aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--etc/taskcluster/macos/modules/pillar/taskcluster_secrets.py2
-rw-r--r--etc/taskcluster/macos/states/generic-worker.sls16
-rw-r--r--etc/taskcluster/packet.net/tc.py13
-rwxr-xr-xetc/taskcluster/packet.net/terraform_with_vars.py13
4 files changed, 32 insertions, 12 deletions
diff --git a/etc/taskcluster/macos/modules/pillar/taskcluster_secrets.py b/etc/taskcluster/macos/modules/pillar/taskcluster_secrets.py
index 49229f73a4d..7283f6ec088 100644
--- a/etc/taskcluster/macos/modules/pillar/taskcluster_secrets.py
+++ b/etc/taskcluster/macos/modules/pillar/taskcluster_secrets.py
@@ -12,5 +12,5 @@ def ext_pillar(_minion_id, _pillar, *_args):
tc.check()
data = {}
data.update(tc.secret("project/servo/tc-client/worker/macos/1"))
- data.update(tc.secret("project/servo/livelog-secret/1"))
+ data.update(tc.livelog())
return data
diff --git a/etc/taskcluster/macos/states/generic-worker.sls b/etc/taskcluster/macos/states/generic-worker.sls
index c10e0c54002..aeeb35f6e43 100644
--- a/etc/taskcluster/macos/states/generic-worker.sls
+++ b/etc/taskcluster/macos/states/generic-worker.sls
@@ -28,7 +28,6 @@
{{ home }}/config.json:
file.serialize:
- - makedirs: True
- user: {{ user }}
- mode: 600
- show_changes: False
@@ -43,10 +42,25 @@
signingKeyLocation: {{ home }}/key
clientId: {{ pillar["client_id"] }}
accessToken: {{ pillar["access_token"] }}
+ livelogExecutable: {{ bin }}/livelog
+ livelogCertificate: {{ home }}/livelog.crt
+ livelogKey: {{ home }}/livelog.key
livelogSecret: {{ pillar["livelog_secret"] }}
- watch_in:
- service: net.generic.worker
+{{ home }}/livelog.crt:
+ file.managed:
+ - contents_pillar: livelog_cert
+ - user: {{ user }}
+ - mode: 600
+
+{{ home }}/livelog.key:
+ file.managed:
+ - contents_pillar: livelog_key
+ - user: {{ user }}
+ - mode: 600
+
{{ bin }}/generic-worker new-openpgp-keypair --file {{ home }}/key:
cmd.run:
- creates: {{ home }}/key
diff --git a/etc/taskcluster/packet.net/tc.py b/etc/taskcluster/packet.net/tc.py
index 63b07186f97..464d248682d 100644
--- a/etc/taskcluster/packet.net/tc.py
+++ b/etc/taskcluster/packet.net/tc.py
@@ -5,6 +5,7 @@
import os
import sys
import json
+import base64
import subprocess
@@ -20,6 +21,18 @@ def check():
"eval `taskcluster signin`\n")
+def livelog():
+ win2016 = api("awsProvisioner", "workerType", "servo-win2016")
+ files = win2016["secrets"]["files"]
+ assert all(f["encoding"] == "base64" for f in files)
+ files = {f.get("description"): f["content"] for f in files}
+ return {
+ "livelog_cert": base64.b64decode(files["SSL certificate for livelog"]),
+ "livelog_key": base64.b64decode(files["SSL key for livelog"]),
+ "livelog_secret": win2016["secrets"]["generic-worker"]["config"]["livelogSecret"],
+ }
+
+
def packet_auth_token():
return secret("project/servo/packet.net-api-key")["key"]
diff --git a/etc/taskcluster/packet.net/terraform_with_vars.py b/etc/taskcluster/packet.net/terraform_with_vars.py
index 074f5c5aa00..891674838d9 100755
--- a/etc/taskcluster/packet.net/terraform_with_vars.py
+++ b/etc/taskcluster/packet.net/terraform_with_vars.py
@@ -6,7 +6,6 @@
import os
import sys
-import base64
import subprocess
import tc
@@ -16,13 +15,7 @@ def main(*args):
tc.check()
ssh_key = tc.secret("project/servo/ssh-keys/docker-worker-kvm")
tc_creds = tc.secret("project/servo/tc-client/worker/docker-worker-kvm/1")
- win2016 = tc.api("awsProvisioner", "workerType", "servo-win2016")
- files_by_desc = {f.get("description"): f for f in win2016["secrets"]["files"]}
-
- def decode(description):
- f = files_by_desc[description]
- assert f["encoding"] == "base64"
- return base64.b64decode(f["content"])
+ livelog = tc.livelog()
terraform_vars = dict(
ssh_pub_key=ssh_key["public"],
@@ -30,8 +23,8 @@ def main(*args):
taskcluster_client_id=tc_creds["client_id"],
taskcluster_access_token=tc_creds["access_token"],
packet_api_key=tc.packet_auth_token(),
- ssl_certificate=decode("SSL certificate for livelog"),
- cert_key=decode("SSL key for livelog"),
+ ssl_certificate=livelog["livelog_cert_base64"],
+ cert_key=livelog["livelog_key_base64"],
)
env = dict(os.environ)
env["PACKET_AUTH_TOKEN"] = terraform_vars["packet_api_key"]
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-28 12:14:31 +0000