- Conditionally set Automatic or Manual provisioning from env (Fixes
#2326)
- Refactor xcconfig structure to make configuring the project simpler
across different envs
- Use consistent parentheses in Makefiles and xcconfigs (Refs #2324)
(Fixes#2334)
On GH-hosted runners, this isn't a problem. But on self-hosted runners
with persistent disks, we hit this issue:
https://github.com/Swatinem/rust-cache#known-issues
This PR should fix that by ensuring the Rust toolchain is installed. It
also installs the toolchain after the cache has been restored so we can
take advantage of any cached artifacts.
It turns out there was a bug in the `StreamMap` implementation that
would keep emitting the event once a stream timed out. I fixed it in
0c0349221f
which this PR is upgrading to.
Fixes: #2327.
- Update CI to run on our self-hosted M1 runner as well (macos-14)
- Sanitize build environment in `build-rust.sh` to keep only needed ENV
vars from Xcode
- Build both `x86_64` and `aarch64` targets with a single `cargo build`
instead of a loop
- Store artifacts in ephemeral locations
Fixes#2329
This PR lays the ground work for making all the liveview pages more
uniform in how they are laid out by creating and updating some of the
liveview components.
We are hitting this:
https://brunoscheufler.com/blog/2022-04-09-the-required-github-status-check-that-wasnt
We could employ the workaround listed there, but that would be more
hacky. Instead, I'll make sure @firezone/engineering has access to
update the repo settings for required status checks so that we aren't
blocked on merging PRs whenever the CI job structure changes.
- Updated the chrome tab launch flow to fix unexpected behaviour when
closing the browser.
- Updated the signout functionality to not delete `accountId`.
Fixes#2184Fixes#2185
Why:
* The signup page was failing to allow signups due to a change in one of
the domain functions. This happened due to the UI not having tests for
the sign up page. The sign up page has been updated to use the new
domain function signature and has also had some tests added to hopefully
prevent regressions.
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Since commit d0302f6, the macOS tunnel extension didn't build for me
(erring commit was found using `git bisect`). It looks like that version
bump commit added a dependency to
[system-configuration](https://docs.rs/system-configuration/) that
requires linking with the SystemConfiguration macOS framework.
Not sure why the CI builds fine, but my local setup doesn't. Maybe the
issue crops up only on Apple Silicon?
- Update `CODE_SIGN_STYLE=Manual`. You'll need to make sure to click
`Download manual profiles` in `Settings -> Account` in Xcode to have
them show up and be usable for local development. This is required to do
all this stuff from GitHub Actions.
- Sign the Apple app for distribution on each PR
- Publish the Apple app builds to App Store Connect on merges to `main`
Bumps [ring](https://github.com/briansmith/ring) from 0.17.0 to 0.17.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/briansmith/ring/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
Bumps [proptest](https://github.com/proptest-rs/proptest) from 1.2.0 to
1.3.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0b4ffe8d08"><code>0b4ffe8</code></a>
[Release] 1.3.1 -- fix for incompatible bit-set/bit-vec versions (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/375">#375</a>)</li>
<li><a
href="99bdf24f8a"><code>99bdf24</code></a>
[Release] 1.3.0 (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/373">#373</a>)</li>
<li><a
href="7bfc889fea"><code>7bfc889</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/357">#357</a>
from tzemanovic/tomas/clear-break-dead-code</li>
<li><a
href="eb9db9d6c3"><code>eb9db9d</code></a>
Merge branch 'master' into tomas/clear-break-dead-code</li>
<li><a
href="370b3a031c"><code>370b3a0</code></a>
Permit use of (?-u) in byte-regex strategies (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/336">#336</a>)
(<a
href="https://redirect.github.com/proptest-rs/proptest/issues/337">#337</a>)</li>
<li><a
href="e395e8caa5"><code>e395e8c</code></a>
Add PathBuf Arbitrary impl with tests (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/368">#368</a>)</li>
<li><a
href="fcccad0f76"><code>fcccad0</code></a>
Book tips and best practices (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/367">#367</a>)</li>
<li><a
href="fc3be95ae1"><code>fc3be95</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/355">#355</a>
from tzemanovic/tomas/fix-sm-logs</li>
<li><a
href="7292965d14"><code>7292965</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/360">#360</a>
from psychon/remove-byteorder</li>
<li><a
href="466d59daec"><code>466d59d</code></a>
[proptest] silence clippy::arc_with_non_send_sync warning with
prop_oneof (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/363">#363</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/proptest-rs/proptest/compare/v1.2.0...v1.3.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.20 to
0.11.22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/releases">reqwest's
releases</a>.</em></p>
<blockquote>
<h2>v0.11.21</h2>
<h2>What's Changed</h2>
<ul>
<li>Add automatically detecting macOS proxy settings.</li>
<li>Add <code>ClientBuilder::tls_info(bool)</code>, which will put
<code>tls::TlsInfo</code> into the response extensions.</li>
<li>Fix trust-dns resolver from possible hangs.</li>
<li>Fix connect timeout to be split among multiple IP addresses.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/SpeedReach"><code>@SpeedReach</code></a> made
their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/1960">seanmonstar/reqwest#1960</a></li>
<li><a href="https://github.com/jefflloyd"><code>@jefflloyd</code></a>
made their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/1955">seanmonstar/reqwest#1955</a></li>
<li><a href="https://github.com/droe"><code>@droe</code></a> made their
first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/1938">seanmonstar/reqwest#1938</a></li>
<li><a
href="https://github.com/conradludgate"><code>@conradludgate</code></a>
made their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/1940">seanmonstar/reqwest#1940</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's
changelog</a>.</em></p>
<blockquote>
<h2>v0.11.22</h2>
<ul>
<li>Fix compilation on Windows when <code>trust-dns</code> is
enabled.</li>
</ul>
<h2>v0.11.21</h2>
<ul>
<li>Add automatically detecting macOS proxy settings.</li>
<li>Add <code>ClientBuilder::tls_info(bool)</code>, which will put
<code>tls::TlsInfo</code> into the response extensions.</li>
<li>Fix trust-dns resolver from possible hangs.</li>
<li>Fix connect timeout to be split among multiple IP addresses.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5df3861a73"><code>5df3861</code></a>
v0.11.22</li>
<li><a
href="afc3a9364a"><code>afc3a93</code></a>
fix trust-dns error kind on windows (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1992">#1992</a>)</li>
<li><a
href="d050e604e1"><code>d050e60</code></a>
v0.11.21</li>
<li><a
href="2a881fb504"><code>2a881fb</code></a>
fix: split connect timeout for multiple IPs (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1940">#1940</a>)</li>
<li><a
href="17c893ffc0"><code>17c893f</code></a>
Bump actions/checkout from 3 to 4 (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1968">#1968</a>)</li>
<li><a
href="10d9d23f88"><code>10d9d23</code></a>
Add <code>tls_info</code> / <code>TlsInfo</code> for access to peer's
leaf certificate (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1938">#1938</a>)</li>
<li><a
href="d3d95a5b56"><code>d3d95a5</code></a>
Optimize <code>TrustDnsResolver</code> (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1967">#1967</a>)</li>
<li><a
href="0292486aba"><code>0292486</code></a>
dep: Upgrade trust-dns-resolver from v0.22 to v0.23 (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1965">#1965</a>)</li>
<li><a
href="70d100c1b8"><code>70d100c</code></a>
Feature: auto detect MacOS proxy settings (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1955">#1955</a>)</li>
<li><a
href="34f6c70134"><code>34f6c70</code></a>
Added wasm in the docs. (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1960">#1960</a>)</li>
<li>See full diff in <a
href="https://github.com/seanmonstar/reqwest/compare/v0.11.20...v0.11.22">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
What is common across all our usages of the phoenix channel is that we
wait for some kind of `init` message before we fully start-up. We
extract this pattern into a dedicated function within the
`phoenix-channel` crate.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
- Cache build outputs as well as package manager resolved cache
- Write a new cache on `main` if anything in `swift/` or `rust/`
changes, and match on successively broader `restore-keys`. Swift loves
cached builds but its build cache is fairly large, so I thought this
might be an improvement over simply writing the cache to `github.sha` in
case anything outside of those directories changes.
- ~~Split macOS `x86_64` and `aarch64` builds with a matrix to
parallelize them, will join them into the final bundle during the `cd`
stage~~ Edit: We want to build these together in order to create a
Universal Binary artifact more easily.
Should be easier to review commit by commit.
The gist of this commit is:
* `onAddRoute` on Android now takes an address+prefix as to minimize
parsing
* `onAddRoute` recreates the vpn service each time(TODO: is this too bad
for performance?)
* `on_add_route` and `onAddRoute` returns the new fd
* on android after `on_add_route` we recreate `IfaceConfig` and
`DeviceIo` and we store the new values
* `peer_handler` now runs on a loop, where each time we fail a write
with an error code 9(bad descriptor) we try to take the new `DeviceIo`
* we keep an
[`AbortHandle`](https://docs.rs/tokio/latest/tokio/task/struct.AbortHandle.html)
from the `iface_handler` task, since closing the fd doesn't awake the
`read` task for `AsyncFd`(I tried it, right now `close` is only called
after dropping the fd) so we explicitly abort the task and start a new
one with the new `device_io`.
* in android `DeviceIo` has an atomic which tells if it's closed or open
and we change it to closed after `on_add_route`, we use this as to never
double-close the fd, instead we wait until it's dropped. This *might*
affect performance on android since we use non-`Ordering::Relaxed`
atomic operation each read/write but it won't affect perfromance in
other platforms, furthermore I believe the performance gains if we
remove this will be minimal.
Fixes#2227
---------
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
- Fix `restore-keys` to progressively search broader and broader ranges
- Fix plt cache key name so that `restore-keys` works
- Replace `hashFiles('**')` with explicit paths to prevent
`pnpm-lock.yaml` in the `website/` directory from busting the cache for
the application
fixes#2013
Stops the reconnect loop on a 4xx error.
Right now it seems like android doesn't handle `on_disconnect` properly,
just logging instead of going back to sign-in screen.
