Closed
Bug 1274716
Opened 8 years ago
Closed 7 years ago
mozilla-taskcluster should use, and grant, the repo's role to decision tasks
Categories
(Taskcluster :: Services, defect)
Taskcluster
Services
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: dustin, Assigned: garndt)
Details
A decision task should run with the role assume:repo:hg.mozilla.org/whatever:branch:default I made a real hash of this, though: currently .taskcluster.yml has "assume:repo:hg.mozilla.org/try:*" in it, which is definitely not cool. https://github.com/taskcluster/mozilla-taskcluster/pull/69 fixes that up by adding the scopes configured for the branch to the task's scopes, and adding "assume:repo:hg.mozilla.org/try:*" to those scopes so that the hard-coded instance of that scope doesn't cause issues. The better solution is for mozilla-taskcluster to calculate the appropriate role based on the repository name, and then substitute that in as `{{repositoryRole}}` into `.taskcluster.yml`, and use that role when calling `scheduler.createTaskGraph()`.
|
Assignee | |
Comment 1•8 years ago
|
||
With the changes we have made since May, does this still apply?
|
Reporter | |
Comment 2•8 years ago
|
||
Yes, it would simplify all this stuff: https://github.com/taskcluster/mozilla-taskcluster/blob/master/src/config/default.yml#L99
|
||
Comment 3•8 years ago
|
||
If we plan to deprecate mozilla-taskcluster, maybe we need this only in https://github.com/taskcluster/taskcluster-mercurial?
|
|
Assignee | |
Comment 4•8 years ago
|
||
I suppose that's a matter of deciding if taskcluster-mercurial will deprecate mozilla-taskcluster before this is 100% necessary. Last update was 4 months ago so it's not being actively worked on right now it seems. Not sure how far along it is to be deployed into prod. Also, taskcluster-mercurial will not handle cancels or retriggers, so it won't be a complete replacement, and mozilla-taskcluster will still need to do something with scopes for those actions.
|
|
Reporter | |
Comment 6•8 years ago
|
||
We discovered that this is a bit more difficult: m-t does some operations (retriggering) without reference to the full repository name, just the "treeherder project" which serves as a key into the properties. Removing the try scope (the hash I made) should be easy quickly. This doesn't block any of the migration -- it's just a minor improvement to how mozilla-taskcluster is configured.
|
|
Assignee | |
Comment 7•7 years ago
|
||
I believe with all the scope work that's been done and using the productions.json file, this is resolved.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
|
||
Updated•5 years ago
|
Component: Integration → Services
You need to log in
before you can comment on or make changes to this bug.
Description
•