398 lines
14 KiB
YAML
398 lines
14 KiB
YAML
---
|
|
kind: pipeline
|
|
type: docker
|
|
name: linux-android-test
|
|
|
|
clone:
|
|
disable: true
|
|
|
|
steps:
|
|
- name: clone
|
|
image: openpriv/flutter-desktop:linux-fstable-3.19.3
|
|
environment:
|
|
buildbot_key_b64:
|
|
from_secret: buildbot_key_b64
|
|
commands:
|
|
- mkdir ~/.ssh
|
|
- echo $buildbot_key_b64 > ~/.ssh/id_rsa.b64
|
|
- base64 -d ~/.ssh/id_rsa.b64 > ~/.ssh/id_rsa
|
|
- chmod 400 ~/.ssh/id_rsa
|
|
# force by pass of ssh host key check, less secure
|
|
- ssh-keyscan -H git.openprivacy.ca >> ~/.ssh/known_hosts
|
|
# use Drone ssh var instead of hardcode to allow forks to build (gogs@git.openprivacy.ca:cwtch.im/cwtch-ui.git)
|
|
- git clone gogs@git.openprivacy.ca:$DRONE_REPO.git .
|
|
- git checkout $DRONE_COMMIT
|
|
|
|
- name: fetch
|
|
image: openpriv/flutter-desktop:linux-fstable-3.19.3
|
|
volumes:
|
|
- name: deps
|
|
path: /root/.pub-cache
|
|
commands:
|
|
- ./fetch-tor.sh
|
|
- echo `git describe --tags --abbrev=1` > VERSION
|
|
- echo `git log -1 --format=%cd --date=format:%G-%m-%d-%H-%M` > COMMIT_DATE
|
|
- flutter pub get
|
|
- mkdir deploy
|
|
- ./fetch-libcwtch-go.sh
|
|
|
|
#- name: quality
|
|
# image: golang
|
|
# volumes:
|
|
# - name: deps
|
|
# path: /go
|
|
# commands:
|
|
# - go list ./... | xargs go vet
|
|
# - go list ./... | xargs golint
|
|
# #Todo: fix all the lint errors and add `-set_exit_status` above to enforce linting
|
|
|
|
- name: build-linux
|
|
image: openpriv/flutter-desktop:linux-fstable-3.19.3
|
|
volumes:
|
|
- name: deps
|
|
path: /root/.pub-cache
|
|
commands:
|
|
- flutter build linux --dart-define BUILD_VER=`cat VERSION` --dart-define BUILD_DATE=`cat COMMIT_DATE`
|
|
- linux/package-release.sh
|
|
- mkdir -p deploy/cwtch
|
|
- mkdir -p deploy/deb/cwtch/usr
|
|
- mkdir -p deploy/deb/cwtch/DEBIAN
|
|
- export VERSION=`cat VERSION | tr -d 'v'`
|
|
- sed "s|VERSION|$VERSION|g" linux/deb/control > deploy/deb/cwtch/DEBIAN/control
|
|
- cp -r build/linux/x64/release/bundle/* deploy/cwtch
|
|
- cd deploy
|
|
- cd cwtch
|
|
- INSTALL_PREFIX=./../deb/cwtch/usr DESKTOP_PREFIX=/usr/ ./install.sh
|
|
- cd ..
|
|
# we depend on tor, get it from the tor project apt repo
|
|
- rm -r deb/cwtch/usr/lib/cwtch/Tor
|
|
# Tar archives need a few tricks to make this deterministic, see https://reproducible-builds.org/docs/archives/
|
|
- tar --sort=name --mtime=`cat COMMIT_DATE` --owner=0 --group=0 --numeric-owner --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime -czf cwtch-`cat ../VERSION`.tar.gz cwtch
|
|
- rm -r cwtch
|
|
- cd deb
|
|
- dpkg-deb --build cwtch
|
|
- cd ..
|
|
- mv deb/cwtch.deb cwtch-$VERSION.deb
|
|
- rm -r deb
|
|
|
|
|
|
- name: linux-ui-tests
|
|
image: openpriv/flutter-desktop:linux-fstable-3.19.3
|
|
volumes:
|
|
- name: deps
|
|
path: /root/.pub-cache
|
|
commands:
|
|
# Run 01_general, 01_tor, 02_global_settings, and 04_profile_mgmt features...
|
|
- ./run-tests-headless.sh "01_general|01_tor|02_global_settings|04_profile_mgmt"
|
|
|
|
- name: test-build-android
|
|
image: openpriv/flutter-desktop:linux-fstable-3.19.3
|
|
when:
|
|
event: pull_request
|
|
volumes:
|
|
- name: deps
|
|
path: /root/.pub-cache
|
|
commands:
|
|
- flutter build apk --debug
|
|
|
|
- name: build-android
|
|
image: openpriv/flutter-desktop:linux-fstable-3.19.3
|
|
when:
|
|
event: push
|
|
environment:
|
|
upload_jks_file_b64:
|
|
from_secret: upload_jks_file_b64
|
|
upload_jks_pass:
|
|
from_secret: upload_jks_pass
|
|
volumes:
|
|
- name: deps
|
|
path: /root/.pub-cache
|
|
commands:
|
|
- echo $upload_jks_file_b64 > upload-keystore.jks.b64
|
|
- base64 -i --decode upload-keystore.jks.b64 > android/app/upload-keystore.jks
|
|
- sed -i "s/%jks-password%/$upload_jks_pass/g" android/key.properties
|
|
- flutter build appbundle --dart-define BUILD_VER=`cat VERSION` --dart-define BUILD_DATE=`cat COMMIT_DATE`
|
|
# cant do debug for final release, this is just a stop gap
|
|
- flutter build apk --dart-define BUILD_VER=`cat VERSION` --dart-define BUILD_DATE=`cat COMMIT_DATE`
|
|
# or build apk --split-per-abi ?
|
|
- cp build/app/outputs/bundle/release/app-release.aab deploy/cwtch-`cat VERSION`.aab
|
|
- cp build/app/outputs/apk/release/app-release.apk deploy/cwtch-`cat VERSION`.apk
|
|
#- cp build/app/outputs/flutter-apk/app-debug.apk deploy/android
|
|
|
|
- name: widget-tests
|
|
image: openpriv/flutter-desktop:linux-fstable-3.19.3
|
|
volumes:
|
|
- name: deps
|
|
path: /root/.pub-cache
|
|
commands:
|
|
# - flutter config --enable-linux-desktop
|
|
- flutter test --coverage
|
|
- genhtml coverage/lcov.info -o coverage/html
|
|
|
|
- name: upload-nightlies
|
|
image: openpriv/flutter-desktop:linux-fstable-3.19.3
|
|
environment:
|
|
GOGS_ACCOUNT_TOKEN:
|
|
from_secret: gogs_account_token
|
|
secrets: [gogs_account_token]
|
|
volumes:
|
|
- name: deps
|
|
path: /root/.pub-cache
|
|
when:
|
|
event: push
|
|
status: [ success ]
|
|
commands:
|
|
- ./upload-releases.sh deploy/cwtch-`cat VERSION`.apk application/vnd.android.package-archive cwtch-`cat VERSION`.apk
|
|
|
|
- name: deploy-buildfiles
|
|
image: kroniak/ssh-client
|
|
pull: if-not-exists
|
|
environment:
|
|
BUILDFILES_KEY:
|
|
from_secret: buildfiles_key
|
|
secrets: [gogs_account_token]
|
|
when:
|
|
event: push
|
|
status: [ success ]
|
|
commands:
|
|
- echo $BUILDFILES_KEY > ~/id_rsab64
|
|
- base64 -d ~/id_rsab64 > ~/id_rsa
|
|
- chmod 400 ~/id_rsa
|
|
- export DIR=flwtch-`cat COMMIT_DATE`-`cat VERSION`
|
|
- mv deploy $DIR
|
|
- cp -r coverage/html $DIR/coverage-tests
|
|
- cp -r test/failures $DIR/test-failures || true
|
|
- cd $DIR
|
|
- find . -type f -exec sha512sum {} \; > ./../sha512s.txt
|
|
- mv ./../sha512s.txt .
|
|
- cd ..
|
|
- scp -r -o StrictHostKeyChecking=no -i ~/id_rsa $DIR buildfiles@build.openprivacy.ca:/home/buildfiles/buildfiles/
|
|
- ./gen-nightly-index.sh $DIR
|
|
- scp -r -o StrictHostKeyChecking=no -i ~/id_rsa cwtch-nightly.html buildfiles@build.openprivacy.ca:/home/buildfiles/buildfiles/
|
|
|
|
- name: notify-gogs
|
|
image: openpriv/drone-gogs
|
|
pull: if-not-exists
|
|
when:
|
|
event: pull_request
|
|
status: [ success, changed, failure ]
|
|
environment:
|
|
GOGS_ACCOUNT_TOKEN:
|
|
from_secret: gogs_account_token
|
|
settings:
|
|
gogs_url: https://git.openprivacy.ca
|
|
|
|
volumes:
|
|
- name: deps
|
|
temp: {}
|
|
|
|
trigger:
|
|
#repo: cwtch.im/cwtch-ui # allow forks to build?
|
|
branch: trunk
|
|
event:
|
|
- push
|
|
- pull_request
|
|
|
|
---
|
|
kind: pipeline
|
|
type: docker
|
|
name: windows
|
|
|
|
platform:
|
|
os: windows
|
|
#arch: amd64
|
|
version: 1809
|
|
|
|
clone:
|
|
disable: true
|
|
|
|
steps:
|
|
- name: clone
|
|
image: openpriv/flutter-desktop:windows-sdk30-fstable-3.19.3
|
|
environment:
|
|
buildbot_key_b64:
|
|
from_secret: buildbot_key_b64
|
|
commands:
|
|
#- # force by pass of ssh host key check, less secure
|
|
#- ssh-keyscan -H git.openprivacy.ca >> ..\known_hosts
|
|
- echo $Env:buildbot_key_b64 > ..\id_rsa.b64
|
|
- certutil -decode ..\id_rsa.b64 ..\id_rsa
|
|
- git init
|
|
# -o UserKnownHostsFile=../known_hosts
|
|
- git config core.sshCommand 'ssh -o StrictHostKeyChecking=no -i ../id_rsa'
|
|
- git remote add origin gogs@git.openprivacy.ca:$Env:DRONE_REPO.git
|
|
- git pull origin trunk
|
|
- git fetch --tags
|
|
- git checkout $Env:DRONE_COMMIT
|
|
|
|
- name: fetch
|
|
image: openpriv/flutter-desktop:windows-sdk30-fstable-3.19.3
|
|
commands:
|
|
- git describe --tags --abbrev=1 > VERSION
|
|
- git log -1 --format=%cd --date=format:'%Y-%m-%d-%H-%M' > COMMIT_DATE
|
|
- .\fetch-tor-win.ps1
|
|
- .\fetch-libcwtch-go.ps1
|
|
|
|
- name: build-windows
|
|
image: openpriv/flutter-desktop:windows-sdk30-fstable-3.19.3
|
|
commands:
|
|
- flutter pub get
|
|
- $Env:version += type .\VERSION
|
|
- $Env:commitdate += type .\COMMIT_DATE
|
|
- $Env:releasedir = "build\\windows\\x64\\runner\\Release\\"
|
|
- flutter build windows --dart-define BUILD_VER=$Env:version --dart-define BUILD_DATE=$Env:commitdate
|
|
- copy windows\libCwtch.dll $Env:releasedir
|
|
# flutter hasn't worked out it's packaging of required dll's so we have to resort to this manual nonsense
|
|
# https://github.com/google/flutter-desktop-embedding/issues/587
|
|
# https://github.com/flutter/flutter/issues/53167
|
|
- copy 'C:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\VC\Redist\MSVC\14.36.32532\x64\Microsoft.VC143.CRT\vcruntime140.dll' $Env:releasedir
|
|
- copy 'C:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\VC\Redist\MSVC\14.36.32532\x64\Microsoft.VC143.CRT\vcruntime140_1.dll' $Env:releasedir
|
|
- copy 'C:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\VC\Redist\MSVC\14.36.32532\x64\Microsoft.VC143.CRT\msvcp140.dll' $Env:releasedir
|
|
- copy README.md $Env:releasedir\
|
|
- copy windows\*.bat $Env:releasedir\
|
|
- powershell -command "Expand-Archive -Path tor.zip -DestinationPath $Env:releasedir\Tor"
|
|
|
|
- name: package-windows
|
|
image: openpriv/nsis
|
|
pull: if-not-exists
|
|
when:
|
|
event: push
|
|
status: [ success ]
|
|
environment:
|
|
pfx:
|
|
from_secret: pfx2022_b64
|
|
pfx_pass:
|
|
from_secret: pfx_pass
|
|
commands:
|
|
- $Env:version += type .\VERSION
|
|
- $Env:commitdate += type .\COMMIT_DATE
|
|
- $Env:releasedir = "build\\windows\\x64\\runner\\Release\\"
|
|
- $Env:zip = 'cwtch-' + $Env:version + '.zip'
|
|
- $Env:zipsha = $Env:zip + '.sha512.txt'
|
|
- $Env:buildname = 'flwtch-' + $Env:commitdate + '-' + $Env:version
|
|
- $Env:builddir = $Env:buildname
|
|
- echo $Env:pfx > codesign.pfx.b64
|
|
- certutil -decode codesign.pfx.b64 codesign.pfx
|
|
- signtool sign /v /fd sha256 /a /f codesign.pfx /p $Env:pfx_pass /tr http://timestamp.digicert.com $Env:releasedir\cwtch.exe
|
|
- signtool sign /v /fd sha256 /a /f codesign.pfx /p $Env:pfx_pass /tr http://timestamp.digicert.com $Env:releasedir\libCwtch.dll
|
|
- signtool sign /v /fd sha256 /a /f codesign.pfx /p $Env:pfx_pass /tr http://timestamp.digicert.com $Env:releasedir\flutter_windows.dll
|
|
- copy windows\runner\resources\knot_128.ico $Env:releasedir\cwtch.ico
|
|
- makensis windows\nsis\cwtch-installer.nsi
|
|
- move windows\nsis\cwtch-installer.exe cwtch-installer.exe
|
|
- signtool sign /v /fd sha256 /a /f codesign.pfx /p $Env:pfx_pass /tr http://timestamp.digicert.com cwtch-installer.exe
|
|
- powershell -command "(Get-FileHash cwtch-installer.exe -Algorithm sha512).Hash" > cwtch-installer.sha512.txt
|
|
- mkdir deploy
|
|
- mkdir deploy\$Env:builddir
|
|
- move $Env:releasedir $Env:builddir
|
|
- powershell -command "Compress-Archive -Path $Env:builddir -DestinationPath cwtch.zip"
|
|
- powershell -command "(Get-FileHash cwtch.zip -Algorithm sha512).Hash" > $Env:zipsha
|
|
- move cwtch-installer.exe deploy\$Env:builddir\cwtch-installer-$Env:version.exe
|
|
- move cwtch.zip deploy\$Env:builddir\$Env:zip
|
|
- move *.sha512.txt deploy\$Env:builddir
|
|
|
|
- name: deploy-windows
|
|
image: openpriv/flutter-desktop:windows-sdk30-fstable-3.19.3
|
|
when:
|
|
event: push
|
|
status: [ success ]
|
|
environment:
|
|
BUILDFILES_KEY:
|
|
from_secret: buildfiles_key
|
|
commands:
|
|
- echo $Env:BUILDFILES_KEY > id_rsab64
|
|
- certutil -decode id_rsab64 id_rsa
|
|
- scp -r -o StrictHostKeyChecking=no -i id_rsa deploy\\* buildfiles@build.openprivacy.ca:/home/buildfiles/buildfiles/
|
|
|
|
trigger:
|
|
# repo: cwtch.im/cwtch-ui # allow forks to build?
|
|
branch: trunk
|
|
event:
|
|
- push
|
|
- pull_request
|
|
|
|
---
|
|
kind: pipeline
|
|
type: exec
|
|
name: macos
|
|
|
|
platform:
|
|
os: darwin
|
|
arch: amd64
|
|
|
|
clone:
|
|
disable: true
|
|
|
|
steps:
|
|
- name: clone
|
|
environment:
|
|
buildbot_key_b64:
|
|
from_secret: buildbot_key_b64
|
|
commands:
|
|
- mkdir ~/.ssh
|
|
- echo $buildbot_key_b64 > ~/.ssh/id_rsa.b64
|
|
- ls -lh ~/.ssh/id_rsa.b64
|
|
- base64 -d -i ~/.ssh/id_rsa.b64 -o ~/.ssh/id_rsa
|
|
- chmod 400 ~/.ssh/id_rsa
|
|
# force by pass of ssh host key check, less secure
|
|
- ssh-keyscan -H git.openprivacy.ca >> ~/.ssh/known_hosts
|
|
- git init
|
|
- git config core.sshCommand 'ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa'
|
|
- git remote add origin gogs@git.openprivacy.ca:$DRONE_REPO.git
|
|
- git pull origin trunk
|
|
- git fetch --tags
|
|
- git checkout $DRONE_COMMIT
|
|
# use Drone ssh var instead of hardcode to allow forks to build (gogs@git.openprivacy.ca:cwtch.im/cwtch-ui.git)
|
|
#- git clone gogs@git.openprivacy.ca:$DRONE_REPO.git .
|
|
#- git checkout $DRONE_COMMIT
|
|
|
|
- name: fetch
|
|
commands:
|
|
- ./fetch-tor-macos.sh
|
|
- echo `git describe --tags --abbrev=1` > VERSION
|
|
- echo `git log -1 --format=%cd --date=format:%G-%m-%d-%H-%M` > COMMIT_DATE
|
|
- export PATH=$PATH:/Users/drone/development/flutter/bin
|
|
- flutter pub get
|
|
- mkdir deploy
|
|
- ./fetch-libcwtch-go-macos.sh
|
|
# Drone builds in container directories and gem seems to have some weird side effects so have to manually re install these locally
|
|
- gem install --user-install ffi -v 1.15.5 -- --enable-libffi-alloc
|
|
# currently unneeded to reinstall but was, and may be again? so saving
|
|
#- gem install --user-install cocoapods -v 1.11.3
|
|
|
|
- name: build-macos
|
|
commands:
|
|
- export PATH=$PATH:/Users/drone/bin/flutter/bin
|
|
- export PATH=$GEM_HOME/ruby/2.6.0/bin:$PATH
|
|
- flutter doctor
|
|
- flutter build macos --dart-define BUILD_VER=`cat VERSION` --dart-define BUILD_DATE=`cat COMMIT_DATE`
|
|
- export PATH=$PATH:/opt/homebrew/bin/ #create-dmg
|
|
- macos/package-release.sh
|
|
- mkdir -p deploy
|
|
- mv Cwtch.dmg deploy/Cwtch-`cat VERSION`.dmg
|
|
|
|
- name: deploy-buildfiles
|
|
environment:
|
|
BUILDFILES_KEY:
|
|
from_secret: buildfiles_key
|
|
when:
|
|
event: push
|
|
status: [ success ]
|
|
commands:
|
|
- echo $BUILDFILES_KEY > ~/id_rsab64
|
|
- base64 -d -i ~/id_rsab64 -o ~/id_rsa
|
|
- chmod 400 ~/id_rsa
|
|
- export DIR=flwtch-`cat COMMIT_DATE`-`cat VERSION`
|
|
- mv deploy $DIR
|
|
- cd $DIR
|
|
- find . -type f -exec shasum -a 512 {} \; > ./../Cwtch.dmg.sha512.txt
|
|
- mv ./../Cwtch.dmg.sha512.txt .
|
|
- cd ..
|
|
- scp -r -o StrictHostKeyChecking=no -i ~/id_rsa $DIR buildfiles@build.openprivacy.ca:/home/buildfiles/buildfiles/
|
|
|
|
trigger:
|
|
#repo: cwtch.im/cwtch-ui # allow forks to build?
|
|
branch: trunk
|
|
event:
|
|
- push
|
|
- pull_request
|