@@ -3,126 +3,96 @@ policy:
33 pullRequests : collaborators
44tasks :
55 $let :
6- user : ${event.sender.login}
7-
8- fetch_rev :
9- $if : ' tasks_for == "github-pull-request"'
10- then : ${event.pull_request.head.sha}
11- else :
12- $if : ' tasks_for == "github-push"'
13- then : ${event.after}
14- else : ${event.release.tag_name}
15-
16- fetch_ref :
17- $if : ' tasks_for == "github-pull-request"'
18- then : ${event.pull_request.head.sha}
19- else :
20- $if : ' tasks_for == "github-push"'
21- then : ${event.after}
22- else : " refs/tags/${event.release.tag_name}:refs/tags/${event.release.tag_name}"
23-
24- http_repo :
25- $if : ' tasks_for == "github-pull-request"'
26- then : ${event.pull_request.base.repo.clone_url}
27- else : ${event.repository.clone_url}
28-
29- codecov_secret :
30- codecov-lithium
31-
32- pypi_secret :
33- pypi-lithium
346
357 project_name :
368 Lithium
379
10+ matrix :
11+ language : python
12+ secrets :
13+ - type : env
14+ secret : project/fuzzing/codecov-lithium
15+ name : CODECOV_TOKEN
16+ key : token
17+ script :
18+ - bash
19+ - ' -xec'
20+ - tox; tox -e codecov
21+ jobs :
22+ include :
23+ - name : tests python 3.6
24+ version : " 3.6"
25+ env :
26+ TOXENV : py36
27+ - name : tests python 3.7
28+ version : " 3.7"
29+ env :
30+ TOXENV : py37
31+ - name : tests python 3.8
32+ version : " 3.8"
33+ env :
34+ TOXENV : py38
35+ - name : tests python 3.9
36+ version : " 3.9"
37+ env :
38+ TOXENV : py39
39+ - name : lint
40+ version : " 3.9"
41+ env :
42+ TOXENV : lint
43+ script :
44+ - tox
45+ - name : PyPI upload
46+ version : " 3.8"
47+ env :
48+ TOXENV : pypi
49+ script :
50+ - tox
51+ when :
52+ release : true
53+ all_passed : true
54+ secrets :
55+ - type : env
56+ secret : project/fuzzing/pypi-lithium
57+ name : TWINE_USERNAME
58+ key : username
59+ - type : env
60+ secret : project/fuzzing/pypi-lithium
61+ name : TWINE_PASSWORD
62+ key : password
63+
3864 in :
3965 $if : ' tasks_for != "github-pull-request" || event["action"] in ["opened", "reopened", "synchronize"]'
4066 then :
41- $flatten :
42- - $map :
43- - {image: ci-py-36, toxenv: 'py36', name: 'tests python 3.6'}
44- - {image: ci-py-37, toxenv: 'py37', name: 'tests python 3.7'}
45- - {image: ci-py-38, toxenv: 'py38', name: 'tests python 3.8'}
46- - {image: ci-py-39, toxenv: 'py39', name: 'tests python 3.9'}
47- - {image: ci-py-39, toxenv: 'lint', name: 'lint'}
48- each(build) :
49- taskId : {$eval: as_slugid(build.toxenv)}
50- provisionerId : proj-fuzzing
51- workerType : ci
52- created : {$fromNow: ''}
53- deadline : {$fromNow: '1 hour'}
54- scopes :
55- - secrets:get:project/fuzzing/${codecov_secret}
56- payload :
57- maxRunTime : 900
58- image :
59- type : indexed-image
60- path : public/${build.image}.tar.zst
61- namespace : project.fuzzing.orion.${build.image}.master
62- env :
63- TOXENV : ${build.toxenv}
64- CODECOV_SECRET : ${codecov_secret}
65- FETCH_REF : ${fetch_ref}
66- FETCH_REV : ${fetch_rev}
67- CLONE_REPO : ${http_repo}
68- features :
69- taskclusterProxy : true
70- command :
71- - /bin/bash
72- - ' --login'
73- - ' -x'
74- - ' -e'
75- - ' -c'
76- - >-
77- . py-ci.sh;
78- clone;
79- tox;
80- tox_codecov;
81- metadata :
82- name : ${project_name} ${build.name}
83- description : ${project_name} ${build.name}
84- owner : ' ${user}@users.noreply.github.com'
85- source : ${http_repo}/raw/${fetch_rev}/.taskcluster.yml
86- - $if : ' tasks_for in ["github-release"]'
87- then :
88- - provisionerId : proj-fuzzing
89- workerType : ci
90- dependencies :
91- - {$eval: as_slugid("py36")}
92- - {$eval: as_slugid("py37")}
93- - {$eval: as_slugid("py38")}
94- - {$eval: as_slugid("py39")}
95- - {$eval: as_slugid("lint")}
96- created : {$fromNow: ''}
97- deadline : {$fromNow: '1 hour'}
98- scopes :
99- - secrets:get:project/fuzzing/${pypi_secret}
100- payload :
101- maxRunTime : 900
102- image :
103- type : indexed-image
104- path : public/ci-py-38.tar.zst
105- namespace : project.fuzzing.orion.ci-py-38.master
106- features :
107- taskclusterProxy : true
108- env :
109- TOXENV : pypi
110- FETCH_REF : ${fetch_ref}
111- FETCH_REV : ${fetch_rev}
112- CLONE_REPO : ${http_repo}
113- PYPI_SECRET : ${pypi_secret}
114- command :
115- - /bin/bash
116- - ' --login'
117- - ' -x'
118- - ' -e'
119- - ' -c'
120- - >-
121- . py-ci.sh;
122- clone;
123- tox_pypi;
124- metadata :
125- name : ${project_name} PyPI upload
126- description : ${project_name} PyPI upload
127- owner : ' ${user}@users.noreply.github.com'
128- source : ${http_repo}/raw/${fetch_rev}/.taskcluster.yml
67+ - created : {$fromNow: ''}
68+ deadline : {$fromNow: '1 hour'}
69+ provisionerId : proj-fuzzing
70+ workerType : ci
71+ payload :
72+ features :
73+ taskclusterProxy : true
74+ maxRunTime : 3600
75+ image :
76+ type : indexed-image
77+ path : public/orion-decision.tar.zst
78+ namespace : project.fuzzing.orion.orion-decision.master
79+ env :
80+ PROJECT_NAME : ${project_name}
81+ CI_MATRIX : {$json: {$eval: matrix}}
82+ GITHUB_EVENT : {$json: {$eval: event}}
83+ GITHUB_ACTION : ${tasks_for}
84+ TASKCLUSTER_NOW : ${now}
85+ command :
86+ - ci-decision
87+ - -v
88+ scopes :
89+ - queue:create-task:highest:proj-fuzzing/ci
90+ - queue:create-task:highest:proj-fuzzing/ci-*
91+ - queue:scheduler-id:taskcluster-github
92+ - secrets:get:project/fuzzing/codecov-lithium
93+ - secrets:get:project/fuzzing/pypi-lithium
94+ metadata :
95+ name : ${project_name} CI decision
96+ description : Schedule CI tasks for ${project_name}
97+ owner : truber@mozilla.com
98+ source : https://github.com/MozillaSecurity/orion
0 commit comments