path: root/taskcluster/docker/firefox-snap
diff options
Diffstat (limited to '')
9 files changed, 550 insertions, 0 deletions
diff --git a/taskcluster/docker/firefox-snap/Dockerfile b/taskcluster/docker/firefox-snap/Dockerfile
new file mode 100644
index 0000000000..dc002c0133
--- /dev/null
+++ b/taskcluster/docker/firefox-snap/Dockerfile
@@ -0,0 +1,71 @@
+## The below code is from snapcraft/docker/stable.Dockerfile
+## The modifications done are part of the documentation for enabling core18 snaps.
+# /!\ The base image must follow the version of the `coreXX` package
+FROM ubuntu:focal
+ENV LANG='en_US.UTF-8' \
+ LANGUAGE='en_US:en' \
+ LC_ALL='en_US.UTF-8' \
+ PATH="/snap/bin:$PATH" \
+ SNAP='/snap/snapcraft/current' \
+ SNAP_NAME='snapcraft' \
+ SNAP_ARCH='amd64' \
+ TERM='dumb' \
+ TZ='Etc/UTC'
+RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
+# Grab dependencies. snapd is now required per
+RUN apt-get update && \
+ apt-get dist-upgrade --yes && \
+ apt-get install --yes \
+ curl \
+ jq \
+ squashfs-tools \
+ locales \
+ bzip2 \
+ curl \
+ gcc \
+ git \
+ python3 \
+ locales \
+ snapd \
+ sudo \
+ && \
+locale-gen "$LANG"
+RUN bash 'core20'
+RUN bash 'gnome-3-38-2004'
+RUN bash 'gnome-3-38-2004-sdk'
+RUN bash 'snapcraft'
+# Fix Python3 installation: Make sure we use the interpreter from
+# the snapcraft snap:
+RUN unlink /snap/snapcraft/current/usr/bin/python3 && \
+ ln -s /snap/snapcraft/current/usr/bin/python3.* /snap/snapcraft/current/usr/bin/python3 && \
+ echo /snap/snapcraft/current/lib/python3.*/site-packages >> /snap/snapcraft/current/usr/lib/python3/dist-packages/site-packages.pth
+# Create a snapcraft runner (TODO: move version detection to the core of snapcraft).
+RUN mkdir -p /snap/bin
+RUN echo "#!/bin/sh" > /snap/bin/snapcraft
+RUN snap_version="$(awk '/^version:/{print $2}' /snap/snapcraft/current/meta/snap.yaml)" && echo "export SNAP_VERSION=\"$snap_version\"" >> /snap/bin/snapcraft
+RUN echo 'exec "$SNAP/usr/bin/python3" "$SNAP/bin/snapcraft" "$@"' >> /snap/bin/snapcraft
+RUN chmod +x /snap/bin/snapcraft
+RUN mkdir /scripts/
+WORKDIR /scripts/
+# Copy everything in the docker/firefox-snap folder but the Dockerfile
+# XXX The following pattern is neither a regex nor a glob one. It's
+# documented at There's no
+# way of explicitly filtering out "Dockerfile". If one day, someone needs
+# to add a file starting with "D", then we must revisit the pattern below.
+COPY [^D]* /scripts/
+# Set a default command useful for debugging
+CMD ["/bin/bash", "--login"]
diff --git a/taskcluster/docker/firefox-snap/Makefile b/taskcluster/docker/firefox-snap/Makefile
new file mode 100644
index 0000000000..d71dc70881
--- /dev/null
+++ b/taskcluster/docker/firefox-snap/Makefile
@@ -0,0 +1,12 @@
+IMAGE_NAME = firefox-snapcraft
+ docker build -t $(FULL_IMAGE_NAME) --no-cache --rm .
+ docker push $(FULL_IMAGE_NAME):latest
+ docker pull $(FULL_IMAGE_NAME):latest
diff --git a/taskcluster/docker/firefox-snap/ b/taskcluster/docker/firefox-snap/
new file mode 100644
index 0000000000..7def88b2aa
--- /dev/null
+++ b/taskcluster/docker/firefox-snap/
@@ -0,0 +1,27 @@
+set -ex
+SNAP_METADATA="$(curl --header 'X-Ubuntu-Series: 16' "$SNAP_NAME?channel=$SNAP_CHANNEL")"
+set +x
+SNAP_SHA512="$(echo "$SNAP_METADATA" | jq '.download_sha512' -r)"
+SNAP_DOWNLOAD_URL="$(echo "$SNAP_METADATA" | jq '.download_url' -r)"
+SNAP_LAST_UPDATED="$(echo "$SNAP_METADATA" | jq '.last_updated' -r)"
+SNAP_REVISION="$(echo "$SNAP_METADATA" | jq '.revision' -r)"
+SNAP_VERSION="$(echo "$SNAP_METADATA" | jq '.version' -r)"
+set -x
+echo "Downloading $SNAP_NAME, version $SNAP_VERSION, revision $SNAP_REVISION (last updated: $SNAP_LAST_UPDATED)..."
+curl --location "$SNAP_DOWNLOAD_URL" --output "$SNAP_NAME.snap"
+sha512sum -c <(echo "$SNAP_SHA512 $SNAP_NAME.snap")
+unsquashfs -d "$SNAP_INSTALL_LOCATION/$SNAP_NAME/current" "$SNAP_NAME.snap"
+rm "$SNAP_NAME.snap"
+echo "$SNAP_NAME version $SNAP_VERSION has correctly been uploaded and installed." \ No newline at end of file
diff --git a/taskcluster/docker/firefox-snap/ b/taskcluster/docker/firefox-snap/
new file mode 100644
index 0000000000..07bc007a31
--- /dev/null
+++ b/taskcluster/docker/firefox-snap/
@@ -0,0 +1,15 @@
+#!/usr/bin/env python3
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at
+import json
+import sys
+l10n_changesets_json_path = sys.argv[1]
+with open(l10n_changesets_json_path) as f:
+ locales = json.load(f).keys()
+linux_locales = [l for l in locales if l != "ja-JP-mac"]
diff --git a/taskcluster/docker/firefox-snap/firefox.desktop b/taskcluster/docker/firefox-snap/firefox.desktop
new file mode 100644
index 0000000000..73e36e8d83
--- /dev/null
+++ b/taskcluster/docker/firefox-snap/firefox.desktop
@@ -0,0 +1,219 @@
+[Desktop Entry]
+Name=Firefox Web Browser
+Name[ar]=متصفح الويب فَيَرفُكْس
+Name[ast]=Restolador web Firefox
+Name[bn]=ফায়ারফক্স ওয়েব ব্রাউজার
+Name[ca]=Navegador web Firefox
+Name[cs]=Firefox Webový prohlížeč
+Name[da]=Firefox - internetbrowser
+Name[el]=Περιηγητής Firefox
+Name[es]=Navegador web Firefox
+Name[et]=Firefoxi veebibrauser
+Name[fa]=مرورگر اینترنتی Firefox
+Name[fr]=Navigateur Web Firefox
+Name[gl]=Navegador web Firefox
+Name[he]=דפדפן האינטרנט Firefox
+Name[hr]=Firefox web preglednik
+Name[hu]=Firefox webböngésző
+Name[it]=Firefox Browser Web
+Name[ja]=Firefox ウェブ・ブラウザ
+Name[ko]=Firefox 웹 브라우저
+Name[ku]=Geroka torê Firefox
+Name[lt]=Firefox interneto naršyklė
+Name[nb]=Firefox Nettleser
+Name[nl]=Firefox webbrowser
+Name[nn]=Firefox Nettlesar
+Name[no]=Firefox Nettleser
+Name[pl]=Przeglądarka WWW Firefox
+Name[pt]=Firefox Navegador Web
+Name[pt_BR]=Navegador Web Firefox
+Name[ro]=Firefox – Navigator Internet
+Name[ru]=Веб-браузер Firefox
+Name[sk]=Firefox - internetový prehliadač
+Name[sl]=Firefox spletni brskalnik
+Name[sv]=Firefox webbläsare
+Name[tr]=Firefox Web Tarayıcısı
+Name[ug]=Firefox توركۆرگۈ
+Name[uk]=Веб-браузер Firefox
+Name[vi]=Trình duyệt web Firefox
+Name[zh_CN]=Firefox 网络浏览器
+Name[zh_TW]=Firefox 網路瀏覽器
+Comment=Browse the World Wide Web
+Comment[ar]=تصفح الشبكة العنكبوتية العالمية
+Comment[ast]=Restola pela Rede
+Comment[bn]=ইন্টারনেট ব্রাউজ করুন
+Comment[ca]=Navegueu per la web
+Comment[cs]=Prohlížení stránek World Wide Webu
+Comment[da]=Surf på internettet
+Comment[de]=Im Internet surfen
+Comment[el]=Μπορείτε να περιηγηθείτε στο διαδίκτυο (Web)
+Comment[es]=Navegue por la web
+Comment[et]=Lehitse veebi
+Comment[fa]=صفحات شبکه جهانی اینترنت را مرور نمایید
+Comment[fi]=Selaa Internetin WWW-sivuja
+Comment[fr]=Naviguer sur le Web
+Comment[gl]=Navegar pola rede
+Comment[he]=גלישה ברחבי האינטרנט
+Comment[hr]=Pretražite web
+Comment[hu]=A világháló böngészése
+Comment[it]=Esplora il web
+Comment[ko]=웹을 돌아 다닙니다
+Comment[ku]=Li torê bigere
+Comment[lt]=Naršykite internete
+Comment[nb]=Surf på nettet
+Comment[nl]=Verken het internet
+Comment[nn]=Surf på nettet
+Comment[no]=Surf på nettet
+Comment[pl]=Przeglądanie stron WWW
+Comment[pt]=Navegue na Internet
+Comment[pt_BR]=Navegue na Internet
+Comment[ro]=Navigați pe Internet
+Comment[ru]=Доступ в Интернет
+Comment[sk]=Prehliadanie internetu
+Comment[sl]=Brskajte po spletu
+Comment[sv]=Surfa på webben
+Comment[tr]=İnternet'te Gezinin
+Comment[ug]=دۇنيادىكى توربەتلەرنى كۆرگىلى بولىدۇ
+Comment[uk]=Перегляд сторінок Інтернету
+Comment[vi]=Để duyệt các trang web
+GenericName=Web Browser
+GenericName[ar]=متصفح ويب
+GenericName[ast]=Restolador Web
+GenericName[bn]=ওয়েব ব্রাউজার
+GenericName[ca]=Navegador web
+GenericName[cs]=Webový prohlížeč
+GenericName[el]=Περιηγητής διαδικτύου
+GenericName[es]=Navegador web
+GenericName[fa]=مرورگر اینترنتی
+GenericName[fr]=Navigateur Web
+GenericName[gl]=Navegador Web
+GenericName[he]=דפדפן אינטרנט
+GenericName[hr]=Web preglednik
+GenericName[it]=Browser web
+GenericName[ko]=웹 브라우저
+GenericName[ku]=Geroka torê
+GenericName[lt]=Interneto naršyklė
+GenericName[pl]=Przeglądarka WWW
+GenericName[pt]=Navegador Web
+GenericName[pt_BR]=Navegador Web
+GenericName[ro]=Navigator Internet
+GenericName[sk]=Internetový prehliadač
+GenericName[sl]=Spletni brskalnik
+GenericName[tr]=Web Tarayıcı
+GenericName[vi]=Trình duyệt Web
+Keywords[tr]=İnternet;WWW;Tarayıcı;Web;Gezgin;Web sitesi;Site;sörf;çevrimiçi;tara
+Keywords[vi]=Internet;WWW;Browser;Web;Explorer;Trình duyệt;Trang web
+Exec=firefox %u
+[Desktop Action NewWindow]
+Name=Open a New Window
+Name[ar]=افتح نافذة جديدة
+Name[ast]=Abrir una ventana nueva
+Name[bn]=Abrir una ventana nueva
+Name[ca]=Obre una finestra nova
+Name[cs]=Otevřít nové okno
+Name[da]=Åbn et nyt vindue
+Name[de]=Ein neues Fenster öffnen
+Name[el]=Άνοιγμα νέου παραθύρου
+Name[es]=Abrir una ventana nueva
+Name[fi]=Avaa uusi ikkuna
+Name[fr]=Ouvrir une nouvelle fenêtre
+Name[gl]=Abrir unha nova xanela
+Name[he]=פתיחת חלון חדש
+Name[hr]=Otvori novi prozor
+Name[hu]=Új ablak nyitása
+Name[it]=Apri una nuova finestra
+Name[ko]=새 창 열기
+Name[ku]=Paceyeke nû veke
+Name[lt]=Atverti naują langą
+Name[nb]=Åpne et nytt vindu
+Name[nl]=Nieuw venster openen
+Name[pt]=Abrir nova janela
+Name[pt_BR]=Abrir nova janela
+Name[ro]=Deschide o fereastră nouă
+Name[ru]=Новое окно
+Name[sk]=Otvoriť nové okno
+Name[sl]=Odpri novo okno
+Name[sv]=Öppna ett nytt fönster
+Name[tr]=Yeni pencere aç
+Name[ug]=يېڭى كۆزنەك ئېچىش
+Name[uk]=Відкрити нове вікно
+Name[vi]=Mở cửa sổ mới
+Exec=firefox -new-window
+[Desktop Action NewPrivateWindow]
+Name=Open a New Private Window
+Name[ar]=افتح نافذة جديدة للتصفح الخاص
+Name[ca]=Obre una finestra nova en mode d'incògnit
+Name[de]=Ein neues privates Fenster öffnen
+Name[es]=Abrir una ventana privada nueva
+Name[fi]=Avaa uusi yksityinen ikkuna
+Name[fr]=Ouvrir une nouvelle fenêtre de navigation privée
+Name[he]=פתיחת חלון גלישה פרטית חדש
+Name[hu]=Új privát ablak nyitása
+Name[it]=Apri una nuova finestra anonima
+Name[nb]=Åpne et nytt privat vindu
+Name[ru]=Новое приватное окно
+Name[sl]=Odpri novo okno zasebnega brskanja
+Name[tr]=Yeni bir pencere aç
+Name[uk]=Відкрити нове вікно у потайливому режимі
+Exec=firefox -private-window
diff --git a/taskcluster/docker/firefox-snap/ b/taskcluster/docker/firefox-snap/
new file mode 100644
index 0000000000..82a65af2a8
--- /dev/null
+++ b/taskcluster/docker/firefox-snap/
@@ -0,0 +1,91 @@
+name: firefox
+summary: Mozilla Firefox web browser
+description: Firefox is a powerful, extensible web browser with support for modern web application technologies.
+confinement: strict
+grade: stable
+base: core20
+compression: lzo
+ firefox:
+ command: firefox
+ command-chain: [tmpdir]
+ desktop: distribution/firefox.desktop
+ extensions: [gnome-3-38]
+ environment:
+ slots:
+ - dbus-daemon
+ - mpris
+ plugs:
+ - avahi-observe
+ - browser-sandbox
+ - camera
+ - cups-control
+ - gsettings
+ - hardware-observe
+ - home
+ - joystick
+ - network
+ - network-observe
+ - opengl
+ - pulseaudio
+ - removable-media
+ - screen-inhibit-control
+ - system-packages-doc
+ - u2f-devices
+ - unity7
+ - upower-observe
+ browser-sandbox:
+ interface: browser-support
+ allow-sandbox: true
+ etc-firefox-policies:
+ interface: system-files
+ read: [/etc/firefox/policies]
+ /usr/share/libdrm:
+ bind: $SNAP/gnome-platform/usr/share/libdrm
+ firefox:
+ plugin: dump
+ source: source
+ stage-packages:
+ - libxt6
+ - libasound2
+ - libpci3
+ - libpulse0
+ - libgl1-mesa-dri
+ - libgl1-mesa-glx
+ - libmirclient9
+ - desktop-file-utils
+ - ffmpeg
+ - libc-bin
+ - locales-all
+ - libcurl3-gnutls
+ prime:
+ - -usr/lib/*/libharfbuzz*
+ - -usr/lib/*/*pango*
+ # Find files provided by the base and platform snap and ensure they aren't
+ # duplicated in this snap
+ cleanup:
+ after: [firefox]
+ plugin: nil
+ build-snaps: [core20, gnome-3-38-2004]
+ override-prime: |
+ set -eux
+ for snap in "core20" "gnome-3-38-2004"; do
+ cd "/snap/$snap/current" && find . -type f,l -exec rm -f "$SNAPCRAFT_PRIME/{}" \;
+ done
+ dbus-daemon:
+ interface: dbus
+ bus: session
+ name: org.mozilla.firefox
diff --git a/taskcluster/docker/firefox-snap/policies.json b/taskcluster/docker/firefox-snap/policies.json
new file mode 100644
index 0000000000..f36622021f
--- /dev/null
+++ b/taskcluster/docker/firefox-snap/policies.json
@@ -0,0 +1,5 @@
+ "policies": {
+ "DisableAppUpdate": true
+ }
diff --git a/taskcluster/docker/firefox-snap/ b/taskcluster/docker/firefox-snap/
new file mode 100755
index 0000000000..da084109cc
--- /dev/null
+++ b/taskcluster/docker/firefox-snap/
@@ -0,0 +1,104 @@
+set -xe
+# Thunderbird Snap builds will set this to "thunderbird"
+: PRODUCT "${PRODUCT:=firefox}"
+# Required env variables
+test "$VERSION"
+test "$L10N_CHANGESETS"
+# Optional env variables
+: WORKSPACE "${WORKSPACE:=/home/worker/workspace}"
+: ARTIFACTS_DIR "${ARTIFACTS_DIR:=/home/worker/artifacts}"
+SCRIPT_DIRECTORY="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+mkdir -p "$ARTIFACTS_DIR"
+rm -rf "$SOURCE_DEST" && mkdir -p "$SOURCE_DEST"
+CURL="curl --location --retry 10 --retry-delay 10"
+# Download and extract en-US linux64 binary
+$CURL -o "${WORKSPACE}/${PRODUCT}.tar.bz2" \
+ "${CANDIDATES_DIR}/${VERSION}-candidates/build${BUILD_NUMBER}/linux-x86_64/en-US/${PRODUCT}-${VERSION}.tar.bz2"
+tar -C "$SOURCE_DEST" -xf "${WORKSPACE}/${PRODUCT}.tar.bz2" --strip-components=1
+if [[ "$PRODUCT" == "firefox" ]]; then
+ # Get Ubuntu configuration
+ git clone "$PARTNER_CONFIG_DIR"
+ mv "$PARTNER_CONFIG_DIR/desktop/ubuntu/distribution" "$DISTRIBUTION_DIR"
+ mkdir -p "$DISTRIBUTION_DIR"
+# Add a group policy file to disable app updates, as those are handled by snapd
+cp -v "$SCRIPT_DIRECTORY/policies.json" "$DISTRIBUTION_DIR"
+# Use list of locales to fetch L10N XPIs
+$CURL -o "${WORKSPACE}/l10n_changesets.json" "$L10N_CHANGESETS"
+locales=$(python3 "$SCRIPT_DIRECTORY/" "${WORKSPACE}/l10n_changesets.json")
+mkdir -p "$DISTRIBUTION_DIR/extensions"
+for locale in $locales; do
+ $CURL -o "$SOURCE_DEST/distribution/extensions/langpack-${locale}@${PRODUCT}" \
+ "$CANDIDATES_DIR/${VERSION}-candidates/build${BUILD_NUMBER}/linux-x86_64/xpi/${locale}.xpi"
+# In addition to the packages downloaded below, snapcraft fetches deb packages from,
+# when a snap is built,. They may bump packages there and remove the old ones. Updating the
+# database allows snapcraft to find the latest packages.
+# For more context, see 1448239
+apt-get update
+# Extract from Ubuntu language packs
+apt download language-pack-gnome-*-base
+for i in *.deb; do
+ # shellcheck disable=SC2086
+ dpkg-deb --fsys-tarfile $i | tar xv -C "$SOURCE_DEST" --wildcards "./usr/share/locale-langpack/*/LC_MESSAGES/" || true
+# Add wrapper script to set TMPDIR appropriate for the snap
+# Generate snapcraft manifest
+sed -e "s/@VERSION@/${VERSION}/g" -e "s/@BUILD_NUMBER@/${BUILD_NUMBER}/g" "${PRODUCT}" > "${WORKSPACE}/snapcraft.yaml"
+cd "${WORKSPACE}"
+# Make sure snapcraft knows we're building amd64, even though we may not be on this arch.
+export SNAP_ARCH='amd64'
+mv -- *.snap "$TARGET_FULL_PATH"
+# Generate checksums file
+size=$(stat --printf="%s" "$TARGET_FULL_PATH")
+sha=$(sha512sum "$TARGET_FULL_PATH" | awk '{print $1}')
+echo "$sha sha512 $size $TARGET" > "$TARGET.checksums"
+echo "Generating signing manifest"
+hash=$(sha512sum "$TARGET.checksums" | awk '{print $1}')
+cat << EOF > signing_manifest.json
+[{"file_to_sign": "$TARGET.checksums", "hash": "$hash"}]
+# For posterity
+find . -ls
+cat "$TARGET.checksums"
+cat signing_manifest.json
diff --git a/taskcluster/docker/firefox-snap/tmpdir b/taskcluster/docker/firefox-snap/tmpdir
new file mode 100755
index 0000000000..e7e60801fa
--- /dev/null
+++ b/taskcluster/docker/firefox-snap/tmpdir
@@ -0,0 +1,6 @@
+# Set TMPDIR to be under the user's default Downloads dir
+export TMPDIR=$(xdg-user-dir DOWNLOAD)/firefox.tmp
+exec "$@"