boklm pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 714dcf10 by Nicolas Vigier at 2025-12-16T17:39:16+01:00 Bug 41670: Add script to download Tor VPN release - - - - - 267928a9 by Nicolas Vigier at 2025-12-16T17:39:18+01:00 Bug 41673: Update linux-signer-sign-android-apks to sign per-arch torvpn apks - - - - - 9ee47407 by Nicolas Vigier at 2025-12-16T17:39:20+01:00 Bug 41672: Prepare Tor VPN 1.4.0Beta - - - - - 4 changed files: - .gitlab/issue_templates/Release Prep - Tor VPN.md - rbm.conf - + tools/signing/download-torvpn-release.torvpn - tools/signing/linux-signer-sign-android-apks Changes: ===================================== .gitlab/issue_templates/Release Prep - Tor VPN.md ===================================== @@ -41,12 +41,7 @@ Tor VPN is on the `main` branch - pierov - [ ] Ensure all builders have matching builds - Place the Tor VPN release to be signed in directory `torvpn/alpha/signed/${TOR_VPN_VERSION}`: - - [ ] `mkdir torvpn/alpha/signed/${TOR_VPN_VERSION} && cd torvpn/alpha/signed/${TOR_VPN_VERSION}` - - [ ] `wget https://${URL_PATH}/app-release.aab` (replacing `${URL_PATH}` with the location where the unsigned build has been published) - - [ ] `mv app-release.aab tor-vpn-${TOR_VPN_VERSION}.aab` - - [ ] `wget https://${URL_PATH}/app-release-unsigned.apk` (replacing `${URL_PATH}` with the location where the unsigned build has been published) - - [ ] `mv app-release-unsigned.apk tor-vpn-qa-unsigned-android-multiarch-${TOR_VPN_VERSION}.apk` - - [ ] `sha256sum tor-vpn-* > sha256sums-unsigned-build.txt` + - [ ] `./tools/signing/download-torvpn-release.torvpn ${URL_PATH}` (replacing `${URL_PATH}` with the location where the unsigned build has been published, for example https://tb-build-03.torproject.org/~dan/vpn/1.4.0Beta/) - [ ] Compare checksums from `sha256sums-unsigned-build.txt` with expected checksums - [ ] On `${STAGING_SERVER}`, ensure updated: - [ ] `tor-browser-build` is on the right commit ===================================== rbm.conf ===================================== @@ -339,9 +339,9 @@ targets: torvpn: var: tor-vpn: 1 - torbrowser_version: '1.3.0Beta' + torbrowser_version: '1.4.0Beta' torbrowser_build: 'build1' - browser_release_date: '2025/10/31 07:30:00' + browser_release_date: '2025/12/16 15:00:00' project-name: tor-vpn projectname: torvpn Project_Name: 'Tor VPN' ===================================== tools/signing/download-torvpn-release.torvpn ===================================== @@ -0,0 +1,54 @@ +#!/bin/bash +# +# This script downloads a Tor VPN release from the given URL and will +# rename the files and put them in torvpn/alpha/signed/$version (where +# $version is the torvpn version defined in rbm.conf). +# +# Usage: download-torvpn-release.torvpn <base_url> +# +# base_url: URL directory where the release can be downloaded. For +# example https://tb-build-03.torproject.org/~dan/vpn/1.4.0Beta/. +# +set -e +script_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +source "$script_dir/functions" + +base_url="$1" + +test -d "$signed_version_dir" && \ + exit_error "Directory already exist: $signed_version_dir" + +test $# -ne 1 && \ + exit_error "Wrong number of arguments" + +tmpdir=$(mktemp -p "$script_dir/../../tmp" -d) +trap "rm -Rf $tmpdir" EXIT +cd $tmpdir +for arch in arm64v8a armeabiv7a universal x86 x86_64 +do + case "$arch" in + arm64v8a) + dest_arch=aarch64 + ;; + armeabiv7a) + dest_arch=armv7 + ;; + universal) + dest_arch=multiarch + ;; + *) + dest_arch="$arch" + ;; + esac + dl_filename="app-$arch-release-unsigned.apk" + wget -O "$dl_filename" "$base_url/$dl_filename" + mv "$dl_filename" "tor-vpn-qa-unsigned-android-${dest_arch}-${tbb_version}.apk" +done + +wget -O app-universal-release.aab "$base_url/app-universal-release.aab" +mv app-universal-release.aab "tor-vpn-${tbb_version}.aab" +sha256sum $(ls -1 *.apk *.aab | sort) > sha256sums-unsigned-build.txt +cat sha256sums-unsigned-build.txt + +mkdir -p "$signed_version_dir" +mv -f *.aab *.apk *.txt "$signed_version_dir" ===================================== tools/signing/linux-signer-sign-android-apks ===================================== @@ -7,7 +7,7 @@ source "$script_dir/functions" topdir="$script_dir/../.." ARCHS="armv7 aarch64 x86_64" -test "$SIGNING_PROJECTNAME" = 'torvpn' && ARCHS='multiarch' +test "$SIGNING_PROJECTNAME" = 'torvpn' && ARCHS="$ARCHS x86 multiarch" projname=$(project-name) # tbb_version_type, tbb_version and SIGNING_PROJECTNAME are used in # wrappers/sign-apk, so we export them View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/5... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/5... You're receiving this email because of your account on gitlab.torproject.org.