Skip to content
Taskcluster Boot utils
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
taskboot Retry builds in build-compose (#16) Apr 19, 2019
.taskcluster.yml Remove useless artifact on docker push step Apr 18, 2019
Dockerfile Add push-artifact command #11, fixes #9 Apr 18, 2019
requirements-tests.txt Initial build command with write/push Apr 9, 2019
setup.cfg Ignore lines too long Apr 10, 2019

Task Boot

An helper tool to bootstrap Taskcluster usage

Taskcluster + Github

  1. Create an account or login on Taskcluster tools
  2. Go to the Github quick-start page
  3. Fill in the form related to your github repository
  4. Specify the payload.image as mozilla/taskboot:latest
  5. Specify the payload.command as
	- taskboot
	- build
	- path/to/Dockerfile
  1. Copy the produced YAML code and commit it in your repository as .taskcluster.yml
  2. Acticate the Taskcluster Github addon on your repository


We recommend creating one role per functionality. If you want to build docker images in some steps, and push or dpeloy them in other steps (or maybe on some specific tags or branches), you might create 2 distinct roles as below.

TODO: explain the worker type needs and how to get them

Build role scopes:

  • docker-worker:capability:privileged : needed to run the container in privileged mode to allow Docker builds
  • queue:create-task:aws-provisioner-v1/<WORKER_TYPE> : needed to create a task in the privileged worker type

Deploy role scopes:

  • secrets:get:path/to/your/secret : needed to read a secret you manage, and where you store Docker registry credentials

Now you need to assign (or assume in Taskcluster linguo) those new roles to the roles used by the Taskcluster Github application:

  •<GROUP>/<PROJECT>:pull-request is used when a pull request is created. Generally you only want the build role here
  •<GROUP>/<PROJECT>:branch:* is used when pushing to any branch. You can specify a branch instead of wildcard too.
  •<GROUP>/<PROJECT>:tag:* is used when a tag is created, generally for new releases. You might want to use build & deploy scopes here.
You can’t perform that action at this time.