Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-07-26 00:30:22 +01:00
Code Issues Projects Releases Packages Wiki Activity
servo/etc/taskcluster/macos
History
Anthony Ramine 76aa808a28 Remove forked gst-plugins-bad formula 
f5f644151d
2019-07-23 12:03:08 +02:00
..
config Auto merge of #23412 - servo:ssh, r=Manishearth 2019-05-23 21:12:40 -04:00
modules/pillar Add some SSH keys to tc-mac workers 2019-05-23 13:35:36 +02:00
states Auto merge of #23412 - servo:ssh, r=Manishearth 2019-05-23 21:12:40 -04:00
.gitignore Initial agentless SaltStack config for generic-worker on macOS 2018-11-15 17:38:13 +01:00
Brewfile Install gstreamer libraries for WPT runner tasks on mac. 2019-05-13 12:29:21 -04:00
Brewfile-gstreamer Remove forked gst-plugins-bad formula 2019-07-23 12:03:08 +02:00
Brewfile-wpt Install jq when performing WPT sync job. 2019-05-07 11:09:23 -04:00
README.md Add java setup to mac instructions. 2019-05-09 19:54:36 -04:00
salt-ssh Update MPL license to https (part 1) 2018-11-19 14:46:43 +01:00
Saltfile generic-worker on macOS: run as unprivileged user, start as a service 2018-11-15 17:38:13 +01:00

README.md

macOS

This is the configuration for the proj-servo/macos worker type. These macOS workers are configured with SaltStack in agentless mode.

Either run ./salt-ssh to automatically install salt-ssh in machs existing Python virtualenv, or install salt-ssh through some other mean and run in from this directory.

cd etc/taskcluster/macos
./salt-ssh '*' test.ping
./salt-ssh '*' state.apply test=True

Troubleshooting

SSH into servo-tc-mac1.servo.org. generic-worker logs are in less /Users/worker/stderr.log.

If the worker seems stuck but nothing seems wrong in the log, try running launchctl stop net.generic.worker. (It is configured to restart automatically.) This issue is tracked at generic-worker#133.

(Re)deploying a server

  • Place an order or file a ticket with MacStadium to get a new hardware or reinstall an OS.

  • Change the administrator password to one generated with </dev/urandom tr -d -c 'a-zA-Z' | head -c 8; echo (this short because of VNC), and save it in the shared 1Password account.

  • Give the public IPv4 address a DNS name through Cloudflare.

  • Add a correponding entry in the config/roster file.

  • Log in through VNC, and run xcode-select --install

  • Still in VNC, install the jdk8 package from http://adoptopenjdk.net

  • Install an ssh key into /Users/administrator/.ssh/authorized_keys and /var/root/.ssh/authorized_keys.

Taskcluster secrets

This SaltStack configuration has a custom module that uses Taskclusters secrets service. These secrets include an authentication token. Youll need to authenticate with a Taskcluster client ID that has scope secrets:get:project/servo/*. This should be the case if youre a Servo project administrator (the project-admin:servo role).

To authenticate, install taskcluster-cli and run eval \taskcluster signin``. This will set up the TASKCLUSTER_CLIENT_ID and TASKCLUSTER_ACCESS_TOKEN variables to allow retrieving secrets appropriately in the current terminal session.

Workers client ID

Workers are configured to authenticate with client ID project/servo/worker/macos/1. This client has the scopes required to run tasks for this worker type.