From 388fcbe7f62cb4dffb0c7fd042007fd754d7d17f Mon Sep 17 00:00:00 2001 From: Horacio Herrera Date: Wed, 30 Aug 2023 00:52:11 +0200 Subject: [PATCH] Build all platforms properly + desktop testing (#1414) --- .github/workflows/desktop-release.yml | 80 ++++++++++++------------ .github/workflows/validate-desktop.yml | 27 ++++---- .prettierignore | 1 - dev | 12 +++- frontend/apps/desktop/entitlements.plist | 12 ++++ frontend/apps/desktop/forge.config.js | 28 ++++++--- frontend/apps/desktop/package.json | 5 +- package.json | 2 +- scripts/get-app-version.mjs | 31 --------- scripts/tag.mjs | 35 +++++++++++ yarn.lock | 15 ++++- 11 files changed, 148 insertions(+), 100 deletions(-) create mode 100644 frontend/apps/desktop/entitlements.plist delete mode 100755 scripts/get-app-version.mjs create mode 100755 scripts/tag.mjs diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml index e3c3705880..a79acdec65 100644 --- a/.github/workflows/desktop-release.yml +++ b/.github/workflows/desktop-release.yml @@ -1,10 +1,9 @@ -name: Desktop Release +name: Desktop app release on: push: - - tags: - - '*.*.*' + tags: + - "*.*.*" concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -26,9 +25,9 @@ jobs: run: | echo "version=v${{ github.ref_name }}" >> "$GITHUB_OUTPUT" # echo "version=${GITHUB_REF#refs/tags/}" >> "$GITHUB_OUTPUT" - # echo "version=2023.08.25" >> "$GITHUB_OUTPUT" + # echo "version=0.0.100" >> "$GITHUB_OUTPUT" build-binaries: - name: Build (${{ matrix.config.os }}) + name: Build ${{ matrix.config.os }} @ ${{ matrix.config.arch }} runs-on: ${{ matrix.config.os }} # if: startsWith(github.ref, 'refs/tags/') needs: [get-version] @@ -36,15 +35,19 @@ jobs: matrix: config: - os: macos-latest + arch: x64 goarch: amd64 daemon_name: x86_64-apple-darwin - # - os: macos-latest - # goarch: arm64 - # daemon_name: aarch64-apple-darwin + - os: macos-latest + arch: arm64 + goarch: arm64 + daemon_name: aarch64-apple-darwin - os: ubuntu-latest + arch: x64 goarch: amd64 daemon_name: x86_64-unknown-linux-gnu - os: windows-latest + arch: x64 goarch: amd64 daemon_name: x86_64-pc-windows-msvc steps: @@ -55,7 +58,7 @@ jobs: with: matrix-os: ${{ matrix.config.os }} # matrix-target: ${{ matrix.config.daemon_name }} - # matrix-goarch: ${{ matrix.config.goarch }} + # matrix-arch: ${{ matrix.config.arch }} - name: Build Backend (Unix) if: matrix.config.os != 'windows-latest' @@ -72,63 +75,62 @@ jobs: mkdir -p plz-out/bin/backend go build -o plz-out/bin/backend/mintterd-${{ matrix.config.daemon_name }}.exe ./backend/cmd/mintterd env: + GOOS: "windows" GOARCH: ${{ matrix.config.goarch }} CGO_ENABLED: 1 - - name: Import MacOS certs + - name: Set MacOS signing certs if: matrix.config.os == 'macos-latest' - uses: apple-actions/import-codesign-certs@v2 - with: - p12-file-base64: ${{ secrets.APPLE_CERTIFICATE_BASE64 }} - p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} - - # - name: create AppImage private key file - # if: matrix.config.os == 'ubuntu-latest' - # run: | - # export GPG_TTY=$(tty) - # echo "$APPIMAGE_SIGN_PRIVKEY" | gpg --batch --import - # env: - # APPIMAGE_SIGN_PRIVKEY: '${{ secrets.APPIMAGE_SIGN_PRIVKEY }}' - - # - name: Setup flatpak - # if: matrix.config.os == 'ubuntu-latest' && startsWith(github.ref, 'refs/tags/') - # run: sudo apt install flatpak flatpak-builder elfutils - - - name: Build App Package (Unix) + env: + APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE_BASE64 }} + APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} + APPLE_KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} + run: | + echo $APPLE_CERTIFICATE | base64 --decode > certificate.p12 + security create-keychain -p $APPLE_KEYCHAIN_PASSWORD build.keychain + security default-keychain -s build.keychain + security unlock-keychain -p $APPLE_KEYCHAIN_PASSWORD build.keychain + security import certificate.p12 -k build.keychain -P $APPLE_CERTIFICATE_PASSWORD -T /usr/bin/codesign + security set-key-partition-list -S apple-tool:,apple: -s -k $APPLE_KEYCHAIN_PASSWORD build.keychain + rm -fr *.p12 + security set-keychain-settings -lut 1200 # prevent the keychain to get locked before codesign is done + + - name: Build, package & make (Unix) if: matrix.config.os != 'windows-latest' run: | - TAMAGUI_TARGET=web yarn desktop:make + TAMAGUI_TARGET=web DEBUG='electron-osx-sign*,electron-notarize*' yarn desktop:make --arch=${{ matrix.config.arch }} env: + APPLE_ID: ${{ secrets.APPLE_ID }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} DAEMON_NAME: ${{ matrix.config.daemon_name }} APP_VERSION: "${{ needs.get-version.outputs.version }}" # APP_VERSION: "0.0.100" GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} - APPLE_ID: ${{ secrets.APPLE_ID }} - APPLE_ID_PASSWORD: "${{ secrets.APPLE_ID_PASSWORD }}" - APPLE_TEAM_ID: "${{ secrets.APPLE_TEAM_ID }}" + timeout-minutes: 10 - - name: Build App Package (Win32) + - name: Build, package and make (Win32) if: matrix.config.os == 'windows-latest' run: | $env:TAMAGUI_TARGET="web" - yarn desktop:make + $env:DEBUG='electron-osx-sign*,electron-notarize*' + yarn desktop:make --arch=${{ matrix.config.arch }} env: + APPLE_ID: ${{ secrets.APPLE_ID }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} DAEMON_NAME: "${{ matrix.config.daemon_name }}.exe" APP_VERSION: "${{ needs.get-version.outputs.version }}" # APP_VERSION: "0.0.100" GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} - # WINDOWS_PFX_FILE: '${{ steps.write_file.outputs.filePath }}' - # WINDOWS_PFX_PASSWORD: '${{ secrets.WINDOWS_PFX_PASSWORD }}' - - name: Upload Artifacts uses: actions/upload-artifact@v3 with: name: artifacts-${{ matrix.config.daemon_name }} path: frontend/apps/desktop/out/make/**/* - publish-to-github: needs: [get-version, build-binaries] runs-on: ubuntu-latest diff --git a/.github/workflows/validate-desktop.yml b/.github/workflows/validate-desktop.yml index 18c8da25a6..ecfa96f045 100644 --- a/.github/workflows/validate-desktop.yml +++ b/.github/workflows/validate-desktop.yml @@ -4,22 +4,21 @@ on: push: branches: - master - - electron-ci paths: - - '.github/workflows/validate-desktop.yml' - - 'frontend/apps/desktop/**' - - 'frotend/packages/**' - - 'package.json' - - 'frontend/apps/desktop/package.json' + - ".github/workflows/validate-desktop.yml" + - "frontend/apps/desktop/**" + - "frotend/packages/**" + - "package.json" + - "frontend/apps/desktop/package.json" pull_request: paths: - - '.github/workflows/validate-desktop.yml' - - 'frontend/apps/desktop/**' - - 'frotend/packages/**' - - 'package.json' - - 'frontend/apps/desktop/package.json' + - ".github/workflows/validate-desktop.yml" + - "frontend/apps/desktop/**" + - "frotend/packages/**" + - "package.json" + - "frontend/apps/desktop/package.json" branches-ignore: - - 'renovate/**' + - "renovate/**" concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -33,12 +32,12 @@ jobs: - uses: ./.github/actions/ci-setup with: - matrix-os: 'ubuntu-latest' + matrix-os: "ubuntu-latest" - name: Validate code run: | yarn validate - + - name: Build Backend (Unix) run: | mkdir -p plz-out/bin/backend diff --git a/.prettierignore b/.prettierignore index e9d616d161..6f19c589c4 100644 --- a/.prettierignore +++ b/.prettierignore @@ -10,7 +10,6 @@ plz-out types docs .yarn/* -.github/* .yarnrc.yml .vscode/* diff --git a/dev b/dev index 6de89d17b3..1f46976089 100755 --- a/dev +++ b/dev @@ -113,14 +113,14 @@ def main(): @cmd( cmds, "frontend-validate", "Formats, Validates" ) - def validate(args): + def frontend_validate(args): run("yarn validate") @cmd( cmds, "frontend-test", "Tests frontend code" ) - def validate(args): + def frontend_test(args): run("yarn test") @cmd(cmds, "run-backend", "Build and run mintterd binary for the current platform.") @@ -138,6 +138,14 @@ def main(): @cmd(cmds, "ping-p2p", "Execute ping utility to check visibility.") def ping_p2p(args): return run("plz run //backend:pingp2p", args=args) + + @cmd( + cmds, "release", "Create a new Release. this will create a new tag and push it to the remote repository" + ) + def release(args): + # run("yarn validate") + # run("yarn test") + run("node scripts/tag.mjs") if len(sys.argv) == 1: diff --git a/frontend/apps/desktop/entitlements.plist b/frontend/apps/desktop/entitlements.plist new file mode 100644 index 0000000000..346ff2cbbd --- /dev/null +++ b/frontend/apps/desktop/entitlements.plist @@ -0,0 +1,12 @@ + + + + + com.apple.security.cs.allow-unsigned-executable-memory + + com.apple.security.cs.allow-jit + + com.apple.security.cs.disable-library-validation + + + \ No newline at end of file diff --git a/frontend/apps/desktop/forge.config.js b/frontend/apps/desktop/forge.config.js index 306da337d2..5949310810 100644 --- a/frontend/apps/desktop/forge.config.js +++ b/frontend/apps/desktop/forge.config.js @@ -54,6 +54,16 @@ const config = { packageManager: 'yarn', extraResource: [daemonBinaryPath], beforeCopy: [setLanguages(['en', 'en_US'])], + osxSign: { + entitlements: './entitlements.plist', + executableName: 'Mintter', + entitlementsInherit: './entitlements.plist', + gatekeeperAssess: false, + hardenedRuntime: true, + identity: + 'Developer ID Application: Mintter Technologies S.L. (XSKC6RJDD8)', + binaries: [daemonBinaryPath], + }, }, makers: [ { @@ -163,19 +173,19 @@ function notarizeMaybe() { return } - // config.packagerConfig.osxNotarize = { - // tool: 'notarytool', - // appleId: process.env.APPLE_ID, - // appleIdPassword: process.env.APPLE_ID_PASSWORD, - // teamId: process.env.APPLE_TEAM_ID, - // } + config.packagerConfig.osxNotarize = { + tool: 'notarytool', + appleId: process.env.APPLE_ID, + appleIdPassword: process.env.APPLE_ID_PASSWORD, + teamId: process.env.APPLE_TEAM_ID, + } config.osxSign = { entitlements: './entitlements.plist', executableName: 'Mintter', - 'entitlements-inherit': './entitlements.plist', - 'gatekeeper-assess': false, - 'hardened-runtime': true, + entitlementsInherit: './entitlements.plist', + gatekeeperAssess: false, + hardenedRuntime: true, identity: 'Developer ID Application: Mintter Technologies S.L. (XSKC6RJDD8)', binaries: [daemonBinaryPath], diff --git a/frontend/apps/desktop/package.json b/frontend/apps/desktop/package.json index efb74d6f5b..b3e3fdbd9b 100644 --- a/frontend/apps/desktop/package.json +++ b/frontend/apps/desktop/package.json @@ -16,7 +16,7 @@ "main": ".vite/build/main.js", "scripts": { "dev": "electron-forge start", - "test": "playwright test", + "test": "xvfb-maybe -- playwright test", "format": "prettier \"**/*.{ts,tsx,md,mdx,json}\" --check --ignore-path ../../../.prettierignore", "lint": "echo TODO", "make": "electron-forge make", @@ -66,6 +66,7 @@ "electron-packager-languages": "^0.5.0", "electron-playwright-helpers": "1.6.0", "eslint-config-custom": "workspace:*", - "vite-tsconfig-paths": "4.2.0" + "vite-tsconfig-paths": "4.2.0", + "xvfb-maybe": "^0.2.1" } } diff --git a/package.json b/package.json index b2d62bd4ae..6a562cdfff 100644 --- a/package.json +++ b/package.json @@ -16,7 +16,7 @@ "desktop:make": "yarn workspace @mintter/desktop make", "desktop:package": "yarn workspace @mintter/desktop package", "desktop:publish": "yarn workspace @mintter/desktop publish", - "desktop:test": "echo 'NO TESTS'", + "desktop:test": "yarn workspace @mintter/desktop test", "fix": "manypkg fix", "build": "yarn workspaces foreach --exclude @mintter/site --exclude @mintter/desktop --exclude @mintter/desktop --exclude @mintter/docs -pi run build", "upgrade:tamagui": "manypkg upgrade tamagui && manypkg upgrade @tamagui && manypkg upgrade tamagui-loader && manypkg upgrade react-native-web-lite", diff --git a/scripts/get-app-version.mjs b/scripts/get-app-version.mjs deleted file mode 100755 index 3d433d2685..0000000000 --- a/scripts/get-app-version.mjs +++ /dev/null @@ -1,31 +0,0 @@ -import {execSync} from 'child_process' - -// Get the current year and month -const currentDate = new Date() -const year = currentDate.getFullYear() -const month = (currentDate.getMonth() + 1).toString().padStart(2, '0') -const nextMonth = (currentDate.getMonth() + 2).toString().padStart(2, '0') - -// Get the number of commits in the current month -const commitCount = execSync( - `git log --since="${year}-${month}-01" --until="${year}-${nextMonth}-01" --oneline | wc -l`, -) - .toString() - .trim().padStart(2, '0') - -// Construct the new version string -const newVersion = `v${year}.${month}.${commitCount}` - -// // Read the package.json file -// const packageJsonPath = './frontend/apps/desktop/package.json' -// const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8')) - -// // Update the version attribute -// packageJson.version = newVersion -// let orderedResult = sortPackageJson(packageJson, { -// sortOrder: ['name', 'version', 'productName'] -// }) -// // Write the updated package.json back to the file -// fs.writeFileSync(packageJsonPath, JSON.stringify(orderedResult, null, 2)) - -console.log(newVersion) diff --git a/scripts/tag.mjs b/scripts/tag.mjs new file mode 100755 index 0000000000..01879523e7 --- /dev/null +++ b/scripts/tag.mjs @@ -0,0 +1,35 @@ +import {execSync} from 'child_process' + +// Get the current year and month +const currentDate = new Date() +const year = currentDate.getFullYear() +const month = (currentDate.getMonth() + 1).toString().padStart(2, '0') +const nextMonth = (currentDate.getMonth() + 2).toString().padStart(2, '0') + +// Get the number of commits in the current month +const commitCount = execSync( + `git log --since="${year}-${month}-01" --until="${year}-${nextMonth}-01" --oneline | wc -l`, +) + .toString() + .trim().padStart(2, '0') + +// Construct the new version string +const newVersion = `${year}.${month}.${commitCount}` + +pushTag(newVersion) + +function pushTag(tagName) { + try { + // Step 1: Create a lightweight tag + execSync(`git tag ${tagName}`); + + console.log('Tag created:', tagName); + + // Step 2: Push the tag to remote + // execSync(`git push origin ${tagName}`); + + console.log('Tag pushed:', tagName); + } catch (error) { + console.error('Error:', error.message); + } +} diff --git a/yarn.lock b/yarn.lock index 943d0bff0a..8bedd48a9a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4956,6 +4956,7 @@ __metadata: superjson: 1.13.1 update-electron-app: 2.0.1 vite-tsconfig-paths: 4.2.0 + xvfb-maybe: ^0.2.1 zod: 3.22.2 languageName: unknown linkType: soft @@ -31385,7 +31386,7 @@ __metadata: languageName: node linkType: hard -"which@npm:^1.2.14, which@npm:^1.2.9, which@npm:^1.3.1": +"which@npm:^1.2.14, which@npm:^1.2.4, which@npm:^1.2.9, which@npm:^1.3.1": version: 1.3.1 resolution: "which@npm:1.3.1" dependencies: @@ -31711,6 +31712,18 @@ __metadata: languageName: node linkType: hard +"xvfb-maybe@npm:^0.2.1": + version: 0.2.1 + resolution: "xvfb-maybe@npm:0.2.1" + dependencies: + debug: ^2.2.0 + which: ^1.2.4 + bin: + xvfb-maybe: ./src/xvfb-maybe.js + checksum: b3a218991291c85232eb27ce74fbd0c8f22053e0b15e8492c772fa269f09b5448c01089f805146acc64cbe516356db3b5231a52d92fb990dc59df11e622dd6bd + languageName: node + linkType: hard + "y-prosemirror@npm:1.2.1": version: 1.2.1 resolution: "y-prosemirror@npm:1.2.1"