Closed Bug 632793 Opened 9 years ago Closed 7 years ago

signing scripts should support signing partner repacks after the fact


(Release Engineering :: Release Automation: Other, defect, P3)



(Not tracked)



(Reporter: bhearsum, Unassigned)


Currently, the signing scripts have a "previously signed" mode that allows us to sign locales after the fact. This works fine for normal, unmodified repacks, but doesn't work in a case where we're signing a localized partner repack after the fact. Because we only unpack and cache "firstLocale" in previously signed mode, we still end up resigning all the localized bits of the partner repack, because only the en-US binaries are in the cache.

Ideally, "previously signed" mode should detect which locales it needs to unpack and cache prior to starting to sign things.
Until this is fixed, the best way to sign partner repacks after the fact is to rebuild the cache one by one, by calling with --first-locale $locale --keep-cache, for each $locale that has a partner repack that needs signing. Once that's done, you can sign them with --keep-cache. bug 632627 and the 3.6.14 build notes have a concrete example of this (

Realistically this is low priority because it's rare that we'll hit it, and there's a workaround.
Priority: -- → P3
Component: Release Engineering → Release Engineering: Releases
QA Contact: release → bhearsum
found in triage - I think this actually lives in the new "RelEng:Automation" component.
Component: Release Engineering: Releases → Release Engineering: Automation
QA Contact: bhearsum → catlee
No longer blocks: hg-automation
Mass move of bugs to Release Automation component.
Component: Release Engineering: Automation (General) → Release Engineering: Automation (Release Automation)
No longer blocks: hg-automation
We don't use these signing scripts anymore.
Closed: 7 years ago
Resolution: --- → WONTFIX
Product: → Release Engineering
You need to log in before you can comment on or make changes to this bug.