In this PR we get rid of `E2E_GIT_REF` parameter which would default to master or whatever value is set in CI.
We instead just rely on `env.BRANCH_NAME` to run E2E tests on the same branch the build on CI is generated from.
Otherwise it fails with:
```
performing a single-user installation of Nix...
directory /nix does not exist; creating it by running 'mkdir -m 0755 /nix && chown jenkins /nix' using sudo
sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper
/tmp/nix-binary-tarball-unpack.roliyEDk9X/unpack/nix-2.19.3-x86_64-linux/install: please manually run 'mkdir -m 0755 /nix && chown jenkins /nix' as root to create /nix
```
Related to:
https://github.com/status-im/status-go/pull/4388
Signed-off-by: Alexis Pentori <alexis@status.im>
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Had to be changed to `PLATFORM` due to conflict of `TARGET` with our Nix
shell setup in `status-mobile` and `status-go`.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
QA needs easier access to public URLs from DigitalOcean spaces, and when
this meta-job fails the URLs are buried within child jobs and hard to access.
This not only sets the description if build fails, it sets it after
every single child build finishes.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
The method of triggering new E2E builds from the Linux build makes sense
for PRs, but doesn't make as much sense for nightly or release builds.
By triggering it this way we will see the result as part of the whole
build that includes all platforms and all tests.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
- Necessary env variables to build the app:
STATUS_BUILD_INFURA_TOKEN
STATUS_BUILD_INFURA_TOKEN_SECRET
STATUS_BUILD_POKT_TOKEN
STATUS_BUILD_OPENSEA_API_KEY
STATUS_BUILD_ALCHEMY_ETHEREUM_MAINNET_TOKEN
STATUS_BUILD_ALCHEMY_ETHEREUM_GOERLI_TOKEN
STATUS_BUILD_ALCHEMY_ARBITRUM_MAINNET_TOKEN
STATUS_BUILD_ALCHEMY_ARBITRUM_GOERLI_TOKEN
STATUS_BUILD_ALCHEMY_OPTIMISM_MAINNET_TOKEN
STATUS_BUILD_ALCHEMY_OPTIMISM_GOERLI_TOKEN
- The list of available env variables as well as CL arguments can be seen running
the app providing `--help` argument. All env vars are prefixed with `STATUS_RUNTIME_`.
Useful for tracking down which commit introduced a breaking change.
I'm lowering `maxConcurrentTotal` limit for e2e parallel build since the
release builds on `ci.infra.status.im` do not share the same throttling
limits across Jenkins instances, so we can hit a licenses usage limit.
Also increasing number of builds to keep to 30.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
The symlinks are temporary to avoid issues in PRs that won't be rebased
right away. We can remove them later.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Possible fix for slow upload speeds and failures caused by most probably
hitting per-bucket rate limits of DigitalOcean:
>- 500 total operations per second to any individual bucket.
>- 300 combined PUT, POST, COPY, DELETE, and LIST operations per second
> to any individual Space. We may further limit LIST operations if
> necessary under periods of high load.
https://docs.digitalocean.com/products/spaces/details/limits/#rate-limits
Depends on: https://github.com/status-im/status-jenkins-lib/pull/52
Signed-off-by: Jakub Sokołowski <jakub@status.im>
By using `s3cmd` through PowerShell instead of Git Bash we improve
upload speeds on Windows slightly, as described here:
https://github.com/status-im/infra-ci/issues/40
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Adds `scripts/sign-linux-file.sh` which expectes the following variables set:
* `LINUX_GPG_PRIVATE_KEY_FILE` - Path to the GPG export of private key.
* `LINUX_GPG_PRIVATE_KEY_PASS` - Password necessary to use the private key.
Given a file it creates a file with a `.asc` suffix containing the signature:
```
> wget -q https://status-im-prs.ams3.digitaloceanspaces.com/StatusIm-210809-104514-156806-pr.tar.gz
> tar xvf StatusIm-210809-104514-156806-pr.tar.gz
StatusIm-210809-104514-156806-pr.AppImage
StatusIm-210809-104514-156806-pr.AppImage.asc
> gpg --verify StatusIm-210809-104514-156806-pr.AppImage.asc
gpg: assuming signed data in 'StatusIm-210809-104514-156806-pr.AppImage'
gpg: Signature made Mon 09 Aug 2021 12:54:49 PM CEST using RSA key ID E20B4DFD
gpg: Good signature from "Status.im Devel Signing (GPG key for signing Status.im development builds.) <devel@status.im>" [ultimate]
Primary key fingerprint: BBF0 5F92 536B ED19 30A9 FD44 009F B3BF E20B 4DFD
```
Issue: https://github.com/status-im/infra-ci/issues/25
Requires: https://github.com/status-im/status-jenkins-lib/pull/32
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This introduces the `scripts/sign-windows-bin.sh` script which is used
by the `Makefile` to sign application libraries and executables. It also
implements the logic necessary to distinguish between different types of
builds: release and non-release builds.
Some other changes:
* Refactore the `Makefile` target that creates the Windows ZIP to make less verbose.
* Added `Microsoft.VisualStudio.Component.Windows10SDK.10240` to VisualStudio component
* Added `BUILD_TYPE` parameter to `Jenkinsfile`s for different platform builds
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This adds a `Publish` stage to the combined `Jenkinsfile` which when the
`PUBLISH` parameters is true pushes a __draft__ release to GitHub.
The job remembers the last value of `PUBLISH` parameter selected.
The release uses the contents of the `VERSION` file at the root of the
repo as the name for the release, and leaves the contents to be filled
in by whoever will approve the release.
The automation overwrites - or to be exact, deletes and recreates - the
release, so releated builds for the same release will simply re-create
it. All the built artifacts are included in the release.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This is part of a general restructuring in layout of Jenkins job folders
before we can properly introduce Release signing and notarization.
We need this to distinguish between pr/dev builds and release ones to
avoid signing the dev builds with a release certificate.
The meta job managed with `ci/Jenkinsfile.combined` runs a job for all 3
platforms and currently is quite basic, but in the future can be
extended to include - like the mobile one - updating the nightlies page,
or publishing draft GitHub releases.
The addition of `make check-pkg-target-*` steps to other `Jenkinsfile`s
is necessary because the sub-jobs under `platforms` have no option for
checking out Git submodules at the beginning, so I'm making use of how
the `Makefile` works and triggering that with a target that doesn't do much.
Example job:
https://ci.status.im/job/status-desktop/job/release/job/ci-meta-release-job/
Signed-off-by: Jakub Sokołowski <jakub@status.im>