Taskcluster

GENERAL

▶ [patch] [bug 1637302](http://bugzil.la/1637302)
Docker-worker now automatically gzips artifacts before
uploading them. It sets content-encoding in the S3 headers so that most
consumers should be able to transparently handle decompression.

DEPLOYERS

▶ [MAJOR] [3012](https://github.com/taskcluster/taskcluster/issues/3012)
An encrypted column "secret" has been added to the workers table. The
worker-manager service now requires an additional environment variable `DB_CRYPTO_KEYS`
to be set which is a JSON array where each element is an object of the form.

json
{
"id": "a unique identifier",
"algo": "aes-256",
"key": "32 bytes of base64 string"
}


Note that for this upgrade it will only be an array of a single object.

▶ [patch] [bug 1638921](http://bugzil.la/1638921)
Kubernetes cron tasks are now configured with concurrencyPolicy: Forbid, to prevent multiple pods of the same job from running concurrently.

WORKER-DEPLOYERS

▶ [patch] [3080](https://github.com/taskcluster/taskcluster/issues/3080)
Docker-worker is now more careful to shut down only when it is idle and has not begun to claim a task, avoiding race conditions that could lead to `claim-expired` tasks.

▶ [patch] [3012](https://github.com/taskcluster/taskcluster/issues/3012)
Worker runner can now re-register a worker with worker-manager, refreshing its credentials. This allows workers to run for an unlimited time, so long as they continue to check in with the worker manager periodically. Both docker-worker and generic-worker, as of this version, support this functionality. Older worker versions will simply terminate when their credentials expire.

USERS

▶ [patch]
Docker-worker now includes an error message in the task log when uploading an artifact fails

▶ [patch] [2883](https://github.com/taskcluster/taskcluster/issues/2883)
Endpoints that return worker pools now contain an `existingCapacity` field that contains the total
amount of capacity for the worker pool between all workers that are not `stopped`.

▶ [patch] [3004](https://github.com/taskcluster/taskcluster/issues/3004)
Generic-worker now uses the task's credentials to fetch artifacts specified in the `mounts` property of the task's payload. This will allow use of private artifacts in mounts.

▶ [patch] [2882](https://github.com/taskcluster/taskcluster/issues/2882)
Workerpools lists and views in the ui now show the amount of currently existing capacity
is provided by the workers in the pool and the pending count of tasks.

DEVELOPERS

▶ [minor] [3013](https://github.com/taskcluster/taskcluster/issues/3013)
Github integration can now set [annotations](https://developer.github.com/v3/checks/runs/#annotations-object) for check runs.
By default it will read `public/github/customCheckRunAnnotations.json` but it can be overridden by setting
`task.extra.github.customCheckRun.annotationsArtifactName`. The json will be passed along unmodified.

OTHER

▶ Additional changes not described here: [bug 1638921](http://bugzil.la/1638921), [#2887](https://github.com/taskcluster/taskcluster/issues/2887), [#2890](https://github.com/taskcluster/taskcluster/issues/2890), [#3021](https://github.com/taskcluster/taskcluster/issues/3021), [#3067](https://github.com/taskcluster/taskcluster/issues/3067), [#3079](https://github.com/taskcluster/taskcluster/issues/3079), [#2962](https://github.com/taskcluster/taskcluster/issues/2962).

GENERAL

▶ [patch]
Worker Manager now avoids scanning all the workers table in memory to avoid possible OOM issues.

WORKER-DEPLOYERS

▶ [patch] [bug 1607605](http://bugzil.la/1607605)
Generic-worker now supports shutting down gracefully when instructed to do so by worker-runner, such as when a cloud VM is being terminated.

USERS

▶ [patch] [bug 1639713](http://bugzil.la/1639713)
Tasks using the `hostSharedMemory` device capability will now properly mount `/dev/shm` from the host into the container.

DEPLOYERS

▶ [minor] [2877](https://github.com/taskcluster/taskcluster/issues/2877)
The `wmworkers_entities` table has now been migrated to use a relational table.
The new table is called `workers`. `wmworkers_entities` will get deleted.

DEVELOPERS

▶ [patch]
Release tasks now have access to taskcluster-proxy

OTHER

▶ Additional change not described here: [2921](https://github.com/taskcluster/taskcluster/issues/2921).

GENERAL

▶ [patch] [bug 1631824](http://bugzil.la/1631824)
The worker-manager azure provider now properly tracks and deletes all disks when a virtual machine has data disks created for it.

DEPLOYERS

▶ [patch]
A bug in the Azure provider which caused provisioning to fail when handling operations has been fixed.

▶ [patch]
Taskcluster services now include metadata at the top level of Fields for `generic.*` logging messages, rather than in `meta` or `fields` sub-properties.

WORKER-DEPLOYERS

▶ [patch] [2969](https://github.com/taskcluster/taskcluster/issues/2969)
Docker-worker now only considers itself idle if its call to `queue.claimWork` returns no tasks. This prevents the situation where a very short `afterIdleSeconds` causes the worker to shut down *while* calling `claimWork`.

▶ [patch] [2925](https://github.com/taskcluster/taskcluster/issues/2925)
Listing workers in the "stopping" state will no longer cause 500 errors.

USERS

▶ [patch] [bug 1632929](http://bugzil.la/1632929)
Taskcluster-Github now uses a release event's `target_commitish` property instead of the `tag` property to determine the SHA of the released commit. This is important in cases where tags are created as part of the release-creation call, as GitHub sends the release event before the tag is created.

DEVELOPERS

▶ [patch] [bug 1636167](http://bugzil.la/1636167)
CI tasks are now generated in a decision task by https://hg.mozilla.org/ci/taskgraph

OTHER

▶ Additional changes not described here: [bug 1640267](http://bugzil.la/1640267), [#2827](https://github.com/taskcluster/taskcluster/issues/2827), [#2890](https://github.com/taskcluster/taskcluster/issues/2890), [#2912](https://github.com/taskcluster/taskcluster/issues/2912), [#2913](https://github.com/taskcluster/taskcluster/issues/2913), [#2951](https://github.com/taskcluster/taskcluster/issues/2951), [#2952](https://github.com/taskcluster/taskcluster/issues/2952), [bug 1634376](http://bugzil.la/1634376).