Bug 1421062 - Spin up tb-beetmoverworker-dev
MozReview-Commit-ID: CgK7KVZ0nzw
--- a/manifests/moco-nodes.pp
+++ b/manifests/moco-nodes.pp
@@ -952,16 +952,24 @@ node /^beetmoverworker-.*\.srv\.releng\.
node /^beetmover-dev.*\.srv\.releng\..*\.mozilla\.com$/ {
$aspects = [ 'maximum-security' ]
$beetmoverworker_env = 'dev'
$timezone = 'UTC'
$only_user_ssh = true
include toplevel::server::beetmoverscriptworker
}
+node /^tb-beetmover-dev.*\.srv\.releng\..*\.mozilla\.com$/ {
+ $aspects = [ 'maximum-security' ]
+ $beetmoverworker_env = 'comm-thunderbird-dev'
+ $timezone = 'UTC'
+ $only_user_ssh = true
+ include toplevel::server::beetmoverscriptworker
+}
+
# Bouncer scriptworkers
node /^bouncerworker-dev.*\.srv\.releng\..*\.mozilla\.com$/ {
$aspects = [ 'maximum-security' ]
$bouncer_scriptworker_env = 'dev'
$timezone = 'UTC'
$only_user_ssh = true
include toplevel::server::bouncerscriptworker
}
--- a/modules/beetmover_scriptworker/manifests/init.pp
+++ b/modules/beetmover_scriptworker/manifests/init.pp
@@ -70,22 +70,23 @@ class beetmover_scriptworker {
task_script => $beetmover_scriptworker::settings::task_script,
task_script_config => $beetmover_scriptworker::settings::task_script_config,
username => $users::builder::username,
group => $users::builder::group,
taskcluster_client_id => $env_config["taskcluster_client_id"],
taskcluster_access_token => $env_config["taskcluster_access_token"],
- worker_group => $beetmover_scriptworker::settings::worker_group,
+ worker_group => $env_config['worker_group'],
worker_type => $env_config["worker_type"],
task_max_timeout => $beetmover_scriptworker::settings::task_max_timeout,
cot_job_type => 'beetmover',
+ cot_product => $env_config['cot_product'],
sign_chain_of_trust => $env_config["sign_chain_of_trust"],
verify_chain_of_trust => $env_config["verify_chain_of_trust"],
verify_cot_signature => $env_config["verify_cot_signature"],
verbose_logging => $beetmover_scriptworker::settings::verbose_logging,
}
--- a/modules/beetmover_scriptworker/manifests/settings.pp
+++ b/modules/beetmover_scriptworker/manifests/settings.pp
@@ -3,62 +3,94 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
class beetmover_scriptworker::settings {
$root = '/builds/scriptworker'
$task_script = "${root}/bin/beetmoverscript"
$task_script_config = "${root}/script_config.json"
$task_max_timeout = 1800
- $worker_group = 'beetmoverworker-v1'
$verbose_logging = true
$env_config = {
'dev' => {
- nightly_beetmover_aws_access_key_id => secret('stage-beetmover-aws_access_key_id'),
- nightly_beetmover_aws_secret_access_key => secret('stage-beetmover-aws_secret_access_key'),
- nightly_beetmover_aws_s3_firefox_bucket => 'net-mozaws-stage-delivery-firefox',
- nightly_beetmover_aws_s3_fennec_bucket => 'net-mozaws-stage-delivery-archive',
-
- release_beetmover_aws_access_key_id => secret('stage-beetmover-aws_access_key_id'),
- release_beetmover_aws_secret_access_key => secret('stage-beetmover-aws_secret_access_key'),
- release_beetmover_aws_s3_firefox_bucket => 'net-mozaws-stage-delivery-firefox',
- release_beetmover_aws_s3_fennec_bucket => 'net-mozaws-stage-delivery-archive',
-
dep_beetmover_aws_access_key_id => secret('stage-beetmover-aws_access_key_id'),
dep_beetmover_aws_secret_access_key => secret('stage-beetmover-aws_secret_access_key'),
- dep_beetmover_aws_s3_firefox_bucket => 'net-mozaws-stage-delivery-firefox',
- dep_beetmover_aws_s3_fennec_bucket => 'net-mozaws-stage-delivery-archive',
+ dep_buckets => {
+ devedition => 'net-mozaws-stage-delivery-firefox',
+ firefox => 'net-mozaws-stage-delivery-firefox',
+ fennec => 'net-mozaws-stage-delivery-archive',
+ mobile => 'net-mozaws-stage-delivery-archive',
+ },
config_template => 'beetmover_scriptworker/dev_script_config.json.erb',
worker_type => 'beetmoverworker-dev',
+ worker_group => 'beetmoverworker-v1',
taskcluster_client_id => 'project/releng/scriptworker/beetmover-dev',
taskcluster_access_token => secret('beetmoverworker_dev_taskcluster_access_token'),
+ taskcluster_scope_prefix => 'project:releng:beetmover:',
sign_chain_of_trust => false,
verify_chain_of_trust => true,
verify_cot_signature => false,
+ cot_product => 'firefox',
},
'prod' => {
nightly_beetmover_aws_access_key_id => secret('nightly-beetmover-aws_access_key_id'),
nightly_beetmover_aws_secret_access_key => secret('nightly-beetmover-aws_secret_access_key'),
- nightly_beetmover_aws_s3_firefox_bucket => 'net-mozaws-prod-delivery-firefox',
- nightly_beetmover_aws_s3_fennec_bucket => 'net-mozaws-prod-delivery-archive',
+ nightly_buckets => {
+ devedition => 'net-mozaws-prod-delivery-firefox',
+ firefox => 'net-mozaws-prod-delivery-firefox',
+ fennec => 'net-mozaws-prod-delivery-archive',
+ mobile => 'net-mozaws-prod-delivery-archive',
+ },
release_beetmover_aws_access_key_id => secret('beetmover-aws_access_key_id'),
release_beetmover_aws_secret_access_key => secret('beetmover-aws_secret_access_key'),
- release_beetmover_aws_s3_firefox_bucket => 'net-mozaws-prod-delivery-firefox',
- release_beetmover_aws_s3_fennec_bucket => 'net-mozaws-prod-delivery-archive',
+ release_buckets => {
+ devedition => 'net-mozaws-prod-delivery-firefox',
+ firefox => 'net-mozaws-prod-delivery-firefox',
+ fennec => 'net-mozaws-prod-delivery-archive',
+ mobile => 'net-mozaws-prod-delivery-archive',
+ },
dep_beetmover_aws_access_key_id => secret('stage-beetmover-aws_access_key_id'),
dep_beetmover_aws_secret_access_key => secret('stage-beetmover-aws_secret_access_key'),
- dep_beetmover_aws_s3_firefox_bucket => 'net-mozaws-stage-delivery-firefox',
- dep_beetmover_aws_s3_fennec_bucket => 'net-mozaws-stage-delivery-archive',
+ dep_buckets => {
+ devedition => 'net-mozaws-stage-delivery-firefox',
+ firefox => 'net-mozaws-stage-delivery-firefox',
+ fennec => 'net-mozaws-stage-delivery-archive',
+ mobile => 'net-mozaws-stage-delivery-archive',
+ },
config_template => 'beetmover_scriptworker/prod_script_config.json.erb',
worker_type => 'beetmoverworker-v1',
+ worker_group => 'beetmoverworker-v1',
taskcluster_client_id => 'project/releng/scriptworker/beetmoverworker',
taskcluster_access_token => secret('beetmoverworker_prod_taskcluster_access_token'),
+ taskcluster_scope_prefix => 'project:releng:beetmover:',
sign_chain_of_trust => true,
verify_chain_of_trust => true,
verify_cot_signature => true,
- }
+ cot_product => 'firefox',
+ },
+ 'comm-thunderbird-dev' => {
+ # TODO Use these creds once Bug 1437586 is done
+ # dep_beetmover_aws_access_key_id => secret('comm_thunderbird_dev-beetmover-aws_access_key_id'),
+ # dep_beetmover_aws_secret_access_key => secret('comm_thunderbird_dev-beetmover-aws_secret_access_key'),
+ dep_beetmover_aws_access_key_id => secret('stage-beetmover-aws_access_key_id'),
+ dep_beetmover_aws_secret_access_key => secret('stage-beetmover-aws_secret_access_key'),
+ dep_buckets => {
+ 'thundebird' => 'net-mozaws-stage-delivery-archive',
+ },
+
+ config_template => 'beetmover_scriptworker/dev_script_config.json.erb',
+ worker_type => 'tb-beetmover-dev',
+ worker_group => 'tb-beetmover-dev',
+ taskcluster_client_id => 'project/comm/thunderbird/releng/scriptworker/beetmover/dev',
+ taskcluster_access_token => secret('comm_thunderbird_beetmoverworker_dev_taskcluster_access_token'),
+ taskcluster_scope_prefix => 'project:comm:thunderbird:releng:beetmover:',
+ sign_chain_of_trust => false,
+ verify_chain_of_trust => true,
+ verify_cot_signature => false,
+ cot_product => 'thunderbird',
+ },
}
}
--- a/modules/beetmover_scriptworker/templates/base_script_config.json.erb
+++ b/modules/beetmover_scriptworker/templates/base_script_config.json.erb
@@ -5,16 +5,17 @@
"blobs_needing_prettynaming_contents": [
"target.test_packages.json"
],
"schema_file": "<%= scope.lookupvar("beetmover_scriptworker::settings::root") %>/lib/python3.5/site-packages/beetmoverscript/data/beetmover_task_schema.json",
"release_schema_file": "<%= scope.lookupvar("beetmover_scriptworker::settings::root") %>/lib/python3.5/site-packages/beetmoverscript/data/release_beetmover_task_schema.json",
"verbose": <%= scope.lookupvar("beetmover_scriptworker::settings::verbose_logging") %>,
+ "taskcluster_scope_prefix": <%= @env_config['taskcluster_scope_prefix'] %>,
"actions": {
"push-to-nightly": {
"firefox_nightly": "<%= scope.lookupvar("beetmover_scriptworker::settings::root") %>/lib/python3.5/site-packages/beetmoverscript/templates/firefox_nightly.yml",
"firefox_nightly_repacks": "<%= scope.lookupvar("beetmover_scriptworker::settings::root") %>/lib/python3.5/site-packages/beetmoverscript/templates/firefox_nightly_repacks.yml",
"fennec_nightly": "<%= scope.lookupvar("beetmover_scriptworker::settings::root") %>/lib/python3.5/site-packages/beetmoverscript/templates/fennec_nightly.yml",
"fennec_nightly_repacks": "<%= scope.lookupvar("beetmover_scriptworker::settings::root") %>/lib/python3.5/site-packages/beetmoverscript/templates/fennec_nightly_repacks.yml",
"fennecx86_nightly": "<%= scope.lookupvar("beetmover_scriptworker::settings::root") %>/lib/python3.5/site-packages/beetmoverscript/templates/fennecx86_nightly.yml",
--- a/modules/beetmover_scriptworker/templates/dev_script_config.json.erb
+++ b/modules/beetmover_scriptworker/templates/dev_script_config.json.erb
@@ -2,17 +2,12 @@
<%= scope.function_template(["beetmover_scriptworker/base_script_config.json.erb"]) %>
"bucket_config": {
"dep": {
"credentials": {
"id": "<%= @env_config["dep_beetmover_aws_access_key_id"] %>",
"key": "<%= @env_config["dep_beetmover_aws_secret_access_key"] %>"
},
- "buckets": {
- "firefox": "<%= @env_config["dep_beetmover_aws_s3_firefox_bucket"] %>",
- "fennec": "<%= @env_config["dep_beetmover_aws_s3_fennec_bucket"] %>",
- "mobile": "<%= @env_config["dep_beetmover_aws_s3_fennec_bucket"] %>",
- "devedition": "<%= @env_config["dep_beetmover_aws_s3_fennec_bucket"] %>"
- }
+ "buckets": <%= require "json"; JSON.pretty_generate(@env_config["dep_buckets"]) %>
}
}
}
--- a/modules/beetmover_scriptworker/templates/prod_script_config.json.erb
+++ b/modules/beetmover_scriptworker/templates/prod_script_config.json.erb
@@ -2,40 +2,26 @@
<%= scope.function_template(["beetmover_scriptworker/base_script_config.json.erb"]) %>
"bucket_config": {
"nightly": {
"credentials": {
"id": "<%= @env_config["nightly_beetmover_aws_access_key_id"] %>",
"key": "<%= @env_config["nightly_beetmover_aws_secret_access_key"] %>"
},
- "buckets": {
- "firefox": "<%= @env_config["nightly_beetmover_aws_s3_firefox_bucket"] %>",
- "fennec": "<%= @env_config["nightly_beetmover_aws_s3_fennec_bucket"] %>",
- "mobile": "<%= @env_config["nightly_beetmover_aws_s3_fennec_bucket"] %>"
- }
+ "buckets": <%= require "json"; JSON.pretty_generate(@env_config["nightly_buckets"]) %>
},
"release": {
"credentials": {
"id": "<%= @env_config["release_beetmover_aws_access_key_id"] %>",
"key": "<%= @env_config["release_beetmover_aws_secret_access_key"] %>"
},
- "buckets": {
- "firefox": "<%= @env_config["release_beetmover_aws_s3_firefox_bucket"] %>",
- "fennec": "<%= @env_config["release_beetmover_aws_s3_fennec_bucket"] %>",
- "mobile": "<%= @env_config["release_beetmover_aws_s3_fennec_bucket"] %>",
- "devedition": "<%= @env_config["release_beetmover_aws_s3_fennec_bucket"] %>"
- }
+ "buckets": <%= require "json"; JSON.pretty_generate(@env_config["release_buckets"]) %>
},
"dep": {
"credentials": {
"id": "<%= @env_config["dep_beetmover_aws_access_key_id"] %>",
"key": "<%= @env_config["dep_beetmover_aws_secret_access_key"] %>"
},
- "buckets": {
- "firefox": "<%= @env_config["dep_beetmover_aws_s3_firefox_bucket"] %>",
- "fennec": "<%= @env_config["dep_beetmover_aws_s3_fennec_bucket"] %>",
- "mobile": "<%= @env_config["dep_beetmover_aws_s3_fennec_bucket"] %>",
- "devedition": "<%= @env_config["dep_beetmover_aws_s3_fennec_bucket"] %>"
- }
+ "buckets": <%= require "json"; JSON.pretty_generate(@env_config["dep_buckets"]) %>
}
}
}