Closed Bug 1486089 Opened 6 years ago Closed 6 years ago

enable CoT for mozilla-mobile

Tracking

(Not tracked)

Status:

RESOLVED FIXED

People

(Reporter: mtabara, Assigned: jlorenzo)

References

Details

Attachments

(6 files)

[scriptworker] PR: Support "github-release" tasks_for and cron of mobile 6 years ago Johan Lorenzo [:jlorenzo] 55 bytes, text/x-github-pull-request	jlorenzo : review+ jlorenzo : checked-in+	Details \| Review
[focus-android] PR: Enable full Chain of Trust on nightly and github-releases 6 years ago Johan Lorenzo [:jlorenzo] 57 bytes, text/x-github-pull-request	jlorenzo : review+ jlorenzo : checked-in+	Details \| Review
[android-components] Enable full Chain of Trust on github-releases 6 years ago Johan Lorenzo [:jlorenzo] 62 bytes, text/x-github-pull-request	jlorenzo : review+ jlorenzo : checked-in+	Details \| Review
[scriptworker] PR: part 2: Whitelist android-components repo 6 years ago Johan Lorenzo [:jlorenzo] 55 bytes, text/x-github-pull-request	mozilla : review+ jlorenzo : checked-in+	Details \| Review
[build/puppet] part 1: Bug 1486089 - part 1: Bump scriptworker to 16.2.1 on beetmover_scriptworker 6 years ago Johan Lorenzo [:jlorenzo] 55 bytes, text/x-github-pull-request	jlorenzo : review+ jlorenzo : checked-in+	Details \| Review
[build/puppet] part 2: Bump scriptworker to 16.2.1 on {signing,pushapk}_scriptworker 6 years ago Johan Lorenzo [:jlorenzo] 55 bytes, text/x-github-pull-request	jlorenzo : review+ jlorenzo : checked-in+	Details \| Review

Mihai Tabara [:mtabara]⌚️GMT

Reporter

Description

•

6 years ago

In bug 1485672 we added a dedicated beetmover instance that's to handle the publishing of the android-components. Now we need to make that machine CoT-happy so that we can start scheduling the tasks in the graph. * focus is a good example[1] on how we tackled things * update code in scriptworker to whitelist some repos and types of tasks * for android-components, we already have a decision task[2] that's building stuff. * likely we'll need signing as well but as long as I can make beetmover CoT happy, the other upstream tasks should be relatively easy * focus-android example is here[3] * some amendments in terms of scopes + constants in scriptworker PR * likely some TC Temp scopes for the PR * cot-gpg too for the newly instance [1]: https://github.com/mozilla-releng/scriptworker/pull/209 [2]: https://github.com/mozilla-mobile/android-components/blob/master/.taskcluster.yml#L38 [3]: https://github.com/mozilla-mobile/focus-android/blob/master/.taskcluster.yml#L109

Mihai Tabara [:mtabara]⌚️GMT

Reporter

Comment 1

•

6 years ago

We now have a mobile-beetmover[1] successfully talking to TC querying for mobile-beetmover jobs[2]. On next is to make CoT happy in scriptworker, so that we can actually schedule the tasks from android-components. Steps are: > * focus is a good example[3] on how we tackled things > * update code in scriptworker to whitelist some repos and types of tasks > * for android-components, we already have a decision task[4] that's building > stuff. > * likely we'll need signing as well but as long as I can make beetmover CoT > happy, the other upstream tasks should be relatively easy > * focus-android example is here[5] > * some amendments in terms of scopes + constants in scriptworker PR > * likely some TC Temp scopes for the PR > * cot-gpg too for the newly instance [1]: https://tools.taskcluster.net/provisioners/scriptworker-prov-v1/worker-types/mobile-beetmover-v1/workers/mobile-beetmover-v1/mobile-beetmover-1 [2]: https://tools.taskcluster.net/provisioners/scriptworker-prov-v1/worker-types/mobile-beetmover-v1 [3]: https://github.com/mozilla-releng/scriptworker/pull/209 [4]: https://github.com/mozilla-mobile/android-components/blob/master/.taskcluster.yml#L38 [5]: https://github.com/mozilla-mobile/focus-android/blob/master/.taskcluster.yml#L109

Mihai Tabara [:mtabara]⌚️GMT

Reporter

Updated

•

6 years ago

Comment 2

•

6 years ago

This will be tackled in Q4 once we switch from yml to json-e.

Mihai Tabara [:mtabara]⌚️GMT

Reporter

Comment 3

•

6 years ago

Splitting leftovers and further work we need for this in mobile-world. Johan added this for fenix and focus so he'll take care of this as well.

Updated

•

6 years ago

Blocks: 1496039

Mihai Tabara [:mtabara]⌚️GMT

Reporter

Updated

•

6 years ago

Depends on: 1491026

Updated

•

6 years ago

Summary: enable CoT for android-components → enable CoT for mozilla-mobile

Mihai Tabara [:mtabara]⌚️GMT

Reporter

Comment 4

•

6 years ago

Johan is doing the heavylifting here, thanks!

Assignee: mtabara → jlorenzo

Johan Lorenzo [:jlorenzo]

Assignee

Comment 5

•

6 years ago

Attached file [scriptworker] PR: Support "github-release" tasks_for and cron of mobile — Details

* r+'d by Aki at https://github.com/mozilla-releng/scriptworker/pull/264#pullrequestreview-164351323 * merged on master at https://github.com/mozilla-releng/scriptworker/commit/da3bfba2420bb2f523d78612319df097a16c0c2f * released as 16.2.0: https://github.com/mozilla-releng/scriptworker/releases/tag/16.2.0 https://pypi.org/project/scriptworker/16.2.0/

Attachment #9017113 - Flags: review+

Attachment #9017113 - Flags: checked-in+

Johan Lorenzo [:jlorenzo]

Assignee

Comment 6

•

6 years ago

Attached file [focus-android] PR: Enable full Chain of Trust on nightly and github-releases — Details

Attachment #9017114 - Flags: review?(s.kaspari)

Attachment #9017114 - Flags: review?(csadilek)

Johan Lorenzo [:jlorenzo]

Assignee

Comment 7

•

6 years ago

Attached file [android-components] Enable full Chain of Trust on github-releases — Details

Attachment #9017176 - Flags: review?(s.kaspari)

Attachment #9017176 - Flags: review?(csadilek)

Johan Lorenzo [:jlorenzo]

Assignee

Comment 8

•

6 years ago

Attached file [scriptworker] PR: part 2: Whitelist android-components repo — Details

Attachment #9017177 - Flags: review?(aki)

Aki Sasaki (not active)

Comment 9

•

6 years ago

Comment on attachment 9017177 [details] [review] [scriptworker] PR: part 2: Whitelist android-components repo Mihai approved this; lgtm too.

Attachment #9017177 - Flags: review?(aki) → review+

Johan Lorenzo [:jlorenzo]

Assignee

Comment 10

•

6 years ago

Attached file [build/puppet] part 1: Bug 1486089 - part 1: Bump scriptworker to 16.2.1 on beetmover_scriptworker — Details

r+'d at https://github.com/mozilla-releng/build-puppet/pull/265#pullrequestreview-165067387 merged on master at https://github.com/mozilla-releng/build-puppet/commit/d0898bd57d418e885b8492da8d9622e0599ca555

Attachment #9018650 - Flags: review+

Attachment #9018650 - Flags: checked-in+

Johan Lorenzo [:jlorenzo]

Assignee

Comment 11

•

6 years ago

Attached file [build/puppet] part 2: Bump scriptworker to 16.2.1 on {signing,pushapk}_scriptworker — Details

r+'d at https://github.com/mozilla-releng/build-puppet/pull/267#pullrequestreview-165249110 and https://github.com/mozilla-releng/build-puppet/pull/267#pullrequestreview-166130188 landed on master at https://github.com/mozilla-releng/build-puppet/commit/f9b424cfc018a9bc67229c5258c109197734aed2

Attachment #9018651 - Flags: review+

Attachment #9018651 - Flags: checked-in+

Johan Lorenzo [:jlorenzo]

Assignee

Comment 12

•

6 years ago

Comment on attachment 9017177 [details] [review] [scriptworker] PR: part 2: Whitelist android-components repo Landed on master at: https://github.com/mozilla-releng/scriptworker/commit/e6257cd7db50c2c308221846f5eac7cc205a4ce1 Release as 16.2.1: https://pypi.python.org/pypi/scriptworker/16.2.1 https://github.com/mozilla-releng/scriptworker/releases/tag/16.2.1

Attachment #9017177 - Flags: checked-in+

Johan Lorenzo [:jlorenzo]

Assignee

Comment 13

•

6 years ago

Comment on attachment 9017176 [details] [review] [android-components] Enable full Chain of Trust on github-releases r+'d at https://github.com/mozilla-mobile/android-components/pull/1049#pullrequestreview-164843469 merge and https://github.com/mozilla-mobile/android-components/pull/1055#pullrequestreview-164877468 Landed on master at https://github.com/mozilla-mobile/android-components/commit/440591546366e01cc8d5fa899ac79179d1668470 First release to implement these checks: * https://github.com/mozilla-mobile/android-components/releases/tag/v0.27.0 * https://tools.taskcluster.net/groups/CELBgJhTSaecLcB6g5kSQw * https://tools.taskcluster.net/groups/CELBgJhTSaecLcB6g5kSQw/tasks/d38j7fktTYuDngZPbYm5Rw/runs/0/logs/public%2Flogs%2Fchain_of_trust.log#L70

Attachment #9017176 - Flags: review?(s.kaspari)

Attachment #9017176 - Flags: review?(csadilek)

Attachment #9017176 - Flags: review+

Attachment #9017176 - Flags: checked-in+

Johan Lorenzo [:jlorenzo]

Assignee

Comment 14

•

6 years ago

Comment on attachment 9017114 [details] [review] [focus-android] PR: Enable full Chain of Trust on nightly and github-releases r+'d at https://github.com/mozilla-mobile/focus-android/pull/3634#pullrequestreview-164870040 Landed on master at https://github.com/mozilla-mobile/focus-android/commit/3c8a1f96018fdcf89d3ed9d453a93af0a4e3b820 First nightly to implement this check: * https://tools.taskcluster.net/groups/dh3WUGEdRPWXjs9afYW_wg/ * https://tools.taskcluster.net/groups/dh3WUGEdRPWXjs9afYW_wg/tasks/WPZQOofXTqOFVLiKoOKYrw/runs/0/logs/public%2Flogs%2Fchain_of_trust.log#L102

Attachment #9017114 - Flags: review?(s.kaspari)

Attachment #9017114 - Flags: review?(csadilek)

Attachment #9017114 - Flags: review+

Attachment #9017114 - Flags: checked-in+

Johan Lorenzo [:jlorenzo]

Assignee

Comment 15

•

6 years ago

We're almost done here! The only last thing to test is a Focus release. I'll keep an eye out on it. In the meantime, there is nothing left to do. I'll mark this bug as fixed.