From f35c3809bf1240636d357aa7d11f22d9c6c06b53 Mon Sep 17 00:00:00 2001
From: mickael e <mickael@freedom.press>
Date: Wed, 29 May 2019 16:55:03 -0400
Subject: [PATCH 1/3] Update builder hash

Builder needed security updates
---
 molecule/builder-xenial/image_hash | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/molecule/builder-xenial/image_hash b/molecule/builder-xenial/image_hash
index 2ecf5ec2ea..414f932049 100644
--- a/molecule/builder-xenial/image_hash
+++ b/molecule/builder-xenial/image_hash
@@ -1,2 +1,2 @@
-# sha256 digest quay.io/freedomofpress/sd-docker-builder-xenial:2019_05_15
-20c4aa2c6a01a135379ff439ae439ce0ad80ec9e41db8c2b242f54310c536a92
+# sha256 digest quay.io/freedomofpress/sd-docker-builder-xenial:2019_05_29
+2b7e584a00d7bf584b7dbdc1c5df6b4e991ae266b67a6b0389ba388b7f920f63

From 7de960131530b8cf61f742cae5942a6db712bf3d Mon Sep 17 00:00:00 2001
From: mickael e <mickael@freedom.press>
Date: Thu, 30 May 2019 13:23:04 -0400
Subject: [PATCH 2/3] ci - skip app tests and install enchant for
 builder-updates

---
 .circleci/config.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 78310bfe35..02483921e6 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -289,7 +289,7 @@ jobs:
     docker:
       - image: gcr.io/cloud-builders/docker
     steps:
-      - run: apt-get install -y make virtualenv python-pip
+      - run: apt-get install -y make virtualenv python-pip enchant
       - checkout
       - setup_remote_docker
       - run: make ci-deb-tests
@@ -305,6 +305,7 @@ workflows:
               ignore:
                 - /docs-.*/
                 - /i18n-.*/
+                - /update-builder-.*/
           requires:
             - lint
       - python3-app-tests:
@@ -313,6 +314,7 @@ workflows:
               ignore:
                 - /docs-.*/
                 - /i18n-.*/
+                - /update-builder-.*/
           requires:
             - lint
       - admin-tests:
@@ -321,6 +323,7 @@ workflows:
               ignore:
                 - /docs-.*/
                 - /i18n-.*/
+                - /update-builder-.*/
           requires:
             - lint
       - fetch-tor-debs:
@@ -329,6 +332,7 @@ workflows:
               ignore:
                 - /docs-.*/
                 - /i18n-.*/
+                - /update-builder-.*/
           requires:
             - lint
       - updater-gui-tests:
@@ -337,6 +341,7 @@ workflows:
               ignore:
                 - /docs-.*/
                 - /i18n-.*/
+                - /update-builder-.*/
           requires:
             - lint
       - static-analysis-and-no-known-cves:

From de4c93c4374666a66ff5981bd3c5fe6d6f53c06d Mon Sep 17 00:00:00 2001
From: mickael e <mickael@freedom.press>
Date: Fri, 31 May 2019 10:34:16 -0400
Subject: [PATCH 3/3] Update builder hash and update deb test script

Builder image needed further updates
---
 devops/scripts/test-built-packages.sh | 2 +-
 molecule/builder-xenial/image_hash    | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/devops/scripts/test-built-packages.sh b/devops/scripts/test-built-packages.sh
index 98a6daf1fe..fbdd433245 100755
--- a/devops/scripts/test-built-packages.sh
+++ b/devops/scripts/test-built-packages.sh
@@ -11,4 +11,4 @@ set -o pipefail
 
 virtualenv_bootstrap
 
-make build-debs
+molecule test -s builder-xenial
diff --git a/molecule/builder-xenial/image_hash b/molecule/builder-xenial/image_hash
index 414f932049..bf710c4df0 100644
--- a/molecule/builder-xenial/image_hash
+++ b/molecule/builder-xenial/image_hash
@@ -1,2 +1,2 @@
-# sha256 digest quay.io/freedomofpress/sd-docker-builder-xenial:2019_05_29
-2b7e584a00d7bf584b7dbdc1c5df6b4e991ae266b67a6b0389ba388b7f920f63
+# sha256 digest quay.io/freedomofpress/sd-docker-builder-xenial:2019_05_31
+93cc5792cd73f1c6499866d9ab3c246c798ef77c434a4853637ad11ecaf5ead7