Closed
Bug 734389
Opened 12 years ago
Closed 12 years ago
Deploy Thunderbird keys to build machines
Categories
(Infrastructure & Operations Graveyard :: CIDuty, task, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: jhopkins, Assigned: jhopkins)
References
Details
Attachments
(3 files, 4 obsolete files)
We need to deploy Thunderbird SSH keys to build machines (in the Firefox pool) so we can upload completed builds.
Comment 1•12 years ago
|
||
found during triage.
Component: Release Engineering → Release Engineering: Machine Management
QA Contact: release → armenzg
Assignee | ||
Updated•12 years ago
|
Priority: -- → P1
Assignee | ||
Comment 2•12 years ago
|
||
We need to manually scp the Thunderbird key onto all the build slaves and update the ref images.
Assignee | ||
Comment 3•12 years ago
|
||
I copy/pasted the mozilla/production_config.py and mozilla-tests/production_config.py code to generate lists of build machines in the attached script. I noticed there are only 72 matches on 'darwin' which seems low. Can you have a look and see if I missed anything?
Comment 4•12 years ago
|
||
Comment on attachment 615708 [details]
print list of production build machines
looks ok to me...what slaves does it output?
when you're running this, can you verify the .ssh/ffxbld_dsa exists and that .ssh/trybld_dsa does NOT exist before copying the thunderbird keys over?
Attachment #615708 -
Flags: feedback?(catlee) → feedback+
Assignee | ||
Comment 5•12 years ago
|
||
updated: no tegras, no talos
Attachment #615708 -
Attachment is obsolete: true
Assignee | ||
Comment 6•12 years ago
|
||
Attachment #615733 -
Flags: review?(bhearsum)
Comment 7•12 years ago
|
||
Comment on attachment 615733 [details] list of build slave to copy thunderbird key to I'm told that the bld-centos6* machines don't even have Firefox keys on them, as they only do b2g builds. No need to deploy tbirdbld keys to them. moz2-darwin9-slave01 and w64-ix-slave22 are dev/pp machines according to slavealloc, please don't deploy the production keys to them. moz2-darwin9-slave17 is dead, apparently (bug 714812) w64-ix-slave02 isn't in slavealloc, I'm not sure if it still exists. Do you have a staging tbirdbld key yet? We'll need one to deploy to the dev/pp build machines & dev-stage01. That list of machines is: linux-ix-slave03, 04, 05 linux64-ix-slave01, 02 moz2-darwin10-slave02, 03, 04, 10 moz2-darwin9-slave01, 08, 68 moz2-linux-slave03, 04, 10, 17, 51 moz2-linux64-slave07, 10 mv-moz2-linux-ix-slave01 mw32-ix-slave01, 19, 21 w32-ix-slave01 w64-ix-slave04, 05, 22, 41
Attachment #615733 -
Flags: review?(bhearsum)
Comment 8•12 years ago
|
||
From IRC, we need the tbirdbld staging key on all of the staging build machines, too. I think the complete list is: linux-ix-slave03, 04, 05 linux64-ix-slave01, 02 moz2-darwin10-slave02, 03, 04, 10 moz2-darwin9-slave01, 08, 68 moz2-linux-slave03, 04, 10, 17, 51 moz2-linux64-slave07, 10 mv-moz2-linux-ix-slave01 mw32-ix-slave01, 19, 21 w32-ix-slave01 w64-ix-slave04, 05, 22, 41
Assignee | ||
Comment 9•12 years ago
|
||
added exceptions
Attachment #615730 -
Attachment is obsolete: true
Assignee | ||
Comment 10•12 years ago
|
||
Attachment #615733 -
Attachment is obsolete: true
Attachment #615766 -
Flags: review?(bhearsum)
Assignee | ||
Comment 11•12 years ago
|
||
Attachment #615766 -
Attachment is obsolete: true
Attachment #615768 -
Flags: review?(bhearsum)
Attachment #615766 -
Flags: review?(bhearsum)
Assignee | ||
Comment 12•12 years ago
|
||
Attachment #615775 -
Flags: review?(bhearsum)
Updated•12 years ago
|
Attachment #615775 -
Flags: review?(bhearsum) → review+
Comment 13•12 years ago
|
||
Comment on attachment 615768 [details] updated list of build slaves to copy production thunderbird keys to Almost forgot about ref images! No need to update this attachment, but the following need the keys too: linux-ix-ref linux64-ix-ref moz2-darwin10-ref win32-ix-ref ...and file a bug to get IT to take new images of them. Similar to bug 733865. I don't know what the deal is with windows 64-bit ix machines.
Attachment #615768 -
Flags: review?(bhearsum) → review+
Comment 14•12 years ago
|
||
(In reply to Ben Hearsum [:bhearsum] from comment #13) > Comment on attachment 615768 [details] > Almost forgot about ref images! No need to update this attachment, but the > following need the keys too: Turns out we handle keys in different ways depending on the platform > linux-ix-ref > linux64-ix-ref > moz2-darwin10-ref These puppet-based boxes have staging keys on the ref images, presumably so they go to staging masters for proving before going into production. > win32-ix-ref This has production keys (except for the old cvs/cvs.pub which is staging). I don't know why win32 is treated differently. Ben ?
Comment 15•12 years ago
|
||
(In reply to Nick Thomas [:nthomas] from comment #14) > (In reply to Ben Hearsum [:bhearsum] from comment #13) > > Comment on attachment 615768 [details] > > Almost forgot about ref images! No need to update this attachment, but the > > following need the keys too: > > Turns out we handle keys in different ways depending on the platform > > > linux-ix-ref > > linux64-ix-ref > > moz2-darwin10-ref > > These puppet-based boxes have staging keys on the ref images, presumably so > they go to staging masters for proving before going into production. > > > win32-ix-ref > > This has production keys (except for the old cvs/cvs.pub which is staging). > I don't know why win32 is treated differently. Ben ? Probably no good reason. We should follow this pattern for Thunderbird though, lest we end up even more confused.
Assignee | ||
Comment 16•12 years ago
|
||
Key installation for staging, production, and win32-ix-ref is done. briar-patch (https://github.com/mozilla/briar-patch/) and paramiko were used to automate this process. Filed bug 747020 to track creation of a new win32-ix-ref image.
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Comment 17•12 years ago
|
||
I removed the staging copy of tbirdbld_dsa.pub from bld-lion-r5-041..80 (non-try prod), because it was causing errors connecting to stage. I also removed trybld_dsa*, which were also staging but not necessarily from this bug.
Updated•11 years ago
|
Product: mozilla.org → Release Engineering
Updated•6 years ago
|
Product: Release Engineering → Infrastructure & Operations
Updated•4 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•