Bug 1305095 - Add a fallback hg fingerprint, supports timeouts in automation and supports local developers who wish to use 'run locally'. r=dustin r=gps
MozReview-Commit-ID: 66ctmZdSZkC
--- a/testing/docker/recipes/run-task
+++ b/testing/docker/recipes/run-task
@@ -25,16 +25,20 @@ import pwd
import re
import stat
import subprocess
import sys
import urllib2
FINGERPRINT_URL = 'http://taskcluster/secrets/v1/secret/project/taskcluster/gecko/hgfingerprint'
+FALLBACK_FINGERPRINT = {
+ 'fingerprints':
+ "sha256:8e:ad:f7:6a:eb:44:06:15:ed:f3:e4:69:a6:64:60:37:2d:ff:98:88:37"
+ ":bf:d7:b8:40:84:01:48:9c:26:ce:d9"}
def print_line(prefix, m):
now = datetime.datetime.utcnow()
print(b'[%s %sZ] %s' % (prefix, now.isoformat(), m), end=b'')
def run_and_prefix_output(prefix, args, extra_env=None):
@@ -90,25 +94,27 @@ def vcs_checkout(source_repo, dest, base
sys.exit(1)
# Obtain certificate fingerprints.
try:
print_line(b'vcs', 'fetching hg.mozilla.org fingerprint from %s\n' %
FINGERPRINT_URL)
res = urllib2.urlopen(FINGERPRINT_URL, timeout=10)
secret = res.read()
- except urllib2.URLError as e:
- print('error retrieving hg fingerprint: %s' % e)
- sys.exit(1)
-
- try:
- secret = json.loads(secret, encoding='utf-8')
- except ValueError:
- print('invalid JSON in hg fingerprint secret')
- sys.exit(1)
+ try:
+ secret = json.loads(secret, encoding='utf-8')
+ except ValueError:
+ print_line(b'vcs', 'invalid JSON in hg fingerprint secret')
+ sys.exit(1)
+ except urllib2.URLError:
+ print_line(b'vcs', 'Unable to retrieve current hg.mozilla.org fingerprint'
+ 'using the secret service, using fallback instead.')
+ # XXX This fingerprint will not be accurate if running on an old
+ # revision after the server fingerprint has changed.
+ secret = {'secret': FALLBACK_FINGERPRINT}
hgmo_fingerprint = secret['secret']['fingerprints'].encode('ascii')
args = [
b'/usr/bin/hg',
b'--config', b'hostsecurity.hg.mozilla.org:fingerprints=%s' % hgmo_fingerprint,
b'robustcheckout',
b'--sharebase', b'/home/worker/hg-shared',
@@ -188,16 +194,17 @@ def main(args):
uid = user.pw_uid
gid = group.gr_gid
# Find all groups to which this user is a member.
gids = [g.gr_gid for g in grp.getgrall() if args.group in g.gr_mem]
wanted_dir_mode = stat.S_IXUSR | stat.S_IRUSR | stat.S_IWUSR
+
def set_dir_permissions(path, uid, gid):
st = os.lstat(path)
if st.st_uid != uid or st.st_gid != gid:
os.chown(path, uid, gid)
# Also make sure dirs are writable in case we need to delete
# them.