ReleaseEngineering/2011Q1 All-Hands Planning:Buildbotjhopkins

From MozillaWiki
Jump to: navigation, search
  • try server for releng code vs. current staging model
    • this is an awesome idea
    • no need to setup own masters, avoids errant setup
    • how does this work with pre-production?
  • misc.py
    • terrible name for one of our most important modules (where much of our logic lives)
    • grown organically over time
    • break into smaller pieces
      • some sections that have not changed in a while could be broken out into well-defined functional areas and given better names
  • debugging state
    • manhole
    • dump_master.py in braindump
  • puppet configs
    • support build activities using common set of resources
    • location-awareness in slaves
    • loss of a given datacenter does not cripple us
    • moving away from "pods," or at least pods on a given (rack) scale
    • slave allocator gives us more flexibility here (that we should use)
    • compare identity and image
  • BuildAPI
    • installed on comm-central production-master
  • signing
    • automated signing - how to verify builds are legit, trust
      • check hashes?
      • shared secrets?
      • ask catlee, he's working on this
        • make auto-sign
        • glorious future:
          • signing host has a SSL-enable server
          • shared secret: hash on private ssh key
          • release-o firefox-io
          • restrictions suggested by dveditz
    • different keys for different classes of releases, e.g. nightly
      • subkeys
Retrieved from "https://wiki.mozilla.org/index.php?title=ReleaseEngineering/2011Q1_All-Hands_Planning:Buildbotjhopkins&oldid=296521"