setting up the > buildbot worker. > > > > Thanks, > > Manoj > > > > > > -----Original Message----- > > From: fips-sponsors On > Behalf Of Richard Levitte > > Sent: Monday, April 12, 2021 12:20 AM > > To: fips-sponsors at openssl.org > > Subject: [fips-sponsors] Buildbot workers > > > > Hi, > > > > We are finally ready to start getting buildbot worker requests. > > > > The way this will work is that we're asking you to answer a form > with details for each worker you want to set up for us, such as what > platform, what architecture, and where relevant, what toolchains are > installed. > > > > The form is attached below, and include explanations for all the > fields to fill in. Please send it to buildbot-admin at openssl.org. > > > > In response, you will receive an email with the name and > password we assign your worker(s), and instructions how to set the worker > up. > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rsalz at akamai.com Wed Apr 28 14:30:42 2021 From: rsalz at akamai.com (Salz, Rich) Date: Wed, 28 Apr 2021 14:30:42 +0000 Subject: [buildbot-admin] [fips-sponsors] buildbot workers In-Reply-To: References: Message-ID: <55F65A75-CCA4-4406-8AB7-094B979720BB@akamai.com> I need to run my worker in a chroot-style wrapper. I did not see a way to do that. I posted to the buildbot-users mailing list last week and haven?t heard anything. I am going to dive into the source tomorrow. -------------- next part -------------- An HTML attachment was scrubbed... URL: From levitte at openssl.org Thu Apr 29 05:58:05 2021 From: levitte at openssl.org (Richard Levitte) Date: Thu, 29 Apr 2021 07:58:05 +0200 Subject: [buildbot-admin] [fips-sponsors] buildbot workers In-Reply-To: <55F65A75-CCA4-4406-8AB7-094B979720BB@akamai.com> References: <55F65A75-CCA4-4406-8AB7-094B979720BB@akamai.com> Message-ID: <874kfpocnm.wl-levitte@openssl.org> On Wed, 28 Apr 2021 16:30:42 +0200, Salz, Rich wrote: > > I need to run my worker in a chroot-style wrapper. I did not see a way to do that. I posted to > the buildbot-users mailing list last week and haven?t heard anything. I am going to dive into the > source tomorrow. Isn't this a matter of starting the worker(s) inside the chrooted environment? You'd have to make a startup script that sets up the new root with everything you need, and that ends with something like this: chroot /PATH/TO/NEW/ROOT buildbot-worker ...args... Cheers, Richard -- Richard Levitte levitte at openssl.org OpenSSL Project http://www.openssl.org/~levitte/ From rsalz at akamai.com Thu Apr 29 14:36:07 2021 From: rsalz at akamai.com (Salz, Rich) Date: Thu, 29 Apr 2021 14:36:07 +0000 Subject: [buildbot-admin] [fips-sponsors] buildbot workers In-Reply-To: <874kfpocnm.wl-levitte@openssl.org> References: <55F65A75-CCA4-4406-8AB7-094B979720BB@akamai.com> <874kfpocnm.wl-levitte@openssl.org> Message-ID: > Isn't this a matter of starting the worker(s) inside the chrooted environment? Of course. SMDH. From rsalz at akamai.com Fri Apr 30 19:14:33 2021 From: rsalz at akamai.com (Salz, Rich) Date: Fri, 30 Apr 2021 19:14:33 +0000 Subject: [buildbot-admin] [fips-sponsors] buildbot workers In-Reply-To: <874kfpocnm.wl-levitte@openssl.org> References: <55F65A75-CCA4-4406-8AB7-094B979720BB@akamai.com> <874kfpocnm.wl-levitte@openssl.org> Message-ID: I have the environment setup. I ran create-worker and it build the config files. I did the start subcommand and it said rsalz at 198.18.66.178:~$ buildbot-worker start /w/openssl-buildbot Following twistd.log until startup finished.. The buildbot-worker appears to have (re)started correctly. rsalz at 198.18.66.178:~$ I went to the buildbot page. How can I tell if my machine is working?