taskcluster/docker/periodic_updates/runme.sh
author Bogdan Tara <btara@mozilla.com>
Wed, 07 Mar 2018 13:21:46 +0200
changeset 764277 13671c01b9873e227d8bf54bc118fa9c8c95793e
parent 764276 taskcluster/docker/periodic-updates/runme.sh@6ba388ca08dab3ebe94c3e9749fd1ff4c174cd64
permissions -rwxr-xr-x
Backed out changeset 6ba388ca08da (bug 1436369) for taskcluster-images bustage and linting failure at taskcluster/ci/repo-update/kind.yml:49:1 on a CLOSED TREE

#!/bin/bash

set -xe

# Things to be set by task definition.
# --pinset --hsts --hpkp --blocklist
# -b branch
# --use-mozilla-central
# -p firefox
# Artifact directory
# Artifact names.


test "${BRANCH}"
test "${PRODUCT}"

PARAMS=""

if [ ! -z "${USE_MOZILLA_CENTRAL}" ]
then
  PARAMS="${PARAMS} --use-mozilla-central"
fi

# TODO change these, so that they're run if the artifact location is specified?
if [ ! -z "${DO_HSTS}" ]
then
  PARAMS="${PARAMS} --hsts"
fi

if [ ! -z "${DO_HPKP}" ]
then
  PARAMS="${PARAMS} --hpkp"
fi

if [ ! -z "${DO_BLOCKLIST}" ]
then
  PARAMS="${PARAMS} --blocklist"
fi

export ARTIFACTS_DIR="/home/worker/artifacts"
mkdir -p "$ARTIFACTS_DIR"

# Get Arcanist API token

if [ -n "${TASK_ID}" ]
then
  curl --location --retry 10 --retry-delay 10 -o /home/worker/task.json \
    "https://queue.taskcluster.net/v1/task/$TASK_ID"
  ARC_SECRET=$(jq -r '.scopes[] | select(contains ("arc-phabricator-token"))' /home/worker/task.json | awk -F: '{print $3}')
fi
if [ -n "${ARC_SECRET}" ] && getent hosts taskcluster
then
  set +x # Don't echo these
  secrets_url="http://taskcluster/secrets/v1/secret/${ARC_SECRET}"
  SECRET=$(curl "${secrets_url}")
  TOKEN=$(echo "${SECRET}" | jq -r '.secret.token')
elif [ -n "${ARC_TOKEN}" ] # Allow for local testing.
then
  TOKEN="${ARC_TOKEN}"
fi

if [ -n "${TOKEN}" ]
then
  cat >"${HOME}/.arcrc" <<END
{
  "hosts": {
    "https://phabricator.services.mozilla.com/api/": {
      "token": "${TOKEN}"
    }
  }
}
END
  set -x
  chmod 600 "${HOME}/.arcrc"
fi

# shellcheck disable=SC2086
/home/worker/scripts/periodic_file_updates.sh -p "${PRODUCT}" -b "${BRANCH}" ${PARAMS}