Decide directories used for signed/unsigned builds in tor-browser-builds
With gitian builds, all builds (signed and unsigned) were stored in the gitian directory directly.
I remember having issues when generating incremental mars which were done with unsigned osx mars instead of the signed ones. To avoid that issue I have started with separating signed and unsigned builds in tor-browser-build. However it seems the new process is confusing and error-prone during the signing process, so we should think more about what directories we want to use in the different steps (or if we want to go back to using only one).
I think having different directories could also be useful if we want to add some scripts helping with the intermediate signing steps.
What we currently have is:
- the build target creates builds in the directory
unsigned
- the incrementals target generates incremental mars in the
unsigned
directory. However it is using/downloading the mar files from the old version in theunsigned
directory too, while it should be done from a signed build (for the osx ones). Maybe we should fix the incrementals step to use the old version from thesigned
directory instead. - the dmg2mar target is using the
signed
directory. However at this point, only the dmg files are signed, so it is confusing to put all the files in thesigned
directory. Maybe an intermediate directory should be used instead? - the update_responses target is using the
signed
directory. I think this one is correct as update responses should only be done from a fully signed build.