Mercurial > mozreview > gecko / changeset / 0b840d5b0c01efe98ca267ab5c5048d6b1b46a0a
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1337360: move chainOfTrust into extra; r?Callek draft
authorDustin J. Mitchell <dustin@mozilla.com>
Wed, 22 Mar 2017 16:48:40 +0000
changeset 503037 0b840d5b0c01efe98ca267ab5c5048d6b1b46a0a
parent 503036 ffb4f7c922a43fd3e2eb8ef41fc0a8b3873455c1
child 503038 4bc19685c8296a2164ba4c6cb90a4d73ad291ffa
push id50464
push userdmitchell@mozilla.com
push dateWed, 22 Mar 2017 18:16:33 +0000
reviewersCallek
bugs1337360
milestone55.0a1
Bug 1337360: move chainOfTrust into extra; r?Callek MozReview-Commit-ID: 2bo60MFPoDG
taskcluster/taskgraph/transforms/l10n.py file | annotate | diff | comparison | revisions
taskcluster/taskgraph/util/schema.py file | annotate | diff | comparison | revisions 
--- a/taskcluster/taskgraph/transforms/l10n.py
+++ b/taskcluster/taskgraph/transforms/l10n.py
@@ -16,45 +16,47 @@ from taskgraph.transforms.base import (
 )
 from taskgraph.util.schema import (
     validate_schema,
     optionally_keyed_by,
     resolve_keyed_by,
     Schema,
 )
 from taskgraph.util.treeherder import split_symbol, join_symbol
+from taskgraph.transforms.job import job_description_schema
 from voluptuous import (
     Any,
     Extra,
     Optional,
     Required,
 )
 
 
 def _by_platform(arg):
     return optionally_keyed_by('build-platform', arg)
 
 # shortcut for a string where task references are allowed
 taskref_or_string = Any(
     basestring,
     {Required('task-reference'): basestring})
 
+# Voluptuous uses marker objects as dictionary *keys*, but they are not
+# comparable, so we cast all of the keys back to regular strings
+job_description_schema = {str(k): v for k, v in job_description_schema.schema.iteritems()}
+
 l10n_description_schema = Schema({
     # Name for this job, inferred from the dependent job before validation
     Required('name'): basestring,
 
     # build-platform, inferred from dependent job before validation
     Required('build-platform'): basestring,
 
     # max run time of the task
     Required('run-time'): _by_platform(int),
 
-    # Data used by chain of trust (see `chain_of_trust` in this file)
-    Optional('chainOfTrust'): {Extra: object},
-
     # All l10n jobs use mozharness
     Required('mozharness'): {
         # Script to invoke for mozharness
         Required('script'): _by_platform(basestring),
 
         # Config files passed to the mozharness script
         Required('config'): _by_platform([basestring]),
 
@@ -121,17 +123,20 @@ l10n_description_schema = Schema({
 
     # Task deps to chain this task with, added in transforms from dependent-task
     # if this is a nightly
     Optional('dependencies'): {basestring: basestring},
 
     # Run the task when the listed files change (if present).
     Optional('when'): {
         'files-changed': [basestring]
-    }
+    },
+
+    # passed through directly to the job description
+    Optional('extra'): job_description_schema['extra'],
 })
 
 transforms = TransformSequence()
 
 
 def _parse_locales_file(locales_file, platform=None):
     """ Parse the passed locales file for a list of locales.
         If platform is unset matches all platforms.
@@ -323,21 +328,19 @@ def mh_options_replace_project(config, j
             job['mozharness']['options']
             )
         yield job
 
 
 @transforms.add
 def chain_of_trust(config, jobs):
     for job in jobs:
-        job.setdefault('chainOfTrust', {})
-        job['chainOfTrust'].setdefault('inputs', {})
-        job['chainOfTrust']['inputs']['docker-image'] = {
-            "task-reference": "<docker-image>"
-        }
+        # add the docker image to the chain of trust inputs in task.extra
+        cot = job.setdefault('extra', {}).setdefault('chainOfTrust', {})
+        cot.setdefault('inputs', {})['docker-image'] = {"task-reference": "<docker-image>"}
         yield job
 
 
 @transforms.add
 def validate_again(config, jobs):
     for job in jobs:
         yield validate_schema(l10n_description_schema, job,
                               "In job {!r}:".format(job.get('name', 'unknown')))
@@ -349,19 +352,17 @@ def make_job_description(config, jobs):
         job_description = {
             'name': job['name'],
             'worker': {
                 'implementation': 'docker-worker',
                 'docker-image': {'in-tree': 'desktop-build'},
                 'max-run-time': job['run-time'],
                 'chain-of-trust': True,
             },
-            'extra': {
-                'chainOfTrust': job['chainOfTrust'],
-            },
+            'extra': job['extra'],
             'worker-type': job['worker-type'],
             'description': job['description'],
             'run': {
                 'using': 'mozharness',
                 'job-script': 'taskcluster/scripts/builder/build-l10n.sh',
                 'config': job['mozharness']['config'],
                 'script': job['mozharness']['script'],
                 'actions': job['mozharness']['actions'],
--- a/taskcluster/taskgraph/util/schema.py
+++ b/taskcluster/taskgraph/util/schema.py
@@ -131,19 +131,16 @@ def resolve_keyed_by(item, field, item_n
 
 # Schemas for YAML files should use dashed identifiers by default.  If there are
 # components of the schema for which there is a good reason to use another format,
 # they can be whitelisted here.
 WHITELISTED_SCHEMA_IDENTIFIERS = [
     # upstream-artifacts are handed directly to scriptWorker, which expects interCaps
     lambda path: "[u'upstream-artifacts']" in path,
 
-    # chainOfTrust (TODO)
-    lambda path: path.startswith("schema[u'chainOfTrust']"),
-
     # attributes (TODO)
     lambda path: path.startswith("schema[u'attributes']"),
 ]
 
 
 def check_schema(schema):
     identifier_re = re.compile('^[a-z][a-z0-9-]*$')
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:58Z.