mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 10:18:54 +00:00
c6b0b0a922
This publishes the 1.3.0 clients and gateways so that Internet Resources will work. The feature is still disabled for the Stripe plans until we publish the launch post. Select customers have the feature enabled. Closes #2667
127 lines
5.4 KiB
YAML
127 lines
5.4 KiB
YAML
name: Tauri
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
release_tag:
|
|
required: false
|
|
type: string
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
# For saving to release
|
|
contents: write
|
|
id-token: write
|
|
|
|
defaults:
|
|
run:
|
|
working-directory: ./rust/gui-client
|
|
|
|
jobs:
|
|
build-gui:
|
|
name: build-gui-${{ matrix.runs-on }}
|
|
runs-on: ${{ matrix.runs-on }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- runs-on: ubuntu-20.04
|
|
# mark:next-gui-version
|
|
binary-dest-path: firezone-client-gui-linux_1.3.1_x86_64
|
|
rename-script: ../../scripts/build/tauri-rename-ubuntu.sh
|
|
upload-script: ../../scripts/build/tauri-upload-ubuntu.sh
|
|
# mark:next-gui-version
|
|
syms-artifact: rust/gui-client/firezone-client-gui-linux_1.3.1_x86_64.dwp
|
|
# mark:next-gui-version
|
|
pkg-artifact: rust/gui-client/firezone-client-gui-linux_1.3.1_x86_64.deb
|
|
- runs-on: ubuntu-20.04-arm
|
|
# mark:next-gui-version
|
|
binary-dest-path: firezone-client-gui-linux_1.3.1_aarch64
|
|
rename-script: ../../scripts/build/tauri-rename-ubuntu.sh
|
|
upload-script: ../../scripts/build/tauri-upload-ubuntu.sh
|
|
# mark:next-gui-version
|
|
syms-artifact: rust/gui-client/firezone-client-gui-linux_1.3.1_aarch64.dwp
|
|
# mark:next-gui-version
|
|
pkg-artifact: rust/gui-client/firezone-client-gui-linux_1.3.1_aarch64.deb
|
|
- runs-on: windows-2019
|
|
# mark:next-gui-version
|
|
binary-dest-path: firezone-client-gui-windows_1.3.1_x86_64
|
|
rename-script: ../../scripts/build/tauri-rename-windows.sh
|
|
upload-script: ../../scripts/build/tauri-upload-windows.sh
|
|
# mark:next-gui-version
|
|
syms-artifact: rust/gui-client/firezone-client-gui-windows_1.3.1_x86_64.pdb
|
|
# mark:next-gui-version
|
|
pkg-artifact: rust/gui-client/firezone-client-gui-windows_1.3.1_x86_64.msi
|
|
env:
|
|
BINARY_DEST_PATH: ${{ matrix.binary-dest-path }}
|
|
AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }}
|
|
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
|
|
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
|
|
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
|
|
AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: ./.github/actions/setup-node
|
|
- uses: ./.github/actions/setup-rust
|
|
- uses: ./.github/actions/setup-tauri
|
|
# Installing new packages can take time
|
|
timeout-minutes: 10
|
|
# the arm64 images don't have the GH cli installed.
|
|
# Remove this when https://github.com/actions/runner-images/issues/10192 is resolved.
|
|
- name: Ubuntu arm workaround
|
|
if: ${{ matrix.runs-on == 'ubuntu-20.04-arm' }}
|
|
run: |
|
|
(type -p wget >/dev/null || (sudo apt update && sudo apt-get install wget -y)) \
|
|
&& sudo mkdir -p -m 755 /etc/apt/keyrings \
|
|
&& wget -qO- https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo tee /etc/apt/keyrings/githubcli-archive-keyring.gpg > /dev/null \
|
|
&& sudo chmod go+r /etc/apt/keyrings/githubcli-archive-keyring.gpg \
|
|
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null \
|
|
&& sudo apt update \
|
|
&& sudo apt install gh -y
|
|
- name: Install pnpm deps
|
|
run: pnpm install
|
|
- name: Install AzureSignTool
|
|
if: ${{ runner.os == 'Windows' }}
|
|
shell: bash
|
|
# AzureSignTool >= 5 needs .NET 8. windows-2019 runner only has .NET 7.
|
|
run: dotnet tool install --global AzureSignTool --version 4.0.1
|
|
- name: Build release exe and MSI / deb
|
|
# Signs the exe before bundling it into the MSI
|
|
run: pnpm build
|
|
# We need to sign the exe inside the MSI. Currently
|
|
# we do this in a "beforeBundleCommand" hook in tauri.windows.conf.json.
|
|
# But this will soon be natively supported in Tauri.
|
|
# TODO: Use Tauri's native MSI signing with support for EV certs
|
|
# See https://github.com/tauri-apps/tauri/pull/8718
|
|
- name: Sign the MSI
|
|
if: ${{ runner.os == 'Windows' }}
|
|
shell: bash
|
|
# mark:next-gui-version
|
|
run: ../../scripts/build/sign.sh ../target/release/bundle/msi/Firezone_1.3.1_x64_en-US.msi
|
|
- name: Rename artifacts and compute SHA256
|
|
shell: bash
|
|
run: ${{ matrix.rename-script }}
|
|
- name: Upload debug symbols
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: ${{ matrix.binary-dest-path }}-syms
|
|
path: |
|
|
${{ matrix.syms-artifact }}
|
|
if-no-files-found: error
|
|
- name: Upload package
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: ${{ matrix.binary-dest-path }}-pkg
|
|
path: |
|
|
${{ matrix.pkg-artifact }}
|
|
if-no-files-found: error
|
|
- name: Upload Release Assets
|
|
# Only upload the windows build to the drafted release on main builds
|
|
if: ${{ github.ref_name == 'main' }}
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
REPOSITORY: ${{ github.repository }}
|
|
# mark:next-gui-version
|
|
TAG_NAME: gui-client-1.3.1
|
|
shell: bash
|
|
run: ${{ matrix.upload-script }}
|