Migrate code-review CI to community taskcluster deployment, code-review hooks to firefox deployment
Categories
(Taskcluster :: Operations and Service Requests, task)
Tracking
(Not tracked)
People
(Reporter: bastien, Assigned: bstack)
References
Details
Attachments
(4 files)
The project uses Taskcluster for its CI needs, but also needs to access some parts of the Mozilla CI:
- public artifacts from analysis tasks
- the bot itself is triggered by a Pulse message sent from a task on Mozilla CI
|
||
Updated•5 years ago
|
|
||
Comment 1•5 years ago
|
||
As we discussed on IRC, the CI for the project can be in the community taskcluster deployment, the hooks should be in the firefox deployment.
|
|
||
Updated•5 years ago
|
|
Reporter | |
Comment 2•5 years ago
|
||
I made a PR to test the new TC instance, simply updating the provisionerId & workerType: tasks run on the community instance.
Docker build tasks fail because they do not run on a privileged worker: sample failure task
Brian, could you help me out here ?
|
Assignee | |
Comment 3•5 years ago
|
||
I believe https://github.com/mozilla/community-tc-config/pull/91 will fix this issue. Thanks for finding it
|
|
Reporter | |
Comment 4•5 years ago
|
||
I merged the migration PR.
We still need a way to update firefox-ci hooks :)
|
|
Reporter | |
Comment 5•5 years ago
|
||
These hooks need to be migrated on the Firefox-CI instance before the 9th so that the code-review bot runs continously :
They each need access to their respective secrets on the same instance:
project/relman/code-review/runtime-testingproject/relman/code-review/runtime-production
Most importantly they both need to be triggered by the following pulse binding: exchange/taskcluster-queue/v1/task-completed with the route route.project.relman.codereview.v1.try_ending
|
|
Assignee | |
Comment 6•5 years ago
|
||
I think this is all deployed now!
|
|
Reporter | |
Comment 7•5 years ago
|
||
The code-review hooks looks OK to me, the testing hook was triggered once but failed due to a deadline exception. I guess it's normal at this stage ?
|
|
||
Comment 8•5 years ago
|
||
drop-by comment: that deadline exception is because the task has the wrong workerType -- should be project-relman/releng-svc-memory, probably. That's the worker-type used in e.g., https://firefox-ci-tc.services.mozilla.com/hooks/project-relman/code-coverage-repo-testing
|
|
Assignee | |
Comment 9•5 years ago
|
||
|
|
Reporter | |
Comment 10•5 years ago
|
||
The last code-review tasks on firefox-ci are still in the exception state (fire status is OK though) : https://firefox-ci-tc.services.mozilla.com/hooks/project-relman/code-review-production
|
|
||
Comment 11•5 years ago
|
||
The hook has not been triggered since yesterday, which means there is something broken with the trigger code.
Indeed, the code-review-events app on Heroku is crashing.
Probably bug 1595464 is all we need (at least to fix the trigger issue).
|
|
Reporter | |
Comment 12•5 years ago
|
||
Could you create those 3 clients and send me their access tokens through email (here is my GPG public key)
Discussed with Bastien over Slack. This project, while developed on Github and thus using the Community TC instance, runs jobs on Firefox CI. The clients requested in comment 12 are needed in Firefox CI.
I then created them:
- https://firefox-ci-tc.services.mozilla.com/auth/clients/project%2Frelman%2Fcode-review%2Fbackend-testing
- https://firefox-ci-tc.services.mozilla.com/auth/clients/project%2Frelman%2Fcode-review%2Fevents-production
- https://firefox-ci-tc.services.mozilla.com/auth/clients/project%2Frelman%2Fcode-review%2Fevents-testing
These clients required these 2 roles, which I created:
- https://firefox-ci-tc.services.mozilla.com/auth/roles/project%3Arelman%3Acode-review%2Fruntime%2Ftesting
- https://firefox-ci-tc.services.mozilla.com/auth/roles/project%3Arelman%3Acode-review%2Fruntime%2Fproduction
Bastien confirmed these clients have been deployed and services are back working. Do you think we can close this ticket, Bastien?
|
|
Reporter | |
Comment 14•5 years ago
|
||
Not yet, the service is not back to normal (clients are fine though, thanks a lot !)
|
|
Reporter | |
Comment 15•5 years ago
|
||
|
|
Reporter | |
Comment 16•5 years ago
|
||
|
|
Reporter | |
Comment 17•5 years ago
|
||
|
|
Reporter | |
Comment 18•5 years ago
|
||
Code review bot now has all the necessary clients & scopes set in ci-configuration, things are running OK.
One last step is to restore the bugbug hook trigger (hosted on community instance) from code-review (hosted on firefox-ci instance).
I already made a patch to use a community Taskcluster client from the code-review code - it's currently running in production & testing.
We simply need a firefox-ci admin to update our secrets with the following payload (tokens to be sent directly through send.firefox.com):
- Edit the
eventssection in the testing secret, and add the following payload:
events:
community_config:
client_id: project/relman/bugbug/code-review-testing
access_token: xxx
...
- Edit the
eventssection in the production secret, and add the following payload:
events:
community_config:
client_id: project/relman/bugbug/code-review-production
access_token: yyy
...
|
|
Reporter | |
Comment 20•5 years ago
|
||
I made a mistake, the required key is taskcluster_community (not community_config). Sorry about that :(
|
||
Comment 21•5 years ago
|
||
(In reply to Bastien Abadie [:bastien] from comment #20)
I made a mistake, the required key is
taskcluster_community(notcommunity_config). Sorry about that :(
Fixed
|
|
Reporter | |
Comment 22•5 years ago
|
||
Code review bot has been running happily for the last 36 hours, thanks all !
Clearing NI per comment 21 and comment 22.
Description
•