search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Backed out 4 changesets (bug 1454816) for causing build bustages. CLOSED TREE
[gecko.git] / taskcluster / docker / funsize-update-generator / runme.sh
blob71ea04ea92e98e9443ab595a2de6b964dffddf04
1 #!/bin/sh
2
3 set -xe
4
5 test "$TASK_ID"
6 test "$SIGNING_CERT"
7
8 ARTIFACTS_DIR="/home/worker/artifacts"
9 mkdir -p "$ARTIFACTS_DIR"
10
11 # Strip trailing / if present
12 TASKCLUSTER_ROOT_URL="${TASKCLUSTER_ROOT_URL%/}"
13 export TASKCLUSTER_ROOT_URL
14
15 # duplicate the functionality of taskcluster-lib-urls, but in bash..
16 queue_base="${TASKCLUSTER_ROOT_URL%/}/api/queue/v1"
17
18 curl --location --retry 10 --retry-delay 10 -o /home/worker/task.json "$queue_base/task/$TASK_ID"
19
20 # auth:aws-s3:read-write:tc-gp-private-1d-us-east-1/releng/mbsdiff-cache/
21 # -> bucket of tc-gp-private-1d-us-east-1, path of releng/mbsdiff-cache/
22 # Trailing slash is important, due to prefix permissions in S3.
23 S3_BUCKET_AND_PATH=$(jq -r '.scopes[] | select(contains ("auth:aws-s3"))' /home/worker/task.json | awk -F: '{print $4}')
24
25 # Will be empty if there's no scope for AWS S3.
26 if [ -n "${S3_BUCKET_AND_PATH}" ] && getent hosts taskcluster
27 then
28 # Does this parse as we expect?
29 S3_PATH=${S3_BUCKET_AND_PATH#*/}
30 AWS_BUCKET_NAME=${S3_BUCKET_AND_PATH%/"${S3_PATH}"*}
31 test "${S3_PATH}"
32 test "${AWS_BUCKET_NAME}"
33
34 set +x # Don't echo these.
35 secret_url="${TASKCLUSTER_PROXY_URL}/api/auth/v1/aws/s3/read-write/${AWS_BUCKET_NAME}/${S3_PATH}"
36 AUTH=$(curl "${secret_url}")
37 AWS_ACCESS_KEY_ID=$(echo "${AUTH}" | jq -r '.credentials.accessKeyId')
38 AWS_SECRET_ACCESS_KEY=$(echo "${AUTH}" | jq -r '.credentials.secretAccessKey')
39 AWS_SESSION_TOKEN=$(echo "${AUTH}" | jq -r '.credentials.sessionToken')
40 export AWS_ACCESS_KEY_ID
41 export AWS_SECRET_ACCESS_KEY
42 export AWS_SESSION_TOKEN
43 AUTH=
44
45 if [ -n "$AWS_ACCESS_KEY_ID" ] && [ -n "$AWS_SECRET_ACCESS_KEY" ]; then
46 # Pass the full bucket/path prefix, as the script just appends local files.
47 export MBSDIFF_HOOK="/home/worker/bin/mbsdiff_hook.sh -S ${S3_BUCKET_AND_PATH}"
48 fi
49 set -x
50 else
51 # disable caching
52 export MBSDIFF_HOOK=
53 fi
54
55 # EXTRA_PARAMS is optional
56 # shellcheck disable=SC2086
57 python3 /home/worker/bin/funsize.py \
58 --artifacts-dir "$ARTIFACTS_DIR" \
59 --task-definition /home/worker/task.json \
60 --signing-cert "/home/worker/keys/${SIGNING_CERT}.pubkey" \
61 $EXTRA_PARAMS