Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-07-09 16:33:40 +01:00
Code Issues Projects Releases Packages Wiki Activity
servo/etc/taskcluster/macos/README.md
Josh Matthews 08bc01be54 Add java setup to mac instructions.
2019-05-09 19:54:36 -04:00

2.4 KiB
Raw Blame History

macOS

This is the configuration for the proj-servo/macos worker type. These macOS workers are configured with SaltStack in agentless mode.

Either run ./salt-ssh to automatically install salt-ssh in machs existing Python virtualenv, or install salt-ssh through some other mean and run in from this directory.

cd etc/taskcluster/macos
./salt-ssh '*' test.ping
./salt-ssh '*' state.apply test=True

Troubleshooting

SSH into servo-tc-mac1.servo.org. generic-worker logs are in less /Users/worker/stderr.log.

If the worker seems stuck but nothing seems wrong in the log, try running launchctl stop net.generic.worker. (It is configured to restart automatically.) This issue is tracked at generic-worker#133.

(Re)deploying a server

  • Place an order or file a ticket with MacStadium to get a new hardware or reinstall an OS.

  • Change the administrator password to one generated with </dev/urandom tr -d -c 'a-zA-Z' | head -c 8; echo (this short because of VNC), and save it in the shared 1Password account.

  • Give the public IPv4 address a DNS name through Cloudflare.

  • Add a correponding entry in the config/roster file.

  • Log in through VNC, and run xcode-select --install

  • Still in VNC, install the jdk8 package from http://adoptopenjdk.net

  • Install an ssh key into /Users/administrator/.ssh/authorized_keys and /var/root/.ssh/authorized_keys.

Taskcluster secrets

This SaltStack configuration has a custom module that uses Taskclusters secrets service. These secrets include an authentication token. Youll need to authenticate with a Taskcluster client ID that has scope secrets:get:project/servo/*. This should be the case if youre a Servo project administrator (the project-admin:servo role).

To authenticate, install taskcluster-cli and run eval \taskcluster signin``. This will set up the TASKCLUSTER_CLIENT_ID and TASKCLUSTER_ACCESS_TOKEN variables to allow retrieving secrets appropriately in the current terminal session.

Workers client ID

Workers are configured to authenticate with client ID project/servo/worker/macos/1. This client has the scopes required to run tasks for this worker type.