Bug 1385094 - Don't include docker image in chain of trust for builds if not using an in-tree image; r?dustin
MozReview-Commit-ID: J6RkxSUqZrx
--- a/taskcluster/taskgraph/transforms/build.py
+++ b/taskcluster/taskgraph/transforms/build.py
@@ -24,19 +24,20 @@ def set_defaults(config, jobs):
_, worker_os = worker_type_implementation(job['worker-type'])
worker = job.setdefault('worker', {})
if worker_os == "linux":
worker.setdefault('docker-image', {'in-tree': 'desktop-build'})
worker['chain-of-trust'] = True
extra = job.setdefault('extra', {})
extra.setdefault('chainOfTrust', {})
extra['chainOfTrust'].setdefault('inputs', {})
- extra['chainOfTrust']['inputs']['docker-image'] = {
- "task-reference": "<docker-image>"
- }
+ if 'in-tree' in worker['docker-image']:
+ extra['chainOfTrust']['inputs']['docker-image'] = {
+ "task-reference": "<docker-image>"
+ }
elif worker_os == "windows":
worker.setdefault('env', {})
worker['chain-of-trust'] = True
elif worker_os == "macosx":
worker.setdefault('env', {})
yield job