github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 02:18:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(ci): downgrade runners to free tier (#10248)

Browse Source 
To avoid burning Azure credits, we move the runners back down to the
free tier. Now that caching is properly set up, this should incur only a
minor increase in CI time.
This commit is contained in:
Jamil
2025-08-26 13:48:45 -04:00
committed by GitHub
parent 6c485be45e
commit 8eb738e66a
26 changed files with 186 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
node_modules

21
.github/actions/setup-node/action.yml vendored
View File

@@ -1,6 +1,12 @@
name: "Setup Node"
description: "Sets up the correct Node version and installs pnpm"
inputs:
lockfile-dir:
description: "Path to the pnpm-lock.yaml file"
required: true
npmjs-token:
description: "NPMJS token to use for authentication"
required: true
node-version:
description: "Version of nodejs to install"
required: false
@@ -8,9 +14,22 @@ inputs:
runs:
using: "composite"
steps:
- name: Configure npm auth
shell: bash
run: |
if [[ -z "${{ inputs.npmjs-token }}" ]]; then
echo "inputs.npmjs-token not provided" >&2
exit 1
fi
cat > "$HOME/.npmrc" <<'RC'
always-auth=true
//registry.npmjs.org/:_authToken=${{ inputs.npmjs-token }}
RC
- uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0
with:
version: 9.3
version: latest
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ inputs.node-version }}
cache: pnpm
cache-dependency-path: ${{ inputs.lockfile-dir }}

20
.github/actions/setup-rust/action.yml vendored
View File

@@ -44,16 +44,19 @@ runs:
- name: Extract Rust version
run: |
RUST_TOOLCHAIN=$(grep 'channel' rust-toolchain.toml | awk -F '"' '{print $2}')
RUST_TOOLCHAIN=$(grep 'channel' rust/rust-toolchain.toml | awk -F '"' '{print $2}')
echo "RUST_TOOLCHAIN=$RUST_TOOLCHAIN" >> $GITHUB_ENV
shell: bash
working-directory: ./rust
- uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b # v1
- uses: actions-rust-lang/setup-rust-toolchain@ab6845274e2ff01cd4462007e1a9d9df1ab49f42 # v1
id: toolchain
with:
toolchain: ${{ env.RUST_TOOLCHAIN }}
components: rustfmt,clippy
target: ${{ inputs.targets }}
cache: true
cache-on-failure: true
rustflags: "" # Don't set -D warnings by default
# We use Azure Blob Storage for sccache because credits and GHA cache is too small (10 GB).
# For this to work, you need an Azure Storage account and a blob container named `sccache`.
@@ -66,16 +69,15 @@ runs:
echo "SCCACHE_AZURE_BLOB_CONTAINER=sccache" >> $GITHUB_ENV
echo "RUSTC_WRAPPER=$SCCACHE_PATH" >> $GITHUB_ENV
- if: inputs.targets != ''
run: rustup target add ${{ inputs.targets }}
shell: bash
- name: Install nightly Rust
id: nightly
run: |
NIGHTLY="nightly-2025-05-30"
rustup toolchain install $NIGHTLY
rustup component add rust-src --toolchain $NIGHTLY
# Check if nightly toolchain is already installed
if ! rustup toolchain list | grep -q "$NIGHTLY"; then
rustup toolchain install $NIGHTLY
rustup component add rust-src --toolchain $NIGHTLY
fi
echo "nightly=$NIGHTLY" >> $GITHUB_OUTPUT
shell: bash

28
.github/actions/setup-tauri-v2/action.yml vendored
View File

@@ -5,18 +5,36 @@ inputs:
runtime:
description: "Whether to also set up runtime dependencies"
required: false
default: false
default: "false"
runs:
using: "composite"
steps:
- name: Cache apt packages
if: ${{ runner.os == 'Linux' }}
uses: actions/cache@v4
id: apt-cache
with:
path: ~/apt-cache
key: ${{ runner.os }}-apt-tauri-${{ hashFiles('.github/actions/setup-tauri-v2/action.yml') }}
restore-keys: |
${{ runner.os }}-apt-tauri-
- name: Restore cached apt packages
if: ${{ runner.os == 'Linux' && steps.apt-cache.outputs.cache-hit == 'true' }}
run: |
sudo cp ~/apt-cache/*.deb /var/cache/apt/archives/ 2>/dev/null || true
shell: bash
- name: Apt-get update
if: ${{ runner.os == 'Linux' }}
run: sudo apt-get update
shell: bash
- name: Install Tauri build deps
if: ${{ runner.os == 'Linux' }}
run: sudo apt-get --yes install build-essential curl file libwebkit2gtk-4.1-dev libayatana-appindicator3-dev librsvg2-dev libssl-dev libxdo-dev wget
shell: bash
- name: Install gnome-keyring
if: ${{ runner.os == 'Linux' }}
run: sudo apt-get --yes install gnome-keyring
@@ -24,10 +42,18 @@ runs:
# This is only needed if we'll launch the Tauri GUI, so it's redundant for clippy / test
# This is what the Tauri CI tests use
# <https://github.com/tauri-apps/tauri/blob/3fb414b61ad7cfce67751230826fddfb39effec5/.github/workflows/bench.yml#L74>
- name: Install Tauri runtime deps
if: ${{ runner.os == 'Linux' && inputs.runtime == 'true' }}
run: sudo apt-get --yes install at-spi2-core xvfb
shell: bash
- name: Save apt packages to cache
if: ${{ runner.os == 'Linux' && steps.apt-cache.outputs.cache-hit != 'true' }}
run: |
mkdir -p ~/apt-cache
sudo cp /var/cache/apt/archives/*.deb ~/apt-cache/ 2>/dev/null || true
shell: bash
- uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
if: ${{ runner.os == 'Windows' && inputs.runtime == 'true' }}
id: cache-webview2-installer

15
.github/package.json vendored Normal file
View File

@@ -0,0 +1,15 @@
{
"name": ".github",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [],
"author": "",
"license": "ISC",
"devDependencies": {
"prettier": "^3.6.2"
}
}

24
.github/pnpm-lock.yaml generated vendored Normal file
View File

@@ -0,0 +1,24 @@
lockfileVersion: '9.0'
settings:
autoInstallPeers: true
excludeLinksFromLockfile: false
importers:
.:
devDependencies:
prettier:
specifier: ^3.6.2
version: 3.6.2
packages:
prettier@3.6.2:
resolution: {integrity: sha512-I7AIg5boAr5R0FFtJ6rCfD+LFsWHp81dolrFD8S79U9tb8Az2nGrJncnMSnys+bpQJfRUzqs9hnA81OAA3hCuQ==}
engines: {node: '>=14'}
hasBin: true
snapshots:
prettier@3.6.2: {}

14
.github/pre-commit-config.yaml vendored
View File

@@ -9,7 +9,19 @@ repos:
pass_filenames: false
- id: prettier
name: Prettier
entry: prettier --check --ignore-unknown .
entry: pnpm
args:
[
"--dir",
".github",
"exec",
"prettier",
"--ignore-path",
"../.prettierignore",
"--check",
"--ignore-unknown",
"../",
]
language: system
pass_filenames: false

13
.github/workflows/_build_artifacts.yml vendored
View File

@@ -46,7 +46,7 @@ permissions:
jobs:
control-plane:
name: ${{ matrix.image_name }}
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
@@ -132,7 +132,7 @@ jobs:
data-plane-windows:
name: client-windows-${{ matrix.target }}
if: ${{ inputs.image_prefix != 'perf' }} # Perf testing happens only on Linux
runs-on: windows-2022-xlarge
runs-on: windows-2022
defaults:
run:
working-directory: rust
@@ -193,7 +193,7 @@ jobs:
data-plane-linux:
name: ${{ matrix.name.image_name }}-${{ matrix.arch.shortname }}
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
defaults:
run:
working-directory: rust
@@ -292,11 +292,6 @@ jobs:
with:
targets: ${{ matrix.arch.target }}
sccache_azure_connection_string: ${{ secrets.SCCACHE_AZURE_CONNECTION_STRING }}
- name: Cache toolchain
uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # 4.2.3
with:
path: /tmp/toolchain
key: ${{ runner.os }}-${{ matrix.arch.shortname }}-musl-cross
- name: Install dependencies
run: ${{ matrix.arch.install_dependencies }}
- uses: taiki-e/install-action@d31232495ad76f47aad66e3501e47780b49f0f3e # v2.57.5
@@ -437,7 +432,7 @@ jobs:
name: merge-${{ matrix.image.name }}
needs: data-plane-linux
if: ${{ always() }}
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:

2
.github/workflows/_codeql.yml vendored
View File

@@ -8,7 +8,7 @@ on:
jobs:
analyze:
name: analyze-${{ matrix.working-directory }}
runs-on: ${{ (matrix.language == 'swift' && 'macos-14-xlarge') || 'ubuntu-22.04-xlarge' }}
runs-on: ${{ (matrix.language == 'swift' && 'macos-14') || 'ubuntu-22.04' }}
timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
permissions:
actions: read

59
.github/workflows/_elixir.yml vendored
View File

@@ -4,7 +4,7 @@ on:
jobs:
unit-test:
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
defaults:
run:
working-directory: ./elixir
@@ -44,7 +44,7 @@ jobs:
reporter: java-junit
type-check:
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
defaults:
run:
working-directory: ./elixir
@@ -82,7 +82,7 @@ jobs:
run: mix dialyzer --format dialyxir
static-analysis:
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
defaults:
run:
working-directory: ./elixir
@@ -111,7 +111,7 @@ jobs:
run: mix deps.unlock --check-unused
migrations-and-seed-test:
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
defaults:
run:
working-directory: ./elixir
@@ -150,7 +150,7 @@ jobs:
name: acceptance-test-${{ matrix.MIX_TEST_PARTITION }}
permissions:
checks: write
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
defaults:
run:
working-directory: ./elixir
@@ -184,62 +184,19 @@ jobs:
with:
mix_env: ${{ env.MIX_ENV }}
- uses: ./.github/actions/setup-node
with:
npmjs-token: ${{ secrets.NPMJS_TOKEN }}
lockfile-dir: ./elixir/apps/web/assets
- name: Compile Application
run: mix compile --warnings-as-errors
# Front-End deps cache
- uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
name: pnpm Web Deps Cache
id: pnpm-web-deps-cache
env:
cache-name: pnpm-deps-web
with:
path: |
elixir/apps/web/assets/node_modules
elixir/esbuild-*
elixir/tailwind-*
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/pnpm-lock.yaml') }}
- name: Install Front-End Dependencies
if: ${{ steps.pnpm-web-deps-cache.outputs.cache-hit != 'true' }}
run: |
cd apps/web
mix assets.setup
- uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
name: Save pnpm Deps Cache
if: ${{ github.ref_name == 'main' }}
env:
cache-name: pnpm-deps-web
with:
path: |
elixir/apps/web/assets/node_modules
elixir/esbuild-*
elixir/tailwind-*
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/pnpm-lock.yaml') }}
# Front-End build cache, it rarely changes so we cache it aggressively too
- uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
name: Web Assets Cache
id: pnpm-web-build-cache
env:
cache-name: pnpm-build-web
with:
path: |
elixir/apps/web/assets/tmp
elixir/apps/web/priv/static
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/**') }}
- name: Build Web Assets
if: ${{ steps.pnpm-web-build-cache.outputs.cache-hit != 'true' }}
run: |
cd apps/web
mix assets.build
- uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
name: Save Web Assets Cache
if: ${{ github.ref_name == 'main' }}
env:
cache-name: pnpm-build-web
with:
path: |
elixir/apps/web/assets/tmp
elixir/apps/web/priv/static
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/**') }}
# Run tests
- name: Setup Database
run: |

2
.github/workflows/_integration_tests.yml vendored
View File

@@ -74,7 +74,7 @@ env:
jobs:
integration-tests:
name: ${{ matrix.test.name }}
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
permissions:
contents: read
id-token: write

8
.github/workflows/_kotlin.yml vendored
View File

@@ -14,7 +14,7 @@ permissions:
jobs:
static-analysis:
# Android SDK tools hardware accel is available only on Linux runners
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup-android
@@ -25,7 +25,7 @@ jobs:
update-release-draft:
name: update-release-draft
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
permissions:
contents: write # for updating the release draft
env:
@@ -52,7 +52,7 @@ jobs:
needs: update-release-draft
if: "${{ github.event_name == 'workflow_dispatch' }}"
# Android SDK tools hardware accel is available only on Linux runners
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
@@ -121,7 +121,7 @@ jobs:
build_debug:
# Android SDK tools hardware accel is available only on Linux runners
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
name: build-debug
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

30
.github/workflows/_rust.yml vendored
View File

@@ -23,7 +23,7 @@ jobs:
fail-fast: false
matrix:
# TODO: https://github.com/rust-lang/cargo/issues/5220
runs-on: [ubuntu-22.04-xlarge, macos-14-xlarge, windows-2022-xlarge]
runs-on: [ubuntu-22.04, macos-14, windows-2022]
runs-on: ${{ matrix.runs-on }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -65,13 +65,13 @@ jobs:
# TODO: https://github.com/rust-lang/cargo/issues/5220
runs-on:
[
ubuntu-22.04-xlarge,
ubuntu-24.04-xlarge,
macos-13-xlarge,
macos-14-xlarge,
macos-15-xlarge,
windows-2022-xlarge,
windows-2025-xlarge,
ubuntu-22.04,
ubuntu-24.04,
macos-13,
macos-14,
macos-15,
windows-2022,
windows-2025,
]
runs-on: ${{ matrix.runs-on }}
steps:
@@ -135,7 +135,7 @@ jobs:
fail-fast: false
matrix:
fuzz-target: [ip_packet]
runs-on: ubuntu-24.04-xlarge
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup-rust
@@ -157,12 +157,12 @@ jobs:
fail-fast: false
matrix:
include:
- { runs-on: windows-2022-xlarge, test: token-path-windows.ps1 }
- { runs-on: windows-2025-xlarge, test: token-path-windows.ps1 }
- { runs-on: ubuntu-22.04-xlarge, test: linux-group.sh }
- { runs-on: ubuntu-24.04-xlarge, test: linux-group.sh }
- { runs-on: ubuntu-22.04-xlarge, test: token-path-linux.sh }
- { runs-on: ubuntu-24.04-xlarge, test: token-path-linux.sh }
- { runs-on: windows-2022, test: token-path-windows.ps1 }
- { runs-on: windows-2025, test: token-path-windows.ps1 }
- { runs-on: ubuntu-22.04, test: linux-group.sh }
- { runs-on: ubuntu-24.04, test: linux-group.sh }
- { runs-on: ubuntu-22.04, test: token-path-linux.sh }
- { runs-on: ubuntu-24.04, test: token-path-linux.sh }
runs-on: ${{ matrix.runs-on }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

15
.github/workflows/_static-analysis.yml vendored
View File

@@ -7,7 +7,7 @@ on:
jobs:
pr-lint:
if: github.event_name == 'pull_request'
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
permissions:
@@ -32,7 +32,7 @@ jobs:
- uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 #v5.5.3
version-check:
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Check version is up to date
@@ -49,7 +49,7 @@ jobs:
fi
link-check:
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: lycheeverse/lychee-action@82202e5e9c2f4ef1a55a3d02563e1cb6041e5332 # v2.4.1
@@ -64,7 +64,7 @@ jobs:
- uses: raven-actions/actionlint@3a24062651993d40fed1019b58ac6fbdfbf276cc # v2.0.1
global-linter:
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
@@ -79,14 +79,15 @@ jobs:
- name: Install Python Dependencies
run: |
pip install -r .github/requirements.txt
- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
- uses: ./.github/actions/setup-node
with:
node-version: 20
npmjs-token: ${{ secrets.NPMJS_TOKEN }}
lockfile-dir: ./.github
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y shfmt
npm install -g prettier
pnpm i --frozen-lockfile --dir ./.github
- name: Run pre-commit
run: |
pre-commit install --config .github/pre-commit-config.yaml

4
.github/workflows/_swift.yml vendored
View File

@@ -6,7 +6,7 @@ on:
jobs:
update-release-draft:
name: update-release-draft
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
env:
# mark:next-apple-version
RELEASE_NAME: macos-client-1.5.8
@@ -26,7 +26,7 @@ jobs:
build:
name: ${{ matrix.job_name }}
needs: update-release-draft
runs-on: macos-15-xlarge
runs-on: macos-15
env:
XCODE_MAJOR: 16
permissions:

29
.github/workflows/_tauri.yml vendored
View File

@@ -23,7 +23,7 @@ jobs:
contents: write # for updating the release draft
id-token: write
name: update-release-draft
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
env:
# mark:next-gui-version
RELEASE_NAME: gui-client-1.5.7
@@ -41,10 +41,13 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
static-analysis:
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup-node
with:
npmjs-token: ${{ secrets.NPMJS_TOKEN }}
lockfile-dir: ./rust/gui-client
- run: pnpm install
- run: pnpm eslint .
@@ -55,13 +58,7 @@ jobs:
strategy:
fail-fast: false
matrix:
runs-on:
[
ubuntu-22.04-xlarge,
ubuntu-24.04-xlarge,
windows-2022-xlarge,
windows-2025-xlarge,
]
runs-on: [ubuntu-22.04, ubuntu-24.04, windows-2022, windows-2025]
runs-on: ${{ matrix.runs-on }}
defaults:
run:
@@ -71,11 +68,14 @@ jobs:
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: ./.github/actions/setup-node
with:
npmjs-token: ${{ secrets.NPMJS_TOKEN }}
lockfile-dir: ./rust/gui-client
- uses: ./.github/actions/setup-rust
with:
sccache_azure_connection_string: ${{ secrets.SCCACHE_AZURE_CONNECTION_STRING }}
- uses: ./.github/actions/setup-tauri-v2
timeout-minutes: 10
timeout-minutes: 15
with:
runtime: true
- run: pnpm install
@@ -103,15 +103,15 @@ jobs:
fail-fast: false
matrix:
include:
- runs-on: ubuntu-22.04-xlarge
- runs-on: ubuntu-22.04
arch: x86_64
os: linux
pkg-extension: deb
- runs-on: ubuntu-22.04-arm-xlarge
- runs-on: ubuntu-22.04-arm
arch: aarch64
os: linux
pkg-extension: deb
- runs-on: windows-2022-xlarge
- runs-on: windows-2022
arch: x86_64
os: windows
pkg-extension: msi
@@ -139,6 +139,9 @@ jobs:
with:
fetch-tags: true # Otherwise we cannot embed the correct version into the build.
- uses: ./.github/actions/setup-node
with:
npmjs-token: ${{ secrets.NPMJS_TOKEN }}
lockfile-dir: ./rust/gui-client
- uses: ./.github/actions/setup-rust
with:
sccache_azure_connection_string: ${{ secrets.SCCACHE_AZURE_CONNECTION_STRING }}

2
.github/workflows/cd.yml vendored
View File

@@ -37,7 +37,7 @@ jobs:
notify:
needs: ci
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
steps:
- name: Send 'checks-passed' event
env:

12
.github/workflows/ci.yml vendored
View File

@@ -21,7 +21,7 @@ concurrency:
jobs:
planner:
runs-on: ubuntu-latest-xlarge
runs-on: ubuntu-latest
outputs:
jobs_to_run: ${{ steps.plan.outputs.jobs_to_run }}
steps:
@@ -116,7 +116,7 @@ jobs:
required-check:
name: required-check
needs: planner
runs-on: ubuntu-latest-xlarge
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Wait for all jobs to complete
@@ -164,6 +164,7 @@ jobs:
needs: planner
if: contains(needs.planner.outputs.jobs_to_run, 'elixir')
uses: ./.github/workflows/_elixir.yml
secrets: inherit
rust:
needs: planner
if: contains(needs.planner.outputs.jobs_to_run, 'rust')
@@ -178,6 +179,7 @@ jobs:
needs: planner
if: contains(needs.planner.outputs.jobs_to_run, 'static-analysis')
uses: ./.github/workflows/_static-analysis.yml
secrets: inherit
codeql:
needs: planner
if: contains(needs.planner.outputs.jobs_to_run, 'codeql')
@@ -186,7 +188,7 @@ jobs:
update-release-draft:
name: update-release-draft-${{ matrix.config_name }}
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
@@ -275,7 +277,7 @@ jobs:
perf-tests:
name: perf-tests
needs: build-perf-artifacts
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
permissions:
contents: read
id-token: write
@@ -386,7 +388,7 @@ jobs:
upload-bencher:
continue-on-error: true
needs: perf-tests
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
permissions:
contents: read
id-token: write

2
.github/workflows/publish-to-winget.yml vendored
View File

@@ -12,7 +12,7 @@ on:
jobs:
publish_clients:
name: Publish ${{ matrix.identifier }} to winget
runs-on: windows-latest-xlarge
runs-on: windows-latest
strategy:
matrix:
include:

4
.github/workflows/publish.yml vendored
View File

@@ -21,7 +21,7 @@ jobs:
startsWith(inputs.release_name || github.event.release.name, 'gateway') ||
startsWith(inputs.release_name || github.event.release.name, 'headless-client')
}}
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
permissions:
# Needed to upload artifacts to a release
packages: write
@@ -80,7 +80,7 @@ jobs:
$SOURCE_TAG
create-publish-pr:
runs-on: ubuntu-latest-xlarge
runs-on: ubuntu-latest
strategy:
matrix:
include:

2
.github/workflows/sentry.yml vendored
View File

@@ -12,7 +12,7 @@ concurrency:
jobs:
create_sentry_release:
name: create_${{ matrix.component }}_sentry_release
runs-on: ubuntu-22.04-xlarge
runs-on: ubuntu-22.04
strategy:
matrix:
# TODO: This hack is needed because the macOS client isn't tagged as `apple-client`.

2
.github/workflows/website-links.yml vendored
View File

@@ -7,7 +7,7 @@ on:
jobs:
linkChecker:
runs-on: ubuntu-latest-xlarge
runs-on: ubuntu-latest
permissions:
issues: write # required for peter-evans/create-issue-from-file
steps:

1
.prettierignore
View File

@@ -10,6 +10,7 @@ website/.next
**/*.rs
**/*.wxs
**/pnpm-lock.yaml
.github/pnpm-lock.yaml
swift/apple/**/Contents.json
rust/gui-client/src-frontend/generated
rust/gui-client/dist

3
scripts/build/lib.sh
View File

@@ -12,9 +12,6 @@ function setup_runner() {
# Use the latest version of Xcode - matches what we typically use for development
sudo xcode-select --switch "$(ls -d /Applications/Xcode*${XCODE_MAJOR}*.app | sort -V | tail -n 1)"
# The GitHub runners stopped including the iOS SDK
xcodebuild -downloadPlatform iOS
profiles_path="$HOME/Library/Developer/Xcode/UserData/Provisioning Profiles"
keychain_pass=$(openssl rand -base64 32)
keychain_path="$(mktemp -d)/app-signing.keychain-db"

2
scripts/tests/perf/relayed-udp-client2server.sh
View File

@@ -8,7 +8,7 @@ install_iptables_drop_rules
docker compose exec --env RUST_LOG=info -it client /bin/sh -c 'iperf3 \
--time 30 \
--udp \
--bandwidth 450M \
--bandwidth 300M \
--client 172.20.0.110 \
--json' >>"${TEST_NAME}.json"

2
scripts/tests/perf/relayed-udp-server2client.sh
View File

@@ -9,7 +9,7 @@ docker compose exec --env RUST_LOG=info -it client /bin/sh -c 'iperf3 \
--time 30 \
--reverse \
--udp \
--bandwidth 450M \
--bandwidth 300M \
--client 172.20.0.110 \
--json' >>"${TEST_NAME}.json"