Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser
Commits: d347a3d8 by Beatriz Rizental at 2024-11-18T10:20:18+01:00 fixup! Add CI for Tor Browser
Build and publish CI container images whenever they change.
- - - - -
4 changed files:
- .gitlab-ci.yml - + .gitlab/ci/containers/base/Containerfile - − .gitlab/ci/docker/base/Dockerfile - + .gitlab/ci/update-containers.yml
Changes:
===================================== .gitlab-ci.yml ===================================== @@ -1,5 +1,6 @@ stages: - lint + - update-container-images - update-translations
variables: @@ -8,4 +9,5 @@ variables:
include: - local: '.gitlab/ci/lint.yml' + - local: '.gitlab/ci/update-containers.yml' - local: '.gitlab/ci/update-translations.yml'
===================================== .gitlab/ci/containers/base/Containerfile ===================================== @@ -0,0 +1,48 @@ +# This image is published in containers.torproject.org/tpo/applications/tor-browser/base +# +# Whenever there are changes to this file, +# they are autopublished on merge to the tpo/applications/tor-browser repository. +# +# The image is updated roughly once a monce when the tor-browser repository is rebased. + +FROM containers.torproject.org/tpo/tpa/base-images/python:bookworm + +RUN apt-get update && apt-get install -y \ + clang \ + curl \ + git \ + libasound2-dev \ + libdbus-glib-1-dev \ + libgtk-3-dev \ + libpango1.0-dev \ + libpulse-dev \ + libx11-xcb-dev \ + libxcomposite-dev \ + libxcursor-dev \ + libxdamage-dev \ + libxi-dev \ + libxrandr-dev \ + libxtst-dev \ + m4 \ + mercurial \ + nasm \ + pkgconf \ + unzip \ + xz-utils \ + wget && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* + +WORKDIR /app + +COPY taskcluster/docker/recipes/install-node.sh ./install-node.sh +RUN chmod +x install-node.sh +RUN ./install-node.sh +RUN rm ./install-node.sh + +COPY taskcluster/kinds/fetch/toolchains.yml ./toolchains.yml +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain $(grep -oP 'rust-\K[0-9.]+(?=:)' ./toolchains.yml) +RUN $HOME/.cargo/bin/cargo install cbindgen --version $(grep -oP 'cbindgen-\K[0-9.]+(?=:)' ./toolchains.yml) +RUN rm ./toolchains.yml + +CMD ["/bin/bash"]
===================================== .gitlab/ci/docker/base/Dockerfile deleted ===================================== @@ -1,69 +0,0 @@ -FROM debian:latest - -# Base image which includes all* dependencies checked by ./mach configure. -# -# * Actually not all dependencies. WASM sandboxed depencies were left out for now. -# This installs all dependencies checked by `./mach configure --without-wasm-sandboxed-libraries`. -# -# # Building and publishing -# -# Whenever this file changes, the updated Docker image must be built and published _manually_ to -# the tor-browser container registry (https://gitlab.torproject.org/tpo/applications/tor-browser/container_registr...). -# -# This image copies a script from the taskcluster/ folder, which requires it -# to be built from a folder which is a parent of the taskcluster/ folder. -# -# To build, run: -# -# ```bash -# docker build \ -# -f <PATH_TO_DOCKERFILE> \ -# -t <REGISTRY_URL>/<IMAGE_NAME>:<IMAGE_TAG> -# . -# ``` -# -# For example, when building from the root of this repository to the main tor-browser repository -# and assuming image name to be "base" and tag "latest" -- which is the current terminology: -# -# ```bash -# docker build \ -# -f .gitlab/ci/docker/Dockerfile \ -# -t containers.torproject.org/tpo/applications/tor-browser/base:latest -# . -# ``` - -RUN apt-get update && apt-get install -y \ - clang \ - curl \ - git \ - libasound2-dev \ - libdbus-glib-1-dev \ - libgtk-3-dev \ - libpango1.0-dev \ - libpulse-dev \ - libx11-xcb-dev \ - libxcomposite-dev \ - libxcursor-dev \ - libxdamage-dev \ - libxi-dev \ - libxrandr-dev \ - libxtst-dev \ - m4 \ - mercurial \ - nasm \ - pkg-config \ - python3 \ - python3-pip \ - unzip \ - wget - -COPY taskcluster/docker/recipes/install-node.sh /scripts/install-node.sh -RUN chmod +x /scripts/install-node.sh -RUN /scripts/install-node.sh - -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y -RUN $HOME/.cargo/bin/cargo install cbindgen - -WORKDIR /app - -CMD ["/bin/bash"]
===================================== .gitlab/ci/update-containers.yml ===================================== @@ -0,0 +1,15 @@ +build-base-image: + stage: update-container-images + interruptible: true + image: containers.torproject.org/tpo/tpa/base-images/podman:bookworm + script: + - export TAG="${CI_REGISTRY_IMAGE}/base:latest" + - podman login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY + - podman build --layers=false $IMAGE -t ${TAG} -f .gitlab/ci/containers/base/Containerfile . + - | + echo -e "\e[33mPushing new image to registry as ${TAG}\e[0m" + podman push ${TAG} + rules: + - if: ($CI_COMMIT_BRANCH && $CI_COMMIT_REF_PROTECTED == 'true' && $CI_PROJECT_NAMESPACE == 'tpo/applications') + changes: + - '.gitlab/ci/containers/base/Containerfile'
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/d347a3d8...