[tbb-commits] [Git][tpo/applications/tor-browser-build][main] Bug 40884: add upload-sha256sums make target and release script

richard (@richard) git at gitlab.torproject.org
Thu Nov 16 00:38:41 UTC 2023



richard pushed to branch main at The Tor Project / Applications / tor-browser-build


Commits:
37c0d265 by Dan Ballard at 2023-11-16T00:37:36+00:00
Bug 40884: add upload-sha256sums make target and release script

- - - - -


4 changed files:

- Makefile
- projects/release/config
- + projects/release/upload_sha256sums
- rbm.local.conf.example


Changes:

=====================================
Makefile
=====================================
@@ -650,12 +650,28 @@ cargo_vendor-rcodesign: submodule-update
 submodule-update:
 	git submodule update --init
 
+# requires tpo_user variable be set in rbm.local.conf
+torbrowser-upload-sha256sums-release: submodule-update
+	$(rbm) build release --step upload_sha256sums --target release --target torbrowser
+
+# requires tpo_user variable be set in rbm.local.conf
+torbrowser-upload-sha256sums-alpha: submodule-update
+	$(rbm) build release --step upload_sha256sums --target alpha --target torbrowser
+
 torbrowser-signtag-release: submodule-update
 	$(rbm) build release --step signtag --target release --target torbrowser
 
 torbrowser-signtag-alpha: submodule-update
 	$(rbm) build release --step signtag --target alpha --target torbrowser
 
+# requires tpo_user variable be set in rbm.local.conf
+mullvadbrowser-upload-sha256sums-release: submodule-update
+	$(rbm) build release --step upload_sha256sums --target release --target mullvadbrowser
+
+# requires tpo_user variable be set in rbm.local.conf
+mullvadbrowser-upload-sha256sums-alpha: submodule-update
+	$(rbm) build release --step upload_sha256sums --target alpha --target mullvadbrowser
+
 mullvadbrowser-signtag-release: submodule-update
 	$(rbm) build release --step signtag --target release --target mullvadbrowser
 


=====================================
projects/release/config
=====================================
@@ -258,3 +258,8 @@ steps:
     debug: 0
     input_files: []
     dmg2mar: '[% INCLUDE dmg2mar %]'
+  upload_sha256sums:
+    build_log: '-'
+    debug: 0
+    input_files: []
+    upload_sha256sums: '[% INCLUDE upload_sha256sums %]'


=====================================
projects/release/upload_sha256sums
=====================================
@@ -0,0 +1,34 @@
+#!/bin/sh
+# Tool to sign sha256sums of builds and upload them to where signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo expects them to be
+
+version=[% c("version") %]-[% c("var/torbrowser_build") %]
+signed=[% c("var/signed_status") %]
+channel=[% c("var/build_target") %]
+browser=[% c("var/browser_type") %]
+
+src_dir=[% shell_quote(path(dest_dir)) %]/$signed/$version
+
+target_dir=~/public_html/builds/$browser/$channel/$version/
+
+echo "browser:$browser channel:$channel signed:$signed version:$version"
+
+if [ ! -d $src_dir ]; then
+  echo "ERROR: $src_dir does not exist!"
+  exit
+fi
+
+cd $src_dir
+for i in sha256sums*.txt; do
+	if [ ! -f $i.asc ] ; then
+		gpg -abs [% c("var/sign_build_gpg_opts") %] $i;
+	fi
+done
+
+if [ -z '[% c("var/tpo_user") %]' ]; then
+  print "tpo_user variable unset, required to upload to people.torproject.org. Please set in rbm.local.conf"
+  exit
+fi
+
+ssh [% c("var/tpo_user") %]@people.torproject.org "mkdir -p $target_dir"
+rsync sha256sums*.* [% c("var/tpo_user") %]@people.torproject.org:$target_dir
+echo "Synced sha256sums to https://people.torproject.org/~[% c("var/tpo_user") %]/builds/$browser/$channel/$version/"
\ No newline at end of file


=====================================
rbm.local.conf.example
=====================================
@@ -55,6 +55,11 @@ var:
   ### and sha256sums-unsigned-build.incrementals.txt files.
   #sign_build_gpg_opts: '--local-user XXXXXXXX'
 
+  ### The var/tpo_user option is used on the release upload_sha256sums step
+  ### and is the user on people.torproject.org that ssh/rsync will try to
+  ### upload the files to
+  #tpo_user: username
+
   ### The clean configuration is used by the cleaning script to find the
   ### branches and build targets you are using, to compute the list of
   ### files that should be kept.



View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/37c0d265640cda5587c88edefb033abd65896a02

-- 
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/37c0d265640cda5587c88edefb033abd65896a02
You're receiving this email because of your account on gitlab.torproject.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tbb-commits/attachments/20231116/44d3b2ad/attachment-0001.htm>


More information about the tbb-commits mailing list