brizental pushed to branch tor-browser-151.0a1-16.0-1 at The Tor Project / Applications / Tor Browser Commits: 67ead9ef by Beatriz Rizental at 2026-05-27T12:11:12-03:00 fixup! Add CI for Base Browser Bug 44990: Fix dubious ownership CI issue - - - - - 80fcd6c6 by Beatriz Rizental at 2026-05-27T12:11:13-03:00 fixup! Add CI for Tor Browser Bug 44990: Fix permissions issues in container - - - - - 1d1ea9c7 by Beatriz Rizental at 2026-05-27T12:11:14-03:00 fixup! Add CI for Base Browser No bug: Drop logic that fetches pipelines from forks. That is not supported anymore after https://gitlab.torproject.org/tpo/tpa/team/-/work_items/42594#note_3411352 - - - - - 2efc5699 by Beatriz Rizental at 2026-05-27T12:11:15-03:00 fixup! Add CI for Tor Browser Update build-image container - - - - - 3 changed files: - .gitlab/ci/containers/base/Containerfile - .gitlab/ci/jobs/update-containers.yml - .gitlab/ci/mixins.yml Changes: ===================================== .gitlab/ci/containers/base/Containerfile ===================================== @@ -22,18 +22,27 @@ RUN cd tor-browser && \ yes | MOZBUILD_STATE_PATH=/var/tmp/mozbuild ./mach bootstrap --application-choice "$APPLICATION_CHOICE" && \ cd .. -ENV PATH="/var/tmp/mozbuild/clang/bin:/root/.cargo/bin:$PATH" +RUN rm -rf tor-browser && \ + rm -rf /var/lib/apt/lists/* && \ + apt-get clean && \ + rm -rf /var/tmp/mozbuild/toolchains && \ + rm -rf /var/tmp/mozbuild/indices && \ + rm -rf /var/tmp/mozbuild/android-device && \ + rm -rf /var/root/.cargo && \ + rm -rf /var/root/.rustup + +RUN adduser --uid 1000 --disabled-password --gecos "" gitlab-runner && \ + chown -R 1000:1000 /var/tmp/mozbuild/ + +USER gitlab-runner +WORKDIR /home/gitlab-runner +# Install Rust for the gitlab-runner user. +RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y +ENV PATH="/var/tmp/mozbuild/clang/bin:/home/gitlab-runner/.cargo/bin:$PATH" RUN echo "$APPLICATION_CHOICE" | grep -qi android && \ rustup target add armv7-linux-androideabi \ aarch64-linux-android \ i686-linux-android \ x86_64-linux-android \ || true - -RUN rm -rf tor-browser && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* && \ - rm -rf /var/tmp/mozbuild/toolchains && \ - rm -rf /var/tmp/mozbuild/indices && \ - rm -rf /var/tmp/mozbuild/android-device ===================================== .gitlab/ci/jobs/update-containers.yml ===================================== @@ -1,7 +1,7 @@ build-image: stage: update-container-images interruptible: true - image: containers.torproject.org/tpo/tpa/base-images/podman:bookworm + image: containers.torproject.org/tpo/tpa/base-images/podman:trixie parallel: matrix: - PLATFORM: desktop ===================================== .gitlab/ci/mixins.yml ===================================== @@ -2,7 +2,12 @@ variables: GIT_STRATEGY: "none" FETCH_TIMEOUT: 180 # 3 minutes + + GIT_CONFIG_GLOBAL: "/tmp/gitconfig" before_script: + - | + echo "[safe]" > "$GIT_CONFIG_GLOBAL" + echo " directory = *" >> "$GIT_CONFIG_GLOBAL" - git init - git remote add local "$LOCAL_REPO_PATH" - | @@ -47,12 +52,8 @@ return $fetch_exit } - if ! fetch_with_timeout origin "${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}"; then - echo "Fetching failed for branch ${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}." - echo "Attempting to fetch the merge request branch, assuming this pipeline is not running in a fork." + fetch_with_timeout origin "merge-requests/${CI_MERGE_REQUEST_IID}/head" || exit 1 - fetch_with_timeout origin "merge-requests/${CI_MERGE_REQUEST_IID}/head" || exit 1 - fi - git checkout FETCH_HEAD .with-local-repo-pwsh: View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/16fb8e0... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/16fb8e0... You're receiving this email because of your account on gitlab.torproject.org. Manage all notifications: https://gitlab.torproject.org/-/profile/notifications | Help: https://gitlab.torproject.org/help