Intro

Firefox and Thunderbird releases are currently done using the Bootstrap automation scripts, which call into Tinderbox client to do the actual build.

Buildbot calls bootstrap, parallelizing and serializing where needed.

Bootstrap

Bootstrap is a simple Perl framework intended to take the formerly manual release process and automate it, with as little change to the process as possible.

Bootstrap is invoked using the "release" command, and supports a set of high-level "steps":

Tag - tag, branch, apply version bumps to all relevant files.
TinderConfig - generate tinderbox config files (mozconfig/tinder-config.pl)
Build - invoke Tinderbox client to create and en-US build and publish to FTP
Source - create a source tarball and push it to FTP
Repack - invoke Tinderbox client to create localized versions of en-US build and publish to FTP
PatcherConfig - create a Patcher config file for generating updates
Updates - invoke Patcher to create partial updates and AUS configuration
Stage - create a staging area and rename files for release
Sign - not implemented

Bootstrap Steps

A Bootstrap "step" must implement 2 required methods:

Execute - carry out the actual function of the step, e.g. Build
Verify - run an automated test

Additionally, there are 2 optional methods:

Push - upload the appropriate changes for testing, e.g. upload build to FTP
Announce - send an email announcing that the step has finished.

Using Bootstrap

If the "release" command is invoked with no parameters, it will attempt to start at the first step and call the methods in this order:

1. Execute
2. Verify
3. Push
4. Announce

As each step completes successfully, the next will be invoked.

There are several command-line options, shown by calling "release -h":

Usage: release [-l] [-s Step] [-o Step] [-e | -v | -p | -a] [-h]
    -l list all Steps
    -s start at Step
    -o only run one Step
    -e only run Execute
    -v only run Verify
    -p only run Push
    -a only run Announce
    -h this usage message

For example, to only run the Push method on the Build step:

./release -o Build -p

Buildbot

Buildbot is a continuous integration tool, similar to Tinderbox but written in Python as a client/server Twisted application.

We have a vendor branch in mozilla/tools/buildbot, based on Buildbot's 0.7.5 release.

Mozilla-specific Buildbot install instructions

Buildbot user manual

Current status

For the Firefox 2.0.0.8 release, we are using Buildbot to drive the release. Instead of a human operater logging into each machine used in the release process, the machines run Buildbot slaves instead. Most of the slaves simply check out and run Bootstrap, at this point.

Both the staging and production configs are checked into CVS.

There are still several manual processes, which we are working on:

• Buildbot config
  • if necessary, tag new version of mozilla/tools/release (used RELEASE_AUTOMATION_M5_3)
    • make sure buildbot-configs/automation/production/master.cfg uses this tag
  • need to file bug (e.g. bug 393264) and attach diff for bootstrap.cfg (e.g. fx-moz18-bootstrap.cfg)
  • need to "cvs update" /home/buildmaster/Automation/buildbot-configs/ and /home/buildmaster/Automation/bootstrap-configs/ after checkin
  • need to manually insert passwords into master.cfg, as they are intentionally not in the checked-in version.
  • make sure Tinderbox is up-to-date on all slaves bug 397554
    • used RELEASE_AUTOMATION_M5_3
  • ensure that machines have enough resources bug 393274
  • kick off buildbot (run as cltbld):
    • buildbot sendchange --master=localhost:9989 -u joduinn -m"Firefox 2.0.0.8 RC1" release
  • it's not possible to do dependent schedulers with a forced tag bug 394963
  • need to disable updateverify depscheduler until auto-config for update verify is done bug 373995, and Update step is able to auto-deploy.

• Tag -
  • had to manually tag based on GECKO181_20070712_RELBRANCH bug 396290
    • NOTE - RC1/RC2 respin case fixed/tested; RC1 firedrill should work, not yet tested

• Source
  • permissions for generated source tarball are incorrect, (0700 should be 0755 0644). For FF2.0.0.8 release, automation created the source tarball with the correct 0644. Not sure if this was previously fixed, or we're just confused. Leaving here for now to keep an eye on it.
  • must be run on stage, need to rewrite source step bug 394034
  • manually sync build-console and stage bug 396438

• Build
  • manually sync build-console and stage bug 396438

• Repack
  • had to fall back to cerberus-vm due to EOL problems bug 397842
  • manually sync build-console and stage bug 396438
  • "scp -r" does not work on pacifica-vm, need to upgrade or use something else (e.g. rsync), fixed in tinderbox

• Sign
  • still manual
  • need to sync signed bits manually back to build-console e.g. as cltbld@build-console:
    • rsync -av stage.mozilla.org:/home/ftp/pub/firefox/nightly/2.0.0.8-candidates/ /home/ftp/pub/firefox/nightly/2.0.0.8-candidates/

• Updates
  • call push, "./release -o Updates -p", manually
  • had to correct permissions for both snippets and MARs
  • update verification config is still manual bug 373995
  • had to change stagingServer to "stage" and re-run configs bug 396438
  • manually sync build-console and stage bug 396438

• Stage
  • had to correct permissions
  • need to rsync /data/cltbld/firefox-2.0.0.7/ stage:/data/cltbld/firefox-2.0.0.7/ (not covered by bug 396438).
  • created "latest" and "latest-2.0" symlinks manually after final release
  • created bouncer links manually bug 372746

Roles and resource requirements

• buildbot master
  • keeps logs, manages overall process
• ftp/stage.m.o
  • fileserver, both public and private areas
  • FTP candidates - 20GB storage
  • e.g. stage:/home/ftp/pub/firefox/nightly/2.0.0.4-candidates/
  • FTP private staging - 20GB storage
    • e.g. stage:firefox-2.0.0.4/
  • FTP release - 6GB storage
    • e.g. stage:/home/ftp/pub/firefox/releases/2.0.0.4/
• "tagging" builder
  • checks out source and applies tag
  • 2GB storage
    • e.g. karma:/builds/tags/FIREFOX_2_0_0_4_RELEASE/
• "source archive" builder
  • builds source archive and pushes for QA
• "linux/mac/win32 firefox builders"
  • builds firefox and pushes for QA
  • l10n/update verification
  • needs 2GB memory, 10GB storage (each)
    • e.g. prometheus-vm:/builds/tinderbox/Fx-Mozilla1.8-Release/
• "updates builder"
  • downloads and inventories a set of complete firefox updates, generates partial updates, creates AUS configuration ("snippets")
  • updates - 1GB memory, 5GB storage
  • e.g. prometheus-vm:/builds/updates/firefox-2.0.0.4/
• "stage builder"
  • creates private staging area on FTP, renames files for release
  • see "fileserver" requirements, above
• Automatic Update Server (AUS), aus2.m.o
  • 10GB for config files, backups and staging area
  • e.g. /opt/aus2/incoming/3/Firefox/2.0.0.4/, /opt/aus2/snippets/staging/20070523-Fx-2.0.0.4/, /opt/aus2/snippets/backup/20070611-1-pre-20070611-Fx-2.0.0.4.tar.bz2

Notes on staging setup

Buildbot master basedir is ~buildmaster/TestBot

The bootstrap.cfg is pulled from the master dir.

Slaves basedirs are in cltbld's home directory on the appropriate machine, e.g. ~cltbld/linux-slave1

Changes can be inserted with "buildbot sendchange" on the master e.g.:

buildbot sendchange --master=localhost:9989 -u rhelmer -m"latest bootstrap from CVS" test

Bootstrap uses a local CVS mirror, and the "tag", "source", "updates", and "stage" builders are run by a local buildslave.

The bootstrap Makefile has the following targets:

• stage/clean_stage
  • create/remove basic fileserver/tag/source/updates/stage environment
• cvsmirror/clean_cvsmirror
  • create/remove cvsmirror in /builds/cvsmirror

These targets are hard-coded to prepare for a 2.0.0.4 release.

There must be "cltbld" and "symbols" accounts on the staging FTP server that the build machines' cltbld accounts can connect to via SSH without a password.

• must accept staging-build-console's hostkey via this SSH tunnel:

• set up staging FTP server

mkdir /home/ftp /builds /data/cltbld
chown cltbld /home/ftp /builds/ /data/cltbld
cvs co /mofo/release/stage/ to /data/cltbld/bin
groupadd firefox

• set up staging AUS server

# TODO - auto-update 
mkdir -p /opt/aus2/snippets/staging/backup /opt/aus2/incoming /opt/aus2/app

# check out aus2
cd /opt/aus2/
cvs -d /builds/cvsmirror/cvsroot/ co -d app/ -r AUS2_PRODUCTION mozilla/webtools/aus/xml
cd app && ln -s ../incoming ./data

# install apache
yum install httpd

Updating release version (mirror refresh, etc.)

• Bump config versions in mozilla/tools/release/Makefile, mozilla/tools/configs/fx-moz18-staging-bootstrap.cfg, mozilla/tools/buildbot-configs/automation/staging/master.cfg e.g. bug 397425

• Disable cltbld's nightly cronjob

• Refresh cvsmirror

As cltbld@staging-build-console:

cd /home/cltbld/mozilla/tools/release
cvs up
export CVS_RSH="/home/cltbld/ssh_prod.sh"
make cvsmirror

• Update bootstrap and buildbot configs. These are symlinked from bootstrap-configs and buildbot-configs checkouts (of mozilla/tools/release/configs/ and mozilla/tools/buildbot-configs/automation/staging/, respectively).

As buildmaster@staging-build-console:

cd /home/buildmaster/TestBot
buildbot stop `pwd`
cd bootstrap-configs && cvs up && cd ../
cd buildbot-configs && cvs up && cd ../
buildbot start `pwd`

NOTE - the Talkback symbol server is hardcoded in /builds/cvsmirror.clean/mofo/talkback/fullsoft/Makefile.in, this should be changed like so:

FC_TUNNEL       = ssh -$(FC_SSH_VERSION) -f -L 8080:hal:80 $(LSSH_USER)staging-build-console.build.mozilla.org sleep 20
SYM_TUNNEL      = ssh -$(SYM_SSH_VERSION) -f -L 2222:localhost:22 $(LSSH_USER)staging-build-console.build.mozilla.org sleep 20

Production setup HOWTO for linux/mac/win32

This section describes the changes made to clones of the nightly tinderboxes (which were formerly used exclusively for releases).

• build-console setup
  • check out /mofo/release/stage to /data/cltbld/bin
    • NOTE - this is for the firefox-src-tarball-nobuild script, which checks out a tag from CVS and creates a source archive. This should be reimplemented in the bootstrap Source step

• (Win32/Mac only) install Config::General

 cd /tools/dist
 wget http://search.cpan.org/CPAN/authors/id/T/TL/TLINDEN/Config-General-2.33.tar.gz 
 tar xfvz Config-General-2.33.tar.gz
 cd Config-General-2.33
 perl Makefile.PL

its ok to ignore the warning from "perl Makefile.PL": Warning: the following files are missing in your kit: t/test.rc.out

 sudo make install

• (Linux only) prepend custom GCC to the path in ~/.bash_profile

export PATH="/usr/gcc-3.3.2rh/bin:/opt/local/bin:/tools/buildbot/bin:/tools/twisted/bin:/tools/twisted-core/bin:$PYTHONHOME/bin:$PATH"

• create logs dir

$ mkdir -p /tools/dist/logs
$ mkdir -p /builds/logs

• (Mac only) Install 7z. You can download it. Or you can copy it from bm-xserve01, which is what we did here. By putting the file in /usr/bin, it is automatically on the PATH of cltbld's .profile.

 $ cd /usr/bin
 $ sudo rsync -av cltbld@bm-xserve01.build.mozilla.org:/usr/local/bin/7z .

• look for Tinderbox directory

#linux: if tinderbox name is not "Fx-Mozilla1.8-Release" exactly, symlink it 
ln -s /builds/tinderbox/Fx-Mozilla1.8-release /builds/tinderbox/Fx-Mozilla1.8-Release

Check out tinderbox configs:

# win32
cvs -d cltbld@cvs.mozilla.org:/cvsroot co -r MOZILLA_1_8_BRANCH_release -d tinderbox-configs mozilla/tools/tinderbox-configs/firefox/win32
# linux
cvs -d cltbld@cvs.mozilla.org:/cvsroot co -r MOZILLA_1_8_BRANCH_release -d tinderbox-configs mozilla/tools/tinderbox-configs/firefox/linux
# macosx
cvs -d cltbld@cvs.mozilla.org:/cvsroot co -r MOZILLA_1_8_BRANCH_release -d tinderbox-configs mozilla/tools/tinderbox-configs/firefox/macosx

• set up Tinderbox l10n build directory

# linux
cd /builds/tinderbox/
# win32
cd /cygdrive/c/builds/tinderbox/

mkdir Fx-Mozilla-1.8-l10n-Release
cd Fx-Mozilla-1.8-l10n-Release
../mozilla/tools/tinderbox/install-links
rm build-seamonkey.pl
ln -s ../mozilla/tools/tinderbox/build-firefox.pl .
ln -s build-firefox.pl build-seamonkey.pl
rm post-mozilla.pl
ln -s post-mozilla-release.pl post-mozilla.pl

Check out tinderbox configs:

# win32
cvs -d cltbld@cvs.mozilla.org:/cvsroot co -r MOZILLA_1_8_BRANCH_l10n_release -d tinderbox-configs mozilla/tools/tinderbox-configs/firefox/win32
# linux
cvs -d cltbld@cvs.mozilla.org:/cvsroot co -r MOZILLA_1_8_BRANCH_l10n_release -d tinderbox-configs mozilla/tools/tinderbox-configs/firefox/linux
# macosx
cvs -d cltbld@cvs.mozilla.org:/cvsroot co -r MOZILLA_1_8_BRANCH_l10n_release -d tinderbox-configs mozilla/tools/tinderbox-configs/firefox/macosx

ln -s tinderbox-configs/mozconfig .
ln -s tinderbox-configs/tinder-config.pl . 

• Install buildbot
• running as "cltbld", install slave

#linux
$ cd ~
$ buildbot create linux-slave1 build-console.build.mozilla.org:9989 linux-slave1 password
#win32
c:\\buildtools\\python24\\scripts\\buildbot create-slave c:\\win32-slave1 build-console.build.mozilla.org:9989 win32-slave1 password

• edit the admin and host pages in ~/linux-slave1/info/

• start slave

#linux
buildbot start /home/cltbld/linux-slave1
# win32
c:\\buildtools\\python24\\scripts\\buildbot start c:\\win32-slave1

Just for testing

• build-console
  • use "stage" target in bootstrap's Makefile

• Move prod ssh keys out of the way, and copy in "staging" keys:

cd ~
mv ~/.ssh ~/ssh.prod
scp cltbld@staging-prometheus-vm:~/.ssh/id_rsa .ssh/

• Move prod tinderbox-configs and put staging-build-console in Root:

# win32
cd /cygdrive/c/builds/tinderbox/Fx-Mozilla-1.8-Release
# linux
cd /builds/tinderbox/Fx-Mozilla-1.8-Release

cp -rp tinderbox-configs tinderbox-configs.prod
# change root to cltbld@staging-build-console.build.mozilla.org:/builds/cvsmirror/cvsroot 
vi tinderbox-configs/CVS/Root

Same for l10n tinderbox build directories:

# win32
cd /cygdrive/c/builds/tinderbox/Fx-Mozilla-1.8-l10n-Release
# linux
cd /builds/tinderbox/Fx-Mozilla-1.8-l10n-Release

cp -rp tinderbox-configs tinderbox-configs.prod
# change root to cltbld@staging-build-console.build.mozilla.org:/builds/cvsmirror/cvsroot  
vi tinderbox-configs/CVS/Root

• /data/cltbld/bin/firefox-src-tarball-nobuild has a hardcoded CVSROOT; change it to cltbld@staging-build-console.build.mozilla.org:/builds/cvsmirror/cvsroot

Production changes

Staging/Production Buildbot master differences

1. Signing - prod waits for signed bits, stage fakes w/ symlink ok
2. Bootstrap - prod pulls tag e.g. RELEASE_AUTOMATION_M5, staging pulls tip ok

Outstanding issues

1. How to handle bootstrap logs.. remove them between runs? Don't want accumulation on slaves remove at start
2. How to do mock release.. fake version (e.g. 1.2.3.4)? Early 2.0.0.7, that we know we won't release? 2007 rc1
3. "Source" and "Staging" steps - install a buildslave on stage, or stage everything on build-console? use build-console
4. Make sure QA checks e.g. top 5 extensions after Mac Intel switch

Enhancements

• (bug 394507) should set buildbot up to mail based on any failures, currently just depend on bootstrap
• (bug 372746) Automatically configure bouncer
• (bug 373995) l10n needs the URL it downloads builds from to be configurable as well
• (bug 394498) should report on mirror saturation after release
• (bug 397554) Automatically check out, set up, and keep Tinderbox installs up to date
• buildbot bug#68 buildbot default timeout too short. 5sec isnt always enough, and you can get a "timed out" message in the slave logs, even though slave started "normally".
• buildbot bug#85 sometimes buildmaster sees buildslave correctly, confirms ping ok, but never assigns pending work to the slave. Doing "buildmaster refresh" is not enough, you need to do "buildmaster stop/start". Restarting the slave does not help.
• buildbot bug#92 on win32, console output is not logged (goes to the DOS console running buildbot :( )
• buildbot bug#77 file buildbot bug to handle kill on win32. Add details linking to bsmedberg fix.
• buildbot bug#67 link to history for old builds at bottom of page (ala tinderbox server).
• buildbot bug#69 meta-refresh tag for waterfall page
• buildbot bug#78 buildbot UI to contain way to force build dependent steps instead of just doing current step.
• buildbot bug#91 When using the CVS Source step on a Mac OSX slave, if a CVS directory is found on the path, buildbot will attempt to use it as if it were a CVS binary.
• buildbot bug#88 steps which start within a few seconds of each other show as same start time on waterfall page
• (needs bug filed) tinderbox symbol server should be configurable