Pier Angelo Vendrame pushed to branch tor-browser-128.4.0esr-14.5-1 at The Tor Project / Applications / Tor Browser
Commits:
-
d347a3d8
by Beatriz Rizental at 2024-11-18T10:20:18+01:00
4 changed files:
- .gitlab-ci.yml
- + .gitlab/ci/containers/base/Containerfile
- − .gitlab/ci/docker/base/Dockerfile
- + .gitlab/ci/update-containers.yml
Changes:
| 1 | 1 | stages:
|
| 2 | 2 | - lint
|
| 3 | + - update-container-images
|
|
| 3 | 4 | - update-translations
|
| 4 | 5 | |
| 5 | 6 | variables:
|
| ... | ... | @@ -8,4 +9,5 @@ variables: |
| 8 | 9 | |
| 9 | 10 | include:
|
| 10 | 11 | - local: '.gitlab/ci/lint.yml'
|
| 12 | + - local: '.gitlab/ci/update-containers.yml'
|
|
| 11 | 13 | - local: '.gitlab/ci/update-translations.yml' |
| 1 | +# This image is published in containers.torproject.org/tpo/applications/tor-browser/base
|
|
| 2 | +#
|
|
| 3 | +# Whenever there are changes to this file,
|
|
| 4 | +# they are autopublished on merge to the tpo/applications/tor-browser repository.
|
|
| 5 | +#
|
|
| 6 | +# The image is updated roughly once a monce when the tor-browser repository is rebased.
|
|
| 7 | + |
|
| 8 | +FROM containers.torproject.org/tpo/tpa/base-images/python:bookworm
|
|
| 9 | + |
|
| 10 | +RUN apt-get update && apt-get install -y \
|
|
| 11 | + clang \
|
|
| 12 | + curl \
|
|
| 13 | + git \
|
|
| 14 | + libasound2-dev \
|
|
| 15 | + libdbus-glib-1-dev \
|
|
| 16 | + libgtk-3-dev \
|
|
| 17 | + libpango1.0-dev \
|
|
| 18 | + libpulse-dev \
|
|
| 19 | + libx11-xcb-dev \
|
|
| 20 | + libxcomposite-dev \
|
|
| 21 | + libxcursor-dev \
|
|
| 22 | + libxdamage-dev \
|
|
| 23 | + libxi-dev \
|
|
| 24 | + libxrandr-dev \
|
|
| 25 | + libxtst-dev \
|
|
| 26 | + m4 \
|
|
| 27 | + mercurial \
|
|
| 28 | + nasm \
|
|
| 29 | + pkgconf \
|
|
| 30 | + unzip \
|
|
| 31 | + xz-utils \
|
|
| 32 | + wget && \
|
|
| 33 | + apt-get clean && \
|
|
| 34 | + rm -rf /var/lib/apt/lists/*
|
|
| 35 | + |
|
| 36 | +WORKDIR /app
|
|
| 37 | + |
|
| 38 | +COPY taskcluster/docker/recipes/install-node.sh ./install-node.sh
|
|
| 39 | +RUN chmod +x install-node.sh
|
|
| 40 | +RUN ./install-node.sh
|
|
| 41 | +RUN rm ./install-node.sh
|
|
| 42 | + |
|
| 43 | +COPY taskcluster/kinds/fetch/toolchains.yml ./toolchains.yml
|
|
| 44 | +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain $(grep -oP 'rust-\K[0-9.]+(?=:)' ./toolchains.yml)
|
|
| 45 | +RUN $HOME/.cargo/bin/cargo install cbindgen --version $(grep -oP 'cbindgen-\K[0-9.]+(?=:)' ./toolchains.yml)
|
|
| 46 | +RUN rm ./toolchains.yml
|
|
| 47 | + |
|
| 48 | +CMD ["/bin/bash"] |
| 1 | -FROM debian:latest
|
|
| 2 | - |
|
| 3 | -# Base image which includes all* dependencies checked by ./mach configure.
|
|
| 4 | -#
|
|
| 5 | -# * Actually not all dependencies. WASM sandboxed depencies were left out for now.
|
|
| 6 | -# This installs all dependencies checked by `./mach configure --without-wasm-sandboxed-libraries`.
|
|
| 7 | -#
|
|
| 8 | -# # Building and publishing
|
|
| 9 | -#
|
|
| 10 | -# Whenever this file changes, the updated Docker image must be built and published _manually_ to
|
|
| 11 | -# the tor-browser container registry (https://gitlab.torproject.org/tpo/applications/tor-browser/container_registry/185).
|
|
| 12 | -#
|
|
| 13 | -# This image copies a script from the taskcluster/ folder, which requires it
|
|
| 14 | -# to be built from a folder which is a parent of the taskcluster/ folder.
|
|
| 15 | -#
|
|
| 16 | -# To build, run:
|
|
| 17 | -#
|
|
| 18 | -# ```bash
|
|
| 19 | -# docker build \
|
|
| 20 | -# -f <PATH_TO_DOCKERFILE> \
|
|
| 21 | -# -t <REGISTRY_URL>/<IMAGE_NAME>:<IMAGE_TAG>
|
|
| 22 | -# .
|
|
| 23 | -# ```
|
|
| 24 | -#
|
|
| 25 | -# For example, when building from the root of this repository to the main tor-browser repository
|
|
| 26 | -# and assuming image name to be "base" and tag "latest" -- which is the current terminology:
|
|
| 27 | -#
|
|
| 28 | -# ```bash
|
|
| 29 | -# docker build \
|
|
| 30 | -# -f .gitlab/ci/docker/Dockerfile \
|
|
| 31 | -# -t containers.torproject.org/tpo/applications/tor-browser/base:latest
|
|
| 32 | -# .
|
|
| 33 | -# ```
|
|
| 34 | - |
|
| 35 | -RUN apt-get update && apt-get install -y \
|
|
| 36 | - clang \
|
|
| 37 | - curl \
|
|
| 38 | - git \
|
|
| 39 | - libasound2-dev \
|
|
| 40 | - libdbus-glib-1-dev \
|
|
| 41 | - libgtk-3-dev \
|
|
| 42 | - libpango1.0-dev \
|
|
| 43 | - libpulse-dev \
|
|
| 44 | - libx11-xcb-dev \
|
|
| 45 | - libxcomposite-dev \
|
|
| 46 | - libxcursor-dev \
|
|
| 47 | - libxdamage-dev \
|
|
| 48 | - libxi-dev \
|
|
| 49 | - libxrandr-dev \
|
|
| 50 | - libxtst-dev \
|
|
| 51 | - m4 \
|
|
| 52 | - mercurial \
|
|
| 53 | - nasm \
|
|
| 54 | - pkg-config \
|
|
| 55 | - python3 \
|
|
| 56 | - python3-pip \
|
|
| 57 | - unzip \
|
|
| 58 | - wget
|
|
| 59 | - |
|
| 60 | -COPY taskcluster/docker/recipes/install-node.sh /scripts/install-node.sh
|
|
| 61 | -RUN chmod +x /scripts/install-node.sh
|
|
| 62 | -RUN /scripts/install-node.sh
|
|
| 63 | - |
|
| 64 | -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y
|
|
| 65 | -RUN $HOME/.cargo/bin/cargo install cbindgen
|
|
| 66 | - |
|
| 67 | -WORKDIR /app
|
|
| 68 | - |
|
| 69 | -CMD ["/bin/bash"] |
| 1 | +build-base-image:
|
|
| 2 | + stage: update-container-images
|
|
| 3 | + interruptible: true
|
|
| 4 | + image: containers.torproject.org/tpo/tpa/base-images/podman:bookworm
|
|
| 5 | + script:
|
|
| 6 | + - export TAG="${CI_REGISTRY_IMAGE}/base:latest"
|
|
| 7 | + - podman login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
|
|
| 8 | + - podman build --layers=false $IMAGE -t ${TAG} -f .gitlab/ci/containers/base/Containerfile .
|
|
| 9 | + - |
|
|
| 10 | + echo -e "\e[33mPushing new image to registry as ${TAG}\e[0m"
|
|
| 11 | + podman push ${TAG}
|
|
| 12 | + rules:
|
|
| 13 | + - if: ($CI_COMMIT_BRANCH && $CI_COMMIT_REF_PROTECTED == 'true' && $CI_PROJECT_NAMESPACE == 'tpo/applications')
|
|
| 14 | + changes:
|
|
| 15 | + - '.gitlab/ci/containers/base/Containerfile' |