NSS:MacOSXTinderbox

From MozillaWiki
Jump to: navigation, search

NSS tinderbox build slave setup on Mac OS X

How to configure a Mac OS X computer to build and test NSS.

 export PATH=/opt/local/bin:$PATH
  • we need a reasonable command line mail tool, allowing us to connect to a remote SMTP server, let's install heirloom-mailx, and it's goot to have wget, too:
 port install mailx wget
  • optional: setup .ssh/autorized_keys
  • figure out which SMTP server to use, depending on the network, e.g. smtp.mozilla.org
  • edit $HOME/.profile and add this line
 export PATH=/opt/local/bin:$PATH
  • decide which email address to use for bounces (e.g. youremail+buildslaveidentifier@yourdomain)
  • switch login to user tinderbox, ensure that tools are in the path, by checking these commands (should give results pointing to /opt/local/bin)
  • send a test email to verify it's working
 echo hello | /opt/local/bin/mailx -v -S /usr/bin/sendmail -S smtp=smtp://smtp.mozilla.org -r youremail+buildslaveidentifier@yourdomain youremail@yourdomain
  • go to $HOME directory and checkout the tinderbox build/test scripts
 cvs -d :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot co mozilla/security/tinderlight
  • create data directories:
 mkdir -p $HOME/mozilla/security/tinderlight/data/mozilla-cvs
 mkdir $HOME/pkits
 cd $HOME/pkits
  • get PKITS_data.zip, e.g. using:
 wget http://kuix.de/mozilla/nss/PKITS_data.zip
 unzip PKITS_data.zip
  • (optional, should you decide to automatically backup the system, you should exclude the $HOME/mozilla/security/tinderlight/data directory)
  • adjust the scripts, go to mozilla/security/tinderlight and edit file env.sh:
  • there's no gmake on Mac, so change MAKE line to
 MAKE=make
  • change MAIL to good mail command for your environment, (also see above), like
 MAIL="/full/path/to/heirloom-mailx -S smtp=smtp://my.smtp.host:25 -r my-sender@email.address"
  • if necessary, adjust CVS_STABLE, e.g. use HEAD for nspr and jss, use NSS_3_13_4_BRANCH for all NSS directories, BUT DON'T change the line with ecl-curve.h (keep at 3_11_1_RTM)
  • enable the correct line for pkits, e.g.:
 export PKITS_DATA=$HOME/pkits
  • if desired, adjust CYCLE_MAX and CYCLE_TIME values
  • is your machine's IP registered in DNS? is your hostname a fully qualified domain name? If not, you must edit file config.sh and enable good HOST/DOMSUF lines. Test to ping the combination of HOST dot DOMSUF and ensure it works
  • have a look at
 ./tinder.sh --help
  • You must make a couple of decisions. If you have only a single machine, you'll probably want the build script to alternate between the various combinations. However, combining "--cycles" with other unspecified configurations (which call the script to alternate between the unspecified options) might not work reliably. Recommendation: Only use --cycles if you explicitly configure each of bits, opt and branches to exactly one value.
  • let's use a configuration that runs 32 bit, alternates between the branches (trunk/stable), and alternates between opt/debug, and runs all tests on each cycle, and doesn't test JSS.
  • Edit a file named "run" that we'll use to start the continous build test cycle, and insert
 ./tinder.sh --nojss --bits=32 --permcvs=$HOME/mozilla/security/tinderlight/data/mozilla-cvs
  • Save the file and
 chmod +x run
  • lacking ideas of how to automatically run this as a system service, we'll start it manually, and each time after the system boots. Start a "screen" session (if you don't get the nice bash prompt afterwards, type bash -l) and execute
 ./run
  • detach the screen session with "ctrl a d". You can later get back to the screen session with: screen -r (You may check if a screen session (or multiple ones) are active: screen -ls)