Closed Bug 1226641 Opened 10 years ago Closed 9 years ago

Release Promotion should sign the signing tasks

Categories

(Release Engineering :: Release Automation, defect)

Product:
Release Engineering
Component:
Release Automation
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: Callek, Assigned: Callek)

References

Details

Attachments

(3 files, 1 obsolete file)

[puppet] WIP
2.34 KB, patch
jlund
: review+
Details | Diff | Splinter Review
[releasetasks] merely a WIP
47 bytes, text/x-github-pull-request
jlund
: feedback+
Details | Review
[tools] pass signing key down
1.22 KB, patch
rail
: review+
Details | Diff | Splinter Review
To support the hardening we did for funsize (c.f. https://github.com/mozilla/funsize/pull/24/files ) we need to sign the signing tasks. This will require puppet changes too, ala http://hg.mozilla.org/build/puppet/rev/4b09a04d4a3d
Noteworthy, https://github.com/mozilla/signingworker/pull/12/files means that we currently must use the same key as we use for funsize. That should be ok...
Attached patch [tools] WIP (obsolete) — Splinter Review
This is untested, and my WIP....
Attachment #8696075 - Flags: feedback?(jlund)
Attached patch [puppet] WIPSplinter Review
Attachment #8696076 - Flags: review?(jlund)
This PR too, is untested, and will need tests written. I just wanted to get it up prior to mozlando.
Attachment #8696081 - Flags: feedback?(jlund)
Comment on attachment 8696076 [details] [diff] [review] [puppet] WIP Review of attachment 8696076 [details] [diff] [review]: ----------------------------------------------------------------- ::: modules/releaserunner/manifests/init.pp @@ +79,4 @@ > owner => "${users::builder::username}", > group => "${users::builder::group}", > source => "puppet:///modules/$module_name/docker-worker-pub.pem" > + # XXX: Todo name funsize_signing_pvt_key better for current use-case ++
Attachment #8696076 - Flags: review?(jlund) → review+
Attachment #8696075 - Flags: feedback?(jlund) → feedback+
Attachment #8696081 - Flags: feedback?(jlund) → feedback+
Attachment #8696075 - Attachment is obsolete: true
Attachment #8701493 - Flags: review?(rail)
Attachment #8701493 - Flags: review?(rail) → review+
This looks to be working
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Had the following in this comment for a long while, unsubmitted: https://hg.mozilla.org/build/puppet/rev/85a0ac317be3 https://hg.mozilla.org/build/puppet/rev/41efb71f3c7e
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: