Skip to content

Signing scripts improvements

I think we can make the following improvements to the signing scripts we have in tools/signing:

  • have a common config file to set tor-browser version, alpha/release, locales, paths, etc ... So that we don't have to update those variables in all scripts, and can use the scripts unmodified on the signing machines
  • add a script to rsync the tools/signing directory to the linux and macos signing machines, to help keeping them in sync.
  • update the macos notarization script to skip the already notarized bundles. So that if the notarization of a bundle fails, we can re-run the script and restart where it failed.
  • add some scripts to rsync files between build machine, pkgstage, linux signer, mac signer, staticiforme
  • add a script to run the macos-signer reverse ssh tunnel
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information