From ae96a96fdf6c927a91b8c482f9bf08326f925018 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Malte=20J=C3=BCrgens?= Date: Wed, 13 Apr 2022 15:07:47 +0200 Subject: [PATCH 1/4] some improvements --- .gitignore | 2 +- assets/linux.artifacts.mk | 29 ++++++++++++----------------- assets/linux.mk | 19 ++++++++----------- assets/macos.mk | 15 +++++---------- 4 files changed, 26 insertions(+), 39 deletions(-) diff --git a/.gitignore b/.gitignore index 99eb9bf..80b08fe 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -/librewolf-*-*.source.tar.gz +/librewolf-* /typescript /work diff --git a/assets/linux.artifacts.mk b/assets/linux.artifacts.mk index a8392c3..773935d 100644 --- a/assets/linux.artifacts.mk +++ b/assets/linux.artifacts.mk @@ -8,11 +8,6 @@ version:=$(shell cat version) release:=$(shell cat release) source_release:=$(shell cat source_release) -#use_docker=true -ifeq ($(use_docker),) -use_docker:=true -endif - infile=librewolf-$(version)-$(release).en-US.$(distro)-x86_64.tar.bz2 # @@ -24,11 +19,11 @@ librewolf-$(version)-$(release).en-US.$(distro).x86_64.deb : $(infile) (cd work && tar xf ../$<) cp -v assets/linux.build-deb.sh work/ (cd work && sed "s/MYDIR/\/usr\/share\/librewolf/g" < ../assets/linux.librewolf.desktop.in > start-librewolf.desktop) - if [ $(use_docker) = true ]; then \ - docker run --rm -v $(shell pwd)/work:/work:rw librewolf/bsys5-image-$(distro) sh -c "bash linux.build-deb.sh $(version) $(release)" ; \ - else \ - (cd work && bash linux.build-deb.sh $(version) $(release)) ; \ - fi +ifeq ($(use_docker),false) + (cd work && bash linux.build-deb.sh $(version) $(release)) +else + docker run --rm -v $(shell pwd)/work:/work:rw librewolf/bsys5-image-$(distro) sh -c "bash linux.build-deb.sh $(version) $(release)" +endif cp -v work/librewolf.deb $@ sha256sum $@ > $@.sha256sum cat $@.sha256sum @@ -54,13 +49,13 @@ librewolf-$(version)-$(release).$(fc).x86_64.rpm : $(infile) rm -f work/librewolf/pingsender rm -f work/librewolf/precomplete rm -f work/librewolf/removed-files - if [ $(use_docker) = true ]; then \ - docker run --rm -v $(shell pwd)/work:/work:rw librewolf/bsys5-image-$(distro) sh -c "bash linux.build-rpm.sh $(version) $(release)" ; \ - cp -v work/$@ $@ ; \ - else \ - (cp -r work / && cd work && bash linux.build-rpm.sh $(version) $(release)) ; \ - cp -v /work/$@ $@ ; \ - fi +ifeq ($(use_docker),false) + (cp -r work / && cd work && bash linux.build-rpm.sh $(version) $(release)) ; \ + cp -v /work/$@ $@ +else + docker run --rm -v $(shell pwd)/work:/work:rw librewolf/bsys5-image-$(distro) sh -c "bash linux.build-rpm.sh $(version) $(release)" ; \ + cp -v work/$@ $@ +endif sha256sum $@ > $@.sha256sum cat $@.sha256sum diff --git a/assets/linux.mk b/assets/linux.mk index 550c39b..6b770d0 100644 --- a/assets/linux.mk +++ b/assets/linux.mk @@ -8,11 +8,6 @@ version:=$(shell cat version) release:=$(shell cat release) source_release:=$(shell cat source_release) -#use_docker=true -ifeq ($(use_docker),) -use_docker:=true -endif - outfile=librewolf-$(version)-$(release).en-US.$(distro)-x86_64.tar.bz2 docker : @@ -20,13 +15,15 @@ docker : build : $(outfile) $(outfile).sha256sum -$(outfile) $(outfile).sha256sum : +$(outfile) : ${MAKE} work - if [ $(use_docker) = true ]; then \ - docker run --rm -v $(shell pwd)/work:/work:rw librewolf/bsys5-image-$(distro) sh -c "cd /work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package" ; \ - else \ - (cd work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package) ; \ - fi +ifeq ($(use_docker),false) + (cd work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package && cat browser/locales/shipped-locales | xargs ./mach package-multi-locale --locales) +else + docker run --rm -v $(shell pwd)/work:/work:rw librewolf/bsys5-image-$(distro) sh -c "cd /work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package" +endif cp -v work/librewolf-$(version)-$(source_release)/obj-x86_64-pc-linux-gnu/dist/librewolf-$(version)-$(source_release).en-US.linux-x86_64.tar.bz2 $(outfile) + +$(outfile).sha256sum : $(outfile) sha256sum $(outfile) > $(outfile).sha256sum cat $(outfile).sha256sum diff --git a/assets/macos.mk b/assets/macos.mk index ea6858e..200047a 100644 --- a/assets/macos.mk +++ b/assets/macos.mk @@ -7,11 +7,6 @@ version:=$(shell cat version) release:=$(shell cat release) source_release:=$(shell cat source_release) -#use_docker=true -ifeq ($(use_docker),) -use_docker:=true -endif - outfile=librewolf-$(version)-$(release).en-US.mac.$(arch).dmg docker : @@ -22,11 +17,11 @@ build : $(outfile) $(outfile).sha256sum $(outfile) $(outfile).sha256sum : ${MAKE} work sed "s/_ARCH_/$(arch)/g" < assets/macos.mozconfig > work/librewolf-$(version)-$(source_release)/mozconfig - if [ $(use_docker) = true ]; then \ - docker run --rm -v $(shell pwd)/work:/work:rw librewolf/bsys5-image-macos-$(arch) sh -c "cd /work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package" ; \ - else \ - (cd work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package) ; \ - fi +ifeq ($(use_docker),false) + (cd work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package) +else + docker run --rm -v $(shell pwd)/work:/work:rw librewolf/bsys5-image-macos-$(arch) sh -c "cd /work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package" +endif cp -v work/librewolf-$(version)-$(source_release)/obj-$(arch)-apple-darwin/dist/librewolf-$(version)-$(source_release).en-US.mac.dmg $(outfile) sha256sum $(outfile) > $(outfile).sha256sum cat $(outfile).sha256sum From f5126a7bbff3320279322e360e62a01cf671cc43 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Malte=20J=C3=BCrgens?= Date: Wed, 13 Apr 2022 16:02:11 +0200 Subject: [PATCH 2/4] fix --- assets/linux.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/assets/linux.mk b/assets/linux.mk index 6b770d0..4d8ba4c 100644 --- a/assets/linux.mk +++ b/assets/linux.mk @@ -18,7 +18,7 @@ build : $(outfile) $(outfile).sha256sum $(outfile) : ${MAKE} work ifeq ($(use_docker),false) - (cd work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package && cat browser/locales/shipped-locales | xargs ./mach package-multi-locale --locales) + (cd work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package) else docker run --rm -v $(shell pwd)/work:/work:rw librewolf/bsys5-image-$(distro) sh -c "cd /work/librewolf-$(version)-$(source_release) && ./mach build && ./mach package" endif From d132795a255591d17de07989a18287c14ab1c471 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Malte=20J=C3=BCrgens?= Date: Sat, 16 Apr 2022 21:27:55 +0200 Subject: [PATCH 3/4] implement signing for deb and rpm files --- assets/linux.Dockerfile | 4 ++-- assets/linux.artifacts.mk | 2 ++ assets/linux.build-deb.sh | 6 ++++++ assets/linux.build-rpm.sh | 24 ++++++++++++++++++------ 4 files changed, 28 insertions(+), 8 deletions(-) diff --git a/assets/linux.Dockerfile b/assets/linux.Dockerfile index 501d8fd..69cd3bc 100644 --- a/assets/linux.Dockerfile +++ b/assets/linux.Dockerfile @@ -14,8 +14,8 @@ ENV TZ=Europe/Amsterdam # dependencies needed to run ./mach bootstrap -RUN ( apt-get -y update && apt-get -y upgrade && apt-get -y install mercurial python3 python3-dev python3-pip wget ; true) -RUN ( dnf -y upgrade && dnf -y install mercurial python3 python3-devel wget rpm-build ; true) +RUN ( apt-get -y update && apt-get -y upgrade && apt-get -y install mercurial python3 python3-dev python3-pip wget dpkg-sig ; true) +RUN ( dnf -y upgrade && dnf -y install mercurial python3 python3-devel wget rpm-build rpm-sign ; true) # setup wasi RUN export target_wasi_location=$HOME/.mozbuild/wrlb/ &&\ diff --git a/assets/linux.artifacts.mk b/assets/linux.artifacts.mk index 773935d..74caf7f 100644 --- a/assets/linux.artifacts.mk +++ b/assets/linux.artifacts.mk @@ -18,6 +18,7 @@ librewolf-$(version)-$(release).en-US.$(distro).x86_64.deb : $(infile) mkdir -p work (cd work && tar xf ../$<) cp -v assets/linux.build-deb.sh work/ + [ "$(SIGNING_KEY)" != "" ] && cp -v $(SIGNING_KEY) work/pk.asc ; true (cd work && sed "s/MYDIR/\/usr\/share\/librewolf/g" < ../assets/linux.librewolf.desktop.in > start-librewolf.desktop) ifeq ($(use_docker),false) (cd work && bash linux.build-deb.sh $(version) $(release)) @@ -45,6 +46,7 @@ librewolf-$(version)-$(release).$(fc).x86_64.rpm : $(infile) cp -v assets/linux.librewolf.spec work/librewolf.spec cp -v assets/linux.librewolf.desktop.in work/librewolf/start-librewolf.desktop.in cp -v assets/linux.librewolf.ico work/librewolf/librewolf.ico + [ "$(SIGNING_KEY)" != "" ] && cp -v $(SIGNING_KEY) work/pk.asc ; true rm -f work/librewolf/browser/features/proxy-failover@mozilla.com.xpi rm -f work/librewolf/pingsender rm -f work/librewolf/precomplete diff --git a/assets/linux.build-deb.sh b/assets/linux.build-deb.sh index 0c76172..dbdbadd 100755 --- a/assets/linux.build-deb.sh +++ b/assets/linux.build-deb.sh @@ -41,6 +41,12 @@ cp -v ../start-librewolf.desktop usr/share/applications/start-librewolf.desktop cd .. dpkg-deb --build librewolf +# Sign the deb file if private key is provided +if [[ -f pk.asc ]]; then + gpg --import pk.asc + dpkg-sig --sign builder librewolf.deb +fi + echo "" ls -lh librewolf.deb exit 0 diff --git a/assets/linux.build-rpm.sh b/assets/linux.build-rpm.sh index cf4a8ee..ddd879e 100755 --- a/assets/linux.build-rpm.sh +++ b/assets/linux.build-rpm.sh @@ -1,5 +1,15 @@ set -e +if [[ -f pk.asc ]]; then + echo "--- [debug] Importing private key..." + gpg --import pk.asc + cat >>~/.rpmmacros < Date: Fri, 13 May 2022 23:45:53 +0200 Subject: [PATCH 4/4] Fix certificate name --- assets/linux.build-rpm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/assets/linux.build-rpm.sh b/assets/linux.build-rpm.sh index c9341d9..d70135c 100755 --- a/assets/linux.build-rpm.sh +++ b/assets/linux.build-rpm.sh @@ -5,7 +5,7 @@ if [[ -f pk.asc ]]; then gpg --import pk.asc cat >>~/.rpmmacros <