Closed Bug 1531320 Opened 7 years ago Closed 7 years ago

docker-worker: `git pull` latest password store changes in deploy script

Categories

(Taskcluster :: Workers, enhancement)

Product:
Taskcluster
Component:
Workers
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: pmoore, Assigned: pmoore)

Details

Attachments

(1 file)

GitHub Pull Request for docker-worker
53 bytes, text/x-github-pull-request
Details | Review

It would be easy to forget that the password store needs to be up-to-date when deploying docker-worker, so I added a git pull.

Note, this means you need to be on the vpn when doing a deployment, but I think this may be safer than not doing a git pull as this is an easy step to forget.

Assignee: nobody → pmoore
Status: NEW → ASSIGNED
Attachment #9047353 - Flags: review?(wcosta)

My experience is that docker-worker secrets rarely change, and having to 2FA everytime you need to run deploy.sh is counter-productive. Also, there is still the fact the other peer needs to remember to git push when keys are updated. Let's not add another human input to something it most probably won't be worth it. It is better to put this in the documentation.

Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
Attachment #9047353 - Flags: review?(wcosta)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: