Closed
Bug 1140046
Opened 9 years ago
Closed 6 years ago
docker-worker: Refactor encrypted environment variables
Categories
(Taskcluster :: Workers, defect)
Taskcluster
Workers
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: jonasfj, Unassigned)
References
Details
(Whiteboard: [docker-worker])
It's completely inconsistent that we're not using ISO date format in encrypt environment variable structure. I suggest that we reshape it from: { "messageVersion": "1", "taskId": "FsG6cmlQQeiQpEHtxhDfhg", "startTime": 1418146006679, "endTime": 1418146036679, "name": "SECRET_TOKEN", "value": "3214508af838345sdgt" } To something like this: { "version": 1, "taskId": "FsG6cmlQQeiQpEHtxhDfhg", "created": '2015-03-05T19:14:08.155Z', "deadline": '2015-03-05T19:14:08.155Z', "key": "SECRET_TOKEN", "value": "<secret-text>" } It's a bit shorter and more obvious what the values should be. And we can reuse utilities like taskcluster.fromNowJSON('2 days'). Note, start/end time should be created/deadline of the task. That's kind of the only thing that makes sense, as you never what to run the task with an encrypted env var that can't be decrypted. Remark: I know it's borderline crazy to completely break compatibility, but I think rail is the only one using the encrypted env vars. And we could maintain backward compatibility too. But I'm not sure it worth it. after all it'll break again when we start doing per workerType private keys.
Updated•9 years ago
|
Component: TaskCluster → Docker-Worker
Product: Testing → Taskcluster
Updated•8 years ago
|
Whiteboard: [docker-worker]
Updated•8 years ago
|
Component: Docker-Worker → Worker
Updated•6 years ago
|
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
Assignee | ||
Updated•5 years ago
|
Component: Worker → Workers
You need to log in
before you can comment on or make changes to this bug.
Description
•