Closed
Bug 1338232
Opened 7 years ago
Closed 7 years ago
Remove md5 and sha1, add sha256 checksums in release automation
Categories
(Release Engineering :: Release Automation: Other, defect, P2)
Release Engineering
Release Automation: Other
Tracking
(firefox-esr52 fixed)
RESOLVED
FIXED
Tracking | Status | |
---|---|---|
firefox-esr52 | --- | fixed |
People
(Reporter: rail, Assigned: mtabara)
References
Details
Attachments
(5 files)
59 bytes,
text/x-review-board-request
|
rail
:
review+
mtabara
:
checked-in+
|
Details |
4.34 KB,
patch
|
rail
:
review+
|
Details | Diff | Splinter Review |
59 bytes,
text/x-review-board-request
|
rail
:
review+
mtabara
:
checked-in+
|
Details |
59 bytes,
text/x-review-board-request
|
nthomas
:
review+
|
Details |
59 bytes,
text/x-review-board-request
|
mozilla
:
review+
rail
:
checked-in+
|
Details |
We should stop using and publishing md5/sha1 checksums in release automation. Additionally we should generate sha256 checksums. sha512 checksums can stay as they are.
Comment hidden (mozreview-request) |
Reporter | ||
Comment 3•7 years ago
|
||
mozreview-review |
Comment on attachment 8835833 [details] Bug 1338232 - remove sha1, md5 from tc nightly graph checksums. https://reviewboard.mozilla.org/r/111408/#review112686
Attachment #8835833 -
Flags: review?(rail) → review+
Assignee | ||
Comment 4•7 years ago
|
||
* didn't test it but isolated functions * I took the liberty of renaming the file_sha512 since it wasn't used anywhere else in the firefox tree. If there's a slight possiblity of it being used downstream, I'll take the change back and add a separate function within the beetmover script
Attachment #8835857 -
Flags: review?(rail)
Assignee | ||
Comment 5•7 years ago
|
||
Comment on attachment 8835833 [details] Bug 1338232 - remove sha1, md5 from tc nightly graph checksums. https://hg.mozilla.org/build/puppet/rev/96a4a0b11c67
Attachment #8835833 -
Flags: checked-in+
Assignee | ||
Comment 6•7 years ago
|
||
So: * TC nightlies are done * there's patch to r? for release promotion * the only leftover if I'm not wrong is the BB infrastructure (since we've switched to TC nightlies for central and aurora, I suppose that's off the table), which means the Fennec and Thunderbird checksums. @rail: can you point me with some hints where to look in the infra for the changes?
Reporter | ||
Comment 7•7 years ago
|
||
Comment on attachment 8835857 [details] [diff] [review] Bug 1338232 - add sha256 to relpro automation. Review of attachment 8835857 [details] [diff] [review]: ----------------------------------------------------------------- ::: testing/mozharness/mozharness/base/script.py @@ +2245,2 @@ > bs = 65536 > + hasher = hashlib.new(hash_type) Awwww, thanks for catching this bug!
Attachment #8835857 -
Flags: review?(rail) → review+
Assignee | ||
Comment 8•7 years ago
|
||
Status update: * TC nightlies are done - not yet landed though via beetmoverscript bump @rail: * can I land the patch on central and graft it to aurora/beta/release/esr45? * the only leftover if I'm not wrong is the BB infrastructure (since we've switched to TC nightlies for central and aurora, I suppose that's off the table), which means the Fennec and Thunderbird checksums. Can you point me with some hints where to look in the code for those changes? Thanks!
Flags: needinfo?(rail)
Reporter | ||
Comment 9•7 years ago
|
||
(In reply to Mihai Tabara [:mtabara]⌚️GMT from comment #8) > Status update: > * TC nightlies are done - not yet landed though via beetmoverscript bump > > @rail: > * can I land the patch on central and graft it to aurora/beta/release/esr45? I'd say uplift to aurora/beta only. The release/esr45 branches will be dead soon. The changes are release automation related. a=release > * the only leftover if I'm not wrong is the BB infrastructure (since we've > switched to TC nightlies for central and aurora, I suppose that's off the > table), which means the Fennec and Thunderbird checksums. Can you point me > with some hints where to look in the code for those changes? I believe they use the same script, see http://archive.mozilla.org/pub/mobile/candidates/52.0b6-candidates/build1/logs/release-mozilla-beta-fennec_checksums-bm74-build1-build17.txt.gz https://archive.mozilla.org/pub/thunderbird/candidates/52.0b2-candidates/build1/logs/release-comm-beta-thunderbird_checksums-bm74-build1-build6.txt.gz
Flags: needinfo?(rail)
Reporter | ||
Updated•7 years ago
|
Assignee: nobody → mtabara
Assignee | ||
Comment 10•7 years ago
|
||
(In reply to Mihai Tabara [:mtabara]⌚️GMT from comment #8) > Status update: > * TC nightlies are done - not yet landed though via beetmoverscript bump TC nightlies are done - sorry for before. They were done as soon as the puppet patch landed. E.g http://archive.mozilla.org/pub/firefox/nightly/2017/02/2017-02-17-11-01-56-mozilla-central/firefox-54.0a1.en-US.linux-i686.checksums > @rail: > * can I land the patch on central and graft it to aurora/beta/release/esr45? > * the only leftover if I'm not wrong is the BB infrastructure (since we've > switched to TC nightlies for central and aurora, I suppose that's off the > table), which means the Fennec and Thunderbird checksums. Can you point me > with some hints where to look in the code for those changes? > > Thanks! Incoming reviewboard! :)
Comment hidden (mozreview-request) |
Assignee | ||
Updated•7 years ago
|
Keywords: leave-open
Assignee | ||
Updated•7 years ago
|
Status: NEW → ASSIGNED
Reporter | ||
Comment 12•7 years ago
|
||
mozreview-review |
Comment on attachment 8838665 [details] Bug 1338232 - add sha256 hash in checksums automation. a=release DONTBUILD https://reviewboard.mozilla.org/r/113494/#review115072
Attachment #8838665 -
Flags: review?(rail) → review+
Comment 13•7 years ago
|
||
Pushed by mtabara@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/7c8ac1b19355 add sha256 hash in checksums automation. r=rail a=release DONTBUILD
Comment 14•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/7c8ac1b19355
Assignee | ||
Comment 15•7 years ago
|
||
Comment on attachment 8838665 [details] Bug 1338232 - add sha256 hash in checksums automation. a=release DONTBUILD https://hg.mozilla.org/mozilla-central/rev/7c8ac1b19355 Uplifted to aurora & beta https://hg.mozilla.org/releases/mozilla-aurora/rev/b21ecf4c9ef5 https://hg.mozilla.org/releases/mozilla-beta/rev/482e65e3b6e0
Attachment #8838665 -
Flags: checked-in+
Assignee | ||
Comment 16•7 years ago
|
||
The patches from this bug should ensure we have both SHA512SUMS and SHA256SUMS from now on. Let's wait the beta9 on Thursday to see if the changes that will be picked-up are verifying correctly.
Comment 17•7 years ago
|
||
bugherder uplift |
https://hg.mozilla.org/releases/mozilla-esr52/rev/482e65e3b6e0
status-firefox-esr52:
--- → fixed
Reporter | ||
Updated•7 years ago
|
Priority: -- → P2
Comment hidden (mozreview-request) |
Comment 19•7 years ago
|
||
mozreview-review |
Comment on attachment 8840701 [details] Bug 1338232 - Fix typo a=release DONTBUILD https://reviewboard.mozilla.org/r/115134/#review116612
Attachment #8840701 -
Flags: review?(nthomas) → review+
Comment 20•7 years ago
|
||
Pushed by raliiev@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/97c3c3880570 Fix typo r=nthomas a=release DONTBUILD
Reporter | ||
Comment 21•7 years ago
|
||
Aurora: https://hg.mozilla.org/releases/mozilla-aurora/rev/c9aca0047c81f083345892769caa85be5fec465c Beta: https://hg.mozilla.org/releases/mozilla-beta/rev/61519976b35f2947eeaabefcad83186b7e004167
Assignee | ||
Comment 22•7 years ago
|
||
(In reply to Nick Thomas [:nthomas] from comment #19) > Comment on attachment 8840701 [details] > Bug 1338232 - Fix typo a=release DONTBUILD > > https://reviewboard.mozilla.org/r/115134/#review116612 Thanks for fixing this, mea culpa.
Comment 23•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/97c3c3880570
Assignee | ||
Comment 24•7 years ago
|
||
Looks like checksums is working nicely. Please reopen if there's anything that I may have missed. http://archive.mozilla.org/pub/firefox/releases/52.0b9/SHA256SUMS http://archive.mozilla.org/pub/firefox/releases/52.0b9/SHA256SUMS.asc http://archive.mozilla.org/pub/firefox/releases/52.0b9/SHA512SUMS http://archive.mozilla.org/pub/firefox/releases/52.0b9/SHA512SUMS.asc
Assignee | ||
Updated•7 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Comment 25•7 years ago
|
||
bugherder uplift |
https://hg.mozilla.org/releases/mozilla-esr52/rev/61519976b35f
Reporter | ||
Comment 26•7 years ago
|
||
This broke Thunderbird \o/ http://buildbot-master70.bb.releng.use1.mozilla.com:8001/builders/release-comm-beta-thunderbird_checksums/builds/5/steps/run_script/logs/stdio 12:38:23 FATAL - Missing necessary format for file linux-i686/xpi/bg.xpi If you check generated checksums files, they don't have sha256 :/
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment hidden (mozreview-request) |
Comment 28•7 years ago
|
||
mozreview-review |
Comment on attachment 8841060 [details] Bug 1338232 - Use sha512 only for old release automation. https://reviewboard.mozilla.org/r/115412/#review116848
Attachment #8841060 -
Flags: review?(aki) → review+
Reporter | ||
Comment 29•7 years ago
|
||
Comment on attachment 8841060 [details] Bug 1338232 - Use sha512 only for old release automation. https://hg.mozilla.org/build/buildbotcustom/rev/8598bfd05d4941764d89d4c00b62c57d99b7a5c9
Attachment #8841060 -
Flags: checked-in+
Comment 30•7 years ago
|
||
In production: https://hg.mozilla.org/build/buildbotcustom/rev/8598bfd05d49
Reporter | ||
Comment 31•7 years ago
|
||
Worked fine \o/
Status: REOPENED → RESOLVED
Closed: 7 years ago → 7 years ago
Resolution: --- → FIXED
Comment 32•6 years ago
|
||
Removing leave-open keyword from resolved bugs, per :sylvestre.
Keywords: leave-open
You need to log in
before you can comment on or make changes to this bug.
Description
•