Opened 2 years ago

Last modified 8 days ago

#25102 assigned task

Add script to sign nightly build mar files, generate update-responses xml and publish the new version

Reported by: boklm Owned by: boklm
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-rbm, tbb-update, TorBrowserTeam202001
Cc: boklm, mcs, brade, ln5, tbb-team Actual Points: 3
Parent ID: #18867 Points: 3.5
Reviewer: Sponsor:

Description

We need a script that will fetch the latest nightly build from the build machine, then sign the mar files and publish them.

Later we can improve it to fetch builds from multiple builders and only do the signing if they match.

Child Tickets

TicketStatusOwnerSummaryComponent
#32768needs_reviewboklmCreate a build-infos.json file containing firefox platform_version and buildidApplications/Tor Browser
#32805closedboklmMake creation of downloads.json optionalApplications/Tor Browser

Change History (13)

comment:1 Changed 12 months ago by gk

Keywords: tbb-updater added

comment:2 Changed 12 months ago by gk

Keywords: tbb-update added; tbb-updater removed

Renaming keyword to make it a bit broader

comment:3 Changed 5 months ago by gk

Keywords: TorBrowserTeam201909 added
Points: 2

comment:4 Changed 4 months ago by pili

Keywords: TorBrowserTeam201910 added

comment:5 Changed 4 months ago by pili

Keywords: TorBrowserTeam201909 removed

comment:6 Changed 3 months ago by pili

Keywords: TorBrowserTeam201911 added; TorBrowserTeam201910 removed

Moving tickets to November 2019

comment:7 Changed 3 months ago by pili

Cc: tbb-team added
Owner: changed from tbb-team to boklm
Status: newassigned

Assigning tickets to boklm for the next few months

comment:8 Changed 2 months ago by pili

Keywords: TorBrowserTeam201912 added; TorBrowserTeam201911 removed

Moving tickets to December

comment:9 Changed 6 weeks ago by boklm

Summary: Add script to sign nightly build mar filesAdd script to sign nightly build mar files, generate update-responses xml and publish the new version

I think the same script can be used to generate the update-responses xml, and publish both the mar files and update-responses xml.

comment:11 Changed 6 weeks ago by boklm

This commit adds the script tools/signing/nightly/sign-nightly:
https://gitweb.torproject.org/user/boklm/tor-browser-build.git/commit/?h=bug_25102_v5&id=c2b3fc259d746de78f4c2240b6aee6f1932df8d8

This script downloads the mar files from the latest nightly, sign them, and generate update_responses xml files.

What is still missing:

  • Correctly setting platformVersion and buildID (the current version of the script sets them to 0). This depends on #32768.
  • Uploading of the mar files and update_responses xml somewhere to make them available for users. This depends on #32800.

I also started some ansible scripts to setup a signing machine:
https://gitweb.torproject.org/user/boklm/tor-browser-build.git/commit/?h=bug_25102_v5&id=42df2ed18ed5c6409253e2a3651e5fa437150bda

comment:12 Changed 3 weeks ago by sysrqb

Keywords: TorBrowserTeam202001 added; TorBrowserTeam201912 removed

comment:13 Changed 8 days ago by boklm

Actual Points: 3
Points: 23.5
Note: See TracTickets for help on using tickets.