This way people don't have to ask me for access to logs from CI hosts to
be acquired using SSH access, but instead they will be simply included
in Jenkins build artifacts.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Otherwise we get multiple APKs in the `results` folder.
```
admin@linux-01.he-eu-hel1.ci.devel:/home/jenkins/workspace/status-mobile/e2e/status-app-prs % ls -l result
total 502236
-rw-r--r-- 1 jenkins jenkins 57334087 Feb 7 10:25 StatusIm-Mobile-230207-101618-991339-pr14988-x86.apk
-rw-r--r-- 1 jenkins jenkins 57080127 Feb 7 13:18 StatusIm-Mobile-230207-131114-098c05-pr14977-x86.apk
-rw-r--r-- 1 jenkins jenkins 57088322 Feb 7 14:19 StatusIm-Mobile-230207-141155-05cc4c-pr15002-x86.apk
...
```
And `utils.findFile()` just pick the first one alphabeticlly.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Using `copyArtifacts()` is more reliable and faster then fetching APKs
based on URLs acquired by parsing GitHub comments from Jenkins builds.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Since uploads to SauceLabs were dropped from `Fastfile` in:
https://github.com/status-im/status-mobile/pull/14969
Also dropped:
- Useless Diawi upload of APK
- Useless DO Spaces upload of IPA
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Possible fix for slow upload speeds and failures caused by most probably
hitting per-bucket rate limits of DigitalOcean:
>- 500 total operations per second to any individual bucket.
>- 300 combined PUT, POST, COPY, DELETE, and LIST operations per second to any individual Space. We may further limit LIST operations if necessary under periods of high load.y
https://docs.digitalocean.com/products/spaces/details/limits/#rate-limits
Depends on: https://github.com/status-im/status-jenkins-lib/pull/52
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Otherwise the upload fails with `400 Bad Request` due to size:
```
bundler: failed to load command: fastlane (/Users/jenkins/.bundle/ruby/2.7.0/bin/fastlane)
/Users/jenkins/.bundle/ruby/2.7.0/gems/rest-client-2.1.0/lib/restclient/abstract_response.rb:249:in `exception_with_response': 400 Bad Request (RestClient::BadRequest)
```
Because release builds are over 100 MB:
```
> ls -l StatusIm-Mobile-v1.20.0-59567a.ipa
-rw-r--r-- 1 jakubgs jakubgs 104M Sep 7 15:50 StatusIm-Mobile-v1.20.0-59567a.ip
```
And the Diawi free account limit is 75 MB:
https://www.diawi.com/features-services
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Because otherwise when piping optput to `tee` the exit code that
affects the result of the whole `sh` call is the last command in the pipe.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Otherwise we get weird failures like these:
```
clang-11: error: cannot use 'cpp-output' output with multiple -arch options
clang-11: error: invalid argument '-mmacos-version-min=10.12' not allowed with '-miphoneos-version-min=8.0'
clang-11: error: invalid argument '-mmacos-version-min=10.12' not allowed with '-miphoneos-version-min=8.0'
```
Depends on: https://github.com/status-im/status-jenkins-lib/pull/47
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This way we can make PRs depend only on successful tests, and not whole
builds for all platforms, which take 10 minutes or more.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This way the name of the repo makes at least some sense and
matches the `status-desktop` repo naming.
Also updated `status-jenkins-lib` since it also contained
references to `status-react` repo and job names.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This has several benefits:
* Less abuse of `extra-sandbox-paths` Nix option
* Less inputs to the Android release build derivation
* Easier for users to sign the build themselves
* Simplification of `scripts/release-android.sh`
* Preparation for building using Nix Flakes
The only two remaining credentials passed via `extra-sandbox-paths` is
the Infura and OpenSea API keys, and there is no way around that other
than passing them via Nix arguments, but that would cause them to end up
in `/nix/store` as part of `.drv` files.
I'm also renaming `release-fdroid` to `build-fdroid` to be consistent.
Depends on: https://github.com/status-im/status-jenkins-lib/pull/42
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Also use `ssh-ng://` protocol implementation instead of `ssh://`.
Might fix the following error:
```
error (ignored): error: reached end of FramedSource
error: sized: unexpected end-of-file
error: unexpected end-of-file
```
For more details see: https://github.com/NixOS/nix/issues/6495
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Minor upgrade done to match the version deployed in CI due to a bug
with `nix-copy-closure` which broken Nix cache jobs:
https://github.com/status-im/infra-ci/issues/49
This will not force upgrade on developes, nor require any `make nix-purge`.
If however and upgrade is wanted it can be simply done with `nix upgrade-nix`.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
By using just the timestamp we increase the probability of hitting a
race condition with another build due to same filename of sandbox file.
Depends on: https://github.com/status-im/status-jenkins-lib/pull/40
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Will make it easier and safer to upgrade Nix on CI hosts.
Also added architecture since we are starting to mix those.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This will make identifying installed software easier.
It can also be used to generate F-Droid RPs more easily.
Depends on:
https://github.com/status-im/status-jenkins-lib/pull/35
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This is part of my work of moving Nix cache to a separate host
because our Master host with jenkins needs more space.
Also, new Nix installer updated `.profile`, not `.bash_profile`.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Notable software upgrades:
- Go `1.14.13` to `1.14.15`
- Clojure `1.10.1.763` to `1.10.3.855`
- NodeJS `12.20.1` to `12.22.1`
- Git `2.29.2` to `2.31.1`
- CMake `3.10.2` to `3.18.1`
- Curl `7.74.0` to `7.76.1`
- Android NDK `21.3.6528147` to `22.1.7171670`
- Android Platform Tools `30.0.5` to `31.0.2`
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This is required to also ad GitHub releases to `status-desktop`.
Also renamed `status-react-jenkins` to `status-jenkins-lib` for clarity.
Depends on: https://github.com/status-im/status-react-jenkins/pull/23
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Otherwise release builds never create the GitHub draft releases.
Not unless a user explicitly stats a build with `PUBLISH: true`.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This changes the behavior of mobile combined builds to not publish
the results of `nightly` or `release` builds unless `PUBLISH`
parameter is set to `true`.
It also makes the `BUILD_TYPE` into a dropdown choice field with
pre-defined values, like `manual` or `e2e`.
Changes:
- Add parameter definitions for `BUILD_TYPE` and `PUBLISH`
- Move uploading of `latest.json` to `Publish` stage
- Make `Publish` stage optional based on the `PUBLISH` parameter
Requires: https://github.com/status-im/status-react-jenkins/pull/21
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
Using different temporary keychains does not work if we do not set
`default_keychain=true`, because `codesign` then can't find the cert:
```
error: No signing certificate "iOS Distribution" found: No "iOS Distribution" signing certificate matching team ID
```
But if we set `default_keychain=true` then we cause a race condition
when the keychain is deleted by a parallel job while another is using it
as its default.
For this reason we have to use a static keychain name and keep it
between builds.
I tried disabling `default_keychain=true` in #11378 but it worked only
because the default user keychain already had the cert.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
This is a new approach to signing the iOS app by using a temporary
Keychain created only for that specific build and unlocked in advance.
By doing it this way we can avoid issues with `errSecInternalComponent`
appearing when there is no UI to open a Keychain password prompt when
running build in CI. I've described this problem in details in:
https://github.com/fastlane/fastlane/issues/15185
Thanks to `codesign:` partition ID being added to key partition list by
Fastlane `match` when importing a Keychain this approach now works:
https://github.com/fastlane/fastlane/pull/17456
Signed-off-by: Jakub Sokołowski <jakub@status.im>
The env variable `INFURA_TOKEN` is used at build time of JS bundle, not
the final APK file. We never passed the `secretsFile` to the
derivation for JS bundle so it never saw the `INFURA_TOKEN`.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
* `status-im-releases` for release builds
* `status-im-nightlies` for nightlies
I want to reserve the `status-im` bucket for use with the site.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This updates a bunch of things in the Jenkins logic.
For details of that see:
https://github.com/status-im/status-react-jenkins/pull/12
It grew out of the changes I made to make PR builds available in Desktop client:
https://github.com/status-im/nim-status-client/pull/507
Changes:
- Bump `status-react-jenkins` library to newer version, probably `1.2.0`
- Update use of `utils.pkgFilename()` in `ci/Jenkinsfile.combined`
- Make all iOS builds go into the same folder: `status-ios`
- Drop e2e build type, infer it from Android ABIs set to `x86` only
- Simplify logic in `nix/mobile/android/release.nix.`
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Build PR Scheme in PR build
use named parameters, use pr_build boolean
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Enable capabilities
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Add custom app icon
Remove user defined profile
Add PR scheme
Explicit provide provisioning profiles
Fix pr schema
Bump jenkins
Pod bump
Describe pr_build argument
Signed-off-by: Gheorghe Pinzaru <feross95@gmail.com>
This way we can use different token for e2e, release, and devel builds.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
Jakub Sokołowski
yqrashawn
Churikova Tetiana
Yevheniia Berdnyk
Roman Volosovskyi
Andrea Maria Piana
Volodymyr Kozieiev
andrey
Serhy
Gheorghe Pinzaru