Commit Graph

59 Commits

Author SHA1 Message Date
Anton Iakimov a6e6716311
ci: add shebang to jenkinsfiles 2023-07-02 09:11:54 +02:00
Jakub Sokołowski e08d3bd78d
ci: build generic status-go and all shells
When discussing caching of `status-go` with Sid I noticed that the build
we cache daily created from our nightly build is different from the
build we create locally due to a single input.

In a release CI host we can see the IPFS URL is that of Infura:
```
 > find /nix/store -maxdepth 1 -name '*-status-go-*android' | tail -n1
/nix/store/2cc8ilhx5g3k2awbn4sla61n4cml2405-status-go-0.130.1-d2cce5e-android

 > RESULT=$(find /nix/store -maxdepth 1 -name '*-status-go-*android' | tail -n1)

 > nix show-derivation $RESULT | tr ' ' '\n' | grep IpfsGateway
github.com/status-im/status-go/params.IpfsGatewayURL=https://status-im.infura-ipfs.io/ipfs/
```
But for a local build the URL is the default, which is our own gateway:
```
 > nix-build --no-out-link -A targets.status-go.mobile.android
/nix/store/1p53m7a6y1kg3vcyd8d06scf3bsyn5rk-status-go-0.157.2-47711c4-android

 > RESULT=$(nix-build --no-out-link -A targets.status-go.mobile.android)

 > nix show-derivation $RESULT | tr ' ' '\n' | grep IpfsGateway
github.com/status-im/status-go/params.IpfsGatewayURL=https://ipfs.status.im/
```
This difference causes builds of `status-go` that get uploaded to our
Nix cache to not match what developers locally would build, which
results in a cache miss.

This changes the Nix cache CI jobs to instead of building only dependencies
(`buildInuts`) to simply build the generic versions of `status-go` without
nightly specific inputs.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-06-20 13:55:06 +02:00
Jakub Sokołowski e8b956d4f4
ci: fix jsbundle target name for nix-cache build
Forgot to update this in:
https://github.com/status-im/status-mobile/pull/15924

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-30 18:28:53 +02:00
Jakub Sokołowski 2493b8ad4b
ios: replace Diawi Fastlane plugin that disappered
For an unknown reason the original Diawi plugin for Fastlane has been
removed from GitHub and RubyGems pages and can no longer be used.

This replaces it with a Node.js script which does the same job.

I tried using `diawi` and `diawi-nodejs-uploader` but both had issues,
one of them being depending on far too many useless packages.

Resolves: https://github.com/status-im/status-mobile/issues/15951

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-24 10:55:38 +02:00
Jakub Sokołowski 7e47057b2e
ci: drop useless call to doGitRebasePR
It only blocks CI builds for no good reason when branch has not been
rebased recently, which has no real benefit as GitHub already enforces
not merging outdated PRs. It's just annoying and wastes time.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/68

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-22 15:40:32 +02:00
Jakub Sokołowski 58d20967ae
nix: use jsbundle derivation for iOS as well
For some unknown to me reason we are using a different Yarn call to
Shadow-cljs to generate the JSBundle for iOS builds, while the one
created by the Android derivation shoudl be exactly the same.

I'm changing the target to just be `make jsbundle` while keeping aliases
referencing old naming, and moving things around in `nix` folder to
reflect the fact that the derivation is no longer Android-specific.

Also, crucially, I've changed the `import` in `index.js` to use the
`./result/index.js` path, since that's what Nix creates. I'm not sure if
this clashes with any developer workflow that takes place locally, so
I'd appreciate some testing from developers.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/67

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-22 10:31:09 +02:00
andrey 6858884c83
[#15756] Token gated communities 2023-05-20 08:54:06 +01:00
Jakub Sokołowski 10d9c34559
ci: fix Alchemy and Infura env vars for iOS
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-16 13:06:37 +02:00
Jakub Sokołowski 8ccf2d1596
ci: fix missing Alchemy and Infura env vars
Depends on:
https://github.com/status-im/status-jenkins-lib/pull/65

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-16 11:20:29 +02:00
Jakub Sokołowski 78131c1028
ci: add Alchemy and Infura credentials in CI
Depends on: https://github.com/status-im/status-jenkins-lib/pull/64

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-10 12:57:04 +02:00
Jakub Sokołowski fd7797322f
ci: fix missing SSH key for fetching ios certs
Otherwise builds fail with:
```
15:15:22  [16:15:22]: Cloning remote git repo...
15:15:22  [16:15:22]: If cloning the repo takes too long, you can use the `clone_branch_directly` option in match.
15:15:23  Cloning into '/tmp/d20230425-79805-70bge2'...
15:15:23  git@github.com: Permission denied (publickey).
15:15:23  fatal: Could not read from remote repository.
```
Depends on: https://github.com/status-im/status-jenkins-lib/pull/63

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-04-25 16:31:54 +02:00
Jakub Sokołowski 5380f83cab
ci: ugprade Jenkins library to use narrow shell
Depends on:
https://github.com/status-im/status-jenkins-lib/pull/59

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-03-10 16:19:10 +01:00
Jakub Sokołowski d5cc24fecf
ci: add Xcode cleanup Jenkinsfile
Too often Xcode derived data and archives are clogging up hosts.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-02-22 09:21:59 +01:00
Jakub Sokołowski ba89ac3fcf
ci: fix Jenkins lib function for reading version
Otherwise we just get `UNKNOWN` in release filenames.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/56

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-02-13 18:05:11 +01:00
Jakub Sokołowski 3fc1ba357e
ci: bump jenkins lib to match desktop
Related to: https://github.com/status-im/status-desktop/pull/8420
Depends on: https://github.com/status-im/status-jenkins-lib/pull/53

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-11-23 19:48:55 +01:00
Jakub Sokołowski 7dccbf2395
ci: separate buckets for mobile and desktop builds
Possible fix for slow upload speeds and failures caused by most probably
hitting per-bucket rate limits of DigitalOcean:

>- 500 total operations per second to any individual bucket.
>- 300 combined PUT, POST, COPY, DELETE, and LIST operations per second to any individual Space. We may further limit LIST operations if necessary under periods of high load.y

https://docs.digitalocean.com/products/spaces/details/limits/#rate-limits

Depends on: https://github.com/status-im/status-jenkins-lib/pull/52

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-11-22 16:55:59 +01:00
Roman Volosovskyi c017c01c53
[#11335] Use Pokt network as an infura replacement 2022-10-19 17:00:17 +02:00
Jakub Sokołowski 081f1a2115
ci: bump jenkins lib to use generalized nix library
Necessary so other repos can use the Nix functions.

Realted to:
https://github.com/status-im/nwaku/pull/1216

Depends on:
https://github.com/status-im/status-jenkins-lib/pull/50

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-10-03 15:43:11 +02:00
Jakub Sokołowski bcf919fcbb
nix: use android-sdk shell for fdroid-pr target
Also renamed `android-env` shell to `android-sdk` to be more descriptive.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-29 12:54:47 +02:00
Jakub Sokołowski 38bbf84de4
ci: add wait for GitHub release to appear
Because somtimes upload is attempted so fast release doesn't exist yet:
```
+ github-release upload -u status-im -r status-mobile -t 1.20.0 -n StatusIm-Mobile-v1.20.0-cbe19b-arm64-v8a.apk -f pkg/StatusIm-Mobile-v1.20.0-cbe19b-arm64-v8a.apk
error: could not find the release corresponding to tag 1.20.0
```
https://ci.infra.status.im/job/status-mobile/job/release/job/release%252F1.20.x/

Depends on: https://github.com/status-im/status-jenkins-lib/pull/49

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-15 09:49:06 +02:00
Jakub Sokołowski 74743630b7
ci: drop commonPrep function, call individual ones
This function did too many things, some of them unnecessary.

Requires: https://github.com/status-im/status-jenkins-lib/pull/48

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-14 16:43:59 +02:00
Jakub Sokołowski 718e6cdbb3
ci: disable sandbox for status-go iOS builds
Otherwise we get weird failures like these:
```
clang-11: error: cannot use 'cpp-output' output with multiple -arch options
clang-11: error: invalid argument '-mmacos-version-min=10.12' not allowed with '-miphoneos-version-min=8.0'
clang-11: error: invalid argument '-mmacos-version-min=10.12' not allowed with '-miphoneos-version-min=8.0'
```
Depends on: https://github.com/status-im/status-jenkins-lib/pull/47

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-01 16:17:47 +02:00
Jakub Sokołowski 70da680c1b
ci: fix keystore used when validating APK
Necessary to avoid validation errors due to missing release keystore.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/46
Issue: https://github.com/status-im/infra-ci/issues/63

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-29 12:46:19 +02:00
Jakub Sokołowski 1b8aea87b2
ci: use different IPFS gateway for release builds
f43f43cc...86054875

Depends on: https://github.com/status-im/status-jenkins-lib/pull/44

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-26 20:02:27 +02:00
Jakub Sokołowski 1f7fd17ff1
rename status-react to status-mobile
This way the name of the repo makes at least some sense and
matches the `status-desktop` repo naming.

Also updated `status-jenkins-lib` since it also contained
references to `status-react` repo and job names.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-07-17 14:46:16 +02:00
Jakub Sokołowski acfa73ab43
nix: build unsigned Android APK, sign separately
This has several benefits:

* Less abuse of `extra-sandbox-paths` Nix option
* Less inputs to the Android release build derivation
* Easier for users to sign the build themselves
* Simplification of `scripts/release-android.sh`
* Preparation for building using Nix Flakes

The only two remaining credentials passed via `extra-sandbox-paths` is
the Infura and OpenSea API keys, and there is no way around that other
than passing them via Nix arguments, but that would cause them to end up
in `/nix/store` as part of `.drv` files.

I'm also renaming `release-fdroid` to `build-fdroid` to be consistent.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/42

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-21 11:10:11 +02:00
Jakub Sokołowski 8d62680abe
ci: use improved method to get APK architectures
Detecting APK architectures using `apkanalyzer` tool
rather than just guessing based on build type.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/41

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-11 14:57:00 +02:00
Jakub Sokołowski 2bab1325d8
ci: fix nix sandbox filename by adding random string
By using just the timestamp we increase the probability of hitting a
race condition with another build due to same filename of sandbox file.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/40

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-04-27 15:07:26 +04:00
Jakub Sokołowski 0311983751
ci: upgrade Nix from 2.3.12 to 2.6.1
Due to changes in how Nix handles Git refs we need to specify
`refs/tags/` prefix in `package.json` to avoid the following error:
```
fatal: couldn't find remote ref refs/heads/v2.0.3-status-v6
error: program 'git' failed with exit code 128
```

I also had to rewrite some logic in `nix/scripts/source.sh` in order to
take account of single-user and multi-user installations.
We default to multi-user for Darwin, but not for any other OS due to
discovered issues with `nix-daemon` socket on Arch and open file limits.

I also rewrote `nix/scripts/setup.sh` and `/nix/scripts/purge.sh` to support
different types of installations. Both single-user and multi-user, as some
operating systems have issues with multi-user installations.

Resolves: https://github.com/status-im/status-react/issues/12832
Depends on: https://github.com/status-im/status-jenkins-lib/pull/37

Related changes:
* https://github.com/status-im/infra-ci/commit/84947b9f
* https://github.com/status-im/infra-ci/commit/bb98f5f3
* https://github.com/status-im/infra-ci/commit/f75d524d
* https://github.com/status-im/infra-ci/commit/d1fc92cd
* https://github.com/status-im/infra-ci/commit/87c4091e
* https://github.com/status-im/infra-ci/commit/8d6b6b3f
* https://github.com/status-im/infra-ci/commit/c4f13285
* https://github.com/status-im/infra-ci/commit/38ac698d

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-04-11 12:26:54 +02:00
Jakub Sokołowski 8b055cd3c3
ci: fix macos host label for pod updates
Job: https://ci.status.im/job/status-react/job/tools/job/run-pod-repo-update

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-11-24 20:54:46 +01:00
Jakub Sokołowski 79be879306
ci: upgrade library and use of pkgFilename()
Depends on: https://github.com/status-im/status-jenkins-lib/pull/36

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-28 21:25:34 +02:00
Jakub Sokołowski e2c18ea151
add commit hash to app metadata for Android and iOS
This will make identifying installed software easier.
It can also be used to generate F-Droid RPs more easily.

Depends on:
https://github.com/status-im/status-jenkins-lib/pull/35

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-21 11:48:45 +02:00
Jakub Sokołowski d4da8209cd
Revert "Remove fastlane metadata because no one use it"
Because as pointed out in this comment:
https://github.com/status-im/status-react/issues/12289#issuecomment-894008069
the lack of fastlane metadata makes F-Droid unable to find out things
like app description.

For more details see:
https://f-droid.org/en/docs/All_About_Descriptions_Graphics_and_Screenshots/#fastlane-structure

This reverts commit 3469aca1d8.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-12 19:28:20 +02:00
Jakub Sokołowski c20d6b5782
ci: do no delete non-draft releases
We identified this issue in status-desktop release from branch
`release/0.1.0-beta.10` which had old version in VERSION file.
https://ci.status.im/job/status-desktop/job/release/job/release%252F0.1.0-beta.10/

Depends on: https://github.com/status-im/status-jenkins-lib/pull/28

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-08 09:19:36 +02:00
Volodymyr Kozieiev 3469aca1d8
Remove fastlane metadata because no one use it
Signed-off-by: Volodymyr Kozieiev <vkjr.sp@gmail.com>
2021-05-11 12:09:42 +03:00
Jakub Sokołowski dd0031f68e
ci: add PR numbers to filenames of artifacts
This is useful for QA team when they download multiple builds.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-05-02 22:19:03 +02:00
Jakub Sokołowski cf9f160de9
ci: nicer artifact filenames for release builds
Depends on: https://github.com/status-im/status-jenkins-lib/pull/24

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-28 17:25:39 +02:00
Jakub Sokołowski 594c83013c
ci: upgrade jenkins lib to 1.2.12 to generalize GH release
This is required to also ad GitHub releases to `status-desktop`.

Also renamed `status-react-jenkins` to `status-jenkins-lib` for clarity.

Depends on: https://github.com/status-im/status-react-jenkins/pull/23

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-19 11:47:34 +02:00
Jakub Sokołowski ef5031a4aa
ci: update Google Play JSON credential name
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-14 14:04:39 +02:00
Jakub Sokołowski 7eca3c42d7
ci: add Jenkinsfile for pod repo updates
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-14 13:48:00 +02:00
Jakub Sokołowski d946d473c6 fastlane: use Apple Store Connect API for CI builds
Because our CI Apple account still has 2FA disabled in order for it to
be usable in Jenkin it is now failing with an error that seems unrelated
to 2FA.

The recommended way of doing Apple authentication for CI are App Store
Connect API JWTs. The API appears to support both pushing builds as well as
updating metadata and other tasks like refreshing of provisioning
profiles.

Fixes: https://github.com/status-im/status-react/issues/11713
Issue: https://github.com/fastlane/fastlane/issues/18098
Docs: https://docs.fastlane.tools/app-store-connect-api/

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-02-04 15:10:07 +01:00
Jakub Sokołowski 9889e80bbd
ci: parametrize publishing, make BUILD_TYPE a choice
This changes the behavior of mobile combined builds to not publish
the results of `nightly` or `release` builds unless `PUBLISH`
parameter is set to `true`.

It also makes the `BUILD_TYPE` into a dropdown choice field with
pre-defined values, like `manual` or `e2e`.

Changes:
- Add parameter definitions for `BUILD_TYPE` and `PUBLISH`
- Move uploading of `latest.json` to `Publish` stage
- Make `Publish` stage optional based on the `PUBLISH` parameter

Requires: https://github.com/status-im/status-react-jenkins/pull/21

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2021-01-08 12:54:17 +01:00
Jakub Sokołowski 458ef05740
bump jenkins library to 1.2.8 to add keychain password
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-12-02 19:34:10 +01:00
Jakub Sokołowski b62ff59f16
ci: make GitHub build links use CDN for downloads
Should speed up downloads for some geographical locations.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-12-02 15:53:17 +01:00
Jakub Sokołowski 0b8c673094
ci: fix iOS signing, use same keychain name
Using different temporary keychains does not work if we do not set
`default_keychain=true`, because `codesign` then can't find the cert:
```
error: No signing certificate "iOS Distribution" found: No "iOS Distribution" signing certificate matching team ID
```
But if we set `default_keychain=true` then we cause a race condition
when the keychain is deleted by a parallel job while another is using it
as its default.

For this reason we have to use a static keychain name and keep it
between builds.

I tried disabling `default_keychain=true` in #11378 but it worked only
because the default user keychain already had the cert.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2020-11-17 10:16:32 +01:00
Jakub Sokołowski 3b780f4ff2
fastlane: Create temporary Keychain for iOS signing
This is a new approach to signing the iOS app by using a temporary
Keychain created only for that specific build and unlocked in advance.

By doing it this way we can avoid issues with `errSecInternalComponent`
appearing when there is no UI to open a Keychain password prompt when
running build in CI. I've described this problem in details in:
https://github.com/fastlane/fastlane/issues/15185

Thanks to `codesign:` partition ID being added to key partition list by
Fastlane `match` when importing a Keychain this approach now works:
https://github.com/fastlane/fastlane/pull/17456

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-03 00:03:38 +01:00
Jakub Sokołowski c4cac2cef7
fix availability of INFURA_TOKEN for Android build
The env variable `INFURA_TOKEN` is used at build time of JS bundle, not
the final APK file. We never passed the `secretsFile` to the
derivation for JS bundle so it never saw the `INFURA_TOKEN`.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-10-05 16:36:05 +02:00
Jakub Sokołowski c866082cde
ci: use more buckets for different builds
* `status-im-releases` for release builds
* `status-im-nightlies` for nightlies

I want to reserve the `status-im` bucket for use with the site.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-09-28 20:10:14 +02:00
Jakub Sokołowski eeff44eea7
ci: fix Android release builds not splitting ABIs
This was caused by Groovy script logic not checking `params.BUILT_TYPE`.

Related: https://github.com/status-im/status-react-jenkins/pull/14

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-10 14:48:23 +02:00
Jakub Sokołowski f904d7b543
nix: add --console=plain to gradle call
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-06 14:34:07 +02:00