Created
June 4, 2015 02:54
-
-
Save rail/bc7ac827ba67cbde34ec to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
manifests/moco-nodes.pp | 3 -- | |
modules/signingworker/manifests/services.pp | 2 +- | |
modules/signingworker/templates/config.json.erb | 4 +- | |
modules/signingworker/templates/passwords.json.erb | 56 +++++++++++----------- | |
modules/toplevel/manifests/server/signingworker.pp | 1 - | |
5 files changed, 31 insertions(+), 35 deletions(-) | |
diff --git a/manifests/moco-nodes.pp b/manifests/moco-nodes.pp | |
index 9f5e736..5035672 100644 | |
--- a/manifests/moco-nodes.pp | |
+++ b/manifests/moco-nodes.pp | |
@@ -932,19 +932,16 @@ node "buildbot-master123.bb.releng.usw2.mozilla.com" { | |
node /log-aggregator\d+\.srv\.releng\.(scl3|use1|usw2)\.mozilla\.com/ { | |
$is_log_aggregator_host = "true" | |
include toplevel::server::log_aggregator | |
} | |
# Signing workers | |
node /signingworker-.*\.srv\.releng\..*\.mozilla\.com/ { | |
- # TODO: remove temp pin | |
- $pin_puppet_server = "releng-puppet2.srv.releng.scl3.mozilla.com" | |
- $pin_puppet_env = "raliiev" | |
include toplevel::server::signingworker | |
} | |
## Loaners | |
## temporary host node Bug 1155690 | |
node "jwatkins-trusty-testing.srv.releng.use1.mozilla.com" { | |
diff --git a/modules/signingworker/manifests/services.pp b/modules/signingworker/manifests/services.pp | |
index e5f257a..495f31b 100644 | |
--- a/modules/signingworker/manifests/services.pp | |
+++ b/modules/signingworker/manifests/services.pp | |
@@ -1,15 +1,15 @@ | |
class signingworker::services { | |
include ::config | |
include signingworker::settings | |
include packages::mozilla::supervisor | |
supervisord::supervise { | |
"signingworker": | |
- command => "${signingworker::settings::root}/bin/signing-worker -c ${signingworker::settings::root}/config.json", | |
+ command => "${signingworker::settings::root}/bin/signing-worker --admin.conf ${signingworker::settings::root}/config.json", | |
user => $::config::builder_username, | |
require => [File["${signingworker::settings::root}/config.json"], | |
File["${signingworker::settings::root}/passwords.json"], | |
Mercurial::Repo["signingworker-tools"]], | |
extra_config => template("${module_name}/supervisor_config.erb"); | |
} | |
} | |
diff --git a/modules/signingworker/templates/config.json.erb b/modules/signingworker/templates/config.json.erb | |
index 380b72b..f87cc99 100644 | |
--- a/modules/signingworker/templates/config.json.erb | |
+++ b/modules/signingworker/templates/config.json.erb | |
@@ -4,12 +4,12 @@ | |
"pulse_user": "<%= scope.function_secret(["signingworker_pulse_user"]) %>", | |
"pulse_password": "<%= scope.function_secret(["signingworker_pulse_password"]) %>", | |
"pulse_port": <%= scope.lookupvar("config::signingworker_pulse_port") %>, | |
"worker_type": "<%= scope.lookupvar("config::signingworker_worker_type") %>", | |
"taskcluster_client_id": "<%= scope.function_secret(["signingworker_taskcluster_access_token"]) %>", | |
"taskcluster_access_token": "<%= scope.function_secret(["signingworker_taskcluster_access_token"]) %>", | |
"signing_server_config": "<%= scope.lookupvar("config::signingworker_root") %>/passwords.json", | |
"tools_checkout": "<%= scope.lookupvar("config::signingworker_root") %>/tools", | |
- "my_ip": "<%= @::ipaddress %>", | |
- "worker_id": "<%= @::fqdn %>", | |
+ "my_ip": "<%= @ipaddress %>", | |
+ "worker_id": "<%= @fqdn %>", | |
"verbose": <%= scope.lookupvar("config::signingworker_verbose_logging") %> | |
} | |
diff --git a/modules/signingworker/templates/passwords.json.erb b/modules/signingworker/templates/passwords.json.erb | |
index faa769b..4127c99 100644 | |
--- a/modules/signingworker/templates/passwords.json.erb | |
+++ b/modules/signingworker/templates/passwords.json.erb | |
@@ -1,35 +1,35 @@ | |
{ | |
- "signing:cert:nightly-signing": [ | |
- ["signing4.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_nightly_password"]] %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
- ["signing5.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_nightly_password"]] %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
- ["signing6.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_nightly_password"]] %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
- ["mac-signing2.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_nightly_password"]] %>", ["dmg"]], | |
- ["mac-signing3.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_nightly_password"]] %>", ["dmg"]], | |
- ["mac-v2-signing1.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_nightly_password"]] %>", ["dmgv2"]], | |
- ["mac-v2-signing2.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_nightly_password"]] %>", ["dmgv2"]], | |
- ["mac-v2-signing3.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_nightly_password"]] %>", ["dmgv2"]], | |
- ["mac-v2-signing4.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_nightly_password"]] %>", ["dmgv2"]] | |
+ "signig:cert:nightly-signing": [ | |
+ ["signing4.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_nightly_password"]) %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
+ ["signing5.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_nightly_password"]) %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
+ ["signing6.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_nightly_password"]) %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
+ ["mac-signing2.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_nightly_password"]) %>", ["dmg"]], | |
+ ["mac-signing3.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_nightly_password"]) %>", ["dmg"]], | |
+ ["mac-v2-signing1.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_nightly_password"]) %>", ["dmgv2"]], | |
+ ["mac-v2-signing2.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_nightly_password"]) %>", ["dmgv2"]], | |
+ ["mac-v2-signing3.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_nightly_password"]) %>", ["dmgv2"]], | |
+ ["mac-v2-signing4.srv.releng.scl3.mozilla.com:9100", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_nightly_password"]) %>", ["dmgv2"]] | |
], | |
"signing:cert:dep-signing": [ | |
- ["signing4.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_dep_password"]] %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
- ["signing5.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_dep_password"]] %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
- ["signing6.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_dep_password"]] %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
- ["mac-signing2.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_dep_password"]] %>", ["dmg"]], | |
- ["mac-signing3.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_dep_password"]] %>", ["dmg"]], | |
- ["mac-v2-signing1.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_dep_password"]] %>", ["dmgv2"]], | |
- ["mac-v2-signing2.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_dep_password"]] %>", ["dmgv2"]], | |
- ["mac-v2-signing3.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_dep_password"]] %>", ["dmgv2"]], | |
- ["mac-v2-signing4.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_dep_password"]] %>", ["dmgv2"]] | |
+ ["signing4.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_dep_password"]) %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
+ ["signing5.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_dep_password"]) %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
+ ["signing6.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_dep_password"]) %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
+ ["mac-signing2.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_dep_password"]) %>", ["dmg"]], | |
+ ["mac-signing3.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_dep_password"]) %>", ["dmg"]], | |
+ ["mac-v2-signing1.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_dep_password"]) %>", ["dmgv2"]], | |
+ ["mac-v2-signing2.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_dep_password"]) %>", ["dmgv2"]], | |
+ ["mac-v2-signing3.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_dep_password"]) %>", ["dmgv2"]], | |
+ ["mac-v2-signing4.srv.releng.scl3.mozilla.com:9110", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_dep_password"]) %>", ["dmgv2"]] | |
], | |
"signing:cert:release-signing": [ | |
- ["signing4.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_release_password"]] %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
- ["signing5.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_release_password"]] %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
- ["signing6.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_release_password"]] %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
- ["mac-signing2.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_release_password"]] %>", ["dmg"]], | |
- ["mac-signing3.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_release_password"]] %>", ["dmg"]], | |
- ["mac-v2-signing1.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_release_password"]] %>", ["dmgv2"]], | |
- ["mac-v2-signing2.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_release_password"]] %>", ["dmgv2"]], | |
- ["mac-v2-signing3.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_release_password"]] %>", ["dmgv2"]], | |
- ["mac-v2-signing4.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret[["signing_server_username"]] %>", "<%= scope.function_secret[["signing_server_release_password"]] %>", ["dmgv2"]] | |
+ ["signing4.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_release_password"]) %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
+ ["signing5.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_release_password"]) %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
+ ["signing6.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_release_password"]) %>", ["gpg", "osslsigncode", "signcode", "mar", "jar", "b2gmar", "emevoucher"]], | |
+ ["mac-signing2.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_release_password"]) %>", ["dmg"]], | |
+ ["mac-signing3.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_release_password"]) %>", ["dmg"]], | |
+ ["mac-v2-signing1.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_release_password"]) %>", ["dmgv2"]], | |
+ ["mac-v2-signing2.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_release_password"]) %>", ["dmgv2"]], | |
+ ["mac-v2-signing3.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_release_password"]) %>", ["dmgv2"]], | |
+ ["mac-v2-signing4.srv.releng.scl3.mozilla.com:9120", "<%= scope.function_secret(["signing_server_username"]) %>", "<%= scope.function_secret(["signing_server_release_password"]) %>", ["dmgv2"]] | |
] | |
} | |
diff --git a/modules/toplevel/manifests/server/signingworker.pp b/modules/toplevel/manifests/server/signingworker.pp | |
index f5cba77..151c3e2 100644 | |
--- a/modules/toplevel/manifests/server/signingworker.pp | |
+++ b/modules/toplevel/manifests/server/signingworker.pp | |
@@ -1,8 +1,7 @@ | |
# This Source Code Form is subject to the terms of the Mozilla Public | |
# License, v. 2.0. If a copy of the MPL was not distributed with this | |
# file, You can obtain one at http://mozilla.org/MPL/2.0/. | |
class toplevel::server::signingworker inherits toplevel::server { | |
include ::signingworker | |
} | |
- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment