# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. version: 1 policy: pullRequests: public tasks: $let: decision_task_id: {$eval: as_slugid("decision_task")} expires_in: {$fromNow: '1 year'} user: ${event.sender.login} project_name: fenix # We define the following variable at the very top, because they are used in the # default definition head_branch: $if: 'tasks_for == "github-pull-request"' then: ${event.pull_request.head.ref} else: $if: 'tasks_for == "github-push"' then: ${event.ref} else: ${event.release.target_commitish} head_rev: $if: 'tasks_for == "github-pull-request"' then: ${event.pull_request.head.sha} else: $if: 'tasks_for == "github-push"' then: ${event.after} else: ${event.release.tag_name} repository: $if: 'tasks_for == "github-pull-request"' then: ${event.pull_request.head.repo.html_url} else: ${event.repository.html_url} scheduler_id: $if: 'tasks_for == "cron"' then: focus-nightly-sched # TODO: Rename to mobile-nightly-sched else: taskcluster-github github_repository_full_name: $if: 'tasks_for == "github-pull-request"' then: ${event.pull_request.base.repo.full_name} else: ${event.repository.full_name} trust_level: # Pull requests on main repository can't be trusted because anybody can open a PR on it, without a review $if: 'tasks_for in ["github-push", "github-release", "cron"] && event.repository.html_url == "https://github.com/mozilla-mobile/fenix"' then: 3 else: 1 in: $let: # TODO: revisit once bug 1533314 is done to possibly infer better priorities tasks_priority: highest short_head_branch: $if: 'head_branch[:10] == "refs/tags/"' then: {$eval: 'head_branch[10:]'} else: $if: 'head_branch[:11] == "refs/heads/"' then: {$eval: 'head_branch[11:]'} else: ${head_branch} assume_scope_prefix: assume:repo:github.com/${github_repository_full_name} in: $let: default_task_definition: taskId: ${decision_task_id} taskGroupId: ${decision_task_id} # Must be explicit because of Chain of Trust schedulerId: ${scheduler_id} created: {$fromNow: ''} deadline: {$fromNow: '2 hours'} expires: ${expires_in} provisionerId: aws-provisioner-v1 workerType: mobile-${trust_level}-decision priority: ${tasks_priority} requires: all-completed # Must be explicit because of Chain of Trust retries: 5 routes: $flatten: - statuses # Automatically added by taskcluster-github. It must be explicit because of Chain of Trust - $if: 'trust_level == 3' then: - tc-treeherder.v2.${project_name}.${head_rev} else: [] payload: maxRunTime: 600 # Decision should remain fast enough to schedule a handful of tasks image: mozillamobile/${project_name}:1.4 command: - /bin/bash - --login - -cx # The rest of the command must be defined below env: BUILD_DATE: ${now} MOBILE_HEAD_BRANCH: ${head_branch} MOBILE_HEAD_REPOSITORY: ${repository} MOBILE_HEAD_REV: ${head_rev} MOBILE_TRIGGERED_BY: ${user} SCHEDULER_ID: ${scheduler_id} SHORT_HEAD_BRANCH: ${short_head_branch} TASK_ID: ${decision_task_id} TASKS_PRIORITY: ${tasks_priority} TRUST_LEVEL: ${trust_level} features: chainOfTrust: true taskclusterProxy: true artifacts: public/task-graph.json: type: file path: /opt/${project_name}/task-graph.json expires: ${expires_in} public/actions.json: type: file path: /opt/${project_name}/actions.json expires: ${expires_in} public/parameters.yml: type: file path: /opt/${project_name}/parameters.yml expires: ${expires_in} extra: tasks_for: ${tasks_for} treeherder: machine: platform: mobile-decision metadata: owner: ${user}@users.noreply.github.com source: ${repository}/raw/${head_rev}/.taskcluster.yml in: $flatten: - $if: 'tasks_for == "github-pull-request" && event["action"] in ["opened", "reopened", "edited", "synchronize"]' then: $let: pull_request_title: ${event.pull_request.title} pull_request_number: ${event.pull_request.number} pull_request_url: ${event.pull_request.html_url} in: $mergeDeep: - {$eval: 'default_task_definition'} - scopes: - ${assume_scope_prefix}:pull-request payload: command: - >- git fetch ${repository} ${head_branch} && git config advice.detachedHead false && git checkout FETCH_HEAD && python automation/taskcluster/decision_task.py pull-request env: GITHUB_PULL_TITLE: ${pull_request_title} MOBILE_PULL_REQUEST_NUMBER: ${pull_request_number} extra: treeherder: symbol: D-PR metadata: name: '${project_name} - Decision task (Pull Request #${pull_request_number})' description: 'Building and testing ${project_name} - triggered by [#${pull_request_number}](${pull_request_url})' - $if: 'tasks_for == "github-push" && head_branch[:10] != "refs/tags/"' then: $mergeDeep: - {$eval: 'default_task_definition'} - scopes: - ${assume_scope_prefix}:branch:${short_head_branch} payload: command: - >- git fetch ${repository} ${head_branch} && git config advice.detachedHead false && git checkout FETCH_HEAD && python automation/taskcluster/decision_task.py push extra: treeherder: symbol: D metadata: name: ${project_name} VCS-Push Decision task description: Schedules the build and test tasks for ${project_name}. - $if: 'tasks_for == "github-release" && event["action"] == "published"' then: $mergeDeep: - {$eval: 'default_task_definition'} - scopes: - ${assume_scope_prefix}:release payload: command: - >- git fetch ${repository} refs/tags/${head_rev} && git config advice.detachedHead false && git checkout FETCH_HEAD && python automation/taskcluster/decision_task.py github-release ${event.release.tag_name} extra: treeherder: symbol: D-github-release metadata: name: ${project_name} Github Release Decision Task description: Building and releasing ${project_name} ${event.release.tag_name} - $if: 'tasks_for == "cron"' then: $let: staging_flag: $if: 'trust_level == 3' then: '' else: '--staging' in: - $if: 'cron.name == "nightly"' then: $mergeDeep: - {$eval: 'default_task_definition'} - scopes: - $if: 'trust_level == 3' then: assume:hook-id:project-mobile/${project_name}-nightly else: assume:hook-id:project-mobile/${project_name}-nightly-staging routes: $if: 'trust_level == 3' then: - notify.email.fenix-eng-notifications@mozilla.com.on-failed payload: command: - >- git fetch ${repository} ${head_branch} && git config advice.detachedHead false && git checkout FETCH_HEAD && python automation/taskcluster/decision_task.py nightly ${staging_flag} extra: cron: {$json: {$eval: 'cron'}} treeherder: symbol: nightly-D metadata: name: ${project_name} Nightly Decision Task description: Decision task scheduled by cron task [${cron.task_id}](https://tools.taskcluster.net/tasks/${cron.task_id}) - $if: 'cron.name == "raptor"' then: $mergeDeep: - {$eval: 'default_task_definition'} - scopes: - $if: 'trust_level == 3' then: assume:hook-id:project-mobile/${project_name}-raptor else: assume:hook-id:project-mobile/${project_name}-raptor-staging routes: $if: 'trust_level == 3' then: - notify.email.fenix-eng-notifications@mozilla.com.on-failed - notify.email.perftest-alerts@mozilla.com.on-failed payload: command: - >- git fetch ${repository} ${head_branch} && git config advice.detachedHead false && git checkout FETCH_HEAD && python automation/taskcluster/decision_task.py raptor ${staging_flag} extra: cron: {$json: {$eval: 'cron'}} treeherder: symbol: raptor-D notify: email: link: text: Treeherder Job href: "https://treeherder.mozilla.org/#/jobs?repo=${project_name}&revision=${head_rev}" subject: "[${project_name}] Raptor decision task failed" content: "This calls for an action of the development team. If needed, escalate to the release engineering team in #releaseduty-mobile on Slack. Use the link to view it on Treeherder." metadata: name: ${project_name} Raptor Decision Task description: Decision task scheduled by cron task [${cron.task_id}](https://tools.taskcluster.net/tasks/${cron.task_id})