--- a/modules/balrog_scriptworker/manifests/init.pp
+++ b/modules/balrog_scriptworker/manifests/init.pp
@@ -83,40 +83,41 @@ class balrog_scriptworker {
'python-dateutil==2.6.0',
'requests==2.13.0',
'six==1.10.0',
];
}
scriptworker::instance {
$balrog_scriptworker::settings::root:
- instance_name => $module_name,
- basedir => $balrog_scriptworker::settings::root,
+ instance_name => $module_name,
+ basedir => $balrog_scriptworker::settings::root,
- task_script_executable => $balrog_scriptworker::settings::task_script_executable,
- task_script => $balrog_scriptworker::settings::task_script,
- task_script_config => $balrog_scriptworker::settings::task_script_config,
+ task_script_executable => $balrog_scriptworker::settings::task_script_executable,
+ task_script => $balrog_scriptworker::settings::task_script,
+ task_script_config => $balrog_scriptworker::settings::task_script_config,
- username => $users::builder::username,
- group => $users::builder::group,
+ username => $users::builder::username,
+ group => $users::builder::group,
- taskcluster_client_id => $env_config["taskcluster_client_id"],
- taskcluster_access_token => $env_config["taskcluster_access_token"],
- worker_group => $balrog_scriptworker::settings::worker_group,
- worker_type => $env_config["worker_type"],
+ taskcluster_client_id => $env_config["taskcluster_client_id"],
+ taskcluster_access_token => $env_config["taskcluster_access_token"],
+ worker_group => $balrog_scriptworker::settings::worker_group,
+ worker_type => $env_config["worker_type"],
- task_max_timeout => $balrog_scriptworker::settings::task_max_timeout,
+ task_max_timeout => $balrog_scriptworker::settings::task_max_timeout,
+ artifact_expiration_hours => $balrog_scriptworker::settings::artifact_expiration_hours,
- cot_job_type => 'balrog',
+ cot_job_type => 'balrog',
- sign_chain_of_trust => $env_config["sign_chain_of_trust"],
- verify_chain_of_trust => $env_config["verify_chain_of_trust"],
- verify_cot_signature => $env_config["verify_cot_signature"],
+ sign_chain_of_trust => $env_config["sign_chain_of_trust"],
+ verify_chain_of_trust => $env_config["verify_chain_of_trust"],
+ verify_cot_signature => $env_config["verify_cot_signature"],
- verbose_logging => $balrog_scriptworker::settings::verbose_logging,
+ verbose_logging => $balrog_scriptworker::settings::verbose_logging,
}
mercurial::repo {
'tools':
hg_repo => $env_config["tools_repo"],
dst_dir => "${balrog_scriptworker::settings::root}/tools",
user => $users::builder::username,
branch => $balrog_scriptworker::settings::tools_branch,
--- a/modules/balrog_scriptworker/manifests/settings.pp
+++ b/modules/balrog_scriptworker/manifests/settings.pp
@@ -13,30 +13,32 @@ class balrog_scriptworker::settings {
$verbose_logging = true
$env_config = {
'dev' => {
balrog_username => 'balrog-stage-ffxbld',
balrog_password => secret('balrog-stage-ffxbld_ldap_password'),
balrog_api_root => 'https://balrog-admin.stage.mozaws.net/api',
+ artifact_expiration_hours => 336,
dummy => false,
tools_repo => 'https://hg.mozilla.org/build/tools',
taskcluster_client_id => 'project/releng/scriptworker/balrogworker-dev',
taskcluster_access_token => secret('balrogworker_dev_taskcluster_access_token'),
worker_type => 'balrog-dev',
sign_chain_of_trust => false,
verify_chain_of_trust => true,
verify_cot_signature => false,
},
'prod' => {
balrog_username => 'balrog-ffxbld',
balrog_password => secret('balrog-ffxbld_ldap_password'),
balrog_api_root => 'https://aus4-admin.mozilla.org/api',
+ artifact_expiration_hours => 8760,
dummy => false,
tools_repo => 'https://hg.mozilla.org/build/tools',
taskcluster_client_id => 'project/releng/scriptworker/balrogworker',
taskcluster_access_token => secret('balrogworker_prod_taskcluster_access_token'),
worker_type => 'balrogworker-v1',
sign_chain_of_trust => true,
verify_chain_of_trust => true,
verify_cot_signature => true,
--- a/modules/beetmover_scriptworker/manifests/init.pp
+++ b/modules/beetmover_scriptworker/manifests/init.pp
@@ -59,39 +59,40 @@ class beetmover_scriptworker {
'urllib3==1.22',
'virtualenv==15.1.0',
'yarl==1.0.0',
];
}
scriptworker::instance {
$beetmover_scriptworker::settings::root:
- instance_name => $module_name,
- basedir => $beetmover_scriptworker::settings::root,
+ instance_name => $module_name,
+ basedir => $beetmover_scriptworker::settings::root,
- task_script => $beetmover_scriptworker::settings::task_script,
- task_script_config => $beetmover_scriptworker::settings::task_script_config,
+ task_script => $beetmover_scriptworker::settings::task_script,
+ task_script_config => $beetmover_scriptworker::settings::task_script_config,
- username => $users::builder::username,
- group => $users::builder::group,
+ username => $users::builder::username,
+ group => $users::builder::group,
- taskcluster_client_id => $env_config["taskcluster_client_id"],
- taskcluster_access_token => $env_config["taskcluster_access_token"],
- worker_group => $beetmover_scriptworker::settings::worker_group,
- worker_type => $env_config["worker_type"],
+ taskcluster_client_id => $env_config["taskcluster_client_id"],
+ taskcluster_access_token => $env_config["taskcluster_access_token"],
+ worker_group => $beetmover_scriptworker::settings::worker_group,
+ worker_type => $env_config["worker_type"],
- task_max_timeout => $beetmover_scriptworker::settings::task_max_timeout,
+ task_max_timeout => $beetmover_scriptworker::settings::task_max_timeout,
+ artifact_expiration_hours => $beetmover_scriptworker::settings::artifact_expiration_hours,
- cot_job_type => 'beetmover',
+ cot_job_type => 'beetmover',
- sign_chain_of_trust => $env_config["sign_chain_of_trust"],
- verify_chain_of_trust => $env_config["verify_chain_of_trust"],
- verify_cot_signature => $env_config["verify_cot_signature"],
+ sign_chain_of_trust => $env_config["sign_chain_of_trust"],
+ verify_chain_of_trust => $env_config["verify_chain_of_trust"],
+ verify_cot_signature => $env_config["verify_cot_signature"],
- verbose_logging => $beetmover_scriptworker::settings::verbose_logging,
+ verbose_logging => $beetmover_scriptworker::settings::verbose_logging,
}
file {
"${beetmover_scriptworker::settings::root}/script_config.json":
require => Python35::Virtualenv[$beetmover_scriptworker::settings::root],
mode => '0600',
owner => $users::builder::username,
group => $users::builder::group,
--- a/modules/beetmover_scriptworker/manifests/settings.pp
+++ b/modules/beetmover_scriptworker/manifests/settings.pp
@@ -27,16 +27,17 @@ class beetmover_scriptworker::settings {
dep_beetmover_aws_secret_access_key => secret('stage-beetmover-aws_secret_access_key'),
dep_beetmover_aws_s3_firefox_bucket => 'net-mozaws-stage-delivery-firefox',
dep_beetmover_aws_s3_fennec_bucket => 'net-mozaws-stage-delivery-archive',
config_template => 'beetmover_scriptworker/dev_script_config.json.erb',
worker_type => 'beetmoverworker-dev',
taskcluster_client_id => 'project/releng/scriptworker/beetmover-dev',
taskcluster_access_token => secret('beetmoverworker_dev_taskcluster_access_token'),
+ artifact_expiration_hours => 336,
sign_chain_of_trust => false,
verify_chain_of_trust => true,
verify_cot_signature => false,
},
'prod' => {
nightly_beetmover_aws_access_key_id => secret('nightly-beetmover-aws_access_key_id'),
nightly_beetmover_aws_secret_access_key => secret('nightly-beetmover-aws_secret_access_key'),
nightly_beetmover_aws_s3_firefox_bucket => 'net-mozaws-prod-delivery-firefox',
@@ -51,14 +52,15 @@ class beetmover_scriptworker::settings {
dep_beetmover_aws_secret_access_key => secret('stage-beetmover-aws_secret_access_key'),
dep_beetmover_aws_s3_firefox_bucket => 'net-mozaws-stage-delivery-firefox',
dep_beetmover_aws_s3_fennec_bucket => 'net-mozaws-stage-delivery-archive',
config_template => 'beetmover_scriptworker/prod_script_config.json.erb',
worker_type => 'beetmoverworker-v1',
taskcluster_client_id => 'project/releng/scriptworker/beetmoverworker',
taskcluster_access_token => secret('beetmoverworker_prod_taskcluster_access_token'),
+ artifact_expiration_hours => 8760,
sign_chain_of_trust => true,
verify_chain_of_trust => true,
verify_cot_signature => true,
}
}
}
--- a/modules/pushapk_scriptworker/manifests/init.pp
+++ b/modules/pushapk_scriptworker/manifests/init.pp
@@ -62,37 +62,38 @@ class pushapk_scriptworker {
'urllib3==1.22',
'virtualenv==15.1.0',
'yarl==1.0.0',
];
}
scriptworker::instance {
$pushapk_scriptworker::settings::root:
- instance_name => $module_name,
- basedir => $pushapk_scriptworker::settings::root,
- work_dir => $pushapk_scriptworker::settings::work_dir,
+ instance_name => $module_name,
+ basedir => $pushapk_scriptworker::settings::root,
+ work_dir => $pushapk_scriptworker::settings::work_dir,
- task_script => $pushapk_scriptworker::settings::task_script,
+ task_script => $pushapk_scriptworker::settings::task_script,
- username => $pushapk_scriptworker::settings::user,
- group => $pushapk_scriptworker::settings::group,
+ username => $pushapk_scriptworker::settings::user,
+ group => $pushapk_scriptworker::settings::group,
- taskcluster_client_id => $pushapk_scriptworker::settings::taskcluster_client_id,
- taskcluster_access_token => $pushapk_scriptworker::settings::taskcluster_access_token,
- worker_group => $pushapk_scriptworker::settings::worker_group,
- worker_type => $pushapk_scriptworker::settings::worker_type,
+ taskcluster_client_id => $pushapk_scriptworker::settings::taskcluster_client_id,
+ taskcluster_access_token => $pushapk_scriptworker::settings::taskcluster_access_token,
+ worker_group => $pushapk_scriptworker::settings::worker_group,
+ worker_type => $pushapk_scriptworker::settings::worker_type,
- cot_job_type => 'pushapk',
+ artifact_expiration_hours => $pushapk_scriptworker::settings::artifact_expiration_hours,
+ cot_job_type => 'pushapk',
- sign_chain_of_trust => $pushapk_scriptworker::settings::sign_chain_of_trust,
- verify_chain_of_trust => $pushapk_scriptworker::settings::verify_chain_of_trust,
- verify_cot_signature => $pushapk_scriptworker::settings::verify_cot_signature,
+ sign_chain_of_trust => $pushapk_scriptworker::settings::sign_chain_of_trust,
+ verify_chain_of_trust => $pushapk_scriptworker::settings::verify_chain_of_trust,
+ verify_cot_signature => $pushapk_scriptworker::settings::verify_cot_signature,
- verbose_logging => $pushapk_scriptworker::settings::verbose_logging,
+ verbose_logging => $pushapk_scriptworker::settings::verbose_logging,
}
File {
ensure => present,
mode => '0600',
owner => $pushapk_scriptworker::settings::user,
group => $pushapk_scriptworker::settings::group,
show_diff => false,
--- a/modules/pushapk_scriptworker/manifests/settings.pp
+++ b/modules/pushapk_scriptworker/manifests/settings.pp
@@ -10,27 +10,29 @@ class pushapk_scriptworker::settings {
$_env_configs = {
'dep' => {
worker_group => 'dep-pushapk',
worker_type => 'dep-pushapk',
verbose_logging => true,
taskcluster_client_id => secret('pushapk_scriptworker_taskcluster_client_id_dep'),
taskcluster_access_token => secret('pushapk_scriptworker_taskcluster_access_token_dep'),
+ artifact_expiration_hours => 336,
sign_chain_of_trust => false,
verify_chain_of_trust => true,
verify_cot_signature => false,
},
'prod' => {
worker_group => 'pushapk-v1',
worker_type => 'pushapk-v1',
verbose_logging => true,
taskcluster_client_id => secret('pushapk_scriptworker_taskcluster_client_id_prod'),
taskcluster_access_token => secret('pushapk_scriptworker_taskcluster_access_token_prod'),
+ artifact_expiration_hours => 8760,
sign_chain_of_trust => true,
verify_chain_of_trust => true,
verify_cot_signature => true,
},
}
$_env_config = $_env_configs[$pushapk_scriptworker_env]
--- a/modules/shipit_scriptworker/manifests/init.pp
+++ b/modules/shipit_scriptworker/manifests/init.pp
@@ -48,37 +48,38 @@ class shipit_scriptworker {
'urllib3==1.22',
'virtualenv==15.1.0',
'yarl==1.0.0',
];
}
scriptworker::instance {
$shipit_scriptworker::settings::root:
- instance_name => $module_name,
- basedir => $shipit_scriptworker::settings::root,
- work_dir => $shipit_scriptworker::settings::work_dir,
+ instance_name => $module_name,
+ basedir => $shipit_scriptworker::settings::root,
+ work_dir => $shipit_scriptworker::settings::work_dir,
- task_script => $shipit_scriptworker::settings::task_script,
+ task_script => $shipit_scriptworker::settings::task_script,
- username => $shipit_scriptworker::settings::user,
- group => $shipit_scriptworker::settings::group,
+ username => $shipit_scriptworker::settings::user,
+ group => $shipit_scriptworker::settings::group,
- taskcluster_client_id => $shipit_scriptworker::settings::taskcluster_client_id,
- taskcluster_access_token => $shipit_scriptworker::settings::taskcluster_access_token,
- worker_group => $shipit_scriptworker::settings::worker_group,
- worker_type => $shipit_scriptworker::settings::worker_type,
+ taskcluster_client_id => $shipit_scriptworker::settings::taskcluster_client_id,
+ taskcluster_access_token => $shipit_scriptworker::settings::taskcluster_access_token,
+ worker_group => $shipit_scriptworker::settings::worker_group,
+ worker_type => $shipit_scriptworker::settings::worker_type,
+ artifact_expiration_hours => $shipit_scriptworker::settings::artifact_expiration_hours,
- cot_job_type => 'shipit',
+ cot_job_type => 'shipit',
- sign_chain_of_trust => $shipit_scriptworker::settings::sign_chain_of_trust,
- verify_chain_of_trust => $shipit_scriptworker::settings::verify_chain_of_trust,
- verify_cot_signature => $shipit_scriptworker::settings::verify_cot_signature,
+ sign_chain_of_trust => $shipit_scriptworker::settings::sign_chain_of_trust,
+ verify_chain_of_trust => $shipit_scriptworker::settings::verify_chain_of_trust,
+ verify_cot_signature => $shipit_scriptworker::settings::verify_cot_signature,
- verbose_logging => $shipit_scriptworker::settings::verbose_logging,
+ verbose_logging => $shipit_scriptworker::settings::verbose_logging,
}
File {
ensure => present,
mode => '0600',
owner => $shipit_scriptworker::settings::user,
group => $shipit_scriptworker::settings::group,
show_diff => false,
--- a/modules/shipit_scriptworker/manifests/settings.pp
+++ b/modules/shipit_scriptworker/manifests/settings.pp
@@ -18,31 +18,33 @@ class shipit_scriptworker::settings {
$_env_configs = {
'dev' => {
worker_group => 'shipit-dev',
worker_type => 'shipit-dev',
verbose_logging => true,
taskcluster_client_id => 'project/releng/scriptworker/shipit/dev',
taskcluster_access_token => secret('shipit_scriptworker_taskcluster_access_token_dev'),
+ artifact_expiration_hours => 336,
sign_chain_of_trust => false,
verify_chain_of_trust => true,
verify_cot_signature => false,
ship_it_instances => {
"${ship_it_stage_instance_scope}" => $ship_it_stage_instance_config,
},
},
'prod' => {
worker_group => 'shipit-v1',
worker_type => 'shipit-v1',
verbose_logging => true,
taskcluster_client_id => 'project/releng/scriptworker/shipit/production',
taskcluster_access_token => secret('shipit_scriptworker_taskcluster_access_token_prod'),
+ artifact_expiration_hours => 8760,
sign_chain_of_trust => true,
verify_chain_of_trust => true,
verify_cot_signature => true,
ship_it_instances => {
"${ship_it_stage_instance_scope}" => $ship_it_stage_instance_config,
'project:releng:ship-it:production' => {
--- a/modules/signing_scriptworker/manifests/init.pp
+++ b/modules/signing_scriptworker/manifests/init.pp
@@ -65,39 +65,40 @@ class signing_scriptworker {
'urllib3==1.21.1',
'virtualenv==15.1.0',
'yarl==1.0.0',
];
}
scriptworker::instance {
$signing_scriptworker::settings::root:
- instance_name => $module_name,
- basedir => $signing_scriptworker::settings::root,
+ instance_name => $module_name,
+ basedir => $signing_scriptworker::settings::root,
- task_script => $signing_scriptworker::settings::task_script,
- task_script_config => $signing_scriptworker::settings::task_script_config,
+ task_script => $signing_scriptworker::settings::task_script,
+ task_script_config => $signing_scriptworker::settings::task_script_config,
- username => $users::signer::username,
- group => $users::signer::group,
+ username => $users::signer::username,
+ group => $users::signer::group,
- taskcluster_client_id => $env_config['taskcluster_client_id'],
- taskcluster_access_token => $env_config['taskcluster_access_token'],
- worker_group => $env_config['worker_group'],
- worker_type => $env_config['worker_type'],
- task_max_timeout => $signing_scriptworker::settings::task_max_timeout,
+ taskcluster_client_id => $env_config['taskcluster_client_id'],
+ taskcluster_access_token => $env_config['taskcluster_access_token'],
+ worker_group => $env_config['worker_group'],
+ worker_type => $env_config['worker_type'],
+ task_max_timeout => $signing_scriptworker::settings::task_max_timeout,
+ artifact_expiration_hours => $signing_scriptworker::settings::artifact_expiration_hours,
- cot_job_type => 'signing',
- cot_product => $env_config['cot_product'],
+ cot_job_type => 'signing',
+ cot_product => $env_config['cot_product'],
- sign_chain_of_trust => $env_config["sign_chain_of_trust"],
- verify_chain_of_trust => $env_config["verify_chain_of_trust"],
- verify_cot_signature => $env_config["verify_cot_signature"],
+ sign_chain_of_trust => $env_config["sign_chain_of_trust"],
+ verify_chain_of_trust => $env_config["verify_chain_of_trust"],
+ verify_cot_signature => $env_config["verify_cot_signature"],
- verbose_logging => $signing_scriptworker::settings::verbose
+ verbose_logging => $signing_scriptworker::settings::verbose
}
file {
"${signing_scriptworker::settings::root}/script_config.json":
require => Python35::Virtualenv[$signing_scriptworker::settings::root],
mode => '0600',
owner => $users::signer::username,
group => $users::signer::group,
--- a/modules/signing_scriptworker/manifests/settings.pp
+++ b/modules/signing_scriptworker/manifests/settings.pp
@@ -18,44 +18,47 @@ class signing_scriptworker::settings {
taskcluster_access_token => secret('dev_signing_scriptworker_taskcluster_access_token'),
passwords_template => 'dep-passwords.json.erb',
dep_signing_scope => 'project:releng:signing:cert:dep-signing',
scope_prefix => 'project:releng:signing:',
sign_chain_of_trust => false,
verify_chain_of_trust => true,
verify_cot_signature => false,
cot_product => 'firefox',
+ artifact_expiration_hours => 336,
datadog_api_key => secret('scriptworker_datadog_api_key')
},
'dep' => {
worker_type => 'depsigning',
worker_group => 'signing-linux-v1',
taskcluster_client_id => secret('dep_signing_scriptworker_taskcluster_client_id'),
taskcluster_access_token => secret('dep_signing_scriptworker_taskcluster_access_token'),
passwords_template => 'dep-passwords.json.erb',
dep_signing_scope => 'project:releng:signing:cert:dep-signing',
scope_prefix => 'project:releng:signing:',
sign_chain_of_trust => false,
verify_chain_of_trust => true,
verify_cot_signature => false,
cot_product => 'firefox',
+ artifact_expiration_hours => 336,
datadog_api_key => secret('scriptworker_datadog_api_key')
},
'prod' => {
worker_type => 'signing-linux-v1',
worker_group => 'signing-linux-v1',
taskcluster_client_id => secret('signing_scriptworker_taskcluster_client_id'),
taskcluster_access_token => secret('signing_scriptworker_taskcluster_access_token'),
passwords_template => 'passwords.json.erb',
dep_signing_scope => 'project:releng:signing:cert:dep-signing',
scope_prefix => 'project:releng:signing:',
sign_chain_of_trust => true,
verify_chain_of_trust => true,
verify_cot_signature => true,
cot_product => 'firefox',
+ artifact_expiration_hours => 8760,
datadog_api_key => secret('scriptworker_datadog_api_key')
},
'comm-thunderbird-dep' => {
worker_type => 'tb-depsigning',
worker_group => 'tb-depsigning',
taskcluster_client_id => secret('comm_thunderbird_dep_signing_scriptworker_taskcluster_client_id'),
taskcluster_access_token => secret('comm_thunderbird_dep_signing_scriptworker_taskcluster_access_token'),
passwords_template => 'dep-passwords.json.erb',
--- a/modules/transparency_scriptworker/manifests/init.pp
+++ b/modules/transparency_scriptworker/manifests/init.pp
@@ -52,40 +52,41 @@ class transparency_scriptworker {
'urllib3==1.22',
'virtualenv==15.1.0',
'yarl==1.0.0',
];
}
scriptworker::instance {
$transparency_scriptworker::settings::root:
- instance_name => $module_name,
- basedir => $transparency_scriptworker::settings::root,
+ instance_name => $module_name,
+ basedir => $transparency_scriptworker::settings::root,
- task_script => $transparency_scriptworker::settings::task_script,
- task_script_config => $transparency_scriptworker::settings::task_script_config,
+ task_script => $transparency_scriptworker::settings::task_script,
+ task_script_config => $transparency_scriptworker::settings::task_script_config,
- username => $users::builder::username,
- group => $users::builder::group,
+ username => $users::builder::username,
+ group => $users::builder::group,
- taskcluster_client_id => $env_config["taskcluster_client_id"],
- taskcluster_access_token => $env_config["taskcluster_access_token"],
- worker_id => $env_config["worker_id"],
- worker_group => $env_config["worker_group"],
- worker_type => $env_config["worker_type"],
-
- task_max_timeout => $transparency_scriptworker::settings::task_max_timeout,
+ taskcluster_client_id => $env_config["taskcluster_client_id"],
+ taskcluster_access_token => $env_config["taskcluster_access_token"],
+ worker_id => $env_config["worker_id"],
+ worker_group => $env_config["worker_group"],
+ worker_type => $env_config["worker_type"],
- cot_job_type => 'transparency',
+ task_max_timeout => $transparency_scriptworker::settings::task_max_timeout,
+ artifact_expiration_hours => $transparency_scriptworker::settings::artifact_expiration_hours,
+
+ cot_job_type => 'transparency',
- sign_chain_of_trust => $env_config["sign_chain_of_trust"],
- verify_chain_of_trust => $env_config["verify_chain_of_trust"],
- verify_cot_signature => $env_config["verify_cot_signature"],
+ sign_chain_of_trust => $env_config["sign_chain_of_trust"],
+ verify_chain_of_trust => $env_config["verify_chain_of_trust"],
+ verify_cot_signature => $env_config["verify_cot_signature"],
- verbose_logging => $transparency_scriptworker::settings::verbose_logging,
+ verbose_logging => $transparency_scriptworker::settings::verbose_logging,
}
file {
"${transparency_scriptworker::settings::root}/script_config.json":
require => Python35::Virtualenv[$transparency_scriptworker::settings::root],
mode => '0600',
owner => $users::builder::username,
group => $users::builder::group,
--- a/modules/transparency_scriptworker/manifests/settings.pp
+++ b/modules/transparency_scriptworker/manifests/settings.pp
@@ -17,12 +17,13 @@ class transparency_scriptworker::setting
worker_group => 'test-dummy-workers',
worker_type => 'dummy-worker-transpar',
taskcluster_client_id => secret('transparencyworker_dev_taskcluster_client_id'),
taskcluster_access_token => secret('transparencyworker_dev_taskcluster_access_token'),
transparency_aws_access_key_id => secret('transparency-aws_access_key_id'),
transparency_aws_secret_access_key => secret('transparency-aws_secret_access_key'),
sign_chain_of_trust => false,
verify_chain_of_trust => false,
- verify_cot_signature => false
+ verify_cot_signature => false,
+ artifact_expiration_hours => 336
}
}
}
--- a/modules/tree_scriptworker/manifests/init.pp
+++ b/modules/tree_scriptworker/manifests/init.pp
@@ -53,40 +53,41 @@ class tree_scriptworker {
'urllib3==1.22',
'virtualenv==15.1.0',
'yarl==1.1.0',
];
}
scriptworker::instance {
$tree_scriptworker::settings::root:
- instance_name => $module_name,
- basedir => $tree_scriptworker::settings::root,
+ instance_name => $module_name,
+ basedir => $tree_scriptworker::settings::root,
- task_script_executable => $tree_scriptworker::settings::task_script_executable,
- task_script => $tree_scriptworker::settings::task_script,
- task_script_config => $tree_scriptworker::settings::task_script_config,
+ task_script_executable => $tree_scriptworker::settings::task_script_executable,
+ task_script => $tree_scriptworker::settings::task_script,
+ task_script_config => $tree_scriptworker::settings::task_script_config,
- username => $users::builder::username,
- group => $users::builder::group,
+ username => $users::builder::username,
+ group => $users::builder::group,
- taskcluster_client_id => $env_config["taskcluster_client_id"],
- taskcluster_access_token => $env_config["taskcluster_access_token"],
- worker_group => $tree_scriptworker::settings::worker_group,
- worker_type => $env_config["worker_type"],
+ taskcluster_client_id => $env_config["taskcluster_client_id"],
+ taskcluster_access_token => $env_config["taskcluster_access_token"],
+ worker_group => $tree_scriptworker::settings::worker_group,
+ worker_type => $env_config["worker_type"],
- task_max_timeout => $tree_scriptworker::settings::task_max_timeout,
+ task_max_timeout => $tree_scriptworker::settings::task_max_timeout,
+ artifact_expiration_hours => $tree_scriptworker::settings::artifact_expiration_hours,
- cot_job_type => 'scriptworker',
+ cot_job_type => 'scriptworker',
- sign_chain_of_trust => $env_config["sign_chain_of_trust"],
- verify_chain_of_trust => $env_config["verify_chain_of_trust"],
- verify_cot_signature => $env_config["verify_cot_signature"],
+ sign_chain_of_trust => $env_config["sign_chain_of_trust"],
+ verify_chain_of_trust => $env_config["verify_chain_of_trust"],
+ verify_cot_signature => $env_config["verify_cot_signature"],
- verbose_logging => $tree_scriptworker::settings::verbose_logging,
+ verbose_logging => $tree_scriptworker::settings::verbose_logging,
}
file {
"${tree_scriptworker::settings::root}/script_config.json":
require => Python35::Virtualenv[$tree_scriptworker::settings::root],
mode => '0600',
owner => $users::builder::username,
group => $users::builder::group,
--- a/modules/tree_scriptworker/manifests/settings.pp
+++ b/modules/tree_scriptworker/manifests/settings.pp
@@ -15,20 +15,22 @@ class tree_scriptworker::settings {
$env_config = {
'dev' => {
taskcluster_client_id => 'project/releng/scriptworker/treescriptworker-dev',
taskcluster_access_token => secret('treescriptworker_dev_taskcluster_access_token'),
worker_type => 'treescript-dev',
sign_chain_of_trust => false,
verify_chain_of_trust => false,
verify_cot_signature => false,
+ artifact_expiration_hours => 336,
},
'prod' => {
taskcluster_client_id => 'project/releng/scriptworker/treescriptworker',
# No prod secret yet, this line would break puppet if not commented out
# taskcluster_access_token => secret('treescriptworker_prod_taskcluster_access_token'),
worker_type => 'treescript-v1',
sign_chain_of_trust => true,
verify_chain_of_trust => true,
verify_cot_signature => true,
+ artifact_expiration_hours => 8760,
}
}
}