aiden
/
depot_tools
mirror of https://chromium.googlesource.com/chromium/tools/depot_tools
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,677 Commits
6 Branches
0 Tags
183 MiB
main
chrome/4147
chrome/3987
chrome/3865
chrome/3904
infra/config
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '687c59d3a4'
${ noResults }
Commit Graph

14 Commits (687c59d3a44e0b9e1b3f19cbc9b1940da00b44df)

Author SHA1 Message Date
Robert Iannucci f423e051f3 [led] Update led to latest version. 
This removes the '-mode' flag from the emitted job descriptions.

TBR=nodir@chromium.org

Bug: 914196,914926
Change-Id: I94ab67f0969b198164fa3fc3ef64a649dcf941bd
Reviewed-on: https://chromium-review.googlesource.com/c/1376657
Reviewed-by: Robbie Iannucci <iannucci@chromium.org>
Reviewed-by: Nodir Turakulov <nodir@chromium.org>
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
 6 years ago
Robert Iannucci d66dad7fc2 [vpython] Re-roll to pick up user differentiation of cached envs 
Now with correct error handling.

R=nodir@chromium.org, vadimsh@chromium.org

Bug: 869227
Change-Id: I961fd80209c9d9988e9d03016b7c0bd253c6cdfb
Reviewed-on: https://chromium-review.googlesource.com/c/1347249
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
Commit-Queue: Vadim Shtayura <vadimsh@chromium.org>
Auto-Submit: Robbie Iannucci <iannucci@chromium.org>
Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>
 6 years ago
Vadim Shtayura dc3adea9e1 Revert "[vpython] Roll to pick up user differentiation of cached envs." 
This reverts commit f491306841.

Reason for revert: panics, see b/119830955

Original change's description:
> [vpython] Roll to pick up user differentiation of cached envs.
> 
> R=​vadimsh@chromium.org
> 
> Bug: 869227
> Change-Id: I7e529c7c4d63e35a66ef93623982afc7d254d72f
> Reviewed-on: https://chromium-review.googlesource.com/c/1344638
> Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
> Commit-Queue: Vadim Shtayura <vadimsh@chromium.org>
> Auto-Submit: Robbie Iannucci <iannucci@chromium.org>
> Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>

TBR=iannucci@chromium.org,vadimsh@chromium.org

Change-Id: Ie77d559dc1787ec1b8a19076238b7018d39dd0b5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 869227
Reviewed-on: https://chromium-review.googlesource.com/c/1344639
Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>
Commit-Queue: Vadim Shtayura <vadimsh@chromium.org>
 6 years ago
Robert Iannucci f491306841 [vpython] Roll to pick up user differentiation of cached envs. 
R=vadimsh@chromium.org

Bug: 869227
Change-Id: I7e529c7c4d63e35a66ef93623982afc7d254d72f
Reviewed-on: https://chromium-review.googlesource.com/c/1344638
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
Commit-Queue: Vadim Shtayura <vadimsh@chromium.org>
Auto-Submit: Robbie Iannucci <iannucci@chromium.org>
Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>
 6 years ago
Robert Iannucci 6343daaa40 [led] Update led to latest version. 
Fixes issue with bogus secret bytes being included when running
`led get-build`. The server would return "<REDACTED>".encode("base64"),
and led would pass this along to the task, which would fail to decode
it as a proto.

R=nodir@chromium.org, vadimsh@chromium.org

Change-Id: Ie8b33a2dc1f05ddb163465d72ea461f9e6833363
Reviewed-on: https://chromium-review.googlesource.com/c/1340504
Auto-Submit: Robbie Iannucci <iannucci@chromium.org>
Reviewed-by: Nodir Turakulov <nodir@chromium.org>
Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>
Commit-Queue: Vadim Shtayura <vadimsh@chromium.org>
 6 years ago
Robert Iannucci 8ada4d523e [cipd] Roll cipd to allow long paths on Windows 
R=vadimsh@chromium.org

Change-Id: Ibd55035fe62ae710cdce448ec489bf7af06925fd
Reviewed-on: https://chromium-review.googlesource.com/c/1337522
Auto-Submit: Robbie Iannucci <iannucci@chromium.org>
Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
 6 years ago
Robert Iannucci 332c9ff5a9 [led] Roll led to pick up new kitchen CLI args. 
R=bpastene@chromium.org, nodir@chromium.org

Bug: 904478
Change-Id: I087c4e5a3a88339869573f214e6f415dd54f82aa
Reviewed-on: https://chromium-review.googlesource.com/c/1332027
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
Commit-Queue: Ben Pastene <bpastene@chromium.org>
Auto-Submit: Robbie Iannucci <iannucci@chromium.org>
Reviewed-by: Ben Pastene <bpastene@chromium.org>
 6 years ago
Robert Iannucci 768c3afe1d [led] Roll to pick up new kitchen CLI flags and set CallUpdateBuild=false. 
R=nodir@chromium.org

Change-Id: I37a0647ad9358a9e9b88f25b737385556428ebcd
Reviewed-on: https://chromium-review.googlesource.com/c/1329997
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
Auto-Submit: Robbie Iannucci <iannucci@chromium.org>
Reviewed-by: Nodir Turakulov <nodir@chromium.org>
 6 years ago
Vadim Shtayura 6edb632ff8 [cipd] Bump CIPD client and vpython versions. 
The most notable change is in how the integrity of the tag cache file is
checked. Once deployed, existing tag cache files will be considered invalid and
wiped.

The only observable side effect is the following line in the log:
"can't deserialize tag cache - no sha256 is recorded in the file"

R=tandrii@chromium.org, iannucci@chromium.org

Change-Id: I7ea300a4e7ad8be0c1d42ae561c5202420d2db62
Reviewed-on: https://chromium-review.googlesource.com/c/1327823
Reviewed-by: Robbie Iannucci <iannucci@chromium.org>
Commit-Queue: Vadim Shtayura <vadimsh@chromium.org>
 6 years ago
Robert Iannucci dce747620a [led] Roll led to correctly pick swarming host from buildbucket. 
TBR=tandrii@chromium.org, vadimsh@chromium.org

Change-Id: Ie976820701359bb4976d251b3de4f1077d2357ac
Reviewed-on: https://chromium-review.googlesource.com/c/1271304
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
Reviewed-by: Robbie Iannucci <iannucci@chromium.org>
 6 years ago
Ryan Tseng f98905e8f0 [led] Roll led to fix broken Milo annotation stream. 
Picks up https://chromium-review.googlesource.com/c/1260068

Bug: 891925
Change-Id: If2df9ea7ce2d1bcbaca8533935f6e6d30dcd8810
Reviewed-on: https://chromium-review.googlesource.com/c/1263015
Reviewed-by: Robbie Iannucci <iannucci@chromium.org>
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
 6 years ago
Robert Iannucci 22300e1fb5 [led] Roll led to add gerritcodereview scope to edit-cr-cl 
R=tandrii@chromium.org, vadimsh@chromium.org

Change-Id: I1f235cf959e92e4430cff7dcd0d292db1721319d
Reviewed-on: https://chromium-review.googlesource.com/c/1257585
Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
 7 years ago
Robert Iannucci 64b61330ec [led] Roll led to fix missing expiration_secs issue. 
TBR=tandrii@chromium.org, vadimsh@chromium.org

Bug: 875089
Change-Id: Ia48c7c67df8bdbd9bc0573406bd9f56f6cfe5d49
Reviewed-on: https://chromium-review.googlesource.com/1241677
Reviewed-by: Robbie Iannucci <iannucci@chromium.org>
Reviewed-by: Vadim Shtayura <vadimsh@chromium.org>
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>
 7 years ago
Vadim Shtayura 01710d041f [cipd] Pin hashes of CIPD packages. 
Together with already committed cipd_client_version.digests file, this
cryptographically binds contents of CIPD packages used by depot_tools
with depot_tool's git revision (assuming the CIPD client pinned by
cipd_client_version.digests is trusted too, which can presumably be
verified when it is being pinned).

This holds true even if the CIPD backend is compromised. The worst that
can happen is a denial of service (e.g. if the backend refuses to serve
packages at all).

If a bad backend tries to serve a malicious (unexpected) CIPD client,
'cipd' bootstrap script (and its powershell counterpart) will detect
a mismatch between SHA256 of the fetched binary and what's specified in
cipd_client_version.digests, and will refuse to run the untrusted binary.

Similarly, if the bad backend tries to serve some other unexpected
package (in place of a package specified in cipd_manifest.txt), the CIPD
client (already verified and trusted as this point) will detect a mismatch
between what was fetched and what's pinned in cipd_manifest.versions, and
will refuse to install untrusted files.

cipd_manifest.versions was generated from cipd_manifest.txt by:
$ cipd ensure-file-resolve -ensure-file cipd_manifest.txt

This will have to be rerun each time cipd_manifest.txt is updated. There's
a presubmit check that verifies *.versions file is up-to-date (it's part
of 'cipd ensure-file-verify').

BUG=870166
R=nodir@chromium.org, iannucci@chromium.org, tandrii@chromium.org

Change-Id: I25314adf0a9b05c69cd16e75aff01dbc79c87aa5
Reviewed-on: https://chromium-review.googlesource.com/1227435
Commit-Queue: Vadim Shtayura <vadimsh@chromium.org>
Reviewed-by: Andrii Shyshkalov <tandrii@chromium.org>
 7 years ago