Closed Bug 1181183 Opened 4 years ago Closed 3 years ago
[tracking] private partner repacks
We are changing the way we do partner repacks to enable other models for partnering. Here are the changes I know need to be made: * make the manifest of partners private * migrate existing repack script to mozharness * private github repo per partner for partner customization, with access granted to only releng and the partner. This allow partners to submit changes via pull requests. * private S3 buckets per partner to store repacks, again with access granted to only releng and the partner. * partner notifications when new builds are uploaded to buckets (bug 884915).
Just to be 100% explicit: this will replace the special bing bundle hosting that we do too, right? (https://github.com/mozilla/build-tools/blob/master/scripts/release/stage-tasks.py#L59)
(In reply to Ben Hearsum [:bhearsum] from comment #1) > Just to be 100% explicit: this will replace the special bing bundle hosting > that we do too, right? > (https://github.com/mozilla/build-tools/blob/master/scripts/release/stage- > tasks.py#L59) Certain partners may want access controls closer to what we have now, i.e. none. I think in Bing's case, the hosting is actually part of our contract, so we'll make that work, yes.
Shane has already made great progress here. We already have S3 buckets setup for the partners, and are in the process of setting up github submodules for the individual partners. From the releng side, the to-do list is shorter now: * migrate existing repack script to mozharness * upload repacks directly to S3 * migrate buildbot builder to a TaskCluster task ** dependent on OSX-packaging-on-linux, or generic worker for OSX I think the notification step (bug 884915) can be handled pretty easily with S3 event notifications (if that isn't already in place).
Depends on: 884915
(In reply to Chris Cooper [:coop] from comment #3) > * migrate buildbot builder to a TaskCluster task AFAIK there's no way to make Tasks private. Given that, is Taskcluster usable for this project? I'm pretty sure this would cause full logs to be visible at the very least. Builds might end up being exposed as artifacts as well...
I don't see anything sensitive in this bug, making it public.
Automating funnelcakes is outside the scope of this work.
No longer depends on: 1205375
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.