.taskcluster.yml
author Petru Lingurar <petru.lingurar@softvision.ro>
Fri, 21 Dec 2018 08:56:47 +0000
changeset 501492 65621d0fe1262af0643cec37c23b2d9ec42588ad
parent 499206 623c34a2c9dcceebe35432602b0ca47eb8ea9869
child 501742 cc803b2429d86587fbe6c29fed2e2bfb51f9422e
permissions -rw-r--r--
Bug 1513938 - Enforce a Bundle size limit and drop `privateSession` if exceeds it. r=JanH, a=jcristau The `privateSession` key would normally allow persisting the Private Browsing session across OOMs in Activity's Bundle. We need to do that to avoid storing private, sensible data on disk like we do with the normal browsing session. In some cases `privateSession` would contain a lot of data which, along with other possible concurrent transactions could overflow Binder's buffer which has a limited fixed size, currently 1Mb. To avoid this, we will drop `privateSession` from the Bundle if the resulting size is greater than a _speculative_ size of 300KBs which would mean that in the case of an OOM all Private Browsing state would be lost. Bug 1515592 is filed to investigate for a better solution. Differential Revision: https://phabricator.services.mozilla.com/D15067

# This file is rendered via JSON-e by
# - mozilla-taskcluster - https://docs.taskcluster.net/reference/integrations/mozilla-taskcluster/docs/taskcluster-yml
# - cron tasks - taskcluster/taskgraph/cron/decision.py
# - action tasks - taskcluster/taskgraph/actions/registry.py
version: 1
tasks:
  # NOTE: support for actions in ci-admin requires that the `tasks` property be an array *before* JSON-e rendering
  # takes place.
  - $if: 'tasks_for in ["hg-push", "action", "cron"]'
    then:
      $let:
        # sometimes the push user is just `ffxbld` or the like, but we want an email-like field..
        ownerEmail: {$if: '"@" in push.owner', then: '${push.owner}', else: '${push.owner}@noreply.mozilla.org'}
        # ensure there's no trailing `/` on the repo URL
        repoUrl: {$if: 'repository.url[-1] == "/"', then: {$eval: 'repository.url[:-1]'}, else: {$eval: 'repository.url'}}
        # Hardcode cron push info for now, so that we can transition to using real values without breaking callers of Chain of Trust
        _pushId: {$if: 'tasks_for == "cron"', then: '-1', else: {$eval: 'push.pushlog_id'}}
        # action tasks can fail because of no pushdate or push comment information in context, so include them in
        # hardcodes (even though they don't use these variables)
        _pushDate: {$if: 'tasks_for == "cron" || tasks_for == "action"', then: '0', else: {$eval: 'push.pushdate'}}
        _pushComment: {$if: 'tasks_for == "cron" || tasks_for == "action"', then: '', else: {$eval: 'push.comment'}}
      in:
        taskId: {$if: 'tasks_for != "action"', then: '${as_slugid("decision")}'}
        taskGroupId:
          $if: 'tasks_for == "action"'
          then:
            '${action.taskGroupId}'
          else:
            '${as_slugid("decision")}' # same as taskId; this is how automation identifies a decision tsak
        schedulerId: 'gecko-level-${repository.level}'

        created: {$fromNow: ''}
        deadline: {$fromNow: '1 day'}
        expires: {$fromNow: '1 year 1 second'} # 1 second so artifacts expire first, despite rounding errors
        metadata:
          $merge:
            - owner: "${ownerEmail}"
              source: "${repoUrl}/raw-file/${push.revision}/.taskcluster.yml"
            - $if: 'tasks_for == "hg-push"'
              then:
                name: "Gecko Decision Task"
                description: 'The task that creates all of the other tasks in the task graph'
              else:
                $if: 'tasks_for == "action"'
                then:
                  name: "Action: ${action.title}"
                  description: '${action.description}'
                else:
                  name: "Decision Task for cron job ${cron.job_name}"
                  description: 'Created by a [cron task](https://tools.taskcluster.net/tasks/${cron.task_id})'

        provisionerId: "aws-provisioner-v1"
        workerType: "gecko-${repository.level}-decision"

        tags:
          $if: 'tasks_for == "hg-push"'
          then:
            createdForUser: "${ownerEmail}"
            kind: decision-task
          else:
            $if: 'tasks_for == "action"'
            then:
              createdForUser: '${ownerEmail}'
              kind: 'action-callback'
            else:
              $if: 'tasks_for == "cron"'
              then:
                kind: cron-task

        routes:
          $flatten:
            - "tc-treeherder.v2.${repository.project}.${push.revision}.${_pushId}"
            - $if: 'tasks_for == "hg-push"'
              then:
                - "index.gecko.v2.${repository.project}.latest.taskgraph.decision"
                - "index.gecko.v2.${repository.project}.revision.${push.revision}.taskgraph.decision"
                - "index.gecko.v2.${repository.project}.pushlog-id.${_pushId}.decision"
                - "notify.email.${ownerEmail}.on-failed"
                - "notify.email.${ownerEmail}.on-exception"
                # Send a notification email if the push comes from try
                - $if: 'repository.project == "try"'
                  then:
                    "notify.email.${ownerEmail}.on-completed"
                # These are the old index routes for the decision task.
                # They are still here so external tools that referenced them continue to work.
                - "index.gecko.v2.${repository.project}.latest.firefox.decision"
                - "index.gecko.v2.${repository.project}.revision.${push.revision}.firefox.decision"
              else:
                $if: 'tasks_for == "action"'
                then:
                - "notify.email.taskcluster-notifications+action-task@mozilla.com.on-failed"
                - "notify.email.taskcluster-notifications+action-task@mozilla.com.on-exception"
                - "index.gecko.v2.${repository.project}.pushlog-id.${_pushId}.actions.${ownTaskId}"
                else:  # cron
                - "index.gecko.v2.${repository.project}.latest.taskgraph.decision-${cron.job_name}"
                # list each cron task on this revision, so actions can find them
                - 'index.gecko.v2.${repository.project}.revision.${push.revision}.cron.${as_slugid("decision")}'
                # These are the old index routes for the decision task.
                - "index.gecko.v2.${repository.project}.latest.firefox.decision-${cron.job_name}"

        scopes:
          $if: 'tasks_for == "hg-push"'
          then:
            - 'assume:repo:${repoUrl[8:]}:branch:default'
            - 'queue:route:notify.email.${ownerEmail}.*'
            - 'in-tree:hook-action:project-gecko/in-tree-action-${repository.level}-*'
          else:
            $if: 'tasks_for == "action"'
            then:
              # when all actions are hooks, we can calculate this directly rather than using a variable
              - '${action.repo_scope}'
            else:
              - 'assume:repo:${repoUrl[8:]}:cron:${cron.job_name}'

        dependencies: []
        requires: all-completed

        priority:
          # Most times, there is plenty of worker capacity so everything runs
          # quickly, but sometimes a storm of action tasks lands.  Then we
          # want, from highest to lowest:
          # - cron tasks (time-sensitive) (low)
          # - decision tasks (minimize user-visible delay) (very-low)
          # - action tasks (avoid interfering with the other two) (lowest)
          # SCM levels all use different workerTypes, so there is no need for priority
          # between levels; "low" is the highest priority available at all levels, and
          # nothing runs at any higher priority on these workerTypes.
          $if: "tasks_for == 'cron'"
          then: low
          else:
            $if: "tasks_for == 'hg-push'"
            then: very-low
            else: lowest  # tasks_for == 'action'
        retries: 5

        payload:
          env:
            # checkout-gecko uses these to check out the source; the inputs
            # to `mach taskgraph decision` are all on the command line.
            $merge:
              - GECKO_BASE_REPOSITORY: 'https://hg.mozilla.org/mozilla-unified'
                GECKO_HEAD_REPOSITORY: '${repoUrl}'
                GECKO_HEAD_REF: '${push.revision}'
                GECKO_HEAD_REV: '${push.revision}'
                GECKO_COMMIT_MSG: {$if: 'tasks_for != "action"', then: '${_pushComment}'}
                HG_STORE_PATH: /builds/worker/checkouts/hg-store
                TASKCLUSTER_CACHES: /builds/worker/checkouts
              - $if: 'tasks_for == "action"'
                then:
                  ACTION_TASK_GROUP_ID: '${action.taskGroupId}'     # taskGroupId of the target task
                  ACTION_TASK_ID: {$json: {$eval: 'taskId'}} # taskId of the target task (JSON-encoded)
                  ACTION_INPUT: {$json: {$eval: 'input'}}
                  ACTION_CALLBACK: '${action.cb_name}'
                  ACTION_PARAMETERS: {$json: {$eval: 'parameters'}}

          cache:
            level-${repository.level}-checkouts-sparse-v2: /builds/worker/checkouts

          features:
            taskclusterProxy: true
            chainOfTrust: true

          # Note: This task is built server side without the context or tooling that
          # exist in tree so we must hard code the hash
          image: 'taskcluster/decision:2.1.0@sha256:6db3b697d7a3c7aba440d72f04199331b872111cefff57206b8b8b1d53230360'

          maxRunTime: 1800

          command:
            - /builds/worker/bin/run-task
            - '--vcs-checkout=/builds/worker/checkouts/gecko'
            - '--sparse-profile=build/sparse-profiles/taskgraph'
            - '--'
            - bash
            - -cx
            - $let:
                extraArgs: {$if: 'tasks_for == "cron"', then: '${cron.quoted_args}', else: ''}
              in:
                $if: 'tasks_for == "action"'
                then: >
                  cd /builds/worker/checkouts/gecko &&
                  ln -s /builds/worker/artifacts artifacts &&
                  ./mach --log-no-times taskgraph action-callback
                else: >
                  cd /builds/worker/checkouts/gecko &&
                  ln -s /builds/worker/artifacts artifacts &&
                  ./mach --log-no-times taskgraph decision
                  --pushlog-id='${_pushId}'
                  --pushdate='${_pushDate}'
                  --project='${repository.project}'
                  --message="$GECKO_COMMIT_MSG"
                  --owner='${ownerEmail}'
                  --level='${repository.level}'
                  --base-repository="$GECKO_BASE_REPOSITORY"
                  --head-repository="$GECKO_HEAD_REPOSITORY"
                  --head-ref="$GECKO_HEAD_REF"
                  --head-rev="$GECKO_HEAD_REV"
                  ${extraArgs}

          artifacts:
            'public':
              type: 'directory'
              path: '/builds/worker/artifacts'
              expires: {$fromNow: '1 year'}

        extra:
          $merge:
            - treeherder:
                $merge:
                  - machine:
                      platform: gecko-decision
                  - $if: 'tasks_for == "hg-push"'
                    then:
                      symbol: D
                    else:
                      $if: 'tasks_for == "action"'
                      then:
                        groupName: 'action-callback'
                        groupSymbol: AC
                        symbol: "${action.symbol}"
                      else:
                        groupSymbol: cron
                        symbol: "${cron.job_symbol}"
            - $if: 'tasks_for == "action"'
              then:
                parent: '${action.taskGroupId}'
                action:
                  name: '${action.name}'
                  context:
                    taskGroupId: '${action.taskGroupId}'
                    taskId: {$eval: 'taskId'}
                    input: {$eval: 'input'}
                    parameters: {$eval: 'parameters'}
            - $if: 'tasks_for == "cron"'
              then:
                cron: {$json: {$eval: 'cron'}}
            - tasks_for: '${tasks_for}'
            # Email format for try pushes
            - $if: 'tasks_for == "hg-push" && repository.project == "try"'
              then:
                notify:
                  email:
                    subject: "Thank you for your try submission of ${push.revision}. It's the best!"
                    content: "Your try push has been submitted. Use the link to view the status of your jobs."
                    link:
                      text: "Treeherder Jobs"
                      href: "https://treeherder.mozilla.org/#/jobs?repo=${repository.project}&revision=${push.revision}"