On 2014-09-18, 3:28 PM, Jonathan Watt wrote:
On 18/09/2014 22:43, Nick Alexander wrote:
On 2014-09-18, 2:32 PM, Jonathan Watt wrote:
I have Firefox 32.0.1 and Firefox Beta 4 installed from the Play store,
along with a "Fennec jwatt" I built locally from the tip of the 33
branch. I Now want to install:
http://ftp.mozilla.org/pub/mozilla.org/mobile/tinderbox-builds/mozilla-beta-android/1411036441/fennec-33.0.en-US.android-arm.apk
which is an auto build from a push to beta branch.
I see what's happening here. Yes, this is a push to beta; yes, this is
signed by Mozilla; no, it's not signed with the beta/release key.
If you unzip, you'll see:
M Filemode Length Date Time File
- ---------- -------- ----------- --------
------------------------------------------------------------------------
-rw-rw-rw- 128196 18-Sep-2014 04:52:12 meta-inf/manifest.mf
-rw-rw-rw- 128317 18-Sep-2014 04:52:12 meta-inf/nightly.sf
-rw-rw-rw- 1091 18-Sep-2014 04:52:12 meta-inf/nightly.dsa
It's signed by the Nightly keys. For the record, all try builds look
like Nightly builds, including getting signed like Nightly (and Aurora).
Only the official beta and release builds are signed with the more
valuable Release key.
To be clear, this wasn't a Try build, but an actual beta branch build.
It just isn't an actual milestone (as in b2, b4, etc.). So I'm assuming
you're saying that beta milestone builds are signed with the Release
key, but all other beta builds are not.
I don't know what beta branch build means, exactly, but I don't think
that's important. The question is whether the build job (in the
buildbot sense) is configured as a beta/release job; that's where the
signing infrastructure is configured, I think. bhearsum is the expert
on this, I believe.
I do not think we want to be signing many builds with Mozilla's very
valuable release key, so I wouldn't want to see too many "beta branch
builds" signed as release/beta.
The hidden thing here is that both Release and Beta share a key, and
both Aurora and Nightly share a key; and those keys are different.
So if you remove Release and Beta, you'll be able to install your custom
beta build, which is signed like Nightly.
Confused?
No, I follow you. So to me it seems like we should have parity here:
https://mxr.mozilla.org/mozilla-central/source/mobile/android/defs.mk?rev=8c483fd63cad&mark=13-15
where we should only be using the "org.mozilla.firefox.sharedID" ID for
beta _milestones_ though, and using "org.mozilla.firefox_beta.sharedID"
(or whatever) for other beta builds. That would remove the pain point of
having to uninstall Release and milestone Betas in order to install and
test non-milestone betas. 'coz that kinda sucks.
If you can distinguish between milestone and branch builds in tree, I
have no objections to reviewing a patch that makes this simpler.
Yours,
Nick
_______________________________________________
mobile-firefox-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/mobile-firefox-dev
