Bug 1517701 - allow docker-worker:capability:device:*, too r=Callek
authorDustin J. Mitchell <dustin@mozilla.com>
Fri, 04 Jan 2019 17:44:15 +0000
changeset 509665 4658f4891f79f944fdb6db6c5ccb3a5a22d3b91b
parent 509664 4b3fc8b9128035c63821078328c73fbc525d1950
child 509666 4b0da3a2a9facebc598079ca6e8161cefb3448ea
push id10547
push userffxbld-merge
push dateMon, 21 Jan 2019 13:03:58 +0000
treeherdermozilla-beta@24ec1916bffe [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersCallek
bugs1517701
milestone66.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1517701 - allow docker-worker:capability:device:*, too r=Callek Differential Revision: https://phabricator.services.mozilla.com/D15736
taskcluster/taskgraph/actions/create_interactive.py
--- a/taskcluster/taskgraph/actions/create_interactive.py
+++ b/taskcluster/taskgraph/actions/create_interactive.py
@@ -53,16 +53,18 @@ SCOPE_WHITELIST = [
     # public downloads are OK
     re.compile(r'^docker-worker:relengapi-proxy:tooltool.download.public$'),
     # level-appropriate secrets are generally necessary to run a task; these
     # also are "not that secret" - most of them are built into the resulting
     # binary and could be extracted by someone with `strings`.
     re.compile(r'^secrets:get:project/releng/gecko/build/level-[0-9]/\*'),
     # ptracing is generally useful for interactive tasks, too!
     re.compile(r'^docker-worker:feature:allowPtrace$'),
+    # docker-worker capabilities include loopback devices
+    re.compile(r'^docker-worker:capability:device:.*$'),
 ]
 
 
 def context(params):
     # available for any docker-worker tasks at levels 1, 2; and for
     # test tasks on level 3 (level-3 builders are firewalled off)
     if int(params['level']) < 3:
         return [{'worker-implementation': 'docker-worker'}]