Closed Bug 1274716 Opened 4 years ago Closed 3 years ago

mozilla-taskcluster should use, and grant, the repo's role to decision tasks


(Taskcluster :: Services, defect)

Not set


(Not tracked)



(Reporter: dustin, Assigned: garndt)


A decision task should run with the role 

I made a real hash of this, though: currently .taskcluster.yml has "*" in it, which is definitely not cool. fixes that up by adding the scopes configured for the branch to the task's scopes, and adding "*" to those scopes so that the hard-coded instance of that scope doesn't cause issues.

The better solution is for mozilla-taskcluster to calculate the appropriate role based on the repository name, and then substitute that in as `{{repositoryRole}}` into `.taskcluster.yml`, and use that role when calling `scheduler.createTaskGraph()`.
With the changes we have made since May, does this still apply?
If we plan to deprecate mozilla-taskcluster, maybe we need this only in
I suppose that's a matter of deciding if taskcluster-mercurial will deprecate mozilla-taskcluster before this is 100% necessary.  Last update was 4 months ago so it's not being actively worked on right now it seems.  Not sure how far along it is to be deployed into prod.

Also, taskcluster-mercurial will not handle cancels or retriggers, so it won't be a complete replacement, and mozilla-taskcluster will still need to do something with scopes for those actions.
No longer blocks: 1247703
Greg's workign on this..
Assignee: dustin → garndt
We discovered that this is a bit more difficult: m-t does some operations (retriggering) without reference to the full repository name, just the "treeherder project" which serves as a key into the properties.

Removing the try scope (the hash I made) should be easy quickly.

This doesn't block any of the migration -- it's just a minor improvement to how mozilla-taskcluster is configured.
I believe with all the scope work that's been done and using the productions.json file, this is resolved.
Closed: 3 years ago
Resolution: --- → FIXED
Component: Integration → Services
You need to log in before you can comment on or make changes to this bug.