|author||Aaron Gable <firstname.lastname@example.org>||Fri Feb 22 01:11:06 2019|
|committer||Commit Bot <email@example.com>||Fri Feb 22 01:11:06 2019|
Make gatekeeper recipe hermetic for LUCI This CL makes a number of changes to the gatekeeper recipe and recipe module to make it deployable on LUCI: * It copies the JSON configuration files to be recipe resources so that they don't have to be tagged for bundling using .gitattributes. * It copies the helper libraries (build_scan, auth) into the recipe resources so that they can be self-contained. * It adds a vpython environment file so that the gatekeeper_ng script can be run in a hermetic environment. * It updates the python scripts to use LUCI's ambient auth credentials, so it doesn't rely (as much) on statically deployed credential files. * It modifies the recipe to call the new hermetic version of gatekeeper_ng, and read the new config files. This CL will be accompanied by an internal CL which makes corresponding changes to the gatekeeper_internal recipe. It will be followed by a CL which deletes the old versions of the gatekeeper scripts and configs. Bug: 853854 Recipe-Nontrivial-Roll: build_limited_scripts_slave Change-Id: I0b6cfdaa98800bc239ff38a7a9eec689e5f80bf4 Reviewed-on: https://chromium-review.googlesource.com/c/1480601 Commit-Queue: Aaron Gable <firstname.lastname@example.org> Reviewed-by: Sean McCullough <email@example.com> Reviewed-by: Robbie Iannucci <firstname.lastname@example.org>
Hi build contributor! If you do any change in
scripts/master/ or touching any master's
html/ directories, you must restart master.chromium.fyi first and ensure that it still works before restarting other masters.
If you're here to make a change to ‘recipes’ (the code located in
scripts/slave/recipes*), please take a look at the README for more information pertaining to recipes.