Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
RFC#166 - signing public S3 artifacts
3 views
Skip to first unread message
Dustin Mitchell
Sep 17, 2020, 12:08:50 PM9/17/20
to tools-taskcluster
Hi folks!
@ricky26 has proposed an RFC:
https://github.com/taskcluster/taskcluster-rfcs/pull/166
The tl;dr is that, when configured, `queue.getArtifact` will return URLs
for S3 endpoints that include a signature which can be validated by S3,
allowing use of non-public S3 buckets. This configuration would not be
enabled on the firefox-ci-tc or community-tc deployments.
The RFC seems solid, so we've moved it to its final-comment phase. That
will last until next Monday. As always, if you have concerns, reasons we
shouldn't do this, or things we've missed, please speak up on the PR. As
noted, the PR is already merged, but we're going to pretend that isn't the
case :)
Thanks,
Dustin
@ricky26 has proposed an RFC:
https://github.com/taskcluster/taskcluster-rfcs/pull/166
The tl;dr is that, when configured, `queue.getArtifact` will return URLs
for S3 endpoints that include a signature which can be validated by S3,
allowing use of non-public S3 buckets. This configuration would not be
enabled on the firefox-ci-tc or community-tc deployments.
The RFC seems solid, so we've moved it to its final-comment phase. That
will last until next Monday. As always, if you have concerns, reasons we
shouldn't do this, or things we've missed, please speak up on the PR. As
noted, the PR is already merged, but we're going to pretend that isn't the
case :)
Thanks,
Dustin
0 new messages