Port bug 1562412: macOS notarization multi-step process
Categories
(Thunderbird :: Build Config, enhancement)
Tracking
(Not tracked)
People
(Reporter: rjl, Assigned: rjl)
References
Details
Attachments
(4 files, 3 obsolete files)
47 bytes,
text/x-phabricator-request
|
Details | Review | |
8.06 KB,
patch
|
darktrojan
:
review+
|
Details | Diff | Splinter Review |
3.15 KB,
patch
|
darktrojan
:
review+
|
Details | Diff | Splinter Review |
1.15 KB,
patch
|
darktrojan
:
review+
|
Details | Diff | Splinter Review |
macOS signing and notarization is moving to a multi-task process to avoid problems when Apple has an outage.
Thunderbird changes go here.
Assignee | ||
Comment 1•4 years ago
|
||
I've based this on what is currently in Phabricator for bug 1562412. Aki, I had a question about this block in config.yml: ``` mac-notarization-poller: provisioner: scriptworker-prov-v1 implementation: notarization-poller os: macosx worker-type: mac-notarization-poller ``` Will that be the worker type for Thunderbird or will it be prefixed like the signing workers? tb-mac-notarization-poller?
Comment 2•4 years ago
|
||
Hm. We could split this out, but we could also use the same pool. Not sure if you or others have strong opinions here?
Assignee | ||
Comment 3•4 years ago
|
||
I don't think it matters a whole lot from Thunderbird's perspective. But a lot of work has been done to separate Thunderbird from Firefox builds. So it's probably better to split it now if possible.
Comment 4•4 years ago
|
||
Comment on attachment 9125992 [details] [diff] [review] macos_notariz_bug1613281.patch Review of attachment 9125992 [details] [diff] [review]: ----------------------------------------------------------------- `mac-notarization-poller` is the fx pool. Sounds like we want to create another pool, so `tb-mac-notarization-poller` for tb.
Assignee | ||
Comment 5•4 years ago
|
||
- Updated the notarization-poller worker type in config.yml - Updated with the effects of bug 1614998 in mind. There may be more revisions necessary.
Assignee | ||
Updated•4 years ago
|
Assignee | ||
Comment 6•4 years ago
|
||
Reflects updates made today to changes in progress on bug 1562412 .
Assignee | ||
Comment 7•4 years ago
|
||
Assignee | ||
Comment 8•4 years ago
|
||
I've tested this as much as possible.
Comment 9•4 years ago
|
||
Comment on attachment 9128627 [details] [diff] [review] macos_notariz_bug1613281.patch Review of attachment 9128627 [details] [diff] [review]: ----------------------------------------------------------------- This looks good as far as I can tell.
Comment 10•4 years ago
|
||
Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/comm-central/rev/0498fb268e27
Port bug 1562412: multi-step macOS signing and notarization. r=darktrojan
Assignee | ||
Comment 11•4 years ago
|
||
Signing jobs that are step-3 of the macOS will not have any formats in the payload. For regular signing jobs that's not valid, but it is in this case. It's possible to set up macOS a build-signing job without notarization, so checking the platform and kind may not be sufficient.
Assignee | ||
Updated•4 years ago
|
Comment 12•4 years ago
|
||
Comment on attachment 9129314 [details] [diff] [review] Allow notarized signing jobs to have no signature formats Review of attachment 9129314 [details] [diff] [review]: ----------------------------------------------------------------- I think there's a word missing from the commit message: "… step-3 of the macOS will not …". Apart from that, all good.
Comment 13•4 years ago
|
||
Pushed by thunderbird@calypsoblue.org: https://hg.mozilla.org/comm-central/rev/3f02fbbeaffa Follow-up: Allow for empty format lists on notarized signing jobs. r=darktrojan
Assignee | ||
Updated•4 years ago
|
Assignee | ||
Updated•4 years ago
|
Assignee | ||
Comment 14•4 years ago
|
||
Port of https://phabricator.services.mozilla.com/D64684. The transforms copies attributes from dependencies, but only if attributes are not specified in its own configuration. As a result, the 'shippable' attribute is not present on the poller task and it gets dropped, throwing off when notarization part-3 starts.
Updated•4 years ago
|
Assignee | ||
Updated•4 years ago
|
Comment 15•4 years ago
|
||
Pushed by thunderbird@calypsoblue.org:
https://hg.mozilla.org/comm-central/rev/95a306e52d3c
Follow-up: Drop shipping_phase attribute from shippable-l10n-notarization-poller. r=darktrojan
Assignee | ||
Comment 16•4 years ago
|
||
bugherder |
Assignee | ||
Updated•4 years ago
|
Description
•