brizental pushed to branch tor-browser-140.2.0esr-15.0-1 at The Tor Project / Applications / Tor Browser Commits: 1bc6d674 by Beatriz Rizental at 2025-08-28T13:32:32+02:00 fixup! Add CI for Tor Browser 1. Change the containerfile to use ./mach bootstrap to gather dependencies. 2. Update debian version from bookworm to trixie 3. Update container build rule to actually only build when merging to the default branch, not just any protected branch. - - - - - acb60482 by Beatriz Rizental at 2025-08-28T13:32:32+02:00 fixup! Add CI for Base Browser - - - - - 3 changed files: - .gitlab/ci/containers/base/Containerfile - .gitlab/ci/jobs/lint/lint.yml - .gitlab/ci/jobs/update-containers.yml Changes: ===================================== .gitlab/ci/containers/base/Containerfile ===================================== @@ -5,42 +5,19 @@ # # The image is updated roughly once a month when the tor-browser repository is rebased. -FROM containers.torproject.org/tpo/tpa/base-images/python:bookworm +FROM containers.torproject.org/tpo/tpa/base-images/python:trixie RUN apt-get update && apt-get install -y \ - clang \ - clang-tidy \ - curl \ git \ - libasound2-dev \ - libdbus-glib-1-dev \ - libgtk-3-dev \ - libpango1.0-dev \ - libpulse-dev \ - libx11-xcb-dev \ - libxcomposite-dev \ - libxcursor-dev \ - libxdamage-dev \ - libxi-dev \ - libxrandr-dev \ - libxtst-dev \ - make \ - m4 \ - mercurial \ - nasm \ - pkgconf \ - unzip \ - x11-utils \ - xvfb \ - xz-utils \ - wget + xvfb -RUN curl -fsSL https://deb.nodesource.com/setup_lts.x -o nodesource_setup.sh && \ - bash nodesource_setup.sh && \ - apt-get install -y nodejs +RUN git clone --single-branch --depth 1 https://gitlab.torproject.org/tpo/applications/tor-browser.git -RUN apt-get clean && \ - rm -rf /var/lib/apt/lists/* +# Bootstrap will download and install all dependencies required for building / linting / etc. +RUN cd tor-browser && \ + yes | MOZBUILD_STATE_PATH=/var/tmp/mozbuild ./mach bootstrap --application-choice "Tor Browser for Desktop" && \ + cd .. -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y && \ - $HOME/.cargo/bin/cargo install cbindgen +RUN rm -rf tor-browser && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* ===================================== .gitlab/ci/jobs/lint/lint.yml ===================================== @@ -4,11 +4,11 @@ lint-all: image: $IMAGE_PATH interruptible: true variables: - MOZBUILD_STATE_PATH: "$CI_PROJECT_DIR/.cache/mozbuild" + # Has to be the same as defined in `containers/base/Containerfile` + MOZBUILD_STATE_PATH: "/var/tmp/mozbuild" cache: paths: - node_modules - - .cache/mozbuild # Store the cache regardless on job outcome when: 'always' # Share the cache throughout all pipelines running for a given branch @@ -17,7 +17,7 @@ lint-all: # Run these jobs in the browser dedicated runners. - firefox script: - - ./mach configure --without-wasm-sandboxed-libraries --with-base-browser-version=0.0.0 + - ./mach configure --with-base-browser-version=0.0.0 - .gitlab/ci/jobs/lint/helpers.py --get-changed-files | xargs -0 --no-run-if-empty ./mach lint -v rules: - if: $CI_PIPELINE_SOURCE == 'merge_request_event' ===================================== .gitlab/ci/jobs/update-containers.yml ===================================== @@ -10,7 +10,7 @@ build-base-image: echo -e "\e[33mPushing new image to registry as ${TAG}\e[0m" podman push ${TAG} rules: - - if: ($CI_COMMIT_BRANCH && $CI_COMMIT_REF_PROTECTED == 'true' && $CI_PROJECT_NAMESPACE == 'tpo/applications' && $CI_PIPELINE_SOURCE == 'push') + - if: ($CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PROJECT_NAMESPACE == 'tpo/applications') changes: - '.gitlab/ci/containers/base/Containerfile' - '.gitlab-ci.yml' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c02c67c... -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/c02c67c... You're receiving this email because of your account on gitlab.torproject.org.