Grant mcastelluccio@mozilla.com scope to manually trigger project-releng/services-staging-shipit-code-coverage-bot hook

RESOLVED FIXED

Status

Taskcluster
General
RESOLVED FIXED
8 months ago
7 months ago

People

(Reporter: marco, Unassigned)

Tracking

Details

(Reporter)

Description

8 months ago
:garbas tried to, but he didn't have permissions to grant me the scope.

It might be worthwile to grant the scope to trigger shipit hooks (for now project-releng/services-staging-shipit-bot-uplift-bot and project-releng/services-staging-shipit-code-coverage-bot) to the whole relman ldap group, if it's possible.
That group corresponds to
  https://tools.taskcluster.net/auth/roles/#mozilla-group:vpn_releasemgt
which has
  assume:project:shipit:user

Should we make another project:shipit:<..> role to represent this particular level of access?  Then you can assign whatever scopes you'd like to that role.
Flags: needinfo?(rgarbas)

Comment 2

8 months ago
:dustin: +1, that would be great!
Flags: needinfo?(rgarbas)
OK, I added project:shipit:trigger to https://tools.taskcluster.net/auth/roles/#mozilla-group:vpn_releasemgt

You can create that role and add whatever scopes you would like.

Comment 4

8 months ago
:dustin: 

can you also add "assume:project:shipit:*" role to mozilla-group:releng role?
done

Comment 6

7 months ago
:dustin: sorry for bugging you again. Looks like I don't really have enough scopes to add role in project:shipit:* namespace.

Anyway it would be better to change role "project:shipit:trigger" in "mozilla-group:vpn_releasemgt" to "project:releng:services/develop/shipit". I already went a ahead and created that role.
Flags: needinfo?(dustin)
done!
Status: NEW → RESOLVED
Last Resolved: 7 months ago
Flags: needinfo?(dustin)
Resolution: --- → FIXED
11:01:13 <garbas> dustin: sry to bug you. i'm still having problems assigning scopes (Bug 1356405). Is it possible that you forgot to add "assume:" before "project:releng:services/develop/shipit" scope?

yup. fixed.
You need to log in before you can comment on or make changes to this bug.