Commit Graph

94 Commits

Author SHA1 Message Date
Jakub Sokołowski 45f966b21b
ci: fix iOS signing, use same keychain name
Using different temporary keychains does not work if we do not set
`default_keychain=true`, because `codesign` then can't find the cert:
```
error: No signing certificate "iOS Distribution" found: No "iOS Distribution" signing certificate matching team ID
```
But if we set `default_keychain=true` then we cause a race condition
when the keychain is deleted by a parallel job while another is using it
as its default.

For this reason we have to use a static keychain name and keep it
between builds.

I tried disabling `default_keychain=true` in #11378 but it worked only
because the default user keychain already had the cert.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2020-11-17 10:17:38 +01:00
Jakub Sokołowski 3b780f4ff2
fastlane: Create temporary Keychain for iOS signing
This is a new approach to signing the iOS app by using a temporary
Keychain created only for that specific build and unlocked in advance.

By doing it this way we can avoid issues with `errSecInternalComponent`
appearing when there is no UI to open a Keychain password prompt when
running build in CI. I've described this problem in details in:
https://github.com/fastlane/fastlane/issues/15185

Thanks to `codesign:` partition ID being added to key partition list by
Fastlane `match` when importing a Keychain this approach now works:
https://github.com/fastlane/fastlane/pull/17456

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-03 00:03:38 +01:00
Jakub Sokołowski c4cac2cef7
fix availability of INFURA_TOKEN for Android build
The env variable `INFURA_TOKEN` is used at build time of JS bundle, not
the final APK file. We never passed the `secretsFile` to the
derivation for JS bundle so it never saw the `INFURA_TOKEN`.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-10-05 16:36:05 +02:00
Jakub Sokołowski 93ed3eb7ff
ci: add public download url to build description
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-10-01 17:32:10 +02:00
Jakub Sokołowski c866082cde
ci: use more buckets for different builds
* `status-im-releases` for release builds
* `status-im-nightlies` for nightlies

I want to reserve the `status-im` bucket for use with the site.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-09-28 20:10:14 +02:00
Jakub Sokołowski eeff44eea7
ci: fix Android release builds not splitting ABIs
This was caused by Groovy script logic not checking `params.BUILT_TYPE`.

Related: https://github.com/status-im/status-react-jenkins/pull/14

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-10 14:48:23 +02:00
Jakub Sokołowski f904d7b543
nix: add --console=plain to gradle call
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-06 14:34:07 +02:00
Jakub Sokołowski 7a80eca73c
jenkin: fix GitHub releases
Specifically filenames and the diff link.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-06 14:28:21 +02:00
Jakub Sokołowski 84286782f6
bump status-react-jenkins to 1.2.0
This updates a bunch of things in the Jenkins logic.
For details of that see:
https://github.com/status-im/status-react-jenkins/pull/12

It grew out of the changes I made to make PR builds available in Desktop client:
https://github.com/status-im/nim-status-client/pull/507

Changes:
- Bump `status-react-jenkins` library to newer version, probably `1.2.0`
- Update use of `utils.pkgFilename()` in `ci/Jenkinsfile.combined`
- Make all iOS builds go into the same folder: `status-ios`
- Drop e2e build type, infer it from Android ABIs set to `x86` only
- Simplify logic in `nix/mobile/android/release.nix.`

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-13 12:13:47 +02:00
Jakub Sokołowski 7d7462356e
ci: lower build timeouts to 20 minutes
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-08 12:33:33 +02:00
Jakub Sokołowski 112132aa94
drop all desktop related files and references
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-08 10:26:51 +02:00
Jakub Sokołowski b95056f3ce
ci: fix what version is set for iOS PR builds
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-06 09:47:39 +02:00
Gheorghe Pinzaru d916751160
Add PR Scheme for iOs build
Build PR Scheme in PR build

use named parameters, use pr_build boolean

Signed-off-by: Jakub Sokołowski <jakub@status.im>

Enable capabilities

Signed-off-by: Jakub Sokołowski <jakub@status.im>

Add custom app icon

Remove user defined profile

Add PR scheme

Explicit provide provisioning profiles

Fix pr schema

Bump jenkins

Pod bump

Describe pr_build argument

Signed-off-by: Gheorghe Pinzaru <feross95@gmail.com>
2020-06-29 16:16:35 +03:00
Jakub Sokołowski 41e04b9555
disable play store release
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-06-23 17:17:50 +02:00
Andrea Maria Piana 1714970e4e
Use Infura token pulled from environment
This way we can use different token for e2e, release, and devel builds.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2020-06-19 19:26:40 +02:00
Jakub Sokołowski 284c26055f
update Jenkins library to allow vebose Fastlane calls
For more details see status-react-jenkins change:
https://github.com/status-im/status-react-jenkins/pull/7

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-06-02 18:50:43 +02:00
Jakub Sokołowski a96b35996f
drop scripts/copy-translations.sh as useless
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-05-14 09:46:22 +02:00
Jakub Sokołowski 157d054e33
jenkins: allow combined jobs to copy artifacts
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-05-12 09:14:49 +02:00
Gheorghe Pinzaru c34df26e19
Move icons assets into resources
Fix logout icon usage

Update icons docs

Remove scripting

change jenkins

Signed-off-by: Gheorghe Pinzaru <feross95@gmail.com>
2020-05-08 14:12:52 +03:00
yenda d5ef218584
use shadow-cljs
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: yenda <eric@status.im>
2020-04-30 15:43:46 +02:00
Jakub Sokołowski 7b6b620ceb
nix: use overlays instead of packageOverrides
Changes:
- Add `nix/DETAILS.md` for more in-depth info
- Rename some of `config.status-im` variables
- Drop `env` argument for Android build
- Use `overlays` instead of `packageOverrides`
- Move the `pkgs` overlay to `nix/overlay.nix`
- Move `nix/status-go/utils.nix` to `nix/tools`
- Make `shell.nix` use the `shells.default` only
- Use `default.nix` as target for `nix/scripts/shell.sh`
- Make `nix/scripts/shell.sh` use `--attr` instead of `target`
- Drop the `target` argument in favour of using `--attr`
- Drop unnecessary `src` from `nix/mobile/ios/default.nix`
- Move `mkShell` and `mergeSh` under `lib`
- Move `patched-go` package to `nix/pkgs` directory
- Move `gomobile` package to `nix/pkgs` directory
- Move `ANDROID_ABI_SPLIT` to `config.status-im.android.abi-split`
- Move `ANDROID_ABI_INCLUDE to `config.status-im.android.abi-include`

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-04-29 11:53:33 +02:00
Jakub Sokołowski 5fab3268bd
allow lint stage fail in CI and still upload build result
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-27 09:19:46 +01:00
Jakub Sokołowski 0306f1cfbd
ci: re-add Play Store upload case for release
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-25 11:17:06 +01:00
Jakub Sokołowski 4a7c03b1cc
avoid building jsbundle twice, drop jsbundle stage
Because we run nix/scripts/clean.sh after building JSBundle it is
removed from Nix store and can't be reused in the Bundle stage.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-17 22:11:54 +01:00
Jakub Sokołowski 4e567cf782
use status-react-jenkins as CI library
This PR extracts all the ci/*.groovy scripts into a separate private repo located at:
https://github.com/status-im/status-react-jenkins

The main reasons for a separate repo are:

* Hiding the internal details of our CI setup
* Hiding names of Jenkins credentials available in CI jobs
* Lowering attack surface for malicious external contributors
* Increasing focus on PRs related to CI setup

You can read more about how Jenkins pipeline shared libraries work here:
https://jenkins.io/doc/book/pipeline/shared-libraries/

In simple terms I've added the repo to the main Jenkins configuration in "Global Pipeline Libraries" section and load it using:

  library 'status-react-jenkins@master'

Which makes globally available all of the libraries defined in the `vars` directory of that repo.
This also eliminates the need for statements like `android = load 'ci/android.groovy'`.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-11 19:11:36 +01:00
Jakub Sokołowski efa420def4
disable playstore upload
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Churikova Tetiana <churikova.tm@gmail.com>
2020-03-05 10:52:19 +01:00
Jakub Sokołowski cb78293db7
use Android keystore from Jenkins credentials
This way we don't have to store it on individual CI hosts.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-02-27 06:54:28 +01:00
Jakub Sokołowski aca703a011
major nix refactor
Changes:
- Adds a new `nix-gc` Makefile target for removing old packages
- Moves all `nix/*.sh` files to `nix/scripts/*.sh` to make things more tidy
- Renames `TARGET_OS` into `TARGET` and makes it effective only with `nix/scripts/shell.sh`
- Renames `target-os` Nix argument to just `target` and makes it effective only with `shell.nix`
- Drops `IN_CI_ENVIRONMENT` env variable which was useless
- Drops use of `target-os` argument outside of `shell.nix` (with few exceptions, but just in naming)
- `nix/platform.nix` has been made obsolete and removed
- Moves the definition of all major targets to `nix/targets.nix`
- Moves the definition of all major shells to `nix/shells.nix`
- Makes `default.nix` and `shell.nix` just thin wrappers around `nix/default.nix`
- `nix/nixpkgs-bootstrap.nix` has been moved to `nix/pkgs.nix`
- All package and tool overrides have been moved to `nix/pkgs.nix`
- Explicit passing of contents of `pkgs` has been removed in favor of `callPackage` doing it for us
- `nix/bootstrapped-shell.nix` has been moved to `nix/tools/mkShell.nix`
- A new `mergeSh` tool has been added to `pkgs` from `nix/tools/mergeSh.nix`
  - This tool is used to merge shells created using `mkShell`
- `mobile/targets/jsbundle.nix` has been moved to `mobile/android/jsbundle/default.nix`
- Moves `status-go` version sanitization to `nix/status-go/utils.nix`
- Renames version to rawVersion and versionName to cleanVersion in status-go derivation
- Ports nix/mobile/ios/install-pods-and-status-go.sh to Nix sub-shells
- Moves adjustment of `inotify/max_user_watches` out into `scripts/inotify_fix.sh`
- Makes iOS builds use the Nix version of Fastlane

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-12-12 18:51:21 +01:00
Vitaliy Vlasov f28fd8fc9c
customize TMPDIR and clean it
Also:
- parallelize upload and achive stages
- fix s3cmd uploads for combined Jenkinsfile
- fix failing TestFlight clean job

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-10-18 09:40:11 +02:00
Jakub Sokołowski afc2412514
desktop builds need GnuPG
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-10-17 11:03:41 +02:00
Jakub Sokołowski 599ed98093
fix which APK is published for e2e builds
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-10-01 23:42:16 +02:00
Jakub Sokołowski 973623f4c8
build multiple APKs for different architectures
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-09-30 13:59:42 +02:00
yenda c3dd950286
remove realm
Signed-off-by: yenda <eric@status.im>
2019-09-09 18:40:15 +02:00
Andrey Shovkoplyas e4c0bcfc3d
disable coverage
Signed-off-by: Andrey Shovkoplyas <motor4ik@gmail.com>
2019-08-12 15:05:57 +02:00
Pedro Pombeiro acf6278383
nix: Use nix/build.sh for release-android make target
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-07-26 16:01:06 -04:00
Pedro Pombeiro 2ac0630ef8
nix: fix target OS for add-nix-gcroots.sh
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-07-25 13:47:43 -04:00
Jakub Sokołowski 2acd5b4cb0
rename prod-build to jsbundle so it means something
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-07-24 11:56:03 -04:00
Pedro Pombeiro a7fd659d84
nix: Wrap gradle, npm packages, `lein prod-build` and `gradle assembleRelease` in Nix expressions to improve reproducible builds with constant build paths 2019-07-15 16:08:02 +02:00
tbenr b78bb456a4
add coverage test
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-07-10 16:15:44 -04:00
Pedro Pombeiro f5be5c3a69
Ensure watchman watch is removed after Jenkins build 2019-06-13 15:03:44 +02:00
Jakub Sokołowski 49d5a3082e run checks and build steps in parallel
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-06-10 22:07:55 -04:00
Jakub Sokołowski d75a412ae8
don't rebase manual builds
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Pedro Pombeiro <pombeirp@users.noreply.github.com>
2019-06-07 18:45:28 +02:00
Pedro Pombeiro 1457f0f017
Some changes from the node2nix test branch that don't need to be there
Signed-off-by: Pedro Pombeiro <pombeirp@users.noreply.github.com>
2019-06-06 19:13:31 +02:00
Roman Volosovskyi daacccb512
[Android, iOS] Advanced ClojureScript compilation 2019-05-30 21:23:31 +03:00
Jakub Sokołowski 0e8e5a51ba
refactor nix_sh to give it optional Map arguments
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-05-14 16:06:16 +02:00
Pedro Pombeiro 9d1e266145
Use fastlane Nix package instead of ruby/bundler for Android
- iOS still has issues with native Ruby dependencies

Signed-off-by: Pedro Pombeiro <pombeirp@users.noreply.github.com>
2019-05-06 11:57:12 +02:00
Jakub Sokołowski 78a1b025ac
don't use docker containers on linux, nix rules all
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-04-16 21:35:51 +02:00
Pedro Pombeiro a436793fa0
Consolidate TARGET_SYSTEM_NAME and TARGET_PLATFORM with TARGET_OS
Signed-off-by: Pedro Pombeiro <pombeirp@users.noreply.github.com>
2019-04-15 20:31:38 +01:00
Jakub Sokołowski 55abf20645
modify .env settings using Jenkins params
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Igor Mandrigin <i@mandrigin.ru>
2019-04-11 19:49:13 +02:00
Pedro Pombeiro aeacbd928e
Separate logic into shell.nix and derivation.nix to fix `nix build` command
Signed-off-by: Pedro Pombeiro <pombeirp@users.noreply.github.com>
2019-04-11 17:44:29 +02:00