From fd31152106d2e176f2b96e7e253248bb29f5439e Mon Sep 17 00:00:00 2001 From: Reactor Scram Date: Fri, 23 Feb 2024 11:57:39 -0600 Subject: [PATCH] refactor(ci): enable Linux do-nothing GUI builds (but not tests) in CI/CD, extract scripts for that (#3735) Builds a do-nothing `return 0` Linux client to make sure the CI/CD scripts are set up and producing AppImage / deb bundles as expected. ![image](https://github.com/firezone/firezone/assets/13400041/7d2d8f02-adde-4b1b-89ec-02aaf112ac48) --------- Signed-off-by: Reactor Scram --- .../actions/upload-gui-artifact/action.yml | 15 ++++ .github/workflows/_rust.yml | 70 +++++++++---------- .github/workflows/cd.yml | 62 +++++++++------- rust/gui-client/src-tauri/tauri.conf.json | 13 +++- scripts/build/tauri-rename-ubuntu.sh | 25 +++++++ scripts/build/tauri-rename-windows.sh | 20 ++++++ scripts/build/tauri-upload-ubuntu.sh | 12 ++++ scripts/build/tauri-upload-windows.sh | 10 +++ 8 files changed, 162 insertions(+), 65 deletions(-) create mode 100644 .github/actions/upload-gui-artifact/action.yml create mode 100755 scripts/build/tauri-rename-ubuntu.sh create mode 100755 scripts/build/tauri-rename-windows.sh create mode 100755 scripts/build/tauri-upload-ubuntu.sh create mode 100755 scripts/build/tauri-upload-windows.sh diff --git a/.github/actions/upload-gui-artifact/action.yml b/.github/actions/upload-gui-artifact/action.yml new file mode 100644 index 000000000..85dd10d71 --- /dev/null +++ b/.github/actions/upload-gui-artifact/action.yml @@ -0,0 +1,15 @@ +name: "Upload GUI artifact" +description: "Uploads an exe / package / installer for the Firezone GUI client" +inputs: + base: + description: "Base file name, e.g. `firezone-linux-gui-client_amd64.deb`" + required: true +runs: + using: "composite" + steps: + - uses: actions/upload-artifact@v4 + with: + name: ${{ inputs.base }} + path: | + ${{ github.workspace }}/rust/gui-client/${{ inputs.base }} + ${{ github.workspace }}/rust/gui-client/${{ inputs.base }}.sha256sum.txt diff --git a/.github/workflows/_rust.yml b/.github/workflows/_rust.yml index 6119962bd..3515d37bc 100644 --- a/.github/workflows/_rust.yml +++ b/.github/workflows/_rust.yml @@ -125,12 +125,15 @@ jobs: strategy: fail-fast: false matrix: - runs-on: - # TODO - # - ubuntu-20.04 - - windows-2019 + include: + - runs-on: ubuntu-20.04 + binary-dest-path: firezone-linux-gui-client + rename-script: ../../scripts/build/tauri-rename-ubuntu.sh + - runs-on: windows-2019 + binary-dest-path: firezone-windows-client + rename-script: ../../scripts/build/tauri-rename-windows.sh env: - BINARY_DEST_PATH: firezone-gui-client + BINARY_DEST_PATH: ${{ matrix.binary-dest-path }} CONNLIB_LOG_UPLOAD_INTERVAL_SECS: 300 steps: - uses: actions/checkout@v4 @@ -143,41 +146,36 @@ jobs: run: pnpm install - name: Build release exe and MSI run: pnpm build - - name: Compute SHA256 and rename - run: | - # Used for release artifact - # In release mode the name comes from tauri.conf.json - cp "../target/release/Firezone.exe" "${{ env.BINARY_DEST_PATH }}-x64.exe" - cp "../target/release/bundle/msi/*.msi" "${{ env.BINARY_DEST_PATH }}-x64.msi" - cp "../target/release/firezone_gui_client.pdb" "${{ env.BINARY_DEST_PATH }}-x64.pdb" - - Get-FileHash ${{ env.BINARY_DEST_PATH }}-x64.exe -Algorithm SHA256 | Select-Object Hash > ${{ env.BINARY_DEST_PATH }}-x64.exe.sha256sum.txt - Get-FileHash ${{ env.BINARY_DEST_PATH }}-x64.msi -Algorithm SHA256 | Select-Object Hash > ${{ env.BINARY_DEST_PATH }}-x64.msi.sha256sum.txt - Get-FileHash ${{ env.BINARY_DEST_PATH }}-x64.pdb -Algorithm SHA256 | Select-Object Hash > ${{ env.BINARY_DEST_PATH }}-x64.pdb.sha256sum.txt - - # This might catch regressions in #3384, depending how CI runners - # handle exit codes - git diff --exit-code - - name: Save GUI client - uses: actions/upload-artifact@v4 + - name: Rename artifacts and compute SHA256 + shell: bash + run: ${{ matrix.rename-script }} + - name: Save Linux client + if: ${{ runner.os == 'Linux' }} + uses: ./.github/actions/upload-gui-artifact with: - name: ${{ env.BINARY_DEST_PATH }}-x64 - path: | - ${{ github.workspace }}/rust/gui-client/${{ env.BINARY_DEST_PATH }}-x64.exe - ${{ github.workspace }}/rust/gui-client/${{ env.BINARY_DEST_PATH }}-x64.exe.sha256sum.txt + base: ${{ env.BINARY_DEST_PATH }}-amd64 + - name: Save Linux AppImage + if: ${{ runner.os == 'Linux' }} + uses: ./.github/actions/upload-gui-artifact + with: + base: ${{ env.BINARY_DEST_PATH }}_amd64.AppImage + - name: Save Linux deb package + if: ${{ runner.os == 'Linux' }} + uses: ./.github/actions/upload-gui-artifact + with: + base: ${{ env.BINARY_DEST_PATH }}_amd64.deb + - name: Save Windows client + if: ${{ runner.os == 'Windows' }} + uses: ./.github/actions/upload-gui-artifact + with: + base: ${{ env.BINARY_DEST_PATH }}-x64.exe - name: Save Windows MSI installer if: ${{ runner.os == 'Windows' }} - uses: actions/upload-artifact@v4 + uses: ./.github/actions/upload-gui-artifact with: - name: ${{ env.BINARY_DEST_PATH }}-x64-msi - path: | - ${{ github.workspace }}/rust/gui-client/${{ env.BINARY_DEST_PATH }}-x64.msi - ${{ github.workspace }}/rust/gui-client/${{ env.BINARY_DEST_PATH }}-x64.msi.sha256sum.txt + base: ${{ env.BINARY_DEST_PATH }}-x64.msi - name: Save Windows debug symbols if: ${{ runner.os == 'Windows' }} - uses: actions/upload-artifact@v4 + uses: ./.github/actions/upload-gui-artifact with: - name: ${{ env.BINARY_DEST_PATH }}-x64-pdb - path: | - ${{ github.workspace }}/rust/gui-client/${{ env.BINARY_DEST_PATH }}-x64.pdb - ${{ github.workspace }}/rust/gui-client/${{ env.BINARY_DEST_PATH }}-x64.pdb.sha256sum.txt + base: ${{ env.BINARY_DEST_PATH }}-x64.pdb diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index f8b1e3fcd..53aa3dbd1 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -116,10 +116,10 @@ jobs: - target: x86_64-unknown-linux-musl shortname: x64 platform: linux/amd64 - - target: aarch64-unknown-linux-musl # E.g. AWS Graviton + - target: aarch64-unknown-linux-musl # E.g. AWS Graviton shortname: arm64 platform: linux/arm64 - - target: armv7-unknown-linux-musleabihf # E.g. Raspberry Pi + - target: armv7-unknown-linux-musleabihf # E.g. Raspberry Pi platform: linux/arm/v7 shortname: arm # Requires ring v0.17 which a number of our dependencies don't yet support @@ -234,13 +234,14 @@ jobs: if-no-files-found: error retention-days: 1 - # Build for Windows - build-push-windows-release-artifacts: + # Build GUI for Windows / Linux + build-push-gui-release-artifacts: + name: build-gui-${{ matrix.runs-on }} + runs-on: ${{ matrix.runs-on }} permissions: id-token: write contents: write needs: update-release-draft - runs-on: windows-2019 defaults: run: working-directory: ./rust/gui-client @@ -249,39 +250,46 @@ jobs: # The matrix is 1x1 to match the style of build-push-linux-release-artifacts # In the future we could try to cross-compile aarch64-windows here. matrix: - name: - - package: firezone-gui-client - artifact: gui-client + include: + - runs-on: ubuntu-20.04 + binary-dest-path: firezone-linux-gui-client + rename-script: ../../scripts/build/tauri-rename-ubuntu.sh + - runs-on: windows-2019 + binary-dest-path: firezone-windows-client + rename-script: ../../scripts/build/tauri-rename-windows.sh env: - BINARY_DEST_PATH: firezone-${{ matrix.name.artifact }} + BINARY_DEST_PATH: ${{ matrix.binary-dest-path }} CONNLIB_LOG_UPLOAD_INTERVAL_SECS: 300 steps: - uses: actions/checkout@v4 - - uses: ./.github/actions/setup-rust - uses: ./.github/actions/setup-node + with: + node-version: '20' + - uses: ./.github/actions/setup-rust + - uses: ./.github/actions/setup-tauri - name: Install pnpm deps run: pnpm install - name: Build release exe and MSI run: pnpm build - - name: Compute SHA256 and rename - run: | - # Used for release artifact - # This should match 'build-tauri' in _rust.yml - cp "../target/release/bundle/msi/*.msi" "${{ env.BINARY_DEST_PATH }}-x64.msi" - - Get-FileHash ${{ env.BINARY_DEST_PATH }}-x64.msi -Algorithm SHA256 | Select-Object Hash > ${{ env.BINARY_DEST_PATH }}-x64.msi.sha256sum.txt - - name: Upload Release Assets + - name: Rename artifacts and compute SHA256 + shell: bash + run: ${{ matrix.rename-script }} + - name: Upload Release Assets (Linux) + if: ${{ runner.os == 'Linux' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - # Upload Windows MSI - - # This artifact name is tied to the update checker in `gui-client/src-tauri/src/client/updates.rs` - gh release upload ${{ needs.update-release-draft.outputs.tag_name }} ` - ${{ env.BINARY_DEST_PATH }}-x64.msi ` - ${{ env.BINARY_DEST_PATH }}-x64.msi.sha256sum.txt ` - --clobber ` - --repo ${{ github.repository }} + REPOSITORY: ${{ github.repository }} + TAG_NAME: ${{ needs.update-release-draft.outputs.tag_name }} + shell: bash + run: ../../scripts/build/tauri-upload-ubuntu.sh + - name: Upload Release Assets (Windows) + if: ${{ runner.os == 'Windows' }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + REPOSITORY: ${{ github.repository }} + TAG_NAME: ${{ needs.update-release-draft.outputs.tag_name }} + shell: bash + run: ../../scripts/build/tauri-upload-windows.sh merge-release-artifacts: permissions: diff --git a/rust/gui-client/src-tauri/tauri.conf.json b/rust/gui-client/src-tauri/tauri.conf.json index db7c68321..c77212318 100644 --- a/rust/gui-client/src-tauri/tauri.conf.json +++ b/rust/gui-client/src-tauri/tauri.conf.json @@ -19,10 +19,19 @@ }, "bundle": { "active": true, - "targets": "msi", + "targets": ["appimage", "deb", "msi"], "identifier": "dev.firezone.client", "icon": [ - "icons/firezone.ico" + "icons/firezone.ico", + "icons/Square107x107Logo.png", + "icons/Square142x142Logo.png", + "icons/Square150x150Logo.png", + "icons/Square284x284Logo.png", + "icons/Square30x30Logo.png", + "icons/Square310x310Logo.png", + "icons/Square44x44Logo.png", + "icons/Square71x71Logo.png", + "icons/Square89x89Logo.png" ], "publisher": "Firezone", "shortDescription": "Firezone" diff --git a/scripts/build/tauri-rename-ubuntu.sh b/scripts/build/tauri-rename-ubuntu.sh new file mode 100755 index 000000000..67cea795a --- /dev/null +++ b/scripts/build/tauri-rename-ubuntu.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash +set -euo pipefail + +# For debugging +ls ../target/release ../target/release/bundle/appimage ../target/release/bundle/deb + +# Used for release artifact +# In release mode the name comes from tauri.conf.json +# Using a glob for the source, there will only be one exe, AppImage, and deb anyway +cp ../target/release/firezone "$BINARY_DEST_PATH"-amd64 +cp ../target/release/bundle/appimage/*_amd64.AppImage "$BINARY_DEST_PATH"_amd64.AppImage +cp ../target/release/bundle/deb/*_amd64.deb "$BINARY_DEST_PATH"_amd64.deb +# TODO: Debug symbols for Linux + +function make_hash() { + sha256sum "$1"> "$1.sha256sum.txt" +} + +# I think we agreed in standup to just match platform conventions +# Firezone for Windows is "-x64" which I believe is Visual Studio's convention +# Debian calls it "amd64". Rust and Linux call it "x86_64". So whatever, it's +# amd64 here. They're all the same. +make_hash "$BINARY_DEST_PATH"-amd64 +make_hash "$BINARY_DEST_PATH"_amd64.AppImage +make_hash "$BINARY_DEST_PATH"_amd64.deb diff --git a/scripts/build/tauri-rename-windows.sh b/scripts/build/tauri-rename-windows.sh new file mode 100755 index 000000000..6909ad8c6 --- /dev/null +++ b/scripts/build/tauri-rename-windows.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash +set -euo pipefail + +# For debugging +ls ../target/release ../target/release/bundle/msi + +# Used for release artifact +# In release mode the name comes from tauri.conf.json +# Using a glob for the source, there will only be one exe, msi, and pdb anyway +cp ../target/release/*.exe "$BINARY_DEST_PATH-x64.exe" +cp ../target/release/bundle/msi/*.msi "$BINARY_DEST_PATH-x64.msi" +cp ../target/release/*.pdb "$BINARY_DEST_PATH-x64.pdb" + +function make_hash() { + sha256sum "$1"> "$1.sha256sum.txt" +} + +make_hash "$BINARY_DEST_PATH-x64.exe" +make_hash "$BINARY_DEST_PATH-x64.msi" +make_hash "$BINARY_DEST_PATH-x64.pdb" diff --git a/scripts/build/tauri-upload-ubuntu.sh b/scripts/build/tauri-upload-ubuntu.sh new file mode 100755 index 000000000..041936892 --- /dev/null +++ b/scripts/build/tauri-upload-ubuntu.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +set -euo pipefail + +# This artifact name is tied to the update checker in `gui-client/src-tauri/src/client/updates.rs` +gh release upload "$TAG_NAME" \ + "$BINARY_DEST_PATH"_amd64.AppImage \ + "$BINARY_DEST_PATH"_amd64.AppImage.sha256sum.txt \ + "$BINARY_DEST_PATH"_amd64.deb \ + "$BINARY_DEST_PATH"_amd64.deb.sha256sum.txt \ + --clobber \ + --repo "$REPOSITORY" diff --git a/scripts/build/tauri-upload-windows.sh b/scripts/build/tauri-upload-windows.sh new file mode 100755 index 000000000..b9a08d69b --- /dev/null +++ b/scripts/build/tauri-upload-windows.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash + +set -euo pipefail + +# This artifact name is tied to the update checker in `gui-client/src-tauri/src/client/updates.rs` +gh release upload "$TAG_NAME" \ + "$BINARY_DEST_PATH"-x64.msi \ + "$BINARY_DEST_PATH"-x64.msi.sha256sum.txt \ + --clobber \ + --repo "$REPOSITORY"