From a65dbaa4ecea8db0777c560204cbc87142d8ce19 Mon Sep 17 00:00:00 2001 From: atavism Date: Thu, 7 Nov 2024 14:38:03 -0800 Subject: [PATCH] Refactor CI to use matrix strategy for faster builds (#1223) * initial commit * initial commit * CI updates * CI updates * CI updates * CI updates * update step to build Flutter app * rename package-darwin * update release.yml * update release.yml * remove old input * Add version_file * Move step to install darwin dependencies * fix setup-node version * update macos Makefile targets * CI updates * Update package-linux * Update package-linux * CI updates * update and reorder steps * CI updates * Update build.yml * CI updates * update package-macos to use flutter_distributor * Add macos make_config.yaml * Add sentry cli step * CI updates * CI updates * update package-android * Import code signing certificate with import-codesign-certs (#1227) * updates to macOS packaging * updates to macOS packaging * update code signing step * update package-macos * update package-macos * update package-macos * clean-ups * clean-ups * update package-macos * update package-macos * update package-macos * update package-macos * update package-macos * remove branch trigger * update package-macos * update package-macos * update Makefile darwin-installer * clean-ups * update node version * test CI updates * add ios support to build script, remove build-ios.yml, and build aab and apk separately * Remove unused * clean-ups * 8.0.0 release * 8.0.0 release * disable iOS release for now * update macos build name * fix linux build path * CI updates * update version number * remove duplicate APP_VERSION * remove duplicate APP_VERSION * update APP_VERSION * rename linux installers * set build-suffix * set build-suffix * fix rename builds step * fix rename builds step * fix rename builds step * move logging line after s.Lock() in settings * enable iOS * enable iOS * Disable iOS releases temporarily --- .github/workflows/build-android.yml | 186 --------- .github/workflows/build-darwin.yml | 167 -------- .github/workflows/build-ios.yml | 184 --------- .github/workflows/build-linux.yml | 131 ------- .github/workflows/build-windows.yml | 187 --------- .github/workflows/build.yml | 371 ++++++++++++++++++ .github/workflows/prerelease-notification.yml | 2 +- .github/workflows/release-changelog.yml | 2 +- .github/workflows/release.yml | 94 ++--- Makefile | 78 ++-- macos/Podfile.lock | 10 +- macos/packaging/dmg/make_config.yaml | 10 + pubspec.yaml | 2 +- 13 files changed, 451 insertions(+), 973 deletions(-) delete mode 100644 .github/workflows/build-android.yml delete mode 100644 .github/workflows/build-darwin.yml delete mode 100644 .github/workflows/build-ios.yml delete mode 100644 .github/workflows/build-linux.yml delete mode 100644 .github/workflows/build-windows.yml create mode 100644 .github/workflows/build.yml create mode 100644 macos/packaging/dmg/make_config.yaml diff --git a/.github/workflows/build-android.yml b/.github/workflows/build-android.yml deleted file mode 100644 index fad95e535..000000000 --- a/.github/workflows/build-android.yml +++ /dev/null @@ -1,186 +0,0 @@ -name: Build Android Installer -on: - workflow_call: - inputs: - version_file: - type: string - required: true - version: - type: string - required: true - prefix: - type: string - required: true - -env: - GOPRIVATE: github.com/getlantern - S3_BUCKET: lantern - -jobs: - build-android: - env: - version: ${{ inputs.version }} - version_file: ${{ inputs.version_file }} - prefix: ${{ inputs.prefix }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - lfs: true - - - name: Pull LFS objects - run: git lfs pull - - - name: Installing Flutter - uses: subosito/flutter-action@v2 - with: - channel: "stable" - - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version-file: "go.mod" - - - name: Install latest protoc-gen-go - run: go install github.com/golang/protobuf/protoc-gen-go@latest - - - name: Granting private modules access - run: | - git config --global url."https://${{ secrets.CI_PRIVATE_REPOS_GH_TOKEN }}:x-oauth-basic@github.com/".insteadOf "https://github.com/" - - - name: Setup Sentry CLI - uses: mathieu-bour/setup-sentry-cli@v2 - with: - version: latest - token: ${{ SECRETS.SENTRY_TOKEN }} # from GitHub secrets - organization: getlantern - project: android - - - name: Setup JDK - uses: actions/setup-java@v4 - with: - distribution: temurin - java-version: 17 - cache: 'gradle' - - - name: Setup protoc - uses: arduino/setup-protoc@v2 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - - - name: Activate protoc-gen-dart plugin - run: | - echo "${HOME}/.pub-cache/bin" >> $GITHUB_PATH - dart pub global activate protoc_plugin - - - name: Set gradle properties - env: - GRADLE_PROPERTIES: ${{ secrets.GRADLE_PROPERTIES }} - run: | - mkdir -p ~/.gradle/ - echo "GRADLE_USER_HOME=${HOME}/.gradle" >> $GITHUB_ENV - echo "${GRADLE_PROPERTIES}" > ~/.gradle/gradle.properties - - - name: Decode Keystore - id: write_file - uses: timheuer/base64-to-file@v1.2 - with: - fileName: 'keystore.release.jks' - fileDir: './android/app' - encodedString: ${{ secrets.KEYSTORE }} - - - name: Generate app.env - env: - ANDROID_INTERSTITIAL_AD_ID: ${{ secrets.INTERSTITIAL_AD_UNIT_ID }} - IOS_INTERSTITIAL_AD_ID: ${{ secrets.INTERSTITIAL_AD_UNIT_ID_IOS }} - TAPSELL_VIDEO_INTERSTITIAL_ZONE_ID: ${{ secrets.TAPSELL_VIDEO_INTERSTITIAL_ZONE_ID }} - TAPSELL_INTERSTITIAL_ZONE_ID: ${{ secrets.TAPSELL_INTERSTITIAL_ZONE_ID }} - run: | - touch app.env - echo "Android_interstitialAd=$ANDROID_INTERSTITIAL_AD_ID" > app.env - echo "IOS_interstitialAd=$IOS_INTERSTITIAL_AD_ID" >> app.env - echo "VideoInterstitialZoneId=$TAPSELL_VIDEO_INTERSTITIAL_ZONE_ID" >> app.env - echo "InterstitialZoneId=$TAPSELL_INTERSTITIAL_ZONE_ID" >> app.env - - - name: Clean packages - run: | - sudo apt-get clean - sudo apt-get autoremove -y - sudo apt-get remove --purge $(dpkg --list | grep '^rc' | awk '{print $2}') - - - name: Build Android installers - env: - INTERSTITIAL_AD_UNIT: "${{ secrets.INTERSTITIAL_AD_UNIT_ID }}" - SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}" - VERSION: "${{ env.version }}" - run: make package-android - - - name: Clean Go module and build cache - run: | - sudo rm -rf /tmp/* - sudo rm -rf /var/cache/* - sudo apt-get clean - sudo apt-get autoremove -y - sudo apt-get remove --purge $(dpkg --list | grep '^rc' | awk '{print $2}') - go clean -modcache - go clean -cache -testcache - df -h - - - name: Delete Gradle cache - run: | - sudo rm -rf $HOME/.gradle/caches - echo "Gradle cache deleted successfully" - - - uses: actions/upload-artifact@v4 - with: - name: android-apk-build - retention-days: 2 - path: | - lantern-installer.apk - - - uses: actions/upload-artifact@v4 - with: - name: android-aab-build - retention-days: 2 - path: | - lantern-installer.aab - - - uses: actions/setup-python@v5 - with: - python-version: '3.12' - - - name: Install s3cmd - run: pip install s3cmd - - - name: Set s3cmd permissions - run: | - echo "[default]" > "$HOME/.s3cfg" - echo "access_key = ${{ secrets.AWS_ACCESS_KEY }}" >> "$HOME/.s3cfg" - echo "secret_key = ${{ secrets.AWS_SECRET_KEY }}" >> "$HOME/.s3cfg" - - - name: Push binaries to s3 - env: - VERSION: "${{ env.version }}" - APK: "${{ env.prefix }}-${{ env.version }}.apk" - AAB: "${{ env.prefix }}-${{ env.version }}.aab" - update: "lantern_update_android_arm-${{inputs.version}}.bz2" - update_source: lantern_update_android_arm.bz2 - run: | - mv ${{ env.update_source }} ${{ env.update }} - mv lantern-installer.apk "$APK" - mv lantern-installer.aab "$AAB" - cp "$APK" ${{ env.prefix }}.apk - cp "$AAB" ${{ env.prefix }}.aab - echo ${{ env.version }} > ${{ env.version_file }} - shasum -a 256 "$APK" | cut -d " " -f 1 > "$APK".sha256 - shasum -a 256 "$AAB" | cut -d " " -f 1 > "$AAB".sha256 - shasum -a 256 ${{ env.update }} | cut -d " " -f 1 > ${{ env.update }}.sha256 - cp "$APK".sha256 ${{ env.prefix }}.apk.sha256 - cp "$AAB".sha256 ${{ env.prefix }}.aab.sha256 - s3cmd put --acl-public "$APK" "$APK".sha256 ${{ env.update }} ${{ env.update }}.sha256 ${{ env.version_file }} ${{ env.prefix }}.apk.sha256 ${{ env.prefix }}.apk "s3://$S3_BUCKET" - s3cmd put --acl-public "$AAB" "$AAB".sha256 ${{ env.prefix }}.aab.sha256 ${{ env.prefix }}.aab "s3://$S3_BUCKET" - s3cmd modify --add-header='content-type':'application/vnd.android.package-archive' "s3://$S3_BUCKET/$APK" - s3cmd modify --add-header='content-type':'application/vnd.android.package-archive' "s3://$S3_BUCKET/${{ env.prefix }}.apk" - s3cmd modify --add-header='content-type':'application/vnd.android.package-archive' "s3://$S3_BUCKET/$AAB" - s3cmd modify --add-header='content-type':'application/vnd.android.package-archive' "s3://$S3_BUCKET/${{ env.prefix }}.aab" - diff --git a/.github/workflows/build-darwin.yml b/.github/workflows/build-darwin.yml deleted file mode 100644 index 266b24eea..000000000 --- a/.github/workflows/build-darwin.yml +++ /dev/null @@ -1,167 +0,0 @@ -name: Build Darwin -on: - workflow_call: - inputs: - version_file: - type: string - required: true - macos_version: - type: string - required: true - xcode_version: - type: string - required: true - version: - type: string - required: true - prefix: - type: string - required: true - -env: - GOPRIVATE: github.com/getlantern - S3_BUCKET: lantern -jobs: - build-darwin: - permissions: - contents: "read" - id-token: "write" - env: - version: ${{ inputs.version }} - version_file: ${{ inputs.version_file }} - prefix: ${{ inputs.prefix }} - AC_USERNAME: ${{ secrets.AC_USERNAME }} - AC_PASSWORD: ${{ secrets.AC_PASSWORD }} - runs-on: ${{ inputs.macos_version }} - steps: - - uses: actions/checkout@v4 - with: - lfs: true - - - name: Pull LFS objects - run: git lfs pull - - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version-file: "go.mod" - - - name: Setup Xcode - uses: maxim-lobanov/setup-xcode@v1 - with: - xcode-version: ${{ inputs.xcode_version }} - - - name: Granting private modules access - run: | - git config --global url."https://${{ secrets.GH_TOKEN }}:x-oauth-basic@github.com/".insteadOf "https://github.com/" - - - name: Repo access - run: | - mkdir /tmp/cache - echo "machine github.com login ${{ secrets.GH_TOKEN }} password x-oauth-basic" > /tmp/cache/.netrc - chmod 600 /tmp/cache/.netrc - - - name: Setup Sentry CLI - uses: mathieu-bour/setup-sentry-cli@v2 - with: - version: latest - token: ${{ SECRETS.SENTRY_TOKEN }} # from GitHub secrets - organization: getlantern - project: android - - - name: Build liblantern.dylib - env: - SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}" - VERSION: "${{ env.version }}" - run: make darwin - - - uses: actions/upload-artifact@v4 - with: - name: "libgo-osx-build" - if-no-files-found: error - path: | - liblantern.dylib - - # Install Flutter - - uses: subosito/flutter-action@v2 - with: - channel: "stable" - - - run: flutter --version - - - run: make ffigen - - - name: Setup protoc - uses: arduino/setup-protoc@v2 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - - - name: Activate protoc-gen-dart plugin - run: | - dart pub global activate protoc_plugin - - - run: touch app.env - - - name: Build Flutter app - run: flutter build macos --release - - - uses: actions/setup-node@v4 - with: - node-version: latest - - - uses: actions/setup-python@v5 - with: - python-version: '3.12' - - - name: Install darwin installer dependencies - run: | - npm install -g appdmg - brew tap joshdk/tap - brew install joshdk/tap/retry - brew install imagemagick || true - - - name: Build darwin installer - run: | - echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12 - security create-keychain -p temporaty-password build.keychain - security default-keychain -s build.keychain - security unlock-keychain -p temporaty-password build.keychain - security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -T /usr/bin/codesign - security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k temporaty-password build.keychain - make package-darwin - env: - VERSION: "${{ env.version }}" - MACOS_CERTIFICATE: ${{ secrets.MACOS_BNS_CERT }} - MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_BNS_CERT_PASS }} - - - name: Install s3cmd - run: pip install s3cmd - - - name: Set s3cmd permissions - run: | - echo "[default]" > "$HOME/.s3cfg" - echo "access_key = ${{ secrets.AWS_ACCESS_KEY }}" >> "$HOME/.s3cfg" - echo "secret_key = ${{ secrets.AWS_SECRET_KEY }}" >> "$HOME/.s3cfg" - - - uses: actions/upload-artifact@v4 - with: - name: osx-build - retention-days: 2 - path: | - lantern-installer.dmg - - - name: Push binaries to s3 - env: - VERSION: "${{ env.version }}" - DMG: "${{ env.prefix }}-${{ env.version }}.dmg" - update: "lantern_update_darwin-${{inputs.version}}.bz2" - update_source: lantern_update_darwin.bz2 - run: | - mv ${{ env.update_source }} ${{ env.update }} - mv lantern-installer.dmg "$DMG" - cp "$DMG" ${{ env.prefix }}.dmg - echo ${{ env.version }} > ${{ env.version_file }} - shasum -a 256 "$DMG" | cut -d " " -f 1 > "$DMG".sha256 - shasum -a 256 ${{ env.update }} | cut -d " " -f 1 > ${{ env.update }}.sha256 - cp "$DMG".sha256 ${{ env.prefix }}.dmg.sha256 - s3cmd put --acl-public "$DMG" "$DMG".sha256 ${{ env.update }} ${{ env.update }}.sha256 ${{ env.version_file }} ${{ env.prefix }}.dmg.sha256 ${{ env.prefix }}.dmg "s3://lantern" diff --git a/.github/workflows/build-ios.yml b/.github/workflows/build-ios.yml deleted file mode 100644 index e58ee553a..000000000 --- a/.github/workflows/build-ios.yml +++ /dev/null @@ -1,184 +0,0 @@ -name: Build IOS -on: - workflow_call: - inputs: - version_file: - type: string - required: true - macos_version: - type: string - required: true - xcode_version: - type: string - required: true - version: - type: string - required: true - prefix: - type: string - required: true -env: - GOPRIVATE: github.com/getlantern -jobs: - build-ios: - runs-on: ${{ inputs.macos_version }} - permissions: - contents: "read" - id-token: "write" - env: - version: ${{ inputs.version }} - version_file: ${{ inputs.version_file }} - prefix: ${{ inputs.prefix }} - AC_USERNAME: ${{ secrets.AC_USERNAME }} - AC_PASSWORD: ${{ secrets.AC_PASSWORD }} - - steps: - - uses: actions/checkout@v4 - with: - lfs: true - - name: Pull LFS objects - run: git lfs pull - - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version-file: "go.mod" - - - name: Setup Xcode - uses: maxim-lobanov/setup-xcode@v1 - with: - xcode-version: ${{ inputs.xcode_version }} - - - name: Repo access - run: | - mkdir /tmp/cache - echo "machine github.com login ${{ secrets.GH_TOKEN }} password x-oauth-basic" > /tmp/cache/.netrc - chmod 600 /tmp/cache/.netrc - - - name: Setup Sentry CLI - uses: mathieu-bour/setup-sentry-cli@v2 - with: - version: latest - token: ${{ SECRETS.SENTRY_TOKEN }} # from GitHub secrets - organization: getlantern - project: lantern-ios - - - name: Install Flutter - uses: subosito/flutter-action@v2 - with: - channel: "stable" - - - name: Install the Apple certificate and provisioning profile - env: - BUILD_CERTIFICATE_BASE64: ${{ secrets.IOS_CERTIFICATE_P12_BASE64 }} - P12_PASSWORD: ${{ secrets.IOS_CERTIFICATE_P12_PASS }} - BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.IOS_PROVISION_PROFILE_BASE6 }} - BUILD_TUNNEL_PROVISION_PROFILE_BASE64: ${{ secrets.IOS_TUNNEL_PROVISION_PROFILE_BASE64 }} - KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} - EXPORT_OPTIONS: ${{ secrets.EXPORT_OPTION_PLIST }} - run: | - set -x - # create variables - CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 - PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision - TPP_PATH=$RUNNER_TEMP/build_tpp.mobileprovision - KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db - EXPORT_OPTIONS_PATH=$GITHUB_WORKSPACE/ExportOptions.plist - - - # import certificate from secrets - echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH - - # create temporary keychain - security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - security set-keychain-settings -lut 21600 $KEYCHAIN_PATH - security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - - # import certificate to keychain - security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH - security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - security list-keychain -d user -s $KEYCHAIN_PATH - - PROVISIONING_PROFILES_DIR=~/Library/MobileDevice/Provisioning\ Profiles - mkdir -p "$PROVISIONING_PROFILES_DIR" - - # apply main provisioning profile - echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH - cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles - - # apply tunnel provisioning profile - echo -n "$BUILD_TUNNEL_PROVISION_PROFILE_BASE64" | base64 --decode -o $TPP_PATH - cp $TPP_PATH ~/Library/MobileDevice/Provisioning\ Profiles - - # Create ExportOptions.plist - echo "$EXPORT_OPTIONS" | base64 --decode > "$EXPORT_OPTIONS_PATH" - - - name: Generate FFI bindings - run: | - make darwin - make ffigen - - - name: Generate app.env - env: - ANDROID_INTERSTITIAL_AD_ID: ${{ secrets.INTERSTITIAL_AD_UNIT_ID }} - IOS_INTERSTITIAL_AD_ID: ${{ secrets.INTERSTITIAL_AD_UNIT_ID_IOS }} - run: | - touch app.env - echo "Android_interstitialAd=$ANDROID_INTERSTITIAL_AD_ID" > app.env - echo "IOS_interstitialAd=$IOS_INTERSTITIAL_AD_ID" >> app.env - - - name: Get dependencies & Pod install - run: | - flutter pub get - cd ios - pod install - cd .. - - - name: Build iOS app - env: - SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} - SENTRY_ORG: getlantern - SENTRY_PROJECT_IOS: lantern-ios - run: make ios-release - - - name: Upload application - uses: actions/upload-artifact@v4 - with: - name: Lantern.ipa - path: ${{ github.workspace }}/build/ios/ipa/Lantern.ipa - retention-days: 2 -# -# - name: Compress artifacts using bzip2 -# run: | -# cd ${{ github.workspace }}/build/ios/ipa/ -# bzip2 -zk Lantern.ipa -# -# - name: Copy .ipa and .bz2 to root -# run: | -# cp ${{ github.workspace }}/build/ios/ipa/Lantern.ipa ${{ github.workspace }}/Lantern.ipa -# cp ${{ github.workspace }}/build/ios/ipa/Lantern.ipa.bz2 ${{ github.workspace }}/Lantern.ipa.bz2 -# -# - name: Install s3cmd -# run: pip install s3cmd -# -# - name: Set s3cmd permissions -# run: | -# echo "[default]" > "$HOME/.s3cfg" -# echo "access_key = ${{ secrets.AWS_ACCESS_KEY }}" >> "$HOME/.s3cfg" -# echo "secret_key = ${{ secrets.AWS_SECRET_KEY }}" >> "$HOME/.s3cfg" -# -# - name: Push binaries to s3 -# env: -# VERSION: "${{ env.version }}" -# IPA: "${{ env.prefix }}-${{ env.version }}.ipa" -# update: "lantern_update_ios-${{inputs.version}}.bz2" -# update_source: Lantern.ipa.bz2 -# run: | -# mv ${{ env.update_source }} ${{ env.update }} -# mv Lantern.ipa "$IPA" -# cp "$IPA" ${{ env.prefix }}.ipa -# echo ${{ env.version }} > ${{ env.version_file }} -# shasum -a 256 "$IPA" | cut -d " " -f 1 > "$IPA".sha256 -# shasum -a 256 ${{ env.update }} | cut -d " " -f 1 > ${{ env.update }}.sha256 -# cp "$IPA".sha256 ${{ env.prefix }}.ipa.sha256 -# s3cmd put --acl-public "$IPA" "$IPA".sha256 ${{ env.update }} ${{ env.update }}.sha256 ${{ env.version_file }} ${{ env.prefix }}.ipa.sha256 ${{ env.prefix }}.ipa "s3://lantern" diff --git a/.github/workflows/build-linux.yml b/.github/workflows/build-linux.yml deleted file mode 100644 index 45de5cc2c..000000000 --- a/.github/workflows/build-linux.yml +++ /dev/null @@ -1,131 +0,0 @@ -name: Build Linux -on: - workflow_call: - inputs: - version: - type: string - required: true - prefix: - type: string - required: true - dist-suffix: # "arm64" or "amd64" - type: string - required: true - -jobs: - build-linux: - permissions: - contents: "read" - id-token: "write" - env: - version: ${{ inputs.version }} - prefix: ${{ inputs.prefix }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Granting private modules access - run: git config --global url."https://${{ secrets.GH_TOKEN }}:x-oauth-basic@github.com/".insteadOf "https://github.com/" - - name: Repo access - run: | - mkdir /tmp/cache - echo "machine github.com login ${{ secrets.GH_TOKEN }} password x-oauth-basic" > /tmp/cache/.netrc - chmod 600 /tmp/cache/.netrc - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y file build-essential pkg-config - sudo apt-get install -y libwebkit2gtk-4.1-dev - sudo apt-get install -y libunwind-dev libstdc++-12-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-d cmake - sudo apt-get install -y libgtk-3-0 libblkid1 liblzma5 - sudo apt-get install -y libpcap-dev libgtk-3-dev libayatana-appindicator3-dev ruby ruby-dev && sudo gem install bundler -v 2.2.26 - - - uses: actions/setup-go@v5 - with: - go-version-file: "go.mod" - - - name: Build - env: - SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}" - VERSION: ${{ inputs.version }} - run: | - make linux-amd64 - - - uses: actions/setup-python@v4 - with: - python-version: '3.8' - - - name: Install s3cmd - run: pip install s3cmd - - - name: Set s3cmd permissions - run: | - echo "[default]" > "$HOME/.s3cfg" - echo "access_key = ${{ secrets.AWS_ACCESS_KEY }}" >> "$HOME/.s3cfg" - echo "secret_key = ${{ secrets.AWS_SECRET_KEY }}" >> "$HOME/.s3cfg" - - # Install Flutter - - uses: subosito/flutter-action@v2 - with: - channel: "stable" - - - run: flutter --version - - - run: make ffigen - - - name: Setup protoc - uses: arduino/setup-protoc@v2 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - - - name: Activate Flutter plugins - run: | - dart pub global activate protoc_plugin - dart pub global activate flutter_distributor - - - uses: seanmiddleditch/gha-setup-ninja@master - - - run: touch app.env - - - name: Extract app version from pubspec.yaml - run: | - VERSION=$(grep '^version:' pubspec.yaml | sed 's/version: //') - echo "APP_VERSION=$VERSION" >> $GITHUB_ENV - - - name: Build Flutter app - run: flutter build linux - - - name: Build installer - run: | - cp liblantern.so "build/linux/${{inputs.dist-suffix}}/release/bundle" - make package-linux - mv dist/${{ env.APP_VERSION }}/lantern-${{ env.APP_VERSION }}-linux.deb lantern_${{inputs.version}}_x64.deb - mv dist/${{ env.APP_VERSION }}/lantern-${{ env.APP_VERSION }}-linux.rpm lantern_${{inputs.version}}_x64.rpm - - - uses: actions/upload-artifact@v4 - with: - name: linux-deb-build - path: | - lantern_${{inputs.version}}_x64.deb - - - uses: actions/upload-artifact@v4 - with: - name: linux-rpm-build - path: | - lantern_${{inputs.version}}_x64.rpm - - - name: Push binaries to s3 - - env: - VERSION: "${{ inputs.version }}" - dist_versionless: "${{inputs.prefix}}-64-bit.deb" - dist_deb: "${{inputs.prefix}}-${{inputs.version}}-64-bit.deb" - dist_deb_source: "lantern_${{inputs.version}}_x64.deb" - dist_rpm: "${{inputs.prefix}}-${{inputs.version}}-64-bit.rpm" - dist_rpm_source: "lantern_${{inputs.version}}_x64.rpm" - run: | - mv ${{ env.dist_deb_source }} ${{ env.dist_deb }} - mv ${{ env.dist_rpm_source }} ${{ env.dist_rpm }} - shasum -a 256 ${{ env.dist_deb }} | cut -d " " -f 1 > ${{ env.dist_deb }}.sha256 - shasum -a 256 ${{ env.dist_rpm }} | cut -d " " -f 1 > ${{ env.dist_rpm }}.sha256 - s3cmd put --acl-public ${{ env.dist_deb }} ${{ env.dist_deb }}.sha256 ${{ env.dist_rpm }} ${{ env.dist_rpm }}.sha256 "s3://lantern" diff --git a/.github/workflows/build-windows.yml b/.github/workflows/build-windows.yml deleted file mode 100644 index 5049bc14f..000000000 --- a/.github/workflows/build-windows.yml +++ /dev/null @@ -1,187 +0,0 @@ -name: Build Windows - -on: - workflow_call: - inputs: - version: - type: string - required: true - prefix: - type: string - required: true - build-suffix: # "64" or "" - type: string - required: false - dist-suffix: # "64-bit" or "32-bit" - type: string - required: true - update-suffix: # "x64" or "386" - type: string - required: true - arch: - type: string - required: true - installer-suffix: # "-x64" or "" - type: string - required: false - -env: - GOPRIVATE: github.com/getlantern - S3_BUCKET: lantern -jobs: - build-windows: - permissions: - contents: "read" - id-token: "write" - env: - version: ${{ inputs.version }} - prefix: ${{ inputs.prefix }} - runs-on: windows-latest - steps: - - uses: actions/checkout@v4 - with: - lfs: true - - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version-file: "go.mod" - - - name: Install WebView2 Runtime - shell: pwsh - run: | - Invoke-WebRequest -Uri "https://go.microsoft.com/fwlink/p/?LinkId=2124703" -OutFile "MicrosoftEdgeWebView2Setup.exe" - Start-Process -FilePath ".\MicrosoftEdgeWebView2Setup.exe" -ArgumentList "/silent", "/install" -Wait - - - name: Set up MinGW - run: choco install mingw -y - - - name: Install Flutter - uses: subosito/flutter-action@v2 - with: - channel: "stable" - - - run: flutter --version - - - name: Setup protoc - uses: arduino/setup-protoc@v2 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - - - - name: Build Lantern Library - shell: bash - run: | - touch app.env - mkdir -p "build/windows/${{inputs.arch}}/runner/Release" - make windows64 - - - name: Activate plugins - run: | - dart pub global activate protoc_plugin - dart pub global activate flutter_distributor - - - name: Sign liblantern.dll with Azure Code Signing - uses: getlantern/trusted-signing-action@main - with: - azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} - azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} - azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} - endpoint: https://wus2.codesigning.azure.net/ - code-signing-account-name: code-signing - certificate-profile-name: Lantern - files-folder: ${{ github.workspace }}\ - files-folder-filter: dll - file-digest: SHA256 - timestamp-rfc3161: http://timestamp.acs.microsoft.com - timestamp-digest: SHA256 - - - name: Move liblantern.dll to release directory - shell: bash - run: | - mv liblantern.dll "build/windows/${{inputs.arch}}/runner/Release" - - - name: Extract app version from pubspec.yaml - id: extract_version - shell: bash - run: | - APP_VERSION=$(grep '^version:' pubspec.yaml | sed 's/version: //') - echo "APP_VERSION=$APP_VERSION" >> $GITHUB_ENV - - - name: Build Flutter app - run: | - New-Item -Path "./dist/${{ env.APP_VERSION }}" -ItemType Directory -Force - flutter_distributor package --platform windows --targets exe --skip-clean - env: - SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}" - VERSION: "${{ env.version }}" - - - name: Rename installer - shell: bash - run: | - mv "dist/${{ env.APP_VERSION }}/lantern-${{ env.APP_VERSION }}-windows-setup.exe" lantern-installer${{inputs.installer-suffix}}.exe - - - name: Sign EXE with Azure Code Signing - uses: getlantern/trusted-signing-action@main - with: - azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} - azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} - azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} - endpoint: https://wus2.codesigning.azure.net/ - code-signing-account-name: code-signing - certificate-profile-name: Lantern - files-folder: ${{ github.workspace }}/ - files-folder-filter: exe,dll,msix - file-digest: SHA256 - timestamp-rfc3161: http://timestamp.acs.microsoft.com - timestamp-digest: SHA256 - - - name: Upload EXE artifact - uses: actions/upload-artifact@v4 - with: - name: windows${{inputs.build-suffix}}-installer-signed - path: | - lantern-installer${{inputs.installer-suffix}}.exe - - upload-windows: - needs: build-windows - permissions: - contents: "read" - id-token: "write" - env: - version: ${{ inputs.version }} - prefix: ${{ inputs.prefix }} - runs-on: ubuntu-latest - - steps: - - name: Download the artifact - uses: actions/download-artifact@v4 - with: - name: windows${{inputs.build-suffix}}-installer-signed - - - name: Install s3cmd - run: pip install s3cmd - - - name: Set s3cmd permissions - run: | - echo "[default]" > "$HOME/.s3cfg" - echo "access_key = ${{ secrets.AWS_ACCESS_KEY }}" >> "$HOME/.s3cfg" - echo "secret_key = ${{ secrets.AWS_SECRET_KEY }}" >> "$HOME/.s3cfg" - - - name: Push binaries to s3 - env: - VERSION: "${{ inputs.version }}" - dist_versionless: "${{inputs.prefix}}-${{inputs.dist-suffix}}.exe" - dist: "${{inputs.prefix}}-${{inputs.version}}-${{inputs.dist-suffix}}.exe" - update: "lantern_update_windows_${{inputs.update-suffix}}-${{inputs.version}}.bz2" - - run: | - ls -l - cat lantern.exe | bzip2 > ${{ env.update }} - mv lantern-installer${{inputs.installer-suffix}}.exe ${{ env.dist }} - - shasum -a 256 ${{ env.dist }} | cut -d " " -f 1 > ${{ env.dist }}.sha256 - shasum -a 256 ${{ env.update }} | cut -d " " -f 1 > ${{ env.update }}.sha256 - ls -l - - s3cmd put --acl-public ${{ env.dist }} ${{ env.update }} ${{ env.update }}.sha256 ${{ env.dist }}.sha256 "s3://lantern" diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 000000000..0588ec35a --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,371 @@ +name: Build Lantern + +on: + workflow_call: + inputs: + version: + type: string + required: true + prefix: + type: string + required: true + version_file: + type: string + required: true + build-suffix: # "64" or "" + type: string + required: false + dist-suffix: # "64-bit" or "32-bit" + type: string + required: true + windows-arch: + type: string + required: true + installer-suffix: # "-x64" or "" + type: string + required: false + xcode_version: + type: string + required: true + macos_version: + type: string + required: true + +jobs: + build: + permissions: + contents: "read" + id-token: "write" + env: + version: ${{ inputs.version }} + prefix: ${{ inputs.prefix }} + AC_USERNAME: ${{ secrets.AC_USERNAME }} + AC_PASSWORD: ${{ secrets.AC_PASSWORD }} + GOPRIVATE: github.com/getlantern + S3_BUCKET: lantern + INTERSTITIAL_AD_UNIT: "${{ secrets.INTERSTITIAL_AD_UNIT_ID }}" + SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}" + SENTRY_ORG: getlantern + SENTRY_PROJECT_IOS: lantern-ios + strategy: + matrix: + include: + - os: macos-latest + platform: macos + - os: windows-latest + platform: windows + - os: ubuntu-latest + platform: android + target: apk + - os: ubuntu-latest + platform: android + target: aab + - os: ubuntu-latest + platform: linux + # - os: macos-latest + # platform: ios + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v4 + with: + lfs: true + + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version-file: "go.mod" + + - name: Granting private modules access + run: git config --global url."https://${{ secrets.GH_TOKEN }}:x-oauth-basic@github.com/".insteadOf "https://github.com/" + + - name: Install latest protoc-gen-go + run: go install github.com/golang/protobuf/protoc-gen-go@latest + + - name: Install WebView2 Runtime + if: matrix.platform == 'windows' + shell: pwsh + run: | + Invoke-WebRequest -Uri "https://go.microsoft.com/fwlink/p/?LinkId=2124703" -OutFile "MicrosoftEdgeWebView2Setup.exe" + Start-Process -FilePath ".\MicrosoftEdgeWebView2Setup.exe" -ArgumentList "/silent", "/install" -Wait + + - name: Set up MinGW + if: matrix.platform == 'windows' + run: choco install mingw -y + + - name: Import Code Signing Certificates + if: matrix.platform == 'macos' + uses: apple-actions/import-codesign-certs@v1 + with: + p12-file-base64: ${{ secrets.MACOS_BNS_CERT }} + p12-password: ${{ secrets.MACOS_BNS_CERT_PASS }} + + - name: Install the Apple certificate and provisioning profile + if: matrix.platform == 'ios' + env: + BUILD_CERTIFICATE_BASE64: ${{ secrets.IOS_CERTIFICATE_P12_BASE64 }} + P12_PASSWORD: ${{ secrets.IOS_CERTIFICATE_P12_PASS }} + BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.IOS_PROVISION_PROFILE_BASE6 }} + BUILD_TUNNEL_PROVISION_PROFILE_BASE64: ${{ secrets.IOS_TUNNEL_PROVISION_PROFILE_BASE64 }} + KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} + EXPORT_OPTIONS: ${{ secrets.EXPORT_OPTION_PLIST }} + run: | + set -x + # create variables + CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 + PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision + TPP_PATH=$RUNNER_TEMP/build_tpp.mobileprovision + KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db + EXPORT_OPTIONS_PATH=$GITHUB_WORKSPACE/ExportOptions.plist + + # import certificate from secrets + echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH + + # create temporary keychain + security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + security set-keychain-settings -lut 21600 $KEYCHAIN_PATH + security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + + # import certificate to keychain + security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH + security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + security list-keychain -d user -s $KEYCHAIN_PATH + + PROVISIONING_PROFILES_DIR=~/Library/MobileDevice/Provisioning\ Profiles + mkdir -p "$PROVISIONING_PROFILES_DIR" + + # apply main provisioning profile + echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH + cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles + + # apply tunnel provisioning profile + echo -n "$BUILD_TUNNEL_PROVISION_PROFILE_BASE64" | base64 --decode -o $TPP_PATH + cp $TPP_PATH ~/Library/MobileDevice/Provisioning\ Profiles + + # Create ExportOptions.plist + echo "$EXPORT_OPTIONS" | base64 --decode > "$EXPORT_OPTIONS_PATH" + + - name: Setup Sentry CLI on Android + if: matrix.platform == 'android' + uses: mathieu-bour/setup-sentry-cli@v2 + with: + version: latest + token: ${{ SECRETS.SENTRY_TOKEN }} + organization: getlantern + project: android + + - name: Install Linux dependencies + if: matrix.platform == 'linux' + run: | + sudo apt-get update + sudo apt-get install -y file build-essential pkg-config + sudo apt-get install -y libwebkit2gtk-4.1-dev + sudo apt-get install -y libunwind-dev libstdc++-12-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-d cmake + sudo apt-get install -y libgtk-3-0 libblkid1 liblzma5 + sudo apt-get install -y libpcap-dev libgtk-3-dev libayatana-appindicator3-dev ruby ruby-dev && sudo gem install bundler -v 2.2.26 + + - name: Install the ninja build tool + if: matrix.platform == 'linux' + uses: seanmiddleditch/gha-setup-ninja@master + + - name: Install node on macOS + uses: actions/setup-node@v4 + if: matrix.platform == 'macos' + with: + node-version: 18 + + - name: Install macOS dependencies + if: matrix.platform == 'macos' + run: | + npm install -g appdmg + brew tap joshdk/tap + brew install joshdk/tap/retry + brew install imagemagick || true + + - name: Setup Xcode + if: matrix.platform == 'macos' + uses: maxim-lobanov/setup-xcode@v1 + with: + xcode-version: ${{ inputs.xcode_version }} + + - name: Install Flutter + uses: subosito/flutter-action@v2 + with: + channel: "stable" + + - run: flutter --version + + - name: Setup JDK + if: matrix.platform == 'android' + uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: 17 + cache: 'gradle' + + - name: Set gradle properties + if: matrix.platform == 'android' + env: + GRADLE_PROPERTIES: ${{ secrets.GRADLE_PROPERTIES }} + run: | + mkdir -p ~/.gradle/ + echo "GRADLE_USER_HOME=${HOME}/.gradle" >> $GITHUB_ENV + echo "${GRADLE_PROPERTIES}" > ~/.gradle/gradle.properties + + - name: Decode Keystore + id: write_file + if: matrix.platform == 'android' + uses: timheuer/base64-to-file@v1.2 + with: + fileName: 'keystore.release.jks' + fileDir: './android/app' + encodedString: ${{ secrets.KEYSTORE }} + + - name: Generate app.env + env: + ANDROID_INTERSTITIAL_AD_ID: ${{ secrets.INTERSTITIAL_AD_UNIT_ID }} + IOS_INTERSTITIAL_AD_ID: ${{ secrets.INTERSTITIAL_AD_UNIT_ID_IOS }} + TAPSELL_VIDEO_INTERSTITIAL_ZONE_ID: ${{ secrets.TAPSELL_VIDEO_INTERSTITIAL_ZONE_ID }} + TAPSELL_INTERSTITIAL_ZONE_ID: ${{ secrets.TAPSELL_INTERSTITIAL_ZONE_ID }} + run: | + touch app.env + echo "Android_interstitialAd=$ANDROID_INTERSTITIAL_AD_ID" > app.env + echo "IOS_interstitialAd=$IOS_INTERSTITIAL_AD_ID" >> app.env + echo "VideoInterstitialZoneId=$TAPSELL_VIDEO_INTERSTITIAL_ZONE_ID" >> app.env + echo "InterstitialZoneId=$TAPSELL_INTERSTITIAL_ZONE_ID" >> app.env + + - name: Setup protoc + uses: arduino/setup-protoc@v2 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + + - name: Build Lantern Library + shell: bash + run: make ${{matrix.platform}} + + - name: Activate plugins + run: | + dart pub global activate protoc_plugin + dart pub global activate flutter_distributor + + - name: Sign liblantern.dll with Azure Code Signing + if: matrix.platform == 'windows' + uses: getlantern/trusted-signing-action@main + with: + azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} + azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} + azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} + endpoint: https://wus2.codesigning.azure.net/ + code-signing-account-name: code-signing + certificate-profile-name: Lantern + files-folder: ${{ github.workspace }}\ + files-folder-filter: dll + file-digest: SHA256 + timestamp-rfc3161: http://timestamp.acs.microsoft.com + timestamp-digest: SHA256 + + - name: Move liblantern.dll to release directory + if: matrix.platform == 'windows' + shell: bash + run: | + mkdir -p "build/windows/${{inputs.windows-arch}}/runner/Release" + mv liblantern.dll "build/windows/${{inputs.windows-arch}}/runner/Release" + + - name: Extract app version from pubspec.yaml + id: extract_version + shell: bash + run: | + APP_VERSION=$(grep '^version:' pubspec.yaml | sed 's/version: //') + echo "APP_VERSION=$APP_VERSION" >> $GITHUB_ENV + + - name: Build Flutter app (Windows) + if: matrix.platform == 'windows' + run: | + New-Item -Path "./dist/${{ env.APP_VERSION }}" -ItemType Directory -Force + flutter_distributor package --platform windows --targets exe --skip-clean + env: + VERSION: "${{ env.version }}" + + - name: Build Flutter app (Android) + if: matrix.platform == 'android' + run: make ${{ matrix.platform }}-${{ matrix.target }}-release + env: + VERSION: "${{ env.version }}" + + - name: Build Flutter app + if: matrix.platform != 'windows' && matrix.platform != 'android' + run: make ${{ matrix.platform }}-release + env: + VERSION: "${{ env.version }}" + + - name: Rename installer + if: matrix.platform == 'windows' + shell: bash + run: | + mv "dist/${{ env.APP_VERSION }}/lantern-${{ env.APP_VERSION }}-windows-setup.exe" lantern-installer${{inputs.installer-suffix}}.exe + + - name: Sign EXE with Azure Code Signing + if: matrix.platform == 'windows' + uses: getlantern/trusted-signing-action@main + with: + azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} + azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} + azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} + endpoint: https://wus2.codesigning.azure.net/ + code-signing-account-name: code-signing + certificate-profile-name: Lantern + files-folder: ${{ github.workspace }}/ + files-folder-filter: exe,dll,msix + file-digest: SHA256 + timestamp-rfc3161: http://timestamp.acs.microsoft.com + timestamp-digest: SHA256 + + - name: Upload application + if: matrix.platform == 'ios' + uses: actions/upload-artifact@v4 + with: + name: Lantern.ipa + path: ${{ github.workspace }}/build/ios/ipa/Lantern.ipa + retention-days: 2 + + - uses: actions/upload-artifact@v4 + if: matrix.platform == 'android' && matrix.target == 'apk' + with: + name: android-apk-build + retention-days: 2 + path: lantern-installer.apk + + - uses: actions/upload-artifact@v4 + if: matrix.platform == 'android' && matrix.target == 'aab' + with: + name: android-aab-build + retention-days: 2 + path: lantern-installer.aab + + - name: Upload DMG artifact + uses: actions/upload-artifact@v4 + if: matrix.platform == 'macos' + with: + name: macos-build + path: lantern-installer.dmg + + - name: Upload EXE artifact + uses: actions/upload-artifact@v4 + if: matrix.platform == 'windows' + with: + name: windows${{inputs.build-suffix}}-installer-signed + path: | + lantern-installer${{inputs.installer-suffix}}.exe + + - uses: actions/upload-artifact@v4 + if: matrix.platform == 'linux' + with: + name: linux-deb-build + path: | + lantern-installer-x64.deb + + - uses: actions/upload-artifact@v4 + if: matrix.platform == 'linux' + with: + name: linux-rpm-build + path: | + lantern-installer-x64.rpm diff --git a/.github/workflows/prerelease-notification.yml b/.github/workflows/prerelease-notification.yml index 82a0271e0..7da51064c 100644 --- a/.github/workflows/prerelease-notification.yml +++ b/.github/workflows/prerelease-notification.yml @@ -4,7 +4,7 @@ on: workflow_dispatch: push: tags: - - 'lantern-[0-9]+.[0-9]+.[0-9]+-**' + - 'prerelease-[0-9]+.[0-9]+.[0-9]+-**' jobs: create-release: diff --git a/.github/workflows/release-changelog.yml b/.github/workflows/release-changelog.yml index 348a53fe8..315c5f771 100644 --- a/.github/workflows/release-changelog.yml +++ b/.github/workflows/release-changelog.yml @@ -5,7 +5,7 @@ on: push: tags: # a prerelease noted by a hyphen will not trigger - - 'lantern-[0-9]+.[0-9]+.[0-9]+' + - 'prerelease-[0-9]+.[0-9]+.[0-9]+' jobs: create-release: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e82b72e52..7ffee3b4a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -91,53 +91,8 @@ jobs: print(f'::set-output name=prefix::{li}') print(f'::set-output name=version_file::{vf}') - build-linux: - uses: ./.github/workflows/build-linux.yml - secrets: inherit - needs: set-version - with: - version: ${{ needs.set-version.outputs.version }} - prefix: ${{ needs.set-version.outputs.prefix }} - dist-suffix: x64 - - # build-windows-x32: - # uses: ./.github/workflows/build-windows.yml - # secrets: inherit - # needs: set-version - # with: - # version: ${{ needs.set-version.outputs.version }} - # prefix: ${{ needs.set-version.outputs.prefix }} - # dist-suffix: 32-bit - # installer-suffix: -x32 - # update-suffix: 386 - # arch: x32 - - build-windows-x64: - uses: ./.github/workflows/build-windows.yml - secrets: inherit - needs: set-version - with: - version: ${{ needs.set-version.outputs.version }} - prefix: ${{ needs.set-version.outputs.prefix }} - build-suffix: 64 - dist-suffix: 64-bit - update-suffix: x64 - installer-suffix: -x64 - arch: x64 - - build-darwin: - uses: ./.github/workflows/build-darwin.yml - secrets: inherit - needs: set-version - with: - macos_version: macos-14 - xcode_version: latest-stable - version: ${{ needs.set-version.outputs.version }} - version_file: ${{ needs.set-version.outputs.version_file }} - prefix: ${{ needs.set-version.outputs.prefix }} - - build-ios: - uses: ./.github/workflows/build-ios.yml + build: + uses: ./.github/workflows/build.yml secrets: inherit needs: set-version with: @@ -146,19 +101,14 @@ jobs: version: ${{ needs.set-version.outputs.version }} version_file: ${{ needs.set-version.outputs.version_file }} prefix: ${{ needs.set-version.outputs.prefix }} - - build-android: - uses: ./.github/workflows/build-android.yml - secrets: inherit - needs: set-version - with: - version: ${{ needs.set-version.outputs.version }} - version_file: ${{ needs.set-version.outputs.version_file }} - prefix: ${{ needs.set-version.outputs.prefix }} + build-suffix: 64 + dist-suffix: x64 + installer-suffix: -x64 + windows-arch: x64 push-binaries: runs-on: ubuntu-latest - needs: [ set-version, build-android, build-ios, build-darwin, build-linux, build-windows-x64 ] + needs: [ set-version, build ] env: version: ${{ needs.set-version.outputs.version }} prefix: ${{ needs.set-version.outputs.prefix }} @@ -166,7 +116,7 @@ jobs: - name: Download the mac build output uses: actions/download-artifact@v4 with: - name: osx-build + name: macos-build - name: Download the linux deb build output uses: actions/download-artifact@v4 with: @@ -191,19 +141,19 @@ jobs: with: name: android-aab-build - - name: Download the IPA - uses: actions/download-artifact@v4 - with: - name: Lantern.ipa + # - name: Download the IPA + # uses: actions/download-artifact@v4 + # with: + # name: Lantern.ipa - - name: Upload Lantern to TestFlight - uses: apple-actions/upload-testflight-build@v1 - if: (needs.set-version.outputs.prefix == 'lantern-installer-preview'|| needs.set-version.outputs.prefix == 'lantern-installer') && (needs.determine-platform.outputs.platform == 'ios' || needs.determine-platform.outputs.platform == 'all') - with: - app-path: Lantern.ipa - issuer-id: ${{ secrets.APPSTORE_ISSUER_ID }} - api-key-id: ${{ secrets.APPSTORE_API_KEY_ID }} - api-private-key: ${{ secrets.APPSTORE_API_PRIVATE_KEY }} + # - name: Upload Lantern to TestFlight + # uses: apple-actions/upload-testflight-build@v1 + # if: (needs.set-version.outputs.prefix == 'lantern-installer-preview'|| needs.set-version.outputs.prefix == 'lantern-installer') && (needs.determine-platform.outputs.platform == 'ios' || needs.determine-platform.outputs.platform == 'all') + # with: + # app-path: Lantern.ipa + # issuer-id: ${{ secrets.APPSTORE_ISSUER_ID }} + # api-key-id: ${{ secrets.APPSTORE_API_KEY_ID }} + # api-private-key: ${{ secrets.APPSTORE_API_PRIVATE_KEY }} - name: Upload Android App bundle to Play Store (beta) if: needs.set-version.outputs.prefix == 'lantern-installer-preview' && (needs.determine-platform.outputs.platform == 'android' || needs.determine-platform.outputs.platform == 'all') @@ -233,8 +183,8 @@ jobs: run: | diff lantern-installer.apk ${{ env.prefix }}.apk || mv -f lantern-installer.apk ${{ env.prefix }}.apk diff lantern-installer.aab ${{ env.prefix }}.aab || mv -f lantern-installer.aab ${{ env.prefix }}.aab - mv "lantern_${{env.version}}_x64.deb" ${{ env.prefix }}-64-bit.deb - mv "lantern_${{env.version}}_x64.rpm" ${{ env.prefix }}.rpm + mv -f lantern-installer-x64.deb ${{ env.prefix }}-64-bit.deb + mv -f lantern-installer-x64.rpm ${{ env.prefix }}.rpm mv -f lantern-installer.dmg ${{ env.prefix }}.dmg diff lantern-installer-x64.exe ${{ env.prefix }}-64-bit.exe || mv -f lantern-installer-x64.exe ${{ env.prefix }}-64-bit.exe mv -f Lantern.ipa ${{ env.prefix }}.ipa diff --git a/Makefile b/Makefile index 205986b80..786abcd44 100644 --- a/Makefile +++ b/Makefile @@ -144,8 +144,9 @@ LINUX_LIB_NAME ?= $(DESKTOP_LIB_NAME).so APP_YAML := lantern.yaml APP_YAML_PATH := installer-resources-lantern/$(APP_YAML) PACKAGED_YAML := .packaged-$(APP_YAML) +DARWIN_OUT := build/macos/Build/Products/Release/Lantern.app -ANDROID_ARCH ?= arm32 +ANDROID_ARCH ?= all ifeq ($(ANDROID_ARCH), x86) ANDROID_ARCH_JAVA := x86 @@ -342,8 +343,8 @@ $(ANDROID_LIB): $(GO_SOURCES) $(MOBILE_ANDROID_LIB): $(ANDROID_LIB) mkdir -p $(MOBILE_LIBS) && cp $(ANDROID_LIB) $(MOBILE_ANDROID_LIB) -.PHONY: android-lib appium-test-build -android-lib: $(MOBILE_ANDROID_LIB) +.PHONY: android appium-test-build +android: $(MOBILE_ANDROID_LIB) appium-test-build: flutter build apk --flavor=appiumTest --dart-define=app.flavor=appiumTest --debug @@ -419,8 +420,6 @@ $(MOBILE_BUNDLE): $(MOBILE_SOURCES) $(GO_SOURCES) $(MOBILE_ANDROID_LIB) require- android-debug: $(MOBILE_DEBUG_APK) -android-release: pubget $(MOBILE_RELEASE_APK) - set-version: @echo "Setting the CFBundleShortVersionString to $(VERSION)" @cd ios && agvtool new-marketing-version $(VERSION) @@ -429,8 +428,9 @@ set-version: NEXT_BUILD=$$(($$CURRENT_BUILD + 1)); \ /usr/libexec/PlistBuddy -c "Set :CFBundleVersion $$NEXT_BUILD" $(INFO_PLIST) +ios: macos build-framework ffigen -ios-release:set-version guard-SENTRY_AUTH_TOKEN guard-SENTRY_ORG guard-SENTRY_PROJECT_IOS build-framework +ios-release: set-version guard-SENTRY_AUTH_TOKEN guard-SENTRY_ORG guard-SENTRY_PROJECT_IOS pubget @echo "Flutter Clean" flutter clean @echo "Flutter pub get" @@ -483,7 +483,7 @@ ffigen: dart run ffigen --config ffigen.yaml ## APP_VERSION is the version defined in pubspec.yaml -APP_VERSION := $(shell grep '^version:' pubspec.yaml | sed 's/version: //') +APP_VERSION := $(shell grep '^version:' pubspec.yaml | sed 's/version: //;s/ //g') .PHONY: linux-amd64 linux-amd64: export GOOS = linux @@ -503,12 +503,18 @@ linux-arm64: export GO_BUILD_FLAGS += -a -buildmode=c-shared linux-arm64: export Environment = production linux-arm64: desktop-lib ## Build lantern for linux-arm64 -.PHONY: package-linux -package-linux: - flutter_distributor package --skip-clean --platform linux --targets "deb,rpm" --flutter-build-args=verbose +linux: linux-amd64 -.PHONY: windows -windows: $(WINDOWS_LIB_NAME) ## Build lantern for windows +.PHONY: linux-release +linux-release: pubget + flutter build linux --release + cp liblantern.so build/linux/x64/release/bundle + flutter_distributor package --platform linux --targets "deb,rpm" --skip-clean + mv dist/$(APP_VERSION)/lantern-$(APP_VERSION)-linux.rpm lantern-installer-x64.rpm + mv dist/$(APP_VERSION)/lantern-$(APP_VERSION)-linux.deb lantern-installer-x64.deb + +.PHONY: windows-386 +windows-386: $(WINDOWS_LIB_NAME) $(WINDOWS_LIB_NAME): export CXX = i686-w64-mingw32-g++ $(WINDOWS_LIB_NAME): export CC = i686-w64-mingw32-gcc $(WINDOWS_LIB_NAME): export CGO_LDFLAGS = -static @@ -522,8 +528,8 @@ $(WINDOWS_LIB_NAME): export BUILD_RACE = $(WINDOWS_LIB_NAME): export Environment = production $(WINDOWS_LIB_NAME): desktop-lib -.PHONY: windows64 -windows64: $(WINDOWS64_LIB_NAME) ## Build lantern for windows +.PHONY: windows +windows: $(WINDOWS64_LIB_NAME) $(WINDOWS64_LIB_NAME): export CXX = x86_64-w64-mingw32-g++ $(WINDOWS64_LIB_NAME): export CC = x86_64-w64-mingw32-gcc $(WINDOWS64_LIB_NAME): export CGO_LDFLAGS = -static @@ -536,34 +542,31 @@ $(WINDOWS64_LIB_NAME): export GO_BUILD_FLAGS += -a -buildmode=c-shared $(WINDOWS64_LIB_NAME): export BUILD_RACE = $(WINDOWS64_LIB_NAME): desktop-lib -## APP_VERSION is the version defined in pubspec.yaml -APP_VERSION := $(shell grep '^version:' pubspec.yaml | sed 's/version: //') - .PHONY: windows-release windows-release: ffigen flutter_distributor package --flutter-build-args=verbose --platform windows --targets "msix,exe" mv dist/$(APP_VERSION)/lantern-$(APP_VERSION).exe lantern-installer-x64.exe ## Darwin -.PHONY: darwin-amd64 -darwin-amd64: $(DARWIN_LIB_AMD64) +.PHONY: macos-amd64 +macos-amd64: $(DARWIN_LIB_AMD64) $(DARWIN_LIB_AMD64): export LIB_NAME = $(DARWIN_LIB_AMD64) $(DARWIN_LIB_AMD64): export GOOS = darwin $(DARWIN_LIB_AMD64): export GOARCH = amd64 $(DARWIN_LIB_AMD64): export GO_BUILD_FLAGS += -buildmode=c-shared $(DARWIN_LIB_AMD64): desktop-lib -.PHONY: darwin-arm64 -darwin-arm64: $(DARWIN_LIB_ARM64) +.PHONY: macos-arm64 +macos-arm64: $(DARWIN_LIB_ARM64) $(DARWIN_LIB_ARM64): export LIB_NAME = $(DARWIN_LIB_ARM64) $(DARWIN_LIB_ARM64): export GOOS = darwin $(DARWIN_LIB_ARM64): export GOARCH = arm64 $(DARWIN_LIB_ARM64): export GO_BUILD_FLAGS += -buildmode=c-shared $(DARWIN_LIB_ARM64): desktop-lib -.PHONY: darwin -darwin: darwin-arm64 - make darwin-amd64 +.PHONY: macos +macos: macos-arm64 + make macos-amd64 lipo \ -create \ ${DESKTOP_LIB_NAME}_arm64.dylib \ @@ -575,18 +578,16 @@ $(INSTALLER_NAME).dmg: require-version require-appdmg require-retry require-magi @echo "Generating distribution package for darwin/amd64..." && \ if [[ "$$(uname -s)" == "Darwin" ]]; then \ INSTALLER_RESOURCES="$(INSTALLER_RESOURCES)/darwin" && \ - DARWIN_APP_NAME="build/macos/Build/Products/Release/Lantern.app" && \ - ls $$DARWIN_APP_NAME && \ - cp $(DARWIN_LIB_NAME) $$DARWIN_APP_NAME/Contents/Frameworks && \ - $(call osxcodesign,$$DARWIN_APP_NAME/Contents/Frameworks/liblantern.dylib) && \ - $(call osxcodesign,$$DARWIN_APP_NAME/Contents/MacOS/Lantern) && \ - $(call osxcodesign,$$DARWIN_APP_NAME) && \ - cat $(DARWIN_APP_NAME)/Contents/MacOS/$(APP) | bzip2 > $(APP)_update_darwin.bz2 && \ + cp $(DARWIN_LIB_NAME) $(DARWIN_OUT)/Contents/Frameworks && \ + $(call osxcodesign,$(DARWIN_OUT)/Contents/Frameworks/liblantern.dylib) && \ + $(call osxcodesign,$(DARWIN_OUT)/Contents/MacOS/Lantern) && \ + $(call osxcodesign,$(DARWIN_OUT)) && \ + cat $(DARWIN_OUT)/Contents/MacOS/Lantern | bzip2 > $(APP)_update_darwin.bz2 && \ ls -l $(APP)_update_darwin.bz2 && \ - rm -rf $(INSTALLER_NAME).dmg && \ sed "s/__VERSION__/$$VERSION/g" $$INSTALLER_RESOURCES/dmgbackground.svg > $$INSTALLER_RESOURCES/dmgbackground_versioned.svg && \ $(MAGICK) -size 600x400 $$INSTALLER_RESOURCES/dmgbackground_versioned.svg $$INSTALLER_RESOURCES/dmgbackground.png && \ sed "s/__VERSION__/$$VERSION/g" $$INSTALLER_RESOURCES/$(APP).dmg.json > $$INSTALLER_RESOURCES/$(APP)_versioned.dmg.json && \ + rm -rf $(INSTALLER_NAME).dmg && \ retry -attempts 5 $(APPDMG) --quiet $$INSTALLER_RESOURCES/$(APP)_versioned.dmg.json $(INSTALLER_NAME).dmg && \ mv $(INSTALLER_NAME).dmg $(CAPITALIZED_APP).dmg.zlib && \ hdiutil convert -quiet -format UDBZ -o $(INSTALLER_NAME).dmg $(CAPITALIZED_APP).dmg.zlib && \ @@ -624,8 +625,10 @@ require-bundler: echo "Missing 'bundle' command. See https://rubygems.org/gems/bundler/versions/1.16.1 or just gem install bundler -v '1.16.1'" && exit 1; \ fi -.PHONY: package-darwin -package-darwin: darwin-installer notarize-darwin +.PHONY: macos-release +macos-release: require-appdmg pubget + flutter build macos --release + make darwin-installer notarize-darwin android-bundle: $(MOBILE_BUNDLE) @@ -635,10 +638,9 @@ android-debug-install: $(MOBILE_DEBUG_APK) android-release-install: $(MOBILE_RELEASE_APK) $(ADB) install -r $(MOBILE_RELEASE_APK) -package-android: pubget require-version - @ANDROID_ARCH=all make android-release && \ - ANDROID_ARCH=all make android-bundle && \ - echo "-> $(MOBILE_RELEASE_APK)" +android-apk-release: pubget require-version $(MOBILE_RELEASE_APK) + +android-aab-release: pubget require-version $(MOBILE_BUNDLE) upload-aab-to-play: require-release-track require-pip @echo "Uploading APK to Play store on $$APK_RELEASE_TRACK release track.." && \ diff --git a/macos/Podfile.lock b/macos/Podfile.lock index fccd90a3e..d18691a57 100644 --- a/macos/Podfile.lock +++ b/macos/Podfile.lock @@ -29,7 +29,7 @@ PODS: - path_provider_foundation (0.0.1): - Flutter - FlutterMacOS - - screen_retriever (0.0.1): + - screen_retriever_macos (0.0.1): - FlutterMacOS - Sentry/HybridSDK (8.36.0) - sentry_flutter (8.9.0): @@ -68,7 +68,7 @@ DEPENDENCIES: - in_app_purchase_storekit (from `Flutter/ephemeral/.symlinks/plugins/in_app_purchase_storekit/darwin`) - package_info_plus (from `Flutter/ephemeral/.symlinks/plugins/package_info_plus/macos`) - path_provider_foundation (from `Flutter/ephemeral/.symlinks/plugins/path_provider_foundation/darwin`) - - screen_retriever (from `Flutter/ephemeral/.symlinks/plugins/screen_retriever/macos`) + - screen_retriever_macos (from `Flutter/ephemeral/.symlinks/plugins/screen_retriever_macos/macos`) - sentry_flutter (from `Flutter/ephemeral/.symlinks/plugins/sentry_flutter/macos`) - share_plus (from `Flutter/ephemeral/.symlinks/plugins/share_plus/macos`) - shared_preferences_foundation (from `Flutter/ephemeral/.symlinks/plugins/shared_preferences_foundation/darwin`) @@ -110,8 +110,8 @@ EXTERNAL SOURCES: :path: Flutter/ephemeral/.symlinks/plugins/package_info_plus/macos path_provider_foundation: :path: Flutter/ephemeral/.symlinks/plugins/path_provider_foundation/darwin - screen_retriever: - :path: Flutter/ephemeral/.symlinks/plugins/screen_retriever/macos + screen_retriever_macos: + :path: Flutter/ephemeral/.symlinks/plugins/screen_retriever_macos/macos sentry_flutter: :path: Flutter/ephemeral/.symlinks/plugins/sentry_flutter/macos share_plus: @@ -144,7 +144,7 @@ SPEC CHECKSUMS: OrderedSet: e539b66b644ff081c73a262d24ad552a69be3a94 package_info_plus: fa739dd842b393193c5ca93c26798dff6e3d0e0c path_provider_foundation: 2b6b4c569c0fb62ec74538f866245ac84301af46 - screen_retriever: 59634572a57080243dd1bf715e55b6c54f241a38 + screen_retriever_macos: 776e0fa5d42c6163d2bf772d22478df4b302b161 Sentry: f8374b5415bc38dfb5645941b3ae31230fbeae57 sentry_flutter: 0eb93e5279eb41e2392212afe1ccd2fecb4f8cbe share_plus: 36537c04ce0c3e3f5bd297ce4318b6d5ee5fd6cf diff --git a/macos/packaging/dmg/make_config.yaml b/macos/packaging/dmg/make_config.yaml new file mode 100644 index 000000000..6d3bd9b92 --- /dev/null +++ b/macos/packaging/dmg/make_config.yaml @@ -0,0 +1,10 @@ +title: Lantern +contents: + - x: 448 + y: 344 + type: link + path: "/Applications" + - x: 192 + y: 344 + type: file + path: Lantern.app diff --git a/pubspec.yaml b/pubspec.yaml index 31c4363a9..cb169590c 100644 --- a/pubspec.yaml +++ b/pubspec.yaml @@ -15,7 +15,7 @@ publish_to: "none" # Remove this line if you wish to publish to pub.dev # In iOS, build-name is used as CFBundleShortVersionString while build-number used as CFBundleVersion. # Read more about iOS versioning at # https://developer.apple.com/library/archive/documentation/General/Reference/InfoPlistKeyReference/Articles/CoreFoundationKeys.html -version: 1.0.0+1 +version: 8.0.0+1 environment: sdk: '>=3.2.3 <4.0.0'