Closed Bug 1181183 Opened 4 years ago Closed 3 years ago

[tracking] private partner repacks

Categories

(Release Engineering :: General, defect)

defect
Not set

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: coop, Assigned: coop)

References

(Depends on 1 open bug)

Details

(Whiteboard: [partners][q3])

We are changing the way we do partner repacks to enable other models for partnering. Here are the changes I know need to be made:

* make the manifest of partners private
* migrate existing repack script to mozharness
* private github repo per partner for partner customization, with access granted to only releng and the partner. This allow partners to submit changes via pull requests.
* private S3 buckets per partner to store repacks, again with access granted to only releng and the partner.
* partner notifications when new builds are uploaded to buckets (bug 884915).
Just to be 100% explicit: this will replace the special bing bundle hosting that we do too, right? (https://github.com/mozilla/build-tools/blob/master/scripts/release/stage-tasks.py#L59)
(In reply to Ben Hearsum [:bhearsum] from comment #1)
> Just to be 100% explicit: this will replace the special bing bundle hosting
> that we do too, right?
> (https://github.com/mozilla/build-tools/blob/master/scripts/release/stage-
> tasks.py#L59)

Certain partners may want access controls closer to what we have now, i.e. none. I think in Bing's case, the hosting is actually part of our contract, so we'll make that work, yes.
Depends on: 1178292
Shane has already made great progress here. We already have S3 buckets setup for the partners, and are in the process of setting up github submodules for the individual partners.

From the releng side, the to-do list is shorter now:

* migrate existing repack script to mozharness
* upload repacks directly to S3
* migrate buildbot builder to a TaskCluster task
** dependent on OSX-packaging-on-linux, or generic worker for OSX

I think the notification step (bug 884915) can be handled pretty easily with S3 event notifications (if that isn't already in place).
Depends on: 884915
(In reply to Chris Cooper [:coop] from comment #3)
> * migrate buildbot builder to a TaskCluster task

AFAIK there's no way to make Tasks private. Given that, is Taskcluster usable for this project? I'm pretty sure this would cause full logs to be visible at the very least. Builds might end up being exposed as artifacts as well...
Depends on: 1186676
Depends on: 1205023
Depends on: 1205375
Depends on: 1205397
Depends on: 1205402
I don't see anything sensitive in this bug, making it public.
Group: mozilla-employee-confidential
Depends on: 1208239
Depends on: 1208241
Depends on: 1236951
Depends on: 1236954
Automating funnelcakes is outside the scope of this work.
No longer depends on: 1205375
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Component: General Automation → General
You need to log in before you can comment on or make changes to this bug.