Provide deployment mode - release versus review

RESOLVED FIXED in 2014-03-04

Status

Marketplace
Integration
P1
normal
RESOLVED FIXED
4 years ago
4 years ago

People

(Reporter: ozten, Assigned: kumar)

Tracking

Avenir
2014-03-04
x86
Mac OS X
Points:
---
Dependency tree / graph

Details

(Whiteboard: [A4A][qa-])

(Reporter)

Description

4 years ago
The APK Factory Service should be deployable to two different hostclasses:
* release
* review

Release signs APKs with the production certificate unique to that app

Review signs APKs with a DEBUG cert
(Reporter)

Updated

4 years ago
Blocks: 958329
We may need to adjust Zamboni (Marketplace API) to give the reviewer APK instance elevated access. See bug 889744
(Reporter)

Updated

4 years ago
Blocks: 960764

Updated

4 years ago
Assignee: nobody → kumar.mcmillan
Priority: -- → P1
(Reporter)

Comment 2

4 years ago
APK Signer - would have two different endpoints.

review - signs with any old cert and DEBUG flag from the ant build
release - signs with the securly hosted - cert which is one per app

Updated

4 years ago
Whiteboard: [A4A]
Hey Ryan, what would we do here to create key stores with a debug cert? https://github.com/mozilla/apk-signer/blob/master/apk_signer/sign/signer.py
Flags: needinfo?(rtilder)
After a Vidyo chat with Kumar, it sounds like running a separate instance of the APK signer just for reviewers is the shortest distance between where we are now and where we would like to be.  Only a small change to implement this FIXME https://github.com/mozilla/apk-signer/blob/master/apk_signer/sign/signer.py#L39 that can be done pretty quickly.

We probably need a feature description from somebody who will actually be doing the reviewing.  We definitely want to know what kind of limitations are desired for reviewer signed APKs.  Limited time validity on the signature, invalid for non-reviewers to install, etc.
Flags: needinfo?(rtilder)
I asked for some feedback from reviewers over email but I think this is enough to get started on
behold! Reviewer mode https://github.com/mozilla/apk-signer/commit/6badd95d25c1aea376f396226a85f8b8ec69a150
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
Whiteboard: [A4A] → [A4A][qa-]
Target Milestone: --- → 2014-03-04
You need to log in before you can comment on or make changes to this bug.