Closed
Bug 1477311
Opened 6 years ago
Closed 6 years ago
Give nalexander, etoop, jwalker, and myk, sufficient scopes to administer Mentat mobile GH/TC integrations
Categories
(Taskcluster :: Operations and Service Requests, task)
Taskcluster
Operations and Service Requests
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: nalexander, Assigned: dustin)
References
Details
I am duplicating the automation infrastructure that the android-components repository built in https://github.com/mozilla-mobile/android-components for building Android AARs and publishing them to Bintray for Mentat (see https://github.com/mozilla/mentat). In initial discussion with Sebastian, we agreed to follow exactly the same process as android-components is doing now: publish them to Sebastian's private bintray account and work out details later. I have gotten TC builds working against Mentat (see https://tools.taskcluster.net/groups/SwYjjcKRRe-uQvgPAfe8PQ) and have been able to publish them. At a few places I used mozilla-mobile-specific namespaces: in particular, I pushed the Docker image for building to mozillamobile/mentat:1.0, see https://hub.docker.com/r/mozillamobile/mentat/; and I used the existing project/android-components/publish secret. (Thanks to dustin for getting me this far!) There's no real connection between Mentat and any of the mobile or android-components work, so I'd like to arrange for a parallel hierarchy of groups, roles, owners, and secrets that's appropriate for Mentat. Can we do that, making me the initial owner, and (if we can have multiple owners) jwalker, Myk Melez, and Emily Toop additional owner/administrators? I know that I need at least: - to be able to administer the github.com/mozilla/mentat TC integrations - to be able to add a scope to the GH "release" TC integration - to be able to add a project/mentat/publish secret I'll probably publish to my own personal bintray and manually mirror to jcenter for a while, just like Sebastian is doing for Android Components, until Mozilla has a Maven repository setup. (See https://bugzilla.mozilla.org/show_bug.cgi?id=1470942 for where I think that work is happening.) This is, I think, the Mentat-equivalent of https://bugzilla.mozilla.org/show_bug.cgi?id=1456533.
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → dustin
Assignee | ||
Comment 1•6 years ago
|
||
OK! I granted `assume:project-admin:mentat` to you: https://tools.taskcluster.net/auth/roles/login-identity%3Amozilla-auth0%2Fad|Mozilla-LDAP|nalexander ideally we'd get an LDAP group together to include the rest, rather than grant directly, but if you'd prefer I can do it directly. Being project-admin gives you control of the project/mentat/* secret namespace. I granted that project access to the necessary github repo: https://tools.taskcluster.net/auth/roles/project%3Amentat%3Agrants%2Fgithub-repos That will cover release (role repo:github.com/mozilla/mentat:release) Please let me know if there's anything missing!
Assignee | ||
Comment 2•6 years ago
|
||
(reopen if there is anything wrong..)
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Updated•5 years ago
|
Component: Service Request → Operations and Service Requests
You need to log in
before you can comment on or make changes to this bug.
Description
•