build process and adding in a hash repo for txt/mar file generation

RESOLVED WONTFIX

Status

P4
critical
RESOLVED WONTFIX
9 years ago
5 years ago

People

(Reporter: clyon, Assigned: jhford)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [ausq3review])

(Reporter)

Description

9 years ago
The current build process uses files from stage-old (aka surf.mozilla.org) in order to generate mar and txt files used by AUS. The proposed change would be to create a file store within the build network to store hash files from each build generated from the buildbot slaves. These file would then be used to verify anything coming off surf.mozilla.org to be used to generate the txt and mar files. A check should be inserted to verify we are downloading the correct file.
(Reporter)

Updated

9 years ago
Group: infra
Depends on: 583911
(Reporter)

Updated

9 years ago
OS: Mac OS X → All
Hardware: x86 → All
I can take a look at this
Assignee: nobody → jhford
Priority: -- → P3
Priority: P3 → P4
Depends on: 578393
mcoates: since this bug was filed, we have started doing signing of updates, (needed for silent update). Given that, is there still any need to do this hash repo work?  aiui, this hash repo was just a quick-and-dirty way to verify the updates were not modified before we used them internally. However, since then we've figured out how to do mar signing, which works for us internally, and also for end users. 

I'd like to close this bug as WONTFIX unless I am missing something?
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → WONTFIX
Product: mozilla.org → Release Engineering
You need to log in before you can comment on or make changes to this bug.