diff --git a/.github/.gitignore b/.github/.gitignore new file mode 100644 index 000000000..3c3629e64 --- /dev/null +++ b/.github/.gitignore @@ -0,0 +1 @@ +node_modules diff --git a/.github/actions/setup-node/action.yml b/.github/actions/setup-node/action.yml index a505e221e..cff358115 100644 --- a/.github/actions/setup-node/action.yml +++ b/.github/actions/setup-node/action.yml @@ -1,6 +1,12 @@ name: "Setup Node" description: "Sets up the correct Node version and installs pnpm" inputs: + lockfile-dir: + description: "Path to the pnpm-lock.yaml file" + required: true + npmjs-token: + description: "NPMJS token to use for authentication" + required: true node-version: description: "Version of nodejs to install" required: false @@ -8,9 +14,22 @@ inputs: runs: using: "composite" steps: + - name: Configure npm auth + shell: bash + run: | + if [[ -z "${{ inputs.npmjs-token }}" ]]; then + echo "inputs.npmjs-token not provided" >&2 + exit 1 + fi + cat > "$HOME/.npmrc" <<'RC' + always-auth=true + //registry.npmjs.org/:_authToken=${{ inputs.npmjs-token }} + RC - uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 with: - version: 9.3 + version: latest - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: node-version: ${{ inputs.node-version }} + cache: pnpm + cache-dependency-path: ${{ inputs.lockfile-dir }} diff --git a/.github/actions/setup-rust/action.yml b/.github/actions/setup-rust/action.yml index 570dc12f7..2ca8ad4ee 100644 --- a/.github/actions/setup-rust/action.yml +++ b/.github/actions/setup-rust/action.yml @@ -44,16 +44,19 @@ runs: - name: Extract Rust version run: | - RUST_TOOLCHAIN=$(grep 'channel' rust-toolchain.toml | awk -F '"' '{print $2}') + RUST_TOOLCHAIN=$(grep 'channel' rust/rust-toolchain.toml | awk -F '"' '{print $2}') echo "RUST_TOOLCHAIN=$RUST_TOOLCHAIN" >> $GITHUB_ENV shell: bash - working-directory: ./rust - - uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b # v1 + - uses: actions-rust-lang/setup-rust-toolchain@ab6845274e2ff01cd4462007e1a9d9df1ab49f42 # v1 id: toolchain with: toolchain: ${{ env.RUST_TOOLCHAIN }} components: rustfmt,clippy + target: ${{ inputs.targets }} + cache: true + cache-on-failure: true + rustflags: "" # Don't set -D warnings by default # We use Azure Blob Storage for sccache because credits and GHA cache is too small (10 GB). # For this to work, you need an Azure Storage account and a blob container named `sccache`. @@ -66,16 +69,15 @@ runs: echo "SCCACHE_AZURE_BLOB_CONTAINER=sccache" >> $GITHUB_ENV echo "RUSTC_WRAPPER=$SCCACHE_PATH" >> $GITHUB_ENV - - if: inputs.targets != '' - run: rustup target add ${{ inputs.targets }} - shell: bash - - name: Install nightly Rust id: nightly run: | NIGHTLY="nightly-2025-05-30" - rustup toolchain install $NIGHTLY - rustup component add rust-src --toolchain $NIGHTLY + # Check if nightly toolchain is already installed + if ! rustup toolchain list | grep -q "$NIGHTLY"; then + rustup toolchain install $NIGHTLY + rustup component add rust-src --toolchain $NIGHTLY + fi echo "nightly=$NIGHTLY" >> $GITHUB_OUTPUT shell: bash diff --git a/.github/actions/setup-tauri-v2/action.yml b/.github/actions/setup-tauri-v2/action.yml index 500dcfaf0..133f244f7 100644 --- a/.github/actions/setup-tauri-v2/action.yml +++ b/.github/actions/setup-tauri-v2/action.yml @@ -5,18 +5,36 @@ inputs: runtime: description: "Whether to also set up runtime dependencies" required: false - default: false + default: "false" runs: using: "composite" steps: + - name: Cache apt packages + if: ${{ runner.os == 'Linux' }} + uses: actions/cache@v4 + id: apt-cache + with: + path: ~/apt-cache + key: ${{ runner.os }}-apt-tauri-${{ hashFiles('.github/actions/setup-tauri-v2/action.yml') }} + restore-keys: | + ${{ runner.os }}-apt-tauri- + + - name: Restore cached apt packages + if: ${{ runner.os == 'Linux' && steps.apt-cache.outputs.cache-hit == 'true' }} + run: | + sudo cp ~/apt-cache/*.deb /var/cache/apt/archives/ 2>/dev/null || true + shell: bash + - name: Apt-get update if: ${{ runner.os == 'Linux' }} run: sudo apt-get update shell: bash + - name: Install Tauri build deps if: ${{ runner.os == 'Linux' }} run: sudo apt-get --yes install build-essential curl file libwebkit2gtk-4.1-dev libayatana-appindicator3-dev librsvg2-dev libssl-dev libxdo-dev wget shell: bash + - name: Install gnome-keyring if: ${{ runner.os == 'Linux' }} run: sudo apt-get --yes install gnome-keyring @@ -24,10 +42,18 @@ runs: # This is only needed if we'll launch the Tauri GUI, so it's redundant for clippy / test # This is what the Tauri CI tests use # + - name: Install Tauri runtime deps if: ${{ runner.os == 'Linux' && inputs.runtime == 'true' }} run: sudo apt-get --yes install at-spi2-core xvfb shell: bash + + - name: Save apt packages to cache + if: ${{ runner.os == 'Linux' && steps.apt-cache.outputs.cache-hit != 'true' }} + run: | + mkdir -p ~/apt-cache + sudo cp /var/cache/apt/archives/*.deb ~/apt-cache/ 2>/dev/null || true + shell: bash - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 if: ${{ runner.os == 'Windows' && inputs.runtime == 'true' }} id: cache-webview2-installer diff --git a/.github/package.json b/.github/package.json new file mode 100644 index 000000000..51c5e3fa9 --- /dev/null +++ b/.github/package.json @@ -0,0 +1,15 @@ +{ + "name": ".github", + "version": "1.0.0", + "description": "", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "keywords": [], + "author": "", + "license": "ISC", + "devDependencies": { + "prettier": "^3.6.2" + } +} diff --git a/.github/pnpm-lock.yaml b/.github/pnpm-lock.yaml new file mode 100644 index 000000000..af0feb489 --- /dev/null +++ b/.github/pnpm-lock.yaml @@ -0,0 +1,24 @@ +lockfileVersion: '9.0' + +settings: + autoInstallPeers: true + excludeLinksFromLockfile: false + +importers: + + .: + devDependencies: + prettier: + specifier: ^3.6.2 + version: 3.6.2 + +packages: + + prettier@3.6.2: + resolution: {integrity: sha512-I7AIg5boAr5R0FFtJ6rCfD+LFsWHp81dolrFD8S79U9tb8Az2nGrJncnMSnys+bpQJfRUzqs9hnA81OAA3hCuQ==} + engines: {node: '>=14'} + hasBin: true + +snapshots: + + prettier@3.6.2: {} diff --git a/.github/pre-commit-config.yaml b/.github/pre-commit-config.yaml index ff7d744ea..6a63e6e38 100644 --- a/.github/pre-commit-config.yaml +++ b/.github/pre-commit-config.yaml @@ -9,7 +9,19 @@ repos: pass_filenames: false - id: prettier name: Prettier - entry: prettier --check --ignore-unknown . + entry: pnpm + args: + [ + "--dir", + ".github", + "exec", + "prettier", + "--ignore-path", + "../.prettierignore", + "--check", + "--ignore-unknown", + "../", + ] language: system pass_filenames: false diff --git a/.github/workflows/_build_artifacts.yml b/.github/workflows/_build_artifacts.yml index be61c567e..214558500 100644 --- a/.github/workflows/_build_artifacts.yml +++ b/.github/workflows/_build_artifacts.yml @@ -46,7 +46,7 @@ permissions: jobs: control-plane: name: ${{ matrix.image_name }} - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 strategy: fail-fast: false matrix: @@ -132,7 +132,7 @@ jobs: data-plane-windows: name: client-windows-${{ matrix.target }} if: ${{ inputs.image_prefix != 'perf' }} # Perf testing happens only on Linux - runs-on: windows-2022-xlarge + runs-on: windows-2022 defaults: run: working-directory: rust @@ -193,7 +193,7 @@ jobs: data-plane-linux: name: ${{ matrix.name.image_name }}-${{ matrix.arch.shortname }} - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 defaults: run: working-directory: rust @@ -292,11 +292,6 @@ jobs: with: targets: ${{ matrix.arch.target }} sccache_azure_connection_string: ${{ secrets.SCCACHE_AZURE_CONNECTION_STRING }} - - name: Cache toolchain - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # 4.2.3 - with: - path: /tmp/toolchain - key: ${{ runner.os }}-${{ matrix.arch.shortname }}-musl-cross - name: Install dependencies run: ${{ matrix.arch.install_dependencies }} - uses: taiki-e/install-action@d31232495ad76f47aad66e3501e47780b49f0f3e # v2.57.5 @@ -437,7 +432,7 @@ jobs: name: merge-${{ matrix.image.name }} needs: data-plane-linux if: ${{ always() }} - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 strategy: fail-fast: false matrix: diff --git a/.github/workflows/_codeql.yml b/.github/workflows/_codeql.yml index f2349d3ea..a7b67e132 100644 --- a/.github/workflows/_codeql.yml +++ b/.github/workflows/_codeql.yml @@ -8,7 +8,7 @@ on: jobs: analyze: name: analyze-${{ matrix.working-directory }} - runs-on: ${{ (matrix.language == 'swift' && 'macos-14-xlarge') || 'ubuntu-22.04-xlarge' }} + runs-on: ${{ (matrix.language == 'swift' && 'macos-14') || 'ubuntu-22.04' }} timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} permissions: actions: read diff --git a/.github/workflows/_elixir.yml b/.github/workflows/_elixir.yml index ed6ede3a3..6b1cc409c 100644 --- a/.github/workflows/_elixir.yml +++ b/.github/workflows/_elixir.yml @@ -4,7 +4,7 @@ on: jobs: unit-test: - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 defaults: run: working-directory: ./elixir @@ -44,7 +44,7 @@ jobs: reporter: java-junit type-check: - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 defaults: run: working-directory: ./elixir @@ -82,7 +82,7 @@ jobs: run: mix dialyzer --format dialyxir static-analysis: - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 defaults: run: working-directory: ./elixir @@ -111,7 +111,7 @@ jobs: run: mix deps.unlock --check-unused migrations-and-seed-test: - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 defaults: run: working-directory: ./elixir @@ -150,7 +150,7 @@ jobs: name: acceptance-test-${{ matrix.MIX_TEST_PARTITION }} permissions: checks: write - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 defaults: run: working-directory: ./elixir @@ -184,62 +184,19 @@ jobs: with: mix_env: ${{ env.MIX_ENV }} - uses: ./.github/actions/setup-node + with: + npmjs-token: ${{ secrets.NPMJS_TOKEN }} + lockfile-dir: ./elixir/apps/web/assets - name: Compile Application run: mix compile --warnings-as-errors - # Front-End deps cache - - uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 - name: pnpm Web Deps Cache - id: pnpm-web-deps-cache - env: - cache-name: pnpm-deps-web - with: - path: | - elixir/apps/web/assets/node_modules - elixir/esbuild-* - elixir/tailwind-* - key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/pnpm-lock.yaml') }} - name: Install Front-End Dependencies - if: ${{ steps.pnpm-web-deps-cache.outputs.cache-hit != 'true' }} run: | cd apps/web mix assets.setup - - uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 - name: Save pnpm Deps Cache - if: ${{ github.ref_name == 'main' }} - env: - cache-name: pnpm-deps-web - with: - path: | - elixir/apps/web/assets/node_modules - elixir/esbuild-* - elixir/tailwind-* - key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/pnpm-lock.yaml') }} - # Front-End build cache, it rarely changes so we cache it aggressively too - - uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 - name: Web Assets Cache - id: pnpm-web-build-cache - env: - cache-name: pnpm-build-web - with: - path: | - elixir/apps/web/assets/tmp - elixir/apps/web/priv/static - key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/**') }} - name: Build Web Assets - if: ${{ steps.pnpm-web-build-cache.outputs.cache-hit != 'true' }} run: | cd apps/web mix assets.build - - uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 - name: Save Web Assets Cache - if: ${{ github.ref_name == 'main' }} - env: - cache-name: pnpm-build-web - with: - path: | - elixir/apps/web/assets/tmp - elixir/apps/web/priv/static - key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/**') }} # Run tests - name: Setup Database run: | diff --git a/.github/workflows/_integration_tests.yml b/.github/workflows/_integration_tests.yml index 4e3f3cc3e..3db4b8bdb 100644 --- a/.github/workflows/_integration_tests.yml +++ b/.github/workflows/_integration_tests.yml @@ -74,7 +74,7 @@ env: jobs: integration-tests: name: ${{ matrix.test.name }} - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 permissions: contents: read id-token: write diff --git a/.github/workflows/_kotlin.yml b/.github/workflows/_kotlin.yml index 7c43ef6d5..c415f140b 100644 --- a/.github/workflows/_kotlin.yml +++ b/.github/workflows/_kotlin.yml @@ -14,7 +14,7 @@ permissions: jobs: static-analysis: # Android SDK tools hardware accel is available only on Linux runners - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: ./.github/actions/setup-android @@ -25,7 +25,7 @@ jobs: update-release-draft: name: update-release-draft - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 permissions: contents: write # for updating the release draft env: @@ -52,7 +52,7 @@ jobs: needs: update-release-draft if: "${{ github.event_name == 'workflow_dispatch' }}" # Android SDK tools hardware accel is available only on Linux runners - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 strategy: fail-fast: false matrix: @@ -121,7 +121,7 @@ jobs: build_debug: # Android SDK tools hardware accel is available only on Linux runners - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 name: build-debug steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 diff --git a/.github/workflows/_rust.yml b/.github/workflows/_rust.yml index 51ae6f784..d9220edfc 100644 --- a/.github/workflows/_rust.yml +++ b/.github/workflows/_rust.yml @@ -23,7 +23,7 @@ jobs: fail-fast: false matrix: # TODO: https://github.com/rust-lang/cargo/issues/5220 - runs-on: [ubuntu-22.04-xlarge, macos-14-xlarge, windows-2022-xlarge] + runs-on: [ubuntu-22.04, macos-14, windows-2022] runs-on: ${{ matrix.runs-on }} steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 @@ -65,13 +65,13 @@ jobs: # TODO: https://github.com/rust-lang/cargo/issues/5220 runs-on: [ - ubuntu-22.04-xlarge, - ubuntu-24.04-xlarge, - macos-13-xlarge, - macos-14-xlarge, - macos-15-xlarge, - windows-2022-xlarge, - windows-2025-xlarge, + ubuntu-22.04, + ubuntu-24.04, + macos-13, + macos-14, + macos-15, + windows-2022, + windows-2025, ] runs-on: ${{ matrix.runs-on }} steps: @@ -135,7 +135,7 @@ jobs: fail-fast: false matrix: fuzz-target: [ip_packet] - runs-on: ubuntu-24.04-xlarge + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: ./.github/actions/setup-rust @@ -157,12 +157,12 @@ jobs: fail-fast: false matrix: include: - - { runs-on: windows-2022-xlarge, test: token-path-windows.ps1 } - - { runs-on: windows-2025-xlarge, test: token-path-windows.ps1 } - - { runs-on: ubuntu-22.04-xlarge, test: linux-group.sh } - - { runs-on: ubuntu-24.04-xlarge, test: linux-group.sh } - - { runs-on: ubuntu-22.04-xlarge, test: token-path-linux.sh } - - { runs-on: ubuntu-24.04-xlarge, test: token-path-linux.sh } + - { runs-on: windows-2022, test: token-path-windows.ps1 } + - { runs-on: windows-2025, test: token-path-windows.ps1 } + - { runs-on: ubuntu-22.04, test: linux-group.sh } + - { runs-on: ubuntu-24.04, test: linux-group.sh } + - { runs-on: ubuntu-22.04, test: token-path-linux.sh } + - { runs-on: ubuntu-24.04, test: token-path-linux.sh } runs-on: ${{ matrix.runs-on }} steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 diff --git a/.github/workflows/_static-analysis.yml b/.github/workflows/_static-analysis.yml index 68de670b0..2a52d8d53 100644 --- a/.github/workflows/_static-analysis.yml +++ b/.github/workflows/_static-analysis.yml @@ -7,7 +7,7 @@ on: jobs: pr-lint: if: github.event_name == 'pull_request' - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} permissions: @@ -32,7 +32,7 @@ jobs: - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 #v5.5.3 version-check: - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check version is up to date @@ -49,7 +49,7 @@ jobs: fi link-check: - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: lycheeverse/lychee-action@82202e5e9c2f4ef1a55a3d02563e1cb6041e5332 # v2.4.1 @@ -64,7 +64,7 @@ jobs: - uses: raven-actions/actionlint@3a24062651993d40fed1019b58ac6fbdfbf276cc # v2.0.1 global-linter: - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 @@ -79,14 +79,15 @@ jobs: - name: Install Python Dependencies run: | pip install -r .github/requirements.txt - - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + - uses: ./.github/actions/setup-node with: - node-version: 20 + npmjs-token: ${{ secrets.NPMJS_TOKEN }} + lockfile-dir: ./.github - name: Install dependencies run: | sudo apt-get update sudo apt-get install -y shfmt - npm install -g prettier + pnpm i --frozen-lockfile --dir ./.github - name: Run pre-commit run: | pre-commit install --config .github/pre-commit-config.yaml diff --git a/.github/workflows/_swift.yml b/.github/workflows/_swift.yml index 64eaffd7f..153a7b956 100644 --- a/.github/workflows/_swift.yml +++ b/.github/workflows/_swift.yml @@ -6,7 +6,7 @@ on: jobs: update-release-draft: name: update-release-draft - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 env: # mark:next-apple-version RELEASE_NAME: macos-client-1.5.8 @@ -26,7 +26,7 @@ jobs: build: name: ${{ matrix.job_name }} needs: update-release-draft - runs-on: macos-15-xlarge + runs-on: macos-15 env: XCODE_MAJOR: 16 permissions: diff --git a/.github/workflows/_tauri.yml b/.github/workflows/_tauri.yml index 480f3c97f..94fcbd852 100644 --- a/.github/workflows/_tauri.yml +++ b/.github/workflows/_tauri.yml @@ -23,7 +23,7 @@ jobs: contents: write # for updating the release draft id-token: write name: update-release-draft - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 env: # mark:next-gui-version RELEASE_NAME: gui-client-1.5.7 @@ -41,10 +41,13 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} static-analysis: - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: ./.github/actions/setup-node + with: + npmjs-token: ${{ secrets.NPMJS_TOKEN }} + lockfile-dir: ./rust/gui-client - run: pnpm install - run: pnpm eslint . @@ -55,13 +58,7 @@ jobs: strategy: fail-fast: false matrix: - runs-on: - [ - ubuntu-22.04-xlarge, - ubuntu-24.04-xlarge, - windows-2022-xlarge, - windows-2025-xlarge, - ] + runs-on: [ubuntu-22.04, ubuntu-24.04, windows-2022, windows-2025] runs-on: ${{ matrix.runs-on }} defaults: run: @@ -71,11 +68,14 @@ jobs: steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: ./.github/actions/setup-node + with: + npmjs-token: ${{ secrets.NPMJS_TOKEN }} + lockfile-dir: ./rust/gui-client - uses: ./.github/actions/setup-rust with: sccache_azure_connection_string: ${{ secrets.SCCACHE_AZURE_CONNECTION_STRING }} - uses: ./.github/actions/setup-tauri-v2 - timeout-minutes: 10 + timeout-minutes: 15 with: runtime: true - run: pnpm install @@ -103,15 +103,15 @@ jobs: fail-fast: false matrix: include: - - runs-on: ubuntu-22.04-xlarge + - runs-on: ubuntu-22.04 arch: x86_64 os: linux pkg-extension: deb - - runs-on: ubuntu-22.04-arm-xlarge + - runs-on: ubuntu-22.04-arm arch: aarch64 os: linux pkg-extension: deb - - runs-on: windows-2022-xlarge + - runs-on: windows-2022 arch: x86_64 os: windows pkg-extension: msi @@ -139,6 +139,9 @@ jobs: with: fetch-tags: true # Otherwise we cannot embed the correct version into the build. - uses: ./.github/actions/setup-node + with: + npmjs-token: ${{ secrets.NPMJS_TOKEN }} + lockfile-dir: ./rust/gui-client - uses: ./.github/actions/setup-rust with: sccache_azure_connection_string: ${{ secrets.SCCACHE_AZURE_CONNECTION_STRING }} diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 916df494c..7c5aac041 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -37,7 +37,7 @@ jobs: notify: needs: ci - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 steps: - name: Send 'checks-passed' event env: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ce69e47cf..372ba60a5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,7 @@ concurrency: jobs: planner: - runs-on: ubuntu-latest-xlarge + runs-on: ubuntu-latest outputs: jobs_to_run: ${{ steps.plan.outputs.jobs_to_run }} steps: @@ -116,7 +116,7 @@ jobs: required-check: name: required-check needs: planner - runs-on: ubuntu-latest-xlarge + runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Wait for all jobs to complete @@ -164,6 +164,7 @@ jobs: needs: planner if: contains(needs.planner.outputs.jobs_to_run, 'elixir') uses: ./.github/workflows/_elixir.yml + secrets: inherit rust: needs: planner if: contains(needs.planner.outputs.jobs_to_run, 'rust') @@ -178,6 +179,7 @@ jobs: needs: planner if: contains(needs.planner.outputs.jobs_to_run, 'static-analysis') uses: ./.github/workflows/_static-analysis.yml + secrets: inherit codeql: needs: planner if: contains(needs.planner.outputs.jobs_to_run, 'codeql') @@ -186,7 +188,7 @@ jobs: update-release-draft: name: update-release-draft-${{ matrix.config_name }} - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 strategy: fail-fast: false matrix: @@ -275,7 +277,7 @@ jobs: perf-tests: name: perf-tests needs: build-perf-artifacts - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 permissions: contents: read id-token: write @@ -386,7 +388,7 @@ jobs: upload-bencher: continue-on-error: true needs: perf-tests - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 permissions: contents: read id-token: write diff --git a/.github/workflows/publish-to-winget.yml b/.github/workflows/publish-to-winget.yml index 2c9276f0f..f24bc9079 100644 --- a/.github/workflows/publish-to-winget.yml +++ b/.github/workflows/publish-to-winget.yml @@ -12,7 +12,7 @@ on: jobs: publish_clients: name: Publish ${{ matrix.identifier }} to winget - runs-on: windows-latest-xlarge + runs-on: windows-latest strategy: matrix: include: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index ecd4ac5b5..99c6332e5 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -21,7 +21,7 @@ jobs: startsWith(inputs.release_name || github.event.release.name, 'gateway') || startsWith(inputs.release_name || github.event.release.name, 'headless-client') }} - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 permissions: # Needed to upload artifacts to a release packages: write @@ -80,7 +80,7 @@ jobs: $SOURCE_TAG create-publish-pr: - runs-on: ubuntu-latest-xlarge + runs-on: ubuntu-latest strategy: matrix: include: diff --git a/.github/workflows/sentry.yml b/.github/workflows/sentry.yml index bea8d5ee1..d8976609b 100644 --- a/.github/workflows/sentry.yml +++ b/.github/workflows/sentry.yml @@ -12,7 +12,7 @@ concurrency: jobs: create_sentry_release: name: create_${{ matrix.component }}_sentry_release - runs-on: ubuntu-22.04-xlarge + runs-on: ubuntu-22.04 strategy: matrix: # TODO: This hack is needed because the macOS client isn't tagged as `apple-client`. diff --git a/.github/workflows/website-links.yml b/.github/workflows/website-links.yml index 992eb1f59..9f78d260e 100644 --- a/.github/workflows/website-links.yml +++ b/.github/workflows/website-links.yml @@ -7,7 +7,7 @@ on: jobs: linkChecker: - runs-on: ubuntu-latest-xlarge + runs-on: ubuntu-latest permissions: issues: write # required for peter-evans/create-issue-from-file steps: diff --git a/.prettierignore b/.prettierignore index 2a60f3ded..cb88b1c3b 100644 --- a/.prettierignore +++ b/.prettierignore @@ -10,6 +10,7 @@ website/.next **/*.rs **/*.wxs **/pnpm-lock.yaml +.github/pnpm-lock.yaml swift/apple/**/Contents.json rust/gui-client/src-frontend/generated rust/gui-client/dist diff --git a/scripts/build/lib.sh b/scripts/build/lib.sh index b0eddbd18..7bf9aa46e 100755 --- a/scripts/build/lib.sh +++ b/scripts/build/lib.sh @@ -12,9 +12,6 @@ function setup_runner() { # Use the latest version of Xcode - matches what we typically use for development sudo xcode-select --switch "$(ls -d /Applications/Xcode*${XCODE_MAJOR}*.app | sort -V | tail -n 1)" - # The GitHub runners stopped including the iOS SDK - xcodebuild -downloadPlatform iOS - profiles_path="$HOME/Library/Developer/Xcode/UserData/Provisioning Profiles" keychain_pass=$(openssl rand -base64 32) keychain_path="$(mktemp -d)/app-signing.keychain-db" diff --git a/scripts/tests/perf/relayed-udp-client2server.sh b/scripts/tests/perf/relayed-udp-client2server.sh index 54f7b7c7c..6985b9444 100755 --- a/scripts/tests/perf/relayed-udp-client2server.sh +++ b/scripts/tests/perf/relayed-udp-client2server.sh @@ -8,7 +8,7 @@ install_iptables_drop_rules docker compose exec --env RUST_LOG=info -it client /bin/sh -c 'iperf3 \ --time 30 \ --udp \ - --bandwidth 450M \ + --bandwidth 300M \ --client 172.20.0.110 \ --json' >>"${TEST_NAME}.json" diff --git a/scripts/tests/perf/relayed-udp-server2client.sh b/scripts/tests/perf/relayed-udp-server2client.sh index 2cbf88c7a..64e0f73a0 100755 --- a/scripts/tests/perf/relayed-udp-server2client.sh +++ b/scripts/tests/perf/relayed-udp-server2client.sh @@ -9,7 +9,7 @@ docker compose exec --env RUST_LOG=info -it client /bin/sh -c 'iperf3 \ --time 30 \ --reverse \ --udp \ - --bandwidth 450M \ + --bandwidth 300M \ --client 172.20.0.110 \ --json' >>"${TEST_NAME}.json"