-
Notifications
You must be signed in to change notification settings - Fork 15
Taskcluster
Bastien Abadie edited this page Apr 24, 2019
·
1 revision
- Create an account or login on Taskcluster tools
- Go to the Github quick-start page
- Fill in the form related to your github repository
- Specify the
payload.imageasmozilla/taskboot:latest - Specify the
payload.commandas
command:
- taskboot
- build
- path/to/Dockerfile
- Copy the produced YAML code and commit it in your repository as
.taskcluster.yml - Acticate the Taskcluster Github addon on your repository
We recommend creating one role per functionality. If you want to build docker images in some steps, and push or dpeloy them in other steps (or maybe on some specific tags or branches), you might create 2 distinct roles as below.
TODO: explain the worker type needs and how to get them
Build role scopes:
-
docker-worker:capability:privileged: needed to run the container in privileged mode to allow Docker builds -
queue:create-task:aws-provisioner-v1/<WORKER_TYPE>: needed to create a task in the privileged worker type
Deploy role scopes:
-
secrets:get:path/to/your/secret: needed to read a secret you manage, and where you store Docker registry credentials
Now you need to assign (or assume in Taskcluster linguo) those new roles to the roles used by the Taskcluster Github application:
-
repo:github.com/<GROUP>/<PROJECT>:pull-requestis used when a pull request is created. Generally you only want the build role here -
repo:github.com/<GROUP>/<PROJECT>:branch:*is used when pushing to any branch. You can specify a branch instead of wildcard too. -
repo:github.com/<GROUP>/<PROJECT>:tag:*is used when a tag is created, generally for new releases. You might want to use build & deploy scopes here.