Bug 1534506 - download chain-of-trust.json instead of chainOfTrust.json.asc r=tomprince
authorAki Sasaki <asasaki@mozilla.com>
Tue, 12 Mar 2019 04:53:57 +0000
changeset 521611 4768e2c08459
parent 521610 79dd6b92c913
child 521612 7f47a4e7c43f
push id10867
push userdvarga@mozilla.com
push dateThu, 14 Mar 2019 15:20:45 +0000
treeherdermozilla-beta@abad13547875 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerstomprince
bugs1534506
milestone67.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1534506 - download chain-of-trust.json instead of chainOfTrust.json.asc r=tomprince Differential Revision: https://phabricator.services.mozilla.com/D23081
python/mozbuild/mozbuild/mach_commands.py
--- a/python/mozbuild/mozbuild/mach_commands.py
+++ b/python/mozbuild/mozbuild/mach_commands.py
@@ -1384,41 +1384,26 @@ class PackageFrontend(MachCommandBase):
                 if self.size is None and self.digest is None:
                     return True
                 return super(DownloadRecord, self).validate()
 
         class ArtifactRecord(DownloadRecord):
             def __init__(self, task_id, artifact_name):
                 for _ in redo.retrier(attempts=retry+1, sleeptime=60):
                     cot = cache._download_manager.session.get(
-                        get_artifact_url(task_id, 'public/chainOfTrust.json.asc'))
+                        get_artifact_url(task_id, 'public/chain-of-trust.json'))
                     if cot.status_code >= 500:
                         continue
                     cot.raise_for_status()
                     break
                 else:
                     cot.raise_for_status()
 
                 digest = algorithm = None
-                data = {}
-                # The file is GPG-signed, but we don't care about validating that.
-                # The data looks like:
-                #     -----BEGIN PGP SIGNED MESSAGE-----
-                #     Hash: SHA256
-                #
-                #     {
-                #       ...
-                #     }
-                #     -----BEGIN PGP SIGNATURE-----
-                #     <signature data>
-                #     -----END PGP SIGNATURE-----
-                # The following code extracts the json from there.
-                data = json.loads(
-                    cot.content.partition("-----BEGIN PGP SIGNATURE-----")[0]
-                               .partition("Hash: SHA256")[2])
+                data = json.loads(cot.content)
                 for algorithm, digest in (data.get('artifacts', {})
                                               .get(artifact_name, {}).items()):
                     pass
 
                 name = os.path.basename(artifact_name)
                 artifact_url = get_artifact_url(task_id, artifact_name,
                     use_proxy=not artifact_name.startswith('public/'))
                 super(ArtifactRecord, self).__init__(