ishan
/
fenix
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Bug 1533791 - Assume decision task scopes instead of redefining them

This commit is contained in:
Johan Lorenzo 2019-03-19 18:24:53 +01:00 committed by Colin Lee
parent fcda84dce7
commit 682b4bd5c6
2 changed files with 163 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

267
.taskcluster.yml
View File

@ -5,116 +5,161 @@ version: 1
policy:
pullRequests: public
tasks:
- $if: 'tasks_for == "cron"'
then:
$let:
decision_task_id: {$eval: as_slugid("decision_task")}
expires_in: {$fromNow: '1 year'}
user: ${event.sender.login}
# We define the following variable at the very top, because they are used in the
# default definition
head_branch:
$if: 'tasks_for == "github-pull-request"'
then: ${event.pull_request.head.ref}
else:
$if: 'tasks_for == "github-push"'
then: ${event.ref}
else: ${event.release.target_commitish}
head_rev:
$if: 'tasks_for == "github-pull-request"'
then: ${event.pull_request.head.sha}
else:
$if: 'tasks_for == "github-push"'
then: ${event.after}
else: ${event.release.tag_name}
repository:
$if: 'tasks_for == "github-pull-request"'
then: ${event.pull_request.head.repo.html_url}
else: ${event.repository.html_url}
scheduler_id:
$if: 'tasks_for == "cron"'
then: focus-nightly-sched # TODO: Rename to mobile-nightly-sched
else: taskcluster-github
github_repository_full_name:
$if: 'tasks_for == "github-pull-request"'
then: ${event.pull_request.base.repo.full_name}
else: ${event.repository.full_name}
is_repo_trusted:
# Pull requests on main repository can't be trusted because anybody can open a PR on it, without a review
$if: 'tasks_for in ["github-push", "github-release", "cron"] && event.repository.html_url == "https://github.com/mozilla-mobile/fenix"'
then: true
else: false
in:
$let:
decision_worker_type:
$if: 'is_repo_trusted'
then: mobile-3-decision
else: mobile-1-decision
build_worker_type:
$if: 'is_repo_trusted'
then: mobile-3-b-fenix
else: mobile-1-b-fenix
track:
$if: 'is_repo_trusted'
then: 'nightly'
else: 'staging-nightly'
# TODO: revisit once bug 1533314 is done to possibly infer better priorities
tasks_priority: highest
short_head_branch:
$if: 'head_branch[:10] == "refs/tags/"'
then: {$eval: 'head_branch[10:]'}
else:
$if: 'head_branch[:11] == "refs/heads/"'
then: {$eval: 'head_branch[11:]'}
else: ${head_branch}
assume_scope_prefix: assume:repo:github.com/${github_repository_full_name}
in:
$let:
decision_task_id: {$eval: as_slugid("decision_task")}
expires_in: {$fromNow: '1 year'}
repository: ${event.repository.html_url}
scheduler_id: focus-nightly-sched
head_rev: ${event.release.tag_name}
head_branch: ${event.release.target_commitish}
is_mozilla_mobile_repo:
$eval: event.repository.html_url == 'https://github.com/mozilla-mobile/fenix'
track:
$if: event.repository.html_url == 'https://github.com/mozilla-mobile/fenix'
then: 'nightly'
else: 'staging-nightly'
decision_worker_type:
$if: event.repository.html_url == 'https://github.com/mozilla-mobile/fenix'
then: mobile-3-decision
else: mobile-1-decision
build_worker_type:
$if: event.repository.html_url == 'https://github.com/mozilla-mobile/fenix'
then: mobile-3-b-fenix
else: mobile-1-b-fenix
default_task_definition:
taskId: ${decision_task_id}
taskGroupId: ${decision_task_id} # Must be explicit because of Chain of Trust
schedulerId: ${scheduler_id}
created: {$fromNow: ''}
deadline: {$fromNow: '2 hours'}
expires: ${expires_in}
provisionerId: aws-provisioner-v1
workerType: ${decision_worker_type}
priority: ${tasks_priority}
requires: all-completed # Must be explicit because of Chain of Trust
retries: 5
routes:
- statuses # Automatically added by taskcluster-github. It must be explicit because of Chain of Trust
payload:
maxRunTime: 600 # Decision should remain fast enough to schedule a handful of tasks
image: mozillamobile/fenix:1.3
command:
- /bin/bash
- --login
- -cx
# The rest of the command must be defined below
env:
TASK_ID: ${decision_task_id}
TASKS_PRIORITY: ${tasks_priority}
SCHEDULER_ID: ${scheduler_id}
BUILD_WORKER_TYPE: ${build_worker_type}
MOBILE_HEAD_REPOSITORY: ${repository}
MOBILE_HEAD_BRANCH: ${head_branch}
MOBILE_HEAD_REV: ${head_rev}
features:
taskclusterProxy: true
extra:
tasks_for: ${tasks_for}
metadata:
owner: ${user}@users.noreply.github.com
source: ${repository}/raw/${head_rev}/.taskcluster.yml
in:
taskId: ${decision_task_id}
taskGroupId: ${decision_task_id} # Must be explicit because of Chain of Trust
created: {$fromNow: ''}
deadline: {$fromNow: '2 hours'}
expires: ${expires_in}
schedulerId: ${scheduler_id} # Must be explicit because of Chain of Trust
provisionerId: aws-provisioner-v1
workerType: ${decision_worker_type}
requires: all-completed # Must be explicit because of Chain of Trust
priority: medium
retries: 5
scopes:
$flatten:
- queue:scheduler-id:${scheduler_id}
- queue:create-task:highest:aws-provisioner-v1/${build_worker_type}
- project:mobile:fenix:releng:signing:format:autograph_apk
- $if: is_mozilla_mobile_repo
then:
- queue:create-task:highest:scriptworker-prov-v1/mobile-signing-v1
- queue:create-task:highest:scriptworker-prov-v1/mobile-pushapk-v1
- project:mobile:fenix:releng:signing:cert:release-signing
- project:mobile:fenix:releng:googleplay:product:fenix
- queue:route:index.project.mobile.fenix.signed-nightly.*
- secrets:get:project/mobile/fenix/sentry
- secrets:get:project/mobile/fenix/leanplum
else:
- queue:create-task:highest:scriptworker-prov-v1/mobile-signing-dep-v1
- queue:create-task:highest:scriptworker-prov-v1/mobile-pushapk-dep-v1
- project:mobile:fenix:releng:signing:cert:dep-signing
- project:mobile:fenix:releng:googleplay:product:fenix:dep
- queue:route:index.project.mobile.fenix.staging-signed-nightly.*
- secrets:get:garbage/staging/project/mobile/fenix/sentry
- secrets:get:garbage/staging/project/mobile/fenix/leanplum
routes:
- notify.email.fenix-eng-notifications@mozilla.com.on-failed
payload:
maxRunTime: 600 # Decision should remain fast enough to schedule a handful of tasks
image: mozillamobile/fenix:1.3
features:
taskclusterProxy: true
chainOfTrust: true
env:
BUILD_WORKER_TYPE: ${build_worker_type}
MOBILE_HEAD_BRANCH: ${head_branch}
MOBILE_HEAD_REPOSITORY: ${repository}
MOBILE_HEAD_REV: ${head_rev}
MOBILE_TRIGGERED_BY: ${event.sender.login}
SCHEDULER_ID: ${scheduler_id}
TASK_ID: ${decision_task_id}
command:
- /bin/bash
- --login
- -cx
- >-
git fetch ${repository} ${head_branch}
&& git config advice.detachedHead false
&& git checkout ${head_rev}
&& python automation/taskcluster/decision_task_nightly.py \
--track ${track} \
--commit \
--output /opt/fenix/app/build/outputs/apk \
--apk armGreenfield/release/app-arm-greenfield-release-unsigned.apk \
--apk x86Greenfield/release/app-x86-greenfield-release-unsigned.apk \
--apk aarch64Greenfield/release/app-aarch64-greenfield-release-unsigned.apk \
--date ${now}
artifacts:
public/task-graph.json:
type: file
path: /opt/fenix/task-graph.json
expires: ${expires_in}
public/actions.json:
type: file
path: /opt/fenix/actions.json
expires: ${expires_in}
public/parameters.yml:
type: file
path: /opt/fenix/parameters.yml
expires: ${expires_in}
extra:
cron: {$json: {$eval: 'cron'}}
tasks_for: ${tasks_for}
metadata:
name: Fenix Nightly Decision Task
description: Decision task scheduled by cron task [${cron.task_id}](https://tools.taskcluster.net/tasks/${cron.task_id})
owner: ${event.sender.login}@users.noreply.github.com
source: ${repository}/raw/${head_rev}/.taskcluster.yml
- $if: 'tasks_for == "cron"'
then:
$mergeDeep:
- {$eval: 'default_task_definition'}
- scopes:
- $if: is_repo_trusted
then: assume:hook-id:project-mobile/fenix-nightly
else: assume:hook-id:project-mobile/fenix-nightly-staging
routes:
- notify.email.fenix-eng-notifications@mozilla.com.on-failed
payload:
features:
taskclusterProxy: true
chainOfTrust: true
env:
MOBILE_TRIGGERED_BY: ${user}
command:
- >-
git fetch ${repository} ${head_branch}
&& git config advice.detachedHead false
&& git checkout ${head_rev}
&& python automation/taskcluster/decision_task_nightly.py \
--track ${track} \
--commit \
--output /opt/fenix/app/build/outputs/apk \
--apk armGreenfield/release/app-arm-greenfield-release-unsigned.apk \
--apk x86Greenfield/release/app-x86-greenfield-release-unsigned.apk \
--apk aarch64Greenfield/release/app-aarch64-greenfield-release-unsigned.apk \
--date ${now}
artifacts:
public/task-graph.json:
type: file
path: /opt/fenix/task-graph.json
expires: ${expires_in}
public/actions.json:
type: file
path: /opt/fenix/actions.json
expires: ${expires_in}
public/parameters.yml:
type: file
path: /opt/fenix/parameters.yml
expires: ${expires_in}
extra:
cron: {$json: {$eval: 'cron'}}
metadata:
name: Fenix Nightly Decision Task
description: Decision task scheduled by cron task [${cron.task_id}](https://tools.taskcluster.net/tasks/${cron.task_id})

10
automation/taskcluster/schedule_nightly_graph.py
View File

@ -44,6 +44,9 @@ def make_decision_task(params):
slugids[name] = slugid.nice()
return slugids[name]
repository_parts = params['html_url'].split('/')
repository_full_name = '/'.join((repository_parts[-2], repository_parts[-1]))
# provide a similar JSON-e context to what taskcluster-github provides
context = {
'tasks_for': 'cron',
@ -54,14 +57,15 @@ def make_decision_task(params):
'as_slugid': as_slugid,
'event': {
'repository': {
'html_url': params['html_url']
'html_url': params['html_url'],
'full_name': repository_full_name,
},
'release': {
'tag_name': params['head_rev'],
'target_commitish': params['branch']
'target_commitish': params['branch'],
},
'sender': {
'login': 'TaskclusterHook'
'login': 'TaskclusterHook',
}
}
}