Adds the internal security TryBot service binary, which is used to
execute tests against CLs in the private Go repo that is used to
develop security patches. This service implements are very small
subset of the features of the public TryBots, using coordinator
buildlets which are controlled by Google.
Part of b/238465473.
Change-Id: I51745376b4c523fb5fc938eb57fffb81c85a7c78
Reviewed-on: https://go-review.googlesource.com/c/build/+/424615
Reviewed-by: Jenny Rakoczy <jenny@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
I assumed that it would do this internally and return an error if we
weren't on GCE. Apparently I was wrong.
For golang/go#54344.
Change-Id: I186c7c5416f34682e41534810aba2f5840e69a1b
Reviewed-on: https://go-review.googlesource.com/c/build/+/422636
Reviewed-by: Jenny Rakoczy <jenny@golang.org>
Auto-Submit: Heschi Kreinick <heschi@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Heschi Kreinick <heschi@google.com>
Google is deprecating the OOB OAuth flow. Switch to TV.
For golang/go#48739.
Change-Id: Ica6800e985e425cd8733d5e31af16035a496c76d
Reviewed-on: https://go-review.googlesource.com/c/build/+/422454
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Heschi Kreinick <heschi@google.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Update relui to communicate via gRPC. Also fix a couple silly mistakes
and make our service accounts trusted to use sensitive builders.
Fixesgolang/go#54344.
Change-Id: Ie51022d51fd6f17f477534b2d168afef06a30eef
Reviewed-on: https://go-review.googlesource.com/c/build/+/422096
Reviewed-by: Carlos Amedee <carlos@golang.org>
Run-TryBot: Heschi Kreinick <heschi@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Jenny Rakoczy <jenny@golang.org>
As a first step to port relui over to the gRPC API, create a gRPC client
implementation. This should be suitable for use in the gomote command,
but I don't want to conflict with the giant stack in flight. Also add a
GRPCClient function to iapclient for convenience.
The gomote service was missing working directory information; added it.
I also did some refactoring/cleanup.
- The Client interface is used internally to the coordinator, and as
such it has a lot of internal functions. The set used by remote
clients is much more reasonable. Separate it out into a new
RemoteClient interface.
- AddCloseFn was only used in one place. Delete it.
- DestroyVM was completely unused. Delete it.
For golang/go#54344.
Change-Id: I77344a8c27076e53f565e9af56f8d365ac89b487
Reviewed-on: https://go-review.googlesource.com/c/build/+/422095
Auto-Submit: Heschi Kreinick <heschi@google.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Heschi Kreinick <heschi@google.com>
This change adds license headers to files which are missing them.
A modified version of the addlicense tool was used to add these headers:
https://github.com/google/addlicense
The command issued was:
addlicense -c "Go Authors" -l bsd *
Change-Id: Id6fd17c587f99b3ff0ef5f5f35befcfe5aaeef72
Reviewed-on: https://go-review.googlesource.com/c/build/+/409614
Run-TryBot: Carlos Amedee <carlos@golang.org>
Auto-Submit: Carlos Amedee <carlos@golang.org>
Reviewed-by: Carlos Amedee <carlos@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Alex Rakoczy <alex@golang.org>
Generated with go run update-readmes.go.
Also capitalize the word "Package" in 3 package comments
and update releaselet test not to fail on README.md file.
Change-Id: I031b15ec570dd089b1931b79dcb1f8e6694e7e62
Reviewed-on: https://go-review.googlesource.com/c/build/+/394520
Reviewed-by: Carlos Amedee <carlos@golang.org>
Trust: Carlos Amedee <carlos@golang.org>
Trust: Emmanuel Odeke <emmanuel@orijtech.com>
Trust: Dmitri Shuralyov <dmitshur@golang.org>
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
It has identical behavior but makes the code shorter and easier
to see that it's just a form POST, rather than something custom.
Also cap the body size it's willing to read for error reporting.
(Spotted while reading over this code.)
For golang/go#48739.
Change-Id: I586925d1a0c7e9a7e1efc93d121337a16fcee725
Reviewed-on: https://go-review.googlesource.com/c/build/+/371014
Trust: Dmitri Shuralyov <dmitshur@golang.org>
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Heschi Kreinick <heschi@google.com>
The configuration directory must be created before the token is stored
in it. This change ensures that the directory exists before attempting
to store the newly created token in it.
Updates golang/go#48739
Change-Id: I2db71485c166ba094e61690533849c33913a5530
Reviewed-on: https://go-review.googlesource.com/c/build/+/367535
Trust: Carlos Amedee <carlos@golang.org>
Run-TryBot: Carlos Amedee <carlos@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Heschi Kreinick <heschi@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
iapclient enables command-line, programmatic access to our IAP-protected
sites. For now, it's quite specific to the command-line case; we can
make it more flexible in the future if necessary.
There are no tests, because I have no idea how to write a meaningful
automated test of this code.
For golang/go#48739.
Change-Id: Ibbc33ae045c6e5b68eee34900fe0a791d3a48558
Reviewed-on: https://go-review.googlesource.com/c/build/+/361194
Trust: Heschi Kreinick <heschi@google.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Run-TryBot: Carlos Amedee <carlos@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Roland Shoemaker
Heschi Kreinick
Carlos Amedee
Dmitri Shuralyov