diff --git a/Makefile b/Makefile index e59a7b9..62b3f38 100644 --- a/Makefile +++ b/Makefile @@ -48,7 +48,7 @@ release-osx-x86_64: submodule-update $(rbm) build release --target release --target ncdns-osx-x86_64 submodule-update: - ./setup-submodule-symlinks + ./tools/setup-submodule-symlinks.sh fetch: submodule-update $(rbm) fetch diff --git a/README.md b/README.md index f2ba272..0535f58 100644 --- a/README.md +++ b/README.md @@ -2,4 +2,17 @@ ncdns reproducible build harnesses for RBM. +## Build instructions + +First, initialize the stuff that's derived from upstream Tor: + +~~~ +./tools/setup-submodule-symlinks.sh +./tools/patch-tor-to-namecoin.sh +~~~ + +Then follow the Tor documentation to build via the Makefile. + +## License + MIT License. diff --git a/rbm.conf b/rbm.conf deleted file mode 100644 index 103dcbe..0000000 --- a/rbm.conf +++ /dev/null @@ -1,657 +0,0 @@ -# vim: filetype=yaml sw=2 -debug: '[% GET ! ENV.RBM_NO_DEBUG %]' -compress_tar: gz -output_dir: "out/[% project %]" -tmp_dir: '[% c("basedir") %]/tmp' -build_log: '[% GET ENV.RBM_LOGS_DIR ? ENV.RBM_LOGS_DIR : "logs" %]/[% project %][% IF c("var/osname") %]-[% c("var/osname") %][% END %].log' - -pkg_type: build - -steps: - src-tarballs: - compress_tar: xz - src-tarballs: | - #!/bin/bash - set -e - mkdir -p '[% dest_dir %]' - mv -vf '[% project %]-[% c("version") %].tar.xz' '[% dest_dir %]/[% c("filename") %]' - -# buildconf contains build options that the user can change in rbm.local.conf -# When adding a new option to buildconf, a default value should be defined -# in var/build_id, so that changing this option does not affect the build_id. -buildconf: - num_procs: '[% GET ENV.RBM_NUM_PROCS ? ENV.RBM_NUM_PROCS : "4" %]' - git_signtag_opt: '-s' - -var: - ncdns_version: '[% pc("ncdns", "version") %]' - ncdns_build: 'build1' - ncdns_incremental_from: - - 10.5a8 - project_name: tor-browser - multi_lingual: 0 - build_mar: 1 - # By default, we sort the list of installed packages. This allows sharing - # containers with identical list of packages, even if they are not listed - # in the same order. In the cases where the installation order is - # important, sort_deps should be set to 0. - sort_deps: 1 - build_id: '[% sha256(c("var/build_id_txt", { buildconf => { num_procs => 4 } })).substr(0, 6) %]' - build_id_txt: | - [% c("version") %] - [% IF c("git_hash") || c("hg_hash"); GET c("abbrev"); END; %] - [% IF c("var/container/use_container") && ! c("var/container/global_disable") -%] - [% c("var/container/suite") %] - [% c("var/container/arch") %] - [% END -%] - input_files: [% c("input_files_id") %] - build: - [% SET step = c("step") -%] - [% c(step, { filename => 'f', output_dir => '/out', norec => {} }) %] - container: - dir: '[% c("rbm_tmp_dir") %]/rbm-containers/[% sha256(c("build_id")) %]' - user: rbm - disable_network: - # disable network in the build scripts - build: 1 - input_files_list: | - [% FOREACH file IN c("input_files_by_name").keys.sort -%] - [% c("input_files_by_name/" _ file) %] - [% END -%] - - faketime: "faketime -f \"[% USE date; GET date.format(c('timestamp'), format = '%Y-%m-%d %H:%M:%S') %]\"" - touch: "[% USE date %]touch -m -t [% date.format(c('timestamp'), format = '%Y%m%d%H%M') %]" - - locale_ja: ja - locales: - - ar - - ca - - cs - - da - - de - - el - - es-AR - - es-ES - - fa - - fr - - ga-IE - - he - - hu - - id - - is - - it - - '[% c("var/locale_ja") %]' - - ka - - ko - - lt - - mk - - ms - - nb-NO - - nl - - pl - - pt-BR - - ro - - ru - - sv-SE - - th - - tr - - vi - - zh-CN - - zh-TW - locales_mobile: - - ar - - ca - - cs - - da - - de - - el - - es-rAR - - es-rES - - fa - - fr - - ga-rIE - - hu - - in - - is - - it - - iw - - ja - - ka - - ko - - lt - - nb-rNO - - nl - - pl - - pt-rBR - - ro - - ru - - sv-rSE - - th - - tr - - vi - - zh-rCN - - zh-rTW - - sign_build: '[% ENV.RBM_SIGN_BUILD %]' - sign_build_gpg_opts: '[% ENV.RBM_GPG_OPTS %]' - - rezip: | - rezip_tmpdir=$(mktemp -d) - mkdir -p "$rezip_tmpdir/z" - unzip -d "$rezip_tmpdir/z" -- [% c("rezip_file") %] || [ $? -lt 3 ] - pushd "$rezip_tmpdir/z" - [% c("zip", { - zip_src => [ '.' ], - zip_args => '$rezip_tmpdir/new.zip', - }) %] - popd - mv -f -- "$rezip_tmpdir/new.zip" [% c("rezip_file") %] - rm -Rf "$rezip_tmpdir" - - set_default_env: | - set -e - [% FOREACH env = c('ENV') -%] - export [% env.key %]="[% env.value %]" - [% END -%] - rootdir=$(pwd) - export SHELL=/bin/bash - export HOME=$rootdir - umask 0022 - [% IF c("var/container/global_disable") -%] - rm -Rf /var/tmp/build /var/tmp/dist - [% END -%] - - DOCSDIR_project: '[% project %]' - set_PTDIR_DOCSDIR: | - PTDIR="$distdir/TorBrowser/Tor/PluggableTransports" - DOCSDIR="$distdir/TorBrowser/Docs/[% c("var/DOCSDIR_project") %]" - -targets: - notarget: linux-x86_64 - noint: - debug: 0 - - release: - var: - release: 1 - channel: release - alpha: - var: - alpha: 1 - channel: alpha - nightly: - fetch: 1 - var: - nightly: 1 - channel: nightly - ncdns_version: | - [% - IF ENV.TORBROWSER_NIGHTLY_VERSION; - GET ENV.TORBROWSER_NIGHTLY_VERSION; - ELSIF c("var/testbuild"); - GET "testbuild"; - ELSE; - GET c("var_p/nightly_ncdns_version"); - END; - -%] - # For nightly builds, we support updates for a limited set of locales - mar_locales: - - de - - es-ES - - fr - - ru - max_ncdns_incremental_from: 2 - build_infos_json: 1 - - ncdns-testbuild: - - testbuild - - alpha - testbuild: - var: - testbuild: 1 - # Don't create mar files to save time - build_mar: 0 - - # The common-buster target is used to build components that are common to all - # platforms, using Debian Buster. - common-buster: - var: - common: 1 - container: - suite: buster - arch: amd64 - pre_pkginst: '' - deps: - - build-essential - - python - - automake - - libtool - - zip - - unzip - - ncdns-android-armv7: - - android-armv7 - - android - android-armv7: - arch: armv7 - var: - android-armv7: 1 - osname: android-armv7 - toolchain_arch: arm - abi: armeabi-v7a - cross_prefix: armv7a-linux-androideabi - ncdns-android-x86: - - android-x86 - - android - android-x86: - arch: x86 - var: - android-x86: 1 - osname: android-x86 - toolchain_arch: x86 - abi: x86 - cross_prefix: i686-linux-android - ncdns-android-x86_64: - - android-x86_64 - - android - android-x86_64: - arch: x86_64 - var: - android-x86_64: 1 - osname: android-x86_64 - toolchain_arch: x86_64 - abi: x86_64 - cross_prefix: x86_64-linux-android - ncdns-android-aarch64: - - android-aarch64 - - android - android-aarch64: - arch: aarch64 - var: - android-aarch64: 1 - osname: android-aarch64 - toolchain_arch: arm64 - abi: arm64-v8a - cross_prefix: aarch64-linux-android - android: - var: - android: 1 - compiler: android-toolchain - android_min_api: '[% GET c("var/android_min_api_" _ c("arch")) %]' - CC: '[% c("var/cross_prefix") %][% c("var/android_min_api") %]-clang' - CXX: '[% c("var/cross_prefix") %][% c("var/android_min_api") %]-clang' - # API 16 is the minimum we currently support for 32 bit on Android - android_min_api_armv7: 16 - android_min_api_x86: 16 - # API 21 is the minimum we currently support for 64 bit on Android - android_min_api_x86_64: 21 - android_min_api_aarch64: 21 - # This is needed to get the offline build part for Glean right. - glean_parser: 1.29.0 - # We only build snowflake on the alpha and nightly - # channels for now. - snowflake: '[% c("var/alpha") || c("var/nightly") %]' - container: - suite: buster - arch: amd64 - disable_network: - # Disable network in the script for merging GeckoView .aar files - merge_aars: 1 - deps: - - build-essential - - python - - automake - - libtool - - zip - - unzip - - libtinfo5 - configure_opt: '--host=[% c("var/cross_prefix") %] CC=[% c("var/CC") %] [% c("var/configure_opt_project") %]' - - pre_pkginst: | - SNAPSHOT_VERSION=20191201T212855Z - OPENJDK_URL=https://snapshot.debian.org/archive/debian/$SNAPSHOT_VERSION/pool/main/o/openjdk-8 - JDK_VERSION=8u232-b09-1~deb9u1_amd64 - apt-get install -y -q wget ca-certificates-java - wget $OPENJDK_URL/openjdk-8-jdk-headless_$JDK_VERSION.deb - wget $OPENJDK_URL/openjdk-8-jre-headless_$JDK_VERSION.deb - echo 92b4f8fb77d793a86e0b03b3b0750592b40a26a5d75956d10dd984a7b3aad4c9 openjdk-8-jdk-headless_$JDK_VERSION.deb | sha256sum -c - echo 84bf52b6cce20ead08b0d5b9fd9b81b4aa3da385ca951b313fe11d5cb1aa4d17 openjdk-8-jre-headless_$JDK_VERSION.deb | sha256sum -c - dpkg -i ./openjdk-8-jre-headless_$JDK_VERSION.deb ./openjdk-8-jdk-headless_$JDK_VERSION.deb - ncdns-linux-x86_64: - - linux-x86_64 - - linux - ncdns-linux-x86_64-asan: - - linux-asan - - linux-x86_64 - - linux - ncdns-linux-i686: - - linux-i686 - - linux - linux-x86_64: - arch: x86_64 - var: - linux-x86_64: 1 - osname: linux-x86_64 - # We only support RLBox on the nightly channel and x86_64 for now - rlbox: '[% c("var/nightly") %]' - linux-i686: - arch: i686 - var: - linux-i686: 1 - osname: linux-i686 - configure_opt: '--host=i686-linux-gnu CFLAGS=-m32 CXXFLAGS=-m32 LDFLAGS=-m32 [% c("var/configure_opt_project") %]' - linux: - var: - linux: 1 - compiler: gcc - configure_opt: '[% c("var/configure_opt_project") %]' - # We only build snowflake on the alpha and nightly - # channels for now. - snowflake: '[% c("var/alpha") || c("var/nightly") %]' - # Only build Namecoin for linux on nightly - namecoin: '[% c("var/nightly") %]' - container: - suite: jessie - arch: amd64 - pre_pkginst: dpkg --add-architecture i386 - deps: - - libc6-dev-i386 - - lib32stdc++6 - - build-essential - - python - - bison - - hardening-wrapper - - automake - - libtool - - zip - - unzip - linux-asan: - var: - asan: 1 - # RLBox needs clang to create .wasm files but we use mostly GCC for our - # ASan builds. Thus, the compilation currently breaks with RLBox enabled. - # See: tor-browser-build#40063. - rlbox: 0 - - ncdns-windows-i686: - - windows-i686 - - windows - ncdns-windows-x86_64: - - windows-x86_64 - - windows - windows-x86_64: - arch: x86_64 - var: - windows-x86_64: 1 - windows-i686: 0 - osname: windows-x86_64 - # HEASLR is 64 bit only (see bug 12968) - flag_HEASLR: '-Wl,--high-entropy-va' - windows-i686: - arch: i686 - var: - windows-i686: 1 - windows-x86_64: 0 - osname: windows-i686 - # mingw-w64 does not support SEH on 32bit systems. Be explicit about that. - flag_noSEH: '-Wl,--no-seh' - windows: - var: - windows: 1 - container: - suite: buster - arch: amd64 - configure_opt: '--host=[% c("arch") %]-w64-mingw32 CFLAGS="[% c("var/CFLAGS") %]" LDFLAGS="[% c("var/LDFLAGS") %]" [% c("var/configure_opt_project") %]' - CFLAGS: '-fstack-protector-strong -fno-strict-overflow -Wno-missing-field-initializers -Wformat -Wformat-security [% c("var/flag_mwindows") %]' - LDFLAGS: '-Wl,--dynamicbase -Wl,--nxcompat -Wl,--enable-reloc-section -Wl,--no-insert-timestamp -lssp -L$gcclibs [% c("var/flag_HEASLR") %] [% c("var/flag_noSEH") %] [% c("var/flag_mwindows") %]' - flag_mwindows: '-mwindows' - compiler: mingw-w64 - faketime_path: /usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 - # We only build snowflake on the alpha and nightly - # channels for now. - snowflake: '[% c("var/alpha") || c("var/nightly") %]' - deps: - - build-essential - - python - - bison - - automake - - libtool - - zip - - unzip - - ncdns-osx-x86_64: - - osx-x86_64 - osx-x86_64: - arch: x86_64 - var: - osx: 1 - osname: osx-x86_64 - container: - suite: buster - arch: amd64 - compiler: 'macosx-toolchain' - configure_opt: '--host=x86_64-apple-darwin CC="x86_64-apple-darwin-clang [% c("var/FLAGS") %]" CXX="x86_64-apple-darwin-clang++ [% c("var/FLAGS") %]" [% c("var/configure_opt_project") %]' - FLAGS: "-target x86_64-apple-darwin -B $cctoolsdir -isysroot $sysrootdir" - LDFLAGS: "-Wl,-syslibroot,$sysrootdir -Wl,-dead_strip -Wl,-pie" - macosx_deployment_target: '10.9' - locale_ja: ja-JP-mac - # We only support RLBox on the nightly channel for now - rlbox: '[% c("var/nightly") %]' - # We only build snowflake on the alpha and nightly - # channels for now. - snowflake: '[% c("var/alpha") || c("var/nightly") %]' - deps: - - build-essential - - python - - automake - - libtool - - zip - - unzip - faketime_path: /usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 - set_PTDIR_DOCSDIR: | - PTDIR="$distdir/Contents/MacOS/Tor/PluggableTransports" - DOCSDIR="$distdir/Contents/Resources/TorBrowser/Docs/[% c("var/DOCSDIR_project") %]" - - # The no_build_id target can be useful if you want to quickly display - # a build template or other option but don't want to spend time to - # compute the various build ids - no_build_id: - # The defaut timestamp value will use the commit time of the - # selected commit for the project, which will require cloning the - # git repository if it is not present. When we use the no_build_id - # target to display a script, we usually don't care about such - # details, so we set timestamp to 0 to avoid unnecessary cloning. - timestamp: 0 - var: - build_id: 1 - - no_containers: - var: - container: - global_disable: 1 - -# change the default gpg_wrapper to allow git tag signed using an -# expired key. -# https://bugs.torproject.org/19737 -gpg_wrapper: | - #!/bin/bash - export LC_ALL=C - [% - IF c('gpg_keyring'); - SET gpg_kr = '--keyring ' _ path(c('gpg_keyring'), path(c('gpg_keyring_dir'))) _ ' --no-default-keyring'; - END; - -%] - gpg_verify=0 - for opt in "$@" - do - test "$opt" = '--verify' && gpg_verify=1 - done - if [ $gpg_verify = 1 ] - then - [% c('gpg_bin') %] [% c('gpg_args') %] --with-fingerprint [% gpg_kr %] "$@" | sed 's/^\[GNUPG:\] EXPKEYSIG /\[GNUPG:\] GOODSIG /' - exit ${PIPESTATUS[0]} - else - exec [% c('gpg_bin') %] [% c('gpg_args') %] --with-fingerprint [% gpg_kr %] "$@" - fi - -remote_start: '[% IF c("var/container/use_container") && ! c("var/container/global_disable") %][% c("runc/remote_start") %][% END %]' -remote_exec: '[% IF c("var/container/use_container") && ! c("var/container/global_disable") %][% c("runc/remote_exec") %][% END %]' -remote_put: '[% IF c("var/container/use_container") && ! c("var/container/global_disable") %][% c("runc/remote_put") %][% END %]' -remote_get: '[% IF c("var/container/use_container") && ! c("var/container/global_disable") %][% c("runc/remote_get") %][% END %]' -remote_finish: '[% IF c("var/container/use_container") && ! c("var/container/global_disable") %][% c("runc/remote_finish") %][% END %]' - -runc: - remote_start: | - #!/bin/sh - set -e - - # Handle SIGINT case - if [ -d '[% c("rbm_tmp_dir") %]'/../interrupted_dirs/'[% sha256(dest_dir _ '/' _ c("filename")) %]' ] - then - # We previously did this build but it was manually interrupted. - # Restore the container's saved state instead of making a new container. - mkdir -p '[% c("var/container/dir") %]' - rmdir '[% c("var/container/dir") %]' - mv '[% c("rbm_tmp_dir") %]'/../interrupted_dirs/'[% sha256(dest_dir _ '/' _ c("filename")) %]' '[% c("var/container/dir") %]' - exit - fi - - if [ $(ls -1 '[% c("remote_srcdir", { error_if_undef => 1 }) %]/container-image_'* | wc -l) -ne 1 ] - then - echo "Can't find container image in input files" >&2 - ls -l '[% c("remote_srcdir") %]' >&2 - exit 1 - fi - mkdir -p '[% c("var/container/dir") %]'/rootfs/rbm - sudo tar -C '[% c("var/container/dir") %]'/rootfs -xf $(ls -1 '[% c("remote_srcdir", { error_if_undef => 1 }) %]/container-image_'*) - [% SET user = c("var/container/user") -%] - [% c("remote_exec", { exec_as_root => 1, exec_cmd => 'id ' _ user - _ ' >/dev/null 2>&1 || adduser -m ' _ user _ ' || useradd -m ' _ user }) %] - - remote_exec: | - #!/bin/sh - set -e - [% IF c("interactive") -%] - echo Container directory: [% shell_quote(c("var/container/dir")) %] - [% END -%] - mkdir -p '[% c("var/container/dir", { error_if_undef => 1 }) %]'/rootfs/rbm - echo '#!/bin/sh' > '[% c("var/container/dir") %]'/rootfs/rbm/cmd - echo [% shell_quote(c('exec_cmd')) %] >> '[% c("var/container/dir") %]'/rootfs/rbm/cmd - echo '#!/bin/sh' > '[% c("var/container/dir") %]'/rootfs/rbm/run - [% IF c('exec_as_root'); SET user = 'root'; ELSE; SET user = c("var/container/user", { error_if_undef => 1 }); END; %] - echo 'su - [% user %] -c /rbm/cmd' >> '[% c("var/container/dir") %]'/rootfs/rbm/run - chmod +x '[% c("var/container/dir") %]'/rootfs/rbm/cmd - chmod +x '[% c("var/container/dir") %]'/rootfs/rbm/run - cat > '[% c("var/container/dir") %]'/config.json << EOF - [% INCLUDE 'runc-config.json' %] - EOF - [% IF c("var/container/disable_network/" _ c("exec_name")) -%] - sudo ip netns add 'rbm-[% sha256(c("build_id", { error_if_undef => 1 })) %]' - # make sure the lo interface is up (see bug 31293) - sudo ip netns exec 'rbm-[% sha256(c("build_id", { error_if_undef => 1 })) %]' ip link set lo up - [% END -%] - sudo runc [% IF c("var_p/runc100") %]run[% ELSE %]start[% END %] -b '[% c("var/container/dir") %]' rbm-[% sha256(c("build_id", { error_if_undef => 1 })) %] [% IF c("runc_hide_stderr") %]2>/dev/null[% END %] - [% IF c("var/container/disable_network/" _ c("exec_name")) -%] - sudo ip netns delete 'rbm-[% sha256(c("build_id", { error_if_undef => 1 })) %]' - [% END -%] - - remote_put: | - #!/bin/sh - set -e - [% - SET src = shell_quote(c('put_src', { error_if_undef => 1 })); - SET dst = shell_quote(c('put_dst', { error_if_undef => 1 })); - -%] - sudo mkdir -p '[% c("var/container/dir") %]'/rootfs/[% dst %] - sudo cp -aP [% src %] '[% c("var/container/dir") %]'/rootfs/[% dst %] - # On Ubuntu, the /root/.profile file contains a `mesg n` line which is - # producing some `stdin: is not a tty` messages. To hide them, we hide - # stderr from this part by setting runc_hide_stderr. - [% c("remote_exec", { exec_as_root => 1, exec_cmd => 'chown -R ' _ c("var/container/user") _ ' ' _ dst, runc_hide_stderr => 1 }) %] - - remote_get: | - #!/bin/sh - set -e - [% - SET src = shell_quote(c('get_src', { error_if_undef => 1 })); - SET dst = shell_quote(c('get_dst', { error_if_undef => 1 })); - -%] - mkdir -p [% dst %] - srcdir='[% c("var/container/dir", { error_if_undef => 1 }) %]'/rootfs/[% src %] - sudo chown -R $(whoami) "$srcdir" - if [ $(ls -1 "$srcdir"/* 2> /dev/null | wc -l) -gt 0 ] - then - for file in "$srcdir"/* - do - bname="$(basename "$file")" - test -e [% dst %]/"$bname" && rm -Rf [% dst %]/"$bname" - mv -f "$file" [% dst %]/ - done - fi - - remote_finish: | - #!/bin/sh - set -e - - # Handle SIGINT case - if [ -e '[% c("rbm_tmp_dir") %]'/../interrupted ] - then - # This build was manually interrupted via tools/container-interrupt.sh. - # Save the container's state instead of deleting, so we can resume - # the build later. - mkdir -p '[% c("rbm_tmp_dir") %]'/../interrupted_dirs - mv '[% c("var/container/dir") %]' '[% c("rbm_tmp_dir") %]'/../interrupted_dirs/'[% sha256(dest_dir _ '/' _ c("filename")) %]' - rm '[% c("rbm_tmp_dir") %]'/../interrupted - exit - fi - - sudo rm -Rf '[% c("var/container/dir", { error_if_undef => 1 }) %]'/rootfs '[% c("var/container/dir", { error_if_undef => 1 }) %]'/config.json - rmdir '[% c("var/container/dir") %]' - -ENV: - TZ: UTC - LC_ALL: C ---- | - # This part of the file contains options written in perl - use IO::CaptureOutput qw(capture_exec); - ( - var_p => { - # runc100 is true if we are using runc >= 1.0.0 - # we assume that any version that is not 0.1.1 is >= 1.0.0 - runc100 => sub { - my ($out) = capture_exec('sudo', 'runc', '--version'); - return !($out =~ m/^runc version 0.1.1/); - }, - # runc_spec100 is true if runc spec is at least 1.0.0 - # We will need to update this when there is a new spec version available - runc_spec100 => sub { - my ($out) = capture_exec('sudo', 'runc', '--version'); - return $out =~ m/^.*spec: 1\.[0-9]+\.[0-9]+(?:-dev)?$/m; - }, - nightly_ncdns_version => sub { - state $version = ''; - return $version if $version; - my (undef, undef, undef, $day, $mon, $year) = gmtime; - $version = sprintf("tbb-nightly.%u.%02u.%02u", $year + 1900, $mon + 1, $day); - return $version; - }, - nightly_ncdns_incremental_from => sub { - my ($project, $options) = @_; - my $nightly_dir = project_config($project, 'basedir', $options) . '/nightly'; - my $current_version = project_config($project, 'var/ncdns_version', $options); - use Path::Tiny; - return [] unless -d $nightly_dir; - my @dirs = sort map { $_->basename } path($nightly_dir)->children(qr/^tbb-nightly\./); - my $nb_incr = project_config($project, ['var', 'max_ncdns_incremental_from'], $options); - my @res; - while ($nb_incr > 0) { - my $dir = pop @dirs; - last unless $dir; - next if $dir eq $current_version; - $nb_incr--; - push @res, $dir; - } - return [@res]; - }, - }, - ) diff --git a/tools/checkpoints.patch b/tools/checkpoints.patch index 53fc49e..12caaf9 100644 --- a/tools/checkpoints.patch +++ b/tools/checkpoints.patch @@ -1,7 +1,7 @@ From 25b581c833679939408fa51ce1d43b55ae481d51 Mon Sep 17 00:00:00 2001 From: Jeremy Rand Date: Fri, 19 Feb 2021 00:23:40 +0000 -Subject: [PATCH 1/2] clang: Support rbm checkpointing +Subject: [PATCH 1/3] clang: Support rbm checkpointing --- projects/clang/build | 13 +++++++++++++ @@ -45,7 +45,7 @@ index c4c16d9..bb8283b 100644 From ab0c171fe1c82efed5cbaf657b06d7103f209cb9 Mon Sep 17 00:00:00 2001 From: Jeremy Rand Date: Sat, 20 Feb 2021 08:51:15 +0000 -Subject: [PATCH 2/2] macosx-toolchain: Support rbm checkpointing +Subject: [PATCH 2/3] macosx-toolchain: Support rbm checkpointing --- projects/macosx-toolchain/build | 13 +++++++++++++ @@ -84,3 +84,59 @@ index 5716a9e..94f6df1 100644 -- 2.20.1 + +From 18866ae3512d13c1581a5fedad68565b9cc2e592 Mon Sep 17 00:00:00 2001 +From: Jeremy Rand +Date: Mon, 22 Mar 2021 17:19:12 +0000 +Subject: [PATCH 3/3] rbm.conf: Support rbm checkpointing + +--- + rbm.conf | 25 +++++++++++++++++++++++++ + 1 file changed, 25 insertions(+) + +diff --git a/rbm.conf b/rbm.conf +index 76ab74b..8014570 100644 +--- a/rbm.conf ++++ b/rbm.conf +@@ -504,6 +504,18 @@ runc: + remote_start: | + #!/bin/sh + set -e ++ ++ # Handle SIGINT case ++ if [ -d '[% c("rbm_tmp_dir") %]'/../interrupted_dirs/'[% sha256(dest_dir _ '/' _ c("filename")) %]' ] ++ then ++ # We previously did this build but it was manually interrupted. ++ # Restore the container's saved state instead of making a new container. ++ mkdir -p '[% c("var/container/dir") %]' ++ rmdir '[% c("var/container/dir") %]' ++ mv '[% c("rbm_tmp_dir") %]'/../interrupted_dirs/'[% sha256(dest_dir _ '/' _ c("filename")) %]' '[% c("var/container/dir") %]' ++ exit ++ fi ++ + if [ $(ls -1 '[% c("remote_srcdir", { error_if_undef => 1 }) %]/container-image_'* | wc -l) -ne 1 ] + then + echo "Can't find container image in input files" >&2 +@@ -580,6 +592,19 @@ runc: + remote_finish: | + #!/bin/sh + set -e ++ ++ # Handle SIGINT case ++ if [ -e '[% c("rbm_tmp_dir") %]'/../interrupted ] ++ then ++ # This build was manually interrupted via tools/container-interrupt.sh. ++ # Save the container's state instead of deleting, so we can resume ++ # the build later. ++ mkdir -p '[% c("rbm_tmp_dir") %]'/../interrupted_dirs ++ mv '[% c("var/container/dir") %]' '[% c("rbm_tmp_dir") %]'/../interrupted_dirs/'[% sha256(dest_dir _ '/' _ c("filename")) %]' ++ rm '[% c("rbm_tmp_dir") %]'/../interrupted ++ exit ++ fi ++ + sudo rm -Rf '[% c("var/container/dir", { error_if_undef => 1 }) %]'/rootfs '[% c("var/container/dir", { error_if_undef => 1 }) %]'/config.json + rmdir '[% c("var/container/dir") %]' + +-- +2.20.1 + diff --git a/tools/cirrus_build_project.sh b/tools/cirrus_build_project.sh index 748d689..8293624 100755 --- a/tools/cirrus_build_project.sh +++ b/tools/cirrus_build_project.sh @@ -29,9 +29,7 @@ cat rbm.local.conf.example | sed "s/#build_log: '-'/build_log: '-'/g" > rbm.loca cat tools/rbm.local.conf.onetarget | sed "s/CHANNEL/$CHANNEL/g" | sed "s/ncdns-all/ncdns-$OS-$ARCH/g" >> rbm.local.conf echo "Patching rbm..." -pushd tor-browser-build -patch -p1 < ../tools/checkpoints.patch -popd +./tools/patch-tor-to-namecoin.sh echo "Restoring caches..." cp -a ./out_cache1/* ./out/ || true diff --git a/tools/patch-tor-to-namecoin.sh b/tools/patch-tor-to-namecoin.sh index 7035fe4..72e2194 100755 --- a/tools/patch-tor-to-namecoin.sh +++ b/tools/patch-tor-to-namecoin.sh @@ -3,4 +3,13 @@ set -euxo pipefail shopt -s nullglob globstar -cat tor-browser-build/rbm.conf | sed "s/torbrowser/ncdns/g" > rbm.conf +pushd tor-browser-build +# Undo any of Namecoin's patches that might have been done previously. +git reset --hard HEAD +git clean -dfx +patch -p1 < ../tools/checkpoints.patch +popd + +# Rename torbrowser to ncdns +# Use ncdns_version from ncdns project +cat tor-browser-build/rbm.conf | sed "s/torbrowser/ncdns/g" | sed "s/ncdns_version: '.*'/ncdns_version: '[% pc(\"ncdns\", \"version\") %]'/g" > rbm.conf diff --git a/setup-submodule-symlinks b/tools/setup-submodule-symlinks.sh similarity index 100% rename from setup-submodule-symlinks rename to tools/setup-submodule-symlinks.sh