diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-15 03:34:50 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-15 03:34:50 +0000 |
commit | def92d1b8e9d373e2f6f27c366d578d97d8960c6 (patch) | |
tree | 2ef34b9ad8bb9a9220e05d60352558b15f513894 /taskcluster/android_taskgraph/transforms/signing.py | |
parent | Adding debian version 125.0.3-1. (diff) | |
download | firefox-def92d1b8e9d373e2f6f27c366d578d97d8960c6.tar.xz firefox-def92d1b8e9d373e2f6f27c366d578d97d8960c6.zip |
Merging upstream version 126.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'taskcluster/android_taskgraph/transforms/signing.py')
-rw-r--r-- | taskcluster/android_taskgraph/transforms/signing.py | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/taskcluster/android_taskgraph/transforms/signing.py b/taskcluster/android_taskgraph/transforms/signing.py new file mode 100644 index 0000000000..9aeec6a043 --- /dev/null +++ b/taskcluster/android_taskgraph/transforms/signing.py @@ -0,0 +1,91 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + + +from gecko_taskgraph.util.scriptworker import get_signing_cert_scope +from taskgraph.transforms.base import TransformSequence +from taskgraph.util.schema import resolve_keyed_by + +from ..build_config import CHECKSUMS_EXTENSIONS + +transforms = TransformSequence() + + +@transforms.add +def resolve_keys(config, tasks): + for task in tasks: + for key in ( + "index", + "worker-type", + "treeherder.symbol", + ): + resolve_keyed_by( + task, + key, + item_name=task["name"], + **{ + "build-type": task["attributes"]["build-type"], + "level": config.params["level"], + } + ) + yield task + + +@transforms.add +def set_signing_attributes(config, tasks): + for task in tasks: + task["attributes"]["signed"] = True + yield task + + +@transforms.add +def filter_out_checksums(config, tasks): + for task in tasks: + task["attributes"]["artifacts"] = { + extension: path + for extension, path in task["attributes"]["artifacts"].items() + if not any(map(path.endswith, CHECKSUMS_EXTENSIONS)) + } + + for upstream_artifact in task["worker"]["upstream-artifacts"]: + upstream_artifact["paths"] = [ + path + for path in upstream_artifact["paths"] + if not any(map(path.endswith, CHECKSUMS_EXTENSIONS)) + ] + + yield task + + +_DETACHED_SIGNATURE_EXTENSION = ".asc" + + +@transforms.add +def set_detached_signature_artifacts(config, tasks): + for task in tasks: + task["attributes"]["artifacts"] = { + extension + + _DETACHED_SIGNATURE_EXTENSION: path + + _DETACHED_SIGNATURE_EXTENSION + for extension, path in task["attributes"]["artifacts"].items() + } + + yield task + + +@transforms.add +def set_signing_format(config, tasks): + for task in tasks: + for upstream_artifact in task["worker"]["upstream-artifacts"]: + upstream_artifact["formats"] = ["autograph_gpg"] + + yield task + + +@transforms.add +def add_signing_cert_scope(config, tasks): + signing_cert_scope = get_signing_cert_scope(config) + for task in tasks: + task.setdefault("scopes", []).append(signing_cert_scope) + yield task |