[bot_update] Remove use_site_config_creds.

This method hasn't been supported for a long time now (and besides, its
only for Rietveld).

R=agable@chromium.org, tandrii@chromium.org

Recipe-Manual-Change: infra
Change-Id: Ie6e63834dca67962db29f2cb407950ed85db55a7
Reviewed-on: https://chromium-review.googlesource.com/957832
Reviewed-by: Andrii Shyshkalov <tandrii@chromium.org>
Reviewed-by: Aaron Gable <agable@chromium.org>
Commit-Queue: Robbie Iannucci <iannucci@chromium.org>

recipes/README.recipes.md

@@ -50,16 +50,14 @@ Wrapper for easy calling of bot_update.
 
 — **def [apply\_gerrit\_ref](/recipes/recipe_modules/bot_update/api.py#46)(self, root, gerrit_no_reset=False, gerrit_no_rebase_patch_ref=False, gerrit_repo=None, gerrit_ref=None, step_name='apply_gerrit', \*\*kwargs):**
 
-— **def [deapply\_patch](/recipes/recipe_modules/bot_update/api.py#442)(self, bot_update_step):**
+— **def [deapply\_patch](/recipes/recipe_modules/bot_update/api.py#424)(self, bot_update_step):**
 
 Deapplies a patch, taking care of DEPS and solution revisions properly.
     
 
-— **def [ensure\_checkout](/recipes/recipe_modules/bot_update/api.py#68)(self, gclient_config=None, suffix=None, patch=True, update_presentation=True, patch_root=None, no_shallow=False, with_branch_heads=False, with_tags=False, refs=None, patch_oauth2=False, oauth2_json=False, use_site_config_creds=True, clobber=False, root_solution_revision=None, rietveld=None, issue=None, patchset=None, gerrit_no_reset=False, gerrit_no_rebase_patch_ref=False, disable_syntax_validation=False, manifest_name=None, \*\*kwargs):**
+— **def [ensure\_checkout](/recipes/recipe_modules/bot_update/api.py#68)(self, gclient_config=None, suffix=None, patch=True, update_presentation=True, patch_root=None, no_shallow=False, with_branch_heads=False, with_tags=False, refs=None, patch_oauth2=False, oauth2_json=False, use_site_config_creds=None, clobber=False, root_solution_revision=None, rietveld=None, issue=None, patchset=None, gerrit_no_reset=False, gerrit_no_rebase_patch_ref=False, disable_syntax_validation=False, manifest_name=None, \*\*kwargs):**
 
 Args:
-  use_site_config_creds: If the oauth2 credentials are in the buildbot
-    site_config. See crbug.com/624212 for more information.
   gclient_config: The gclient configuration to use when running bot_update.
     If omitted, the current gclient configuration is used.
   rietveld: The rietveld server to use. If omitted, will infer from
@@ -74,7 +72,7 @@ Args:
   manifest_name: The name of the manifest to upload to LogDog.  This must
     be unique for the whole build.
 
-— **def [get\_project\_revision\_properties](/recipes/recipe_modules/bot_update/api.py#419)(self, project_name, gclient_config=None):**
+— **def [get\_project\_revision\_properties](/recipes/recipe_modules/bot_update/api.py#401)(self, project_name, gclient_config=None):**
 
 Returns all property names used for storing the checked-out revision of
 a given project.

recipes/recipe_modules/bot_update/api.py

@@ -70,7 +70,7 @@ class BotUpdateApi(recipe_api.RecipeApi):
                       patch_root=None, no_shallow=False,
                       with_branch_heads=False, with_tags=False, refs=None,
                       patch_oauth2=False, oauth2_json=False,
-                      use_site_config_creds=True, clobber=False,
+                      use_site_config_creds=None, clobber=False,
                       root_solution_revision=None, rietveld=None, issue=None,
                       patchset=None, gerrit_no_reset=False,
                       gerrit_no_rebase_patch_ref=False,
@@ -78,8 +78,6 @@ class BotUpdateApi(recipe_api.RecipeApi):
                       **kwargs):
     """
     Args:
-      use_site_config_creds: If the oauth2 credentials are in the buildbot
-        site_config. See crbug.com/624212 for more information.
       gclient_config: The gclient configuration to use when running bot_update.
         If omitted, the current gclient configuration is used.
       rietveld: The rietveld server to use. If omitted, will infer from
@@ -94,6 +92,8 @@ class BotUpdateApi(recipe_api.RecipeApi):
       manifest_name: The name of the manifest to upload to LogDog.  This must
         be unique for the whole build.
     """
+    assert use_site_config_creds is None, "use_site_config_creds is deprecated"
+
     refs = refs or []
     # We can re-use the gclient spec from the gclient module, since all the
     # data bot_update needs is already configured into the gclient spec.
@@ -119,7 +119,7 @@ class BotUpdateApi(recipe_api.RecipeApi):
     else:
       # The trybot recipe sometimes wants to de-apply the patch. In which case
       # we pretend the issue/patchset never existed.
-      issue = patchset = email_file = key_file = None
+      issue = patchset = None
       gerrit_repo = gerrit_ref = None
 
     # Issue and patchset must come together.
@@ -142,28 +142,12 @@ class BotUpdateApi(recipe_api.RecipeApi):
 
     # Point to the oauth2 auth files if specified.
     # These paths are where the bots put their credential files.
-    oauth2_json_file = email_file = key_file = None
+    oauth2_json_file = None
     if oauth2_json:
       if self.m.platform.is_win:
         oauth2_json_file = 'C:\\creds\\refresh_tokens\\internal-try'
       else:
         oauth2_json_file = '/creds/refresh_tokens/internal-try'
-    elif patch_oauth2:
-      # TODO(martiniss): remove this hack :(. crbug.com/624212
-      if use_site_config_creds:
-        try:
-          build_path = self.m.path['build']
-        except KeyError:
-          raise self.m.step.StepFailure(
-              'build path is not defined. This is normal for LUCI builds. '
-              'In LUCI, use_site_config_creds parameter of '
-              'bot_update.ensure_checkout is not supported')
-        email_file = build_path.join('site_config', '.rietveld_client_email')
-        key_file = build_path.join('site_config', '.rietveld_secret_key')
-      else: #pragma: no cover
-        #TODO(martiniss): make this use path.join, so it works on windows
-        email_file = '/creds/rietveld/client_email'
-        key_file = '/creds/rietveld/secret_key'
 
     # Allow patch_project's revision if necessary.
     # This is important for projects which are checked out as DEPS of the
@@ -188,8 +172,6 @@ class BotUpdateApi(recipe_api.RecipeApi):
         ['--rietveld_server', rietveld or self._rietveld],
         ['--gerrit_repo', gerrit_repo],
         ['--gerrit_ref', gerrit_ref],
-        ['--apply_issue_email_file', email_file],
-        ['--apply_issue_key_file', key_file],
         ['--apply_issue_oauth2_file', oauth2_json_file],
 
         # Hookups to JSON output back into recipes.

recipes/recipe_modules/bot_update/examples/full.expected/trychange_oauth2.json

@@ -1,8 +0,0 @@
-[
-  {
-    "name": "$result",
-    "reason": "build path is not defined. This is normal for LUCI builds. In LUCI, use_site_config_creds parameter of bot_update.ensure_checkout is not supported",
-    "recipe_result": null,
-    "status_code": 1
-  }
-]

recipes/recipe_modules/bot_update/examples/full.expected/trychange_oauth2_buildbot.json

@@ -14,10 +14,6 @@
       "[GIT_CACHE]",
       "--cleanup-dir",
       "[CLEANUP]/bot_update",
-      "--apply_issue_email_file",
-      "[BUILD]/site_config/.rietveld_client_email",
-      "--apply_issue_key_file",
-      "[BUILD]/site_config/.rietveld_secret_key",
       "--output_json",
       "/path/to/tmp/json",
       "--revision",

recipes/recipe_modules/bot_update/examples/full.py

@@ -134,9 +134,6 @@ def GenTests(api):
   yield api.test('trychange') + api.properties(
       refs=['+refs/change/1/2/333'],
   )
-  yield api.test('trychange_oauth2') + api.properties(
-      oauth2=True,
-  )
   yield api.test('trychange_oauth2_buildbot') + api.properties(
       path_config='buildbot',
       oauth2=True,

recipes/recipe_modules/bot_update/resources/bot_update.py

@@ -720,8 +720,7 @@ def _download(url):
 
 
 def apply_rietveld_issue(issue, patchset, root, server, _rev_map, _revision,
-                         email_file, key_file, oauth2_file,
+                         oauth2_file, whitelist=None, blacklist=None):
-                         whitelist=None, blacklist=None):
   apply_issue_bin = ('apply_issue.bat' if sys.platform.startswith('win')
                      else 'apply_issue')
   cmd = [apply_issue_bin,
@@ -739,8 +738,6 @@ def apply_rietveld_issue(issue, patchset, root, server, _rev_map, _revision,
   # Use an oauth key or json file if specified.
   if oauth2_file:
     cmd.extend(['--auth-refresh-token-json', oauth2_file])
-  elif email_file and key_file:
-    cmd.extend(['--email-file', email_file, '--private-key-file', key_file])
   else:
     cmd.append('--no-auth')
 
@@ -872,8 +869,7 @@ def emit_json(out_file, did_run, gclient_output=None, **kwargs):
 def ensure_checkout(solutions, revisions, first_sln, target_os, target_os_only,
                     target_cpu, patch_root, issue, patchset, rietveld_server,
                     gerrit_repo, gerrit_ref, gerrit_rebase_patch_ref,
-                    revision_mapping, apply_issue_email_file,
+                    revision_mapping, apply_issue_oauth2_file, shallow,
-                    apply_issue_key_file, apply_issue_oauth2_file, shallow,
                     refs, git_cache_dir, cleanup_dir, gerrit_reset,
                     disable_syntax_validation):
   # Get a checkout of each solution, without DEPS or hooks.
@@ -898,8 +894,7 @@ def ensure_checkout(solutions, revisions, first_sln, target_os, target_os_only,
       print '  relative root is %r, target is %r' % (relative_root, target)
       if issue:
         apply_rietveld_issue(issue, patchset, patch_root, rietveld_server,
-                             revision_mapping, git_ref, apply_issue_email_file,
+                             revision_mapping, git_ref, apply_issue_oauth2_file,
-                             apply_issue_key_file, apply_issue_oauth2_file,
                              whitelist=[target])
         already_patched.append(target)
       elif gerrit_ref:
@@ -942,8 +937,7 @@ def ensure_checkout(solutions, revisions, first_sln, target_os, target_os_only,
   # Apply the rest of the patch here (sans DEPS)
   if issue:
     apply_rietveld_issue(issue, patchset, patch_root, rietveld_server,
-                         revision_mapping, git_ref, apply_issue_email_file,
+                         revision_mapping, git_ref, apply_issue_oauth2_file,
-                         apply_issue_key_file, apply_issue_oauth2_file,
                          blacklist=already_patched)
   elif gerrit_ref and not applied_gerrit_patch:
     # If gerrit_ref was for solution's main repository, it has already been
@@ -1007,11 +1001,6 @@ def parse_args():
   parse.add_option('--issue', help='Issue number to patch from.')
   parse.add_option('--patchset',
                    help='Patchset from issue to patch from, if applicable.')
-  parse.add_option('--apply_issue_email_file',
-                   help='--email-file option passthrough for apply_patch.py.')
-  parse.add_option('--apply_issue_key_file',
-                   help='--private-key-file option passthrough for '
-                        'apply_patch.py.')
   parse.add_option('--apply_issue_oauth2_file',
                    help='--auth-refresh-token-json option passthrough for '
                         'apply_patch.py.')
@@ -1175,8 +1164,6 @@ def checkout(options, git_slns, specs, revisions, step_text, shallow):
           gerrit_ref=options.gerrit_ref,
           gerrit_rebase_patch_ref=not options.gerrit_no_rebase_patch_ref,
           revision_mapping=options.revision_mapping,
-          apply_issue_email_file=options.apply_issue_email_file,
-          apply_issue_key_file=options.apply_issue_key_file,
           apply_issue_oauth2_file=options.apply_issue_oauth2_file,
 
           # Finally, extra configurations such as shallowness of the clone.

tests/bot_update_coverage_test.py

@@ -156,8 +156,6 @@ class BotUpdateUnittests(unittest.TestCase):
       'gerrit_ref': None,
       'gerrit_rebase_patch_ref': None,
       'revision_mapping': {},
-      'apply_issue_email_file': None,
-      'apply_issue_key_file': None,
       'apply_issue_oauth2_file': None,
       'shallow': False,
       'refs': [],