build: add changelogs for Linux packaging #3273
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
types: [ opened, synchronize, reopened ] | |
workflow_dispatch: | |
workflow_call: | |
inputs: | |
ref: | |
description: "The commit SHA to build" | |
required: false | |
type: string | |
jobs: | |
preflight: | |
name: preflight | |
runs-on: ubuntu-20.04 | |
outputs: | |
ref: ${{ steps.get-commit.outputs.ref }} | |
version: ${{ steps.get-version.outputs.version }} | |
rust-profile: ${{ steps.rust-profile.outputs.rust-profile }} | |
jetsocat-build-matrix: ${{ steps.setup-matrix.outputs.jetsocat-build-matrix }} | |
gateway-build-matrix: ${{ steps.setup-matrix.outputs.gateway-build-matrix }} | |
agent-build-matrix: ${{ steps.setup-matrix.outputs.agent-build-matrix }} | |
steps: | |
- name: Setup matrix | |
id: setup-matrix | |
shell: pwsh | |
run: | | |
$Jobs = @() | |
$Archs = @( 'x86_64', 'arm64' ) | |
$Platforms = @( 'linux', 'windows' ) | |
$Platforms | ForEach-Object { | |
$Runner = switch ($_) { 'windows' { 'windows-2022' } 'linux' { 'ubuntu-20.04' } } | |
foreach ($Arch in $Archs) { | |
if ($Arch -Eq 'arm64' -And $_ -Eq 'windows') { | |
continue | |
} | |
$Jobs += @{ | |
arch = $Arch | |
os = $_ | |
runner = $Runner } | |
} | |
} | |
$GatewayMatrix = ConvertTo-JSON $Jobs -Compress | |
echo "gateway-build-matrix=$GatewayMatrix" >> $Env:GITHUB_OUTPUT | |
$Jobs = @() | |
$Platforms | ForEach-Object { | |
$Runner = switch ($_) { 'windows' { 'windows-2022' } 'linux' { 'ubuntu-20.04' } } | |
foreach ($Arch in $Archs) { | |
$Jobs += @{ | |
arch = $Arch | |
os = $_ | |
runner = $Runner } | |
} | |
} | |
$AgentMatrix = ConvertTo-JSON $Jobs -Compress | |
echo "agent-build-matrix=$AgentMatrix" >> $Env:GITHUB_OUTPUT | |
$Jobs = @() | |
$Platforms += 'macos' | |
$Platforms | ForEach-Object { | |
$Runner = switch ($_) { 'windows' { 'windows-2022' } 'macos' { 'macos-14' } 'linux' { 'ubuntu-20.04' } } | |
foreach ($Arch in $Archs) { | |
$Jobs += @{ | |
arch = $Arch | |
os = $_ | |
runner = $Runner } | |
} | |
} | |
$JetsocatMatrix = ConvertTo-JSON $Jobs -Compress | |
echo "jetsocat-build-matrix=$JetsocatMatrix" >> $Env:GITHUB_OUTPUT | |
## The SHA to build might be passed via workflow_call, otherwise the current commit is used | |
- name: Get commit | |
id: get-commit | |
shell: pwsh | |
run: | | |
$Ref = '${{ inputs.ref }}' | |
if (-Not $Ref) { | |
$Ref = '${{ github.sha }}' | |
} | |
echo "ref=$Ref" >> $Env:GITHUB_OUTPUT | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ steps.get-commit.outputs.ref }} | |
- name: Get version | |
id: get-version | |
shell: pwsh | |
run: | | |
$Version = Get-Content VERSION -TotalCount 1 | |
echo "version=$Version" >> $Env:GITHUB_OUTPUT | |
- name: Check formatting | |
run: | | |
cargo fmt --all -- --check | |
if ! [ $? -eq 0 ] ; then | |
echo "::error::Bad formatting, please run 'cargo +stable fmt --all'" | |
exit 1 | |
fi | |
- name: Configure rust profile | |
id: rust-profile | |
shell: pwsh | |
run: | | |
$CargoProfile = "release" | |
if ("${{ github.ref }}" -Eq "refs/heads/master") { | |
echo "::notice::Building production profile" | |
$CargoProfile = "production" | |
} | |
echo "rust-profile=$CargoProfile" >> $Env:GITHUB_OUTPUT | |
- name: Upload version artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: version | |
path: VERSION | |
tests: | |
name: tests [${{ matrix.os }} ${{ matrix.arch }}] | |
runs-on: ${{ matrix.runner }} | |
needs: preflight | |
strategy: | |
matrix: | |
arch: [ x86_64 ] | |
os: [ windows, linux ] | |
include: | |
- os: windows | |
runner: windows-2022 | |
- os: linux | |
runner: ubuntu-20.04 | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Configure Linux runner | |
if: matrix.os == 'linux' | |
run: | | |
sudo apt-get update | |
sudo apt-get -o Acquire::Retries=3 install libsystemd-dev | |
- name: Tests | |
shell: pwsh | |
env: | |
AWS_LC_SYS_NO_ASM: true | |
run: ./ci/tlk.ps1 test -Platform ${{ matrix.os }} -Architecture ${{ matrix.arch }} -CargoProfile 'dev' | |
check-dependencies: | |
name: Check no ${{ matrix.banned }} in ${{ matrix.package }} [${{ matrix.target }}] | |
runs-on: ubuntu-latest | |
needs: preflight | |
strategy: | |
fail-fast: false | |
matrix: | |
banned: [ aws-lc-rs ] | |
target: [ x86_64-unknown-linux-gnu, x86_64-pc-windows-msvc ] | |
package: [ devolutions-gateway, jetsocat ] | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Check | |
shell: pwsh | |
run: ./ci/check-crate-is-not-in-the-tree.ps1 -Package '${{ matrix.package }}' -UnwantedDependency '${{ matrix.banned }}' -Target '${{ matrix.target }}' | |
jetsocat: | |
name: jetsocat [${{ matrix.os }} ${{ matrix.arch }}] | |
runs-on: ${{ matrix.runner }} | |
needs: preflight | |
strategy: | |
matrix: | |
include: ${{ fromJson(needs.preflight.outputs.jetsocat-build-matrix) }} | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Configure Linux runner | |
if: matrix.os == 'linux' | |
run: | | |
sudo apt-get update | |
sudo apt-get -o Acquire::Retries=3 install python3-wget python3-setuptools | |
# We need a newer version of GCC because aws-lc-rs rejects versions affected | |
# by this bug: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95189 | |
# These lines can be safely removed once we switch to ubuntu-22.04 runner. | |
sudo apt install gcc-10 | |
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 60 | |
- name: Configure Linux (arm) runner | |
if: matrix.os == 'linux' && matrix.arch == 'arm64' | |
run: | | |
sudo dpkg --add-architecture arm64 | |
sudo apt-get -o Acquire::Retries=3 install -qy binutils-aarch64-linux-gnu gcc-aarch64-linux-gnu g++-aarch64-linux-gnu qemu-user | |
rustup target add aarch64-unknown-linux-gnu | |
echo "STRIP_EXECUTABLE=aarch64-linux-gnu-strip" >> $GITHUB_ENV | |
- name: Configure Windows runner | |
if: runner.os == 'Windows' | |
shell: pwsh | |
run: | | |
# NASM is required by aws-lc-rs (used as rustls crypto backend) | |
choco install nasm | |
# We need to add the NASM binary folder to the PATH manually. | |
Write-Output "$Env:ProgramFiles\NASM" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append | |
# libclang / LLVM is a requirement for AWS LC. | |
# https://aws.github.io/aws-lc-rs/requirements/windows.html#libclang--llvm | |
$VSINSTALLDIR = $(vswhere.exe -latest -requires Microsoft.VisualStudio.Component.VC.Llvm.Clang -property installationPath) | |
Write-Output "LIBCLANG_PATH=$VSINSTALLDIR\VC\Tools\Llvm\x64\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append | |
# Install Visual Studio Developer PowerShell Module for cmdlets such as Enter-VsDevShell | |
Install-Module VsDevShell -Force | |
- name: Configure Windows (arm) runner | |
if: runner.os == 'Windows' && matrix.arch == 'arm64' | |
shell: pwsh | |
run: | | |
rustup target add aarch64-pc-windows-msvc | |
- name: Configure macOS (intel) runner | |
if: matrix.os == 'macos' && matrix.arch == 'x86_64' | |
run: | | |
sudo rm -rf /Library/Developer/CommandLineTools | |
rustup target add x86_64-apple-darwin | |
- name: Build | |
id: build | |
shell: pwsh | |
run: | | |
$StagingPath = Join-Path $Env:RUNNER_TEMP "staging" | |
$TargetOutputPath = Join-Path $StagingPath ${{ matrix.os }} ${{ matrix.arch }} | |
$ExecutableFileName = 'jetsocat_${{ runner.os }}_${{ needs.preflight.outputs.version }}_${{ matrix.arch }}' | |
if ($Env:RUNNER_OS -eq "Windows") { | |
$ExecutableFileName = "$($ExecutableFileName).exe" | |
$Env:CARGO_NO_DEFAULT_FEATURES = "true" | |
$Env:CARGO_FEATURES = "native-tls" | |
} | |
$Env:TARGET_OUTPUT_PATH = $TargetOutputPath | |
$Env:JETSOCAT_EXECUTABLE = Join-Path $TargetOutputPath $ExecutableFileName | |
$Env:CARGO_PACKAGE = "jetsocat" | |
./ci/tlk.ps1 build -Product jetsocat -Platform ${{ matrix.os }} -Architecture ${{ matrix.arch }} -CargoProfile ${{ needs.preflight.outputs.rust-profile }} | |
echo "staging-path=$StagingPath" >> $Env:GITHUB_OUTPUT | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: jetsocat-${{ matrix.os }}-${{ matrix.arch }} | |
path: ${{ steps.build.outputs.staging-path }} | |
jetsocat-merge: | |
name: jetsocat merge artifacts | |
runs-on: ubuntu-latest | |
needs: [preflight, jetsocat] | |
steps: | |
- name: Merge Artifacts | |
uses: actions/upload-artifact/merge@v4 | |
with: | |
name: jetsocat | |
pattern: jetsocat-* | |
delete-merged: true | |
jetsocat-lipo: | |
name: jetsocat macos universal | |
runs-on: ubuntu-20.04 | |
needs: [preflight, jetsocat, jetsocat-merge] | |
steps: | |
- uses: actions/download-artifact@v4 | |
with: | |
name: jetsocat | |
- name: Configure runner | |
run: | | |
wget -q https://github.com/awakecoding/llvm-prebuilt/releases/download/v2021.2.4/cctools-x86_64-ubuntu-20.04.tar.xz | |
tar -xf cctools-x86_64-ubuntu-20.04.tar.xz -C /tmp | |
sudo mv /tmp/cctools-x86_64-ubuntu-20.04/bin/lipo /usr/local/bin | |
rm -r cctools-x86_64-ubuntu-20.04.tar.xz | |
- name: Lipo | |
shell: pwsh | |
run: | | |
$OutputPath = Join-Path "macos" "universal" | |
New-Item -ItemType Directory -Path $OutputPath | Out-Null | |
$Binaries = Get-ChildItem -Recurse -Path "macos" -Filter "jetsocat_*" | Foreach-Object { $_.FullName } | Select -Unique | |
$LipoCmd = $(@('lipo', '-create', '-output', (Join-Path -Path $OutputPath -ChildPath "jetsocat_macOS_${{ needs.preflight.outputs.version }}_universal")) + $Binaries) -Join ' ' | |
Write-Host $LipoCmd | |
Invoke-Expression $LipoCmd | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: jetsocat | |
path: . | |
overwrite: true | |
devolutions-gateway-web-ui: | |
name: devolutions-gateway-web-ui | |
runs-on: ubuntu-latest | |
needs: preflight | |
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Check out Devolutions/actions | |
uses: actions/checkout@v4 | |
with: | |
repository: Devolutions/actions | |
ref: v1 | |
token: ${{ secrets.DEVOLUTIONSBOT_TOKEN }} | |
path: ./.github/workflows | |
- name: Get npm cache directory | |
id: npm-cache | |
run: | | |
"dir=$(npm config get cache)" >> $Env:GITHUB_OUTPUT | |
shell: pwsh | |
working-directory: webapp | |
- uses: actions/cache@v4 | |
with: | |
key: ${{ runner.os }}-node-${{ hashFiles('webapp/package-lock.json') }} | |
path: ${{ steps.npm-cache.outputs.dir }} | |
restore-keys: | | |
${{ runner.os }}-node- | |
- name: Setup .npmrc config file | |
uses: ./.github/workflows/npmrc-setup | |
with: | |
npm_token: ${{ secrets.ARTIFACTORY_NPM_TOKEN }} | |
- name: Install NPM dependencies | |
working-directory: webapp | |
run: npm ci | |
- name: Configure runner | |
shell: pwsh | |
run: npm install -g @angular/cli | |
- name: Build | |
shell: pwsh | |
working-directory: webapp | |
run: npm run build | |
- name: Check webapp | |
shell: pwsh | |
working-directory: webapp | |
run: npm run check | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: webapp-client | |
path: webapp/client/ | |
devolutions-gateway-player: | |
name: Recording Player | |
runs-on: ubuntu-latest | |
needs: preflight | |
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Checkout Devolutions/actions | |
uses: actions/checkout@v4 | |
with: | |
repository: Devolutions/actions | |
ref: v1 | |
token: ${{ secrets.DEVOLUTIONSBOT_TOKEN }} | |
path: ./.github/workflows | |
- name: Setup .npmrc config file | |
uses: ./.github/workflows/npmrc-setup | |
with: | |
npm_token: ${{ secrets.ARTIFACTORY_NPM_TOKEN }} | |
- name: Install Biome | |
run: npm install -g @biomejs/biome | |
- name: Check | |
working-directory: webapp/player-project | |
run: biome check ./src | |
- name: Install NPM dependencies | |
working-directory: webapp/player-project | |
run: npm install | |
- name: Build | |
working-directory: webapp/player-project | |
run: npm run build | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: webapp-player | |
path: webapp/player | |
devolutions-gateway-powershell: | |
name: devolutions-gateway-powershell | |
runs-on: ubuntu-latest | |
needs: preflight | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Install Pester | |
id: prepare | |
shell: pwsh | |
run: Install-Module Pester -RequiredVersion 5.6.0 | |
- name: Build module | |
shell: pwsh | |
run: | | |
./powershell/build.ps1 | |
$PSModuleName = "DevolutionsGateway" | |
$PSModuleVersion = "${{ needs.preflight.outputs.version }}" | |
$PSModuleOutputPath = Join-Path "powershell" "package" $PSModuleName | |
$PSStagingPath = Join-Path "powershell-staging" "PowerShell" | |
New-Item -Path $PSStagingPath -ItemType Directory | Out-Null | |
$PSModuleZipFilePath = Join-Path $PSStagingPath "$PSModuleName-ps-$PSModuleVersion.zip" | |
Compress-Archive -Path $PSModuleOutputPath -Destination $PSModuleZipFilePath | |
- name: Pester tests | |
shell: pwsh | |
run: | | |
./powershell/run-tests.ps1 | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: devolutions-gateway-powershell | |
path: powershell-staging | |
devolutions-gateway: | |
name: devolutions-gateway [${{ matrix.os }} ${{ matrix.arch }}] | |
runs-on: ${{ matrix.runner }} | |
needs: [preflight, devolutions-gateway-powershell, devolutions-gateway-web-ui] | |
if: always() # The webapp can’t be build without secrets that we don’t provide for PRs coming from forks. | |
strategy: | |
matrix: | |
include: ${{ fromJson(needs.preflight.outputs.gateway-build-matrix) }} | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Download webapp-client | |
uses: actions/download-artifact@v4 | |
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
with: | |
name: webapp-client | |
path: webapp/client | |
- name: Download devolutions-gateway-player | |
uses: actions/download-artifact@v4 | |
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
with: | |
name: webapp-player | |
path: webapp/player | |
- name: Download devolutions-gateway-powershell | |
uses: actions/download-artifact@v4 | |
with: | |
name: devolutions-gateway-powershell | |
path: powershell-staging | |
- name: Download Cadeau | |
shell: pwsh | |
run: | | |
$Platform = @{'windows'='win'; 'linux'='linux'}['${{ matrix.os }}'] | |
$Arch = @{'x86_64'='x64';'arm64'='arm64'}['${{ matrix.arch }}'] | |
./ci/download-cadeau.ps1 -Platform $Platform -Architecture $Arch | |
- name: Load dynamic variables | |
id: load-variables | |
shell: pwsh | |
run: | | |
$PackageVersion = "${{ needs.preflight.outputs.version }}" | |
$StagingPath = Join-Path $Env:RUNNER_TEMP "staging" | |
$TargetOutputPath = Join-Path $StagingPath ${{ matrix.os }} ${{ matrix.arch }} | |
$ExecutableFileName = "DevolutionsGateway_${{ runner.os }}_${PackageVersion}_${{ matrix.arch }}" | |
if ($Env:RUNNER_OS -eq "Windows") { | |
$ExecutableFileName = "$($ExecutableFileName).exe" | |
$PackageFileName = "DevolutionsGateway-${{ matrix.arch }}-${PackageVersion}.msi" | |
$DGatewayPackage = Join-Path $TargetOutputPath $PackageFileName | |
echo "dgateway-package=$DGatewayPackage" >> $Env:GITHUB_OUTPUT | |
} | |
$DGatewayExecutable = Join-Path $TargetOutputPath $ExecutableFileName | |
echo "staging-path=$StagingPath" >> $Env:GITHUB_OUTPUT | |
echo "target-output-path=$TargetOutputPath" >> $Env:GITHUB_OUTPUT | |
echo "dgateway-executable=$DGatewayExecutable" >> $Env:GITHUB_OUTPUT | |
- name: Configure Linux runner | |
if: matrix.os == 'linux' | |
run: | | |
sudo apt-get update | |
sudo apt-get -o Acquire::Retries=3 install python3-wget python3-setuptools libsystemd-dev dh-make | |
# We need a newer version of GCC because aws-lc-rs rejects versions affected | |
# by this bug: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95189 | |
# These lines can be safely removed once we switch to ubuntu-22.04 runner. | |
sudo apt install gcc-10 | |
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 60 | |
- name: Configure Linux (arm) runner | |
if: matrix.os == 'linux' && matrix.arch == 'arm64' | |
run: | | |
sudo dpkg --add-architecture arm64 | |
sudo apt-get -o Acquire::Retries=3 install -qy binutils-aarch64-linux-gnu gcc-aarch64-linux-gnu g++-aarch64-linux-gnu qemu-user | |
rustup target add aarch64-unknown-linux-gnu | |
echo "STRIP_EXECUTABLE=aarch64-linux-gnu-strip" >> $GITHUB_ENV | |
- name: Install fpm | |
if: matrix.os == 'Linux' | |
run: sudo gem install --no-document fpm | |
- name: Configure Windows runner | |
if: matrix.os == 'windows' | |
run: | | |
# https://github.com/actions/runner-images/issues/9667 | |
choco uninstall wixtoolset | |
choco install wixtoolset --version 3.14.0 --allow-downgrade --no-progress --force | |
# WiX is installed on Windows runners but not in the PATH | |
Write-Output "C:\Program Files (x86)\WiX Toolset v3.14\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append | |
# NASM is required by aws-lc-rs (used as rustls crypto backend) | |
choco install nasm | |
# We need to add the NASM binary folder to the PATH manually. | |
Write-Output "$Env:ProgramFiles\NASM" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append | |
- name: Build | |
shell: pwsh | |
env: | |
TARGET_OUTPUT_PATH: ${{ steps.load-variables.outputs.target-output-path }} | |
DGATEWAY_EXECUTABLE: ${{ steps.load-variables.outputs.dgateway-executable }} | |
CARGO_PACKAGE: devolutions-gateway | |
run: ./ci/tlk.ps1 build -Product gateway -Platform ${{ matrix.os }} -Architecture ${{ matrix.arch }} -CargoProfile ${{ needs.preflight.outputs.rust-profile }} | |
- name: Add msbuild to PATH | |
if: matrix.os == 'windows' | |
uses: microsoft/setup-msbuild@v2 | |
- name: Package | |
shell: pwsh | |
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
env: | |
TARGET_OUTPUT_PATH: ${{ steps.load-variables.outputs.target-output-path }} | |
DGATEWAY_EXECUTABLE: ${{ steps.load-variables.outputs.dgateway-executable }} | |
run: | | |
if ($Env:RUNNER_OS -eq "Windows") { | |
$Env:DGATEWAY_PACKAGE = "${{ steps.load-variables.outputs.dgateway-package }}" | |
$Env:DGATEWAY_LIB_XMF_PATH = Join-Path "native-libs" "xmf.dll" | Resolve-Path | |
$PSStagingPath = Join-Path (Get-Location) "powershell-staging" | |
$PSModuleOutputPath = Join-Path $PSStagingPath "DevolutionsGateway" | |
$PSModuleZipFilePath = Get-ChildItem -Path "$PSStagingPath/PowerShell" "*-ps-*.zip" | Select-Object -First 1 | |
Expand-Archive -Path $PSModuleZipFilePath -Destination $PSStagingPath | |
$Env:DGATEWAY_PSMODULE_PATH = $PSModuleOutputPath | |
} else { | |
$Env:DGATEWAY_LIB_XMF_PATH = Join-Path "native-libs" "libxmf.so" | Resolve-Path | |
} | |
$Env:DGATEWAY_WEBCLIENT_PATH = Join-Path "webapp" "client" | Resolve-Path | |
$Env:DGATEWAY_WEBPLAYER_PATH = Join-Path "webapp" "player" | Resolve-Path | |
./ci/tlk.ps1 package -Product gateway -Platform ${{ matrix.os }} -Architecture ${{ matrix.arch }} -CargoProfile ${{ needs.preflight.outputs.rust-profile }} | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: devolutions-gateway-${{ matrix.os }}-${{ matrix.arch }} | |
path: ${{ steps.load-variables.outputs.staging-path }} | |
devolutions-gateway-merge: | |
name: devolutions gateway merge artifacts | |
runs-on: ubuntu-latest | |
needs: [preflight, devolutions-gateway] | |
if: always() # The job is skipped for PRs coming from forks because the devolutions-gateway job would have been skipped (if always() wasn’t used). Another GitHub action oddity. | |
steps: | |
- name: Merge Artifacts | |
uses: actions/upload-artifact/merge@v4 | |
with: | |
name: devolutions-gateway | |
pattern: devolutions-gateway-* | |
delete-merged: true | |
devolutions-agent: | |
name: devolutions-agent [${{ matrix.os }} ${{ matrix.arch }}] | |
runs-on: ${{ matrix.runner }} | |
needs: [preflight] | |
strategy: | |
matrix: | |
include: ${{ fromJson(needs.preflight.outputs.agent-build-matrix) }} | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Load dynamic variables | |
id: load-variables | |
shell: pwsh | |
run: | | |
$PackageVersion = "${{ needs.preflight.outputs.version }}" | |
$StagingPath = Join-Path $Env:RUNNER_TEMP "staging" | |
$SymbolsPath = Join-Path $Env:RUNNER_TEMP "symbols" | |
New-Item -ItemType Directory $StagingPath | |
New-Item -ItemType Directory $SymbolsPath | |
$TargetOutputPath = Join-Path $StagingPath ${{ matrix.os }} ${{ matrix.arch }} | |
$ExecutableFileName = "DevolutionsAgent_${{ runner.os }}_${PackageVersion}_${{ matrix.arch }}" | |
if ($Env:RUNNER_OS -eq "Windows") { | |
$ExecutableFileName = "$($ExecutableFileName).exe" | |
$PackageFileName = "DevolutionsAgent-${{ matrix.arch }}-${PackageVersion}.msi" | |
$DAgentPackage = Join-Path $TargetOutputPath $PackageFileName | |
echo "dagent-package=$DAgentPackage" >> $Env:GITHUB_OUTPUT | |
$DAgentDesktopAgentOutputPath = Join-Path $TargetOutputPath "DesktopAgent" | |
echo "dagent-desktop-agent-output-path=$DAgentDesktopAgentOutputPath" >> $Env:GITHUB_OUTPUT | |
$DAgentPedmShellExtDll = Join-Path $TargetOutputPath "DevolutionsPedmShellExt.dll" | |
echo "dagent-pedm-shell-ext-dll=$DAgentPedmShellExtDll" >> $Env:GITHUB_OUTPUT | |
$DAgentPedmShellExtMsix = Join-Path $TargetOutputPath "DevolutionsPedmShellExt.msix" | |
echo "dagent-pedm-shell-ext-msix=$DAgentPedmShellExtMsix" >> $Env:GITHUB_OUTPUT | |
$DAgentSessionExecutable = Join-Path $TargetOutputPath "DevolutionsSession.exe" | |
echo "dagent-session-executable=$DAgentSessionExecutable" >> $Env:GITHUB_OUTPUT | |
} | |
$DAgentExecutable = Join-Path $TargetOutputPath $ExecutableFileName | |
echo "staging-path=$StagingPath" >> $Env:GITHUB_OUTPUT | |
echo "symbols-path=$SymbolsPath" >> $Env:GITHUB_OUTPUT | |
echo "target-output-path=$TargetOutputPath" >> $Env:GITHUB_OUTPUT | |
echo "dagent-executable=$DAgentExecutable" >> $Env:GITHUB_OUTPUT | |
- name: Configure Linux runner | |
if: matrix.os == 'linux' | |
run: | | |
sudo apt-get update | |
sudo apt-get -o Acquire::Retries=3 install python3-wget python3-setuptools libsystemd-dev dh-make | |
# We need a newer version of GCC because aws-lc-rs rejects versions affected | |
# by this bug: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=95189 | |
# These lines can be safely removed once we switch to ubuntu-22.04 runner. | |
sudo apt install gcc-10 | |
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 60 | |
- name: Configure Linux (arm) runner | |
if: matrix.os == 'linux' && matrix.arch == 'arm64' | |
run: | | |
sudo dpkg --add-architecture arm64 | |
sudo apt-get -o Acquire::Retries=3 install -qy binutils-aarch64-linux-gnu gcc-aarch64-linux-gnu g++-aarch64-linux-gnu qemu-user | |
rustup target add aarch64-unknown-linux-gnu | |
echo "STRIP_EXECUTABLE=aarch64-linux-gnu-strip" >> $GITHUB_ENV | |
- name: Install fpm | |
if: matrix.os == 'Linux' | |
run: sudo gem install --no-document fpm | |
- name: Configure Windows runner | |
if: matrix.os == 'windows' | |
run: | | |
# https://github.com/actions/runner-images/issues/9667 | |
choco uninstall wixtoolset | |
choco install wixtoolset --version 3.14.0 --allow-downgrade --force | |
# Devolutions PEDM needs MakeAppx.exe | |
Write-Output "C:\Program Files (x86)\Windows Kits\10\bin\10.0.17763.0\x64" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append | |
# WiX is installed on Windows runners but not in the PATH | |
Write-Output "C:\Program Files (x86)\WiX Toolset v3.14\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append | |
# NASM is required by aws-lc-rs (used as rustls crypto backend) | |
choco install nasm | |
# We need to add the NASM binary folder to the PATH manually. | |
Write-Output "$Env:ProgramFiles\NASM" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append | |
- name: Configure Windows (arm) runner | |
if: runner.os == 'Windows' && matrix.arch == 'arm64' | |
shell: pwsh | |
run: | | |
rustup target add aarch64-pc-windows-msvc | |
- name: Add msbuild to PATH | |
if: matrix.os == 'windows' | |
uses: microsoft/setup-msbuild@v2 | |
- name: Build | |
shell: pwsh | |
env: | |
TARGET_OUTPUT_PATH: ${{ steps.load-variables.outputs.target-output-path }} | |
DAGENT_EXECUTABLE: ${{ steps.load-variables.outputs.dagent-executable }} | |
CARGO_PACKAGE: devolutions-agent | |
run: | | |
if ($Env:RUNNER_OS -eq "Windows") { | |
$Env:DAGENT_DESKTOP_AGENT_OUTPUT_PATH = "${{ steps.load-variables.outputs.dagent-desktop-agent-output-path }}" | |
$Env:DAGENT_PEDM_SHELL_EXT_DLL = "${{ steps.load-variables.outputs.dagent-pedm-shell-ext-dll }}" | |
$Env:DAGENT_PEDM_SHELL_EXT_MSIX = "${{ steps.load-variables.outputs.dagent-pedm-shell-ext-msix }}" | |
$Env:DAGENT_SESSION_EXECUTABLE = "${{ steps.load-variables.outputs.dagent-session-executable }}" | |
} | |
./ci/tlk.ps1 build -Product agent -Platform ${{ matrix.os }} -Architecture ${{ matrix.arch }} -CargoProfile ${{ needs.preflight.outputs.rust-profile }} | |
- name: Package | |
shell: pwsh | |
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository | |
env: | |
TARGET_OUTPUT_PATH: ${{ steps.load-variables.outputs.target-output-path }} | |
DAGENT_EXECUTABLE: ${{ steps.load-variables.outputs.dagent-executable }} | |
run: | | |
if ($Env:RUNNER_OS -eq "Windows") { | |
$Env:DAGENT_PACKAGE = "${{ steps.load-variables.outputs.dagent-package }}" | |
$Env:DAGENT_DESKTOP_AGENT_OUTPUT_PATH = "${{ steps.load-variables.outputs.dagent-desktop-agent-output-path }}" | |
$Env:DAGENT_PEDM_SHELL_EXT_DLL = "${{ steps.load-variables.outputs.dagent-pedm-shell-ext-dll }}" | |
$Env:DAGENT_PEDM_SHELL_EXT_MSIX = "${{ steps.load-variables.outputs.dagent-pedm-shell-ext-msix }}" | |
$Env:DAGENT_SESSION_EXECUTABLE = "${{ steps.load-variables.outputs.dagent-session-executable }}" | |
} | |
./ci/tlk.ps1 package -Product agent -Platform ${{ matrix.os }} -Architecture ${{ matrix.arch }} -CargoProfile ${{ needs.preflight.outputs.rust-profile }} | |
- name: Upload artifacts | |
if: matrix.arch != 'arm64' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: devolutions-agent-${{ matrix.os }}-${{ matrix.arch }} | |
path: ${{ steps.load-variables.outputs.staging-path }} | |
devolutions-agent-merge: | |
name: devolutions agent merge artifacts | |
runs-on: ubuntu-latest | |
needs: [preflight, devolutions-agent] | |
steps: | |
- name: Merge Artifacts | |
uses: actions/upload-artifact/merge@v4 | |
with: | |
name: devolutions-agent | |
pattern: devolutions-agent-* | |
delete-merged: true | |
dotnet-utils-tests: | |
name: .NET utils tests | |
runs-on: windows-2022 | |
needs: preflight | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Tests | |
shell: pwsh | |
run: | | |
Set-PSDebug -Trace 1 | |
dotnet test utils/dotnet/GatewayUtils.sln | |
winapi-sanitizer-tests: | |
name: Windows API sanitizer tests | |
runs-on: windows-2022 | |
needs: preflight | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Prepare runner | |
shell: pwsh | |
run: | | |
$VSInstallationPath = $(vswhere.exe -latest -requires Microsoft.VisualStudio.Component.VC.Tools.x86.x64 -property installationPath) | |
Write-Host "VCToolsInstallDir = $VSInstallationPath" | |
Get-ChildItem "$VSInstallationPath" | |
$toolsPath = "$VSInstallationPath\VC\Tools\MSVC" | |
Write-Host "toolsPath = $toolsPath" | |
Get-ChildItem "$toolsPath" | |
$firstItem = Get-ChildItem "$toolsPath" | Select-Object -Last 1 | |
$binPath = "$toolsPath\$($firstItem.Name)\bin\Hostx64\x64" | |
Write-Host "binPath = $binPath" | |
Get-ChildItem "$binPath" | |
$asanDllPath = "$binPath\clang_rt.asan_dynamic-x86_64.dll" | |
Write-Host "asanDllPath = $asanDllPath" | |
New-Item -ItemType Directory ".\target\x86_64-pc-windows-msvc\debug\" | |
Copy-Item -Path "$asanDllPath" -Destination .\target\x86_64-pc-windows-msvc\debug\ | |
rustup toolchain install nightly | |
- name: Run tests | |
shell: pwsh | |
run: | | |
$Env:RUSTFLAGS="-Zsanitizer=address" | |
cargo +nightly test --target x86_64-pc-windows-msvc -p win-api-wrappers -p devolutions-pedm | |
winapi-miri: | |
name: Windows API miri tests [${{ matrix.os }}][${{ matrix.mode }}] | |
runs-on: ${{ matrix.runner }} | |
needs: preflight | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- windows | |
- linux | |
mode: | |
- stacked-borrow | |
- tree-borrows | |
include: | |
- os: windows | |
runner: windows-latest | |
- os: linux | |
runner: ubuntu-latest | |
- mode: tree-borrows | |
miriflags: -Zmiri-tree-borrows | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
- name: Prepare runner | |
run: | | |
rustup toolchain install nightly --component miri | |
- name: Run tests | |
shell: pwsh | |
run: | | |
$Env:MIRIFLAGS = "${{ matrix.miriflags }}" | |
cargo +nightly test -p win-api-wrappers | |
success: | |
name: Success | |
runs-on: ubuntu-latest | |
if: always() | |
needs: | |
- tests | |
- check-dependencies | |
- jetsocat-lipo | |
- devolutions-gateway-powershell | |
- devolutions-gateway-player | |
- devolutions-gateway | |
- devolutions-gateway-merge | |
- devolutions-agent-merge | |
- dotnet-utils-tests | |
- winapi-sanitizer-tests | |
- winapi-miri | |
steps: | |
- name: Check success | |
shell: pwsh | |
run: | | |
$results = '${{ toJSON(needs.*.result) }}' | ConvertFrom-Json | |
$succeeded = $($results | Where { $_ -Ne "success" }).Count -Eq 0 | |
exit $(if ($succeeded) { 0 } else { 1 }) | |
upload-git-log: | |
name: Upload git-log output | |
runs-on: ubuntu-latest | |
if: ${{ github.ref == 'refs/heads/master' }} | |
needs: | |
- success | |
steps: | |
- name: Checkout ${{ github.repository }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.preflight.outputs.ref }} | |
fetch-depth: 10 | |
- name: Generate git-log.txt | |
shell: pwsh | |
run: git log --max-count=10 > ./git-log.txt | |
- name: Upload git-log.txt | |
uses: actions/upload-artifact@v4 | |
with: | |
name: git-log | |
path: ./git-log.txt | |
onedrive: | |
name: OneDrive | |
runs-on: ubuntu-20.04 | |
if: ${{ github.ref == 'refs/heads/master' }} | |
needs: | |
- preflight # required for needs.preflight.outputs | |
- upload-git-log | |
steps: | |
- name: Check out Devolutions/actions | |
uses: actions/checkout@v4 | |
with: | |
repository: Devolutions/actions | |
ref: v1 | |
token: ${{ secrets.DEVOLUTIONSBOT_TOKEN }} | |
path: ./.github/workflows | |
## Fetch current date and time | |
- name: Get current timestamp | |
id: timestamp | |
run: echo "timestamp=$(date +'%Y%m%d%H%M')" >> $GITHUB_OUTPUT | |
## Devolutions Toolbox is required for OneDrive uploading | |
- name: Install Devolutions Toolbox | |
uses: ./.github/workflows/toolbox-install | |
with: | |
github_token: ${{ secrets.DEVOLUTIONSBOT_TOKEN }} | |
## Download back the artifacts produced by the other jobs | |
- uses: actions/download-artifact@v4 | |
with: | |
name: jetsocat | |
path: ${{ runner.temp }}/artifacts_raw | |
- uses: actions/download-artifact@v4 | |
with: | |
name: devolutions-gateway | |
path: ${{ runner.temp }}/artifacts_raw | |
- uses: actions/download-artifact@v4 | |
with: | |
name: devolutions-agent | |
path: ${{ runner.temp }}/artifacts_raw | |
- uses: actions/download-artifact@v4 | |
with: | |
name: git-log | |
path: ${{ runner.temp }}/artifacts_raw | |
## Do the actual upload :tada: | |
- name: Prepare upload | |
id: prepare | |
shell: pwsh | |
run: | | |
$version="${{ needs.preflight.outputs.version }}" | |
$ref="${{ needs.preflight.outputs.ref }}" | |
$shortRef=$ref.Substring(0, 8) | |
$sourceFolder = "${{ runner.temp }}/artifacts_raw" | |
$destinationFolder = "${{ runner.temp }}/artifacts" | |
Write-Host "version = $version" | |
Write-Host "ref = $ref" | |
echo "version=$version" >> $Env:GITHUB_OUTPUT | |
echo "short-ref=$shortRef" >> $Env:GITHUB_OUTPUT | |
echo "files-to-upload=$destinationFolder" >> $Env:GITHUB_OUTPUT | |
New-Item -Path "$destinationFolder" -ItemType "directory" | |
$allFiles = Get-ChildItem -Path "$sourceFolder" -Exclude PowerShell | Get-ChildItem -Recurse | Where { -Not $_.Mode.StartsWith('d') } | |
Write-Host | |
foreach ($file in $allFiles) { | |
$dir = $file.Directory | |
$name = $file.Name | |
$source = "$dir/$name" | |
$destination = "$destinationFolder/$name" | |
Write-Host "$source --> $destination" | |
Move-Item -Path "$source" -Destination "$destination" | |
} | |
- name: Upload to OneDrive | |
uses: ./.github/workflows/onedrive-upload | |
with: | |
azure_client_id: ${{ secrets.ONEDRIVE_AUTOMATION_CLIENT_ID }} | |
azure_client_secret: ${{ secrets.ONEDRIVE_AUTOMATION_CLIENT_SECRET }} | |
conflict_behavior: replace | |
destination_path: /Gateway/${{ steps.prepare.outputs.version }}-${{ steps.timestamp.outputs.timestamp }}-${{ steps.prepare.outputs.short-ref }} | |
remote: prereleases | |
source_path: ${{ steps.prepare.outputs.files-to-upload }} |