Closed Bug 1160380 (beetmover) Opened 5 years ago Closed 4 years ago

S3 bit mover

Categories

(Release Engineering :: Release Automation: Other, defect)

defect
Not set

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: nthomas, Assigned: jlund)

References

Details

Create a job which moves files from the TaskCluster artifact store to a candidates bucket in S3, applying pretty names and paths if necessary, and performing an antivirus scan. Run this after each job that produces bits, e.g. en-US builds, l10n repacks, partial update generation. Investigate security models which limit write access to only the bit mover, and only to the current 'release'. Implement bucket versioning and logging to provide history for audit.
See Also: → 1145774
See Also: → 1147140
We can also perform virus scanning as a part of this job.
See Also: → 1154282
:rail, I think you've been working on this for funsize, is that work more generally too ?
Flags: needinfo?(rail)
The work is not generic, it's very limited to funsize (not flexible at all). The code is very small and can be replaced by something more generic in the future. I just didn't want to be blocked on something generic.
Flags: needinfo?(rail)
Alias: beetmover
From my talk with Rail about secrets yesterday, if we could find a way to transmit a signed S3 PUT URL to this task, securely, that would be cool.
Not working on release promotion at the moment, releasing the bug.
Assignee: nthomas → nobody
Status: ASSIGNED → NEW
it's mine now!
Assignee: nobody → jlund
Depends on: 1225894
Depends on: 1225899
Depends on: 1225905
Depends on: 1225927
Depends on: 1244575
Depends on: 1242782
Depends on: 1246074
Depends on: 1250585
Depends on: 1251094
I think we are all done here for now..
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Depends on: 1254422
You need to log in before you can comment on or make changes to this bug.