Commit Graph

119 Commits

Author SHA1 Message Date
Jakub Sokołowski 718e6cdbb3
ci: disable sandbox for status-go iOS builds
Otherwise we get weird failures like these:
```
clang-11: error: cannot use 'cpp-output' output with multiple -arch options
clang-11: error: invalid argument '-mmacos-version-min=10.12' not allowed with '-miphoneos-version-min=8.0'
clang-11: error: invalid argument '-mmacos-version-min=10.12' not allowed with '-miphoneos-version-min=8.0'
```
Depends on: https://github.com/status-im/status-jenkins-lib/pull/47

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-01 16:17:47 +02:00
Jakub Sokołowski 70da680c1b
ci: fix keystore used when validating APK
Necessary to avoid validation errors due to missing release keystore.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/46
Issue: https://github.com/status-im/infra-ci/issues/63

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-29 12:46:19 +02:00
Jakub Sokołowski 1b8aea87b2
ci: use different IPFS gateway for release builds
f43f43cc...86054875

Depends on: https://github.com/status-im/status-jenkins-lib/pull/44

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-26 20:02:27 +02:00
Jakub Sokołowski 0a4d181477
ci: extrac Lint and Tests to separate job
This way we can make PRs depend only on successful tests, and not whole
builds for all platforms, which take 10 minutes or more.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-26 15:47:32 +02:00
Jakub Sokołowski 1f7fd17ff1
rename status-react to status-mobile
This way the name of the repo makes at least some sense and
matches the `status-desktop` repo naming.

Also updated `status-jenkins-lib` since it also contained
references to `status-react` repo and job names.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-07-17 14:46:16 +02:00
Jakub Sokołowski 578e542a66
ci: use newly added disableConcurrentBuilds
https://github.com/jenkinsci/workflow-job-plugin/pull/200
Removes the need to use our own convoluted implementation:
https://github.com/status-im/status-jenkins-lib/blob/17c1d0ea/vars/jenkins.groovy#L6-L27

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-07-13 20:27:20 +02:00
Jakub Sokołowski acfa73ab43
nix: build unsigned Android APK, sign separately
This has several benefits:

* Less abuse of `extra-sandbox-paths` Nix option
* Less inputs to the Android release build derivation
* Easier for users to sign the build themselves
* Simplification of `scripts/release-android.sh`
* Preparation for building using Nix Flakes

The only two remaining credentials passed via `extra-sandbox-paths` is
the Infura and OpenSea API keys, and there is no way around that other
than passing them via Nix arguments, but that would cause them to end up
in `/nix/store` as part of `.drv` files.

I'm also renaming `release-fdroid` to `build-fdroid` to be consistent.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/42

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-21 11:10:11 +02:00
Jakub Sokołowski 8d62680abe
ci: use improved method to get APK architectures
Detecting APK architectures using `apkanalyzer` tool
rather than just guessing based on build type.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/41

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-11 14:57:00 +02:00
Jakub Sokołowski 777d0581ce
nix: upgrade from 2.6.1 to 2.8.0
Minor upgrade done to match the version deployed in CI due to a bug
with `nix-copy-closure` which broken Nix cache jobs:
https://github.com/status-im/infra-ci/issues/49

This will not force upgrade on developes, nor require any `make nix-purge`.
If however and upgrade is wanted it can be simply done with `nix upgrade-nix`.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-07 11:24:58 +02:00
Jakub Sokołowski 2bab1325d8
ci: fix nix sandbox filename by adding random string
By using just the timestamp we increase the probability of hitting a
race condition with another build due to same filename of sandbox file.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/40

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-04-27 15:07:26 +04:00
Jakub Sokołowski 0311983751
ci: upgrade Nix from 2.3.12 to 2.6.1
Due to changes in how Nix handles Git refs we need to specify
`refs/tags/` prefix in `package.json` to avoid the following error:
```
fatal: couldn't find remote ref refs/heads/v2.0.3-status-v6
error: program 'git' failed with exit code 128
```

I also had to rewrite some logic in `nix/scripts/source.sh` in order to
take account of single-user and multi-user installations.
We default to multi-user for Darwin, but not for any other OS due to
discovered issues with `nix-daemon` socket on Arch and open file limits.

I also rewrote `nix/scripts/setup.sh` and `/nix/scripts/purge.sh` to support
different types of installations. Both single-user and multi-user, as some
operating systems have issues with multi-user installations.

Resolves: https://github.com/status-im/status-react/issues/12832
Depends on: https://github.com/status-im/status-jenkins-lib/pull/37

Related changes:
* https://github.com/status-im/infra-ci/commit/84947b9f
* https://github.com/status-im/infra-ci/commit/bb98f5f3
* https://github.com/status-im/infra-ci/commit/f75d524d
* https://github.com/status-im/infra-ci/commit/d1fc92cd
* https://github.com/status-im/infra-ci/commit/87c4091e
* https://github.com/status-im/infra-ci/commit/8d6b6b3f
* https://github.com/status-im/infra-ci/commit/c4f13285
* https://github.com/status-im/infra-ci/commit/38ac698d

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-04-11 12:26:54 +02:00
Roman Volosovskyi aa72ac5747
[#13016] Pass opensea key from env
Signed-off-by: andrey <motor4ik@gmail.com>
2022-03-21 13:59:35 +01:00
Jakub Sokołowski 525577ab17
ci: specify nix version via agent label
Will make it easier and safer to upgrade Nix on CI hosts.

Also added architecture since we are starting to mix those.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-12 18:21:28 +01:00
Jakub Sokołowski 79be879306
ci: upgrade library and use of pkgFilename()
Depends on: https://github.com/status-im/status-jenkins-lib/pull/36

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-28 21:25:34 +02:00
Jakub Sokołowski e2c18ea151
add commit hash to app metadata for Android and iOS
This will make identifying installed software easier.
It can also be used to generate F-Droid RPs more easily.

Depends on:
https://github.com/status-im/status-jenkins-lib/pull/35

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-21 11:48:45 +02:00
Andrea Maria Piana 45b9fd4b91
[Fixes: #12607] Edit messages
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2021-06-29 13:18:52 +02:00
Jakub Sokołowski c20d6b5782
ci: do no delete non-draft releases
We identified this issue in status-desktop release from branch
`release/0.1.0-beta.10` which had old version in VERSION file.
https://ci.status.im/job/status-desktop/job/release/job/release%252F0.1.0-beta.10/

Depends on: https://github.com/status-im/status-jenkins-lib/pull/28

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-08 09:19:36 +02:00
Jakub Sokołowski dd0031f68e
ci: add PR numbers to filenames of artifacts
This is useful for QA team when they download multiple builds.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-05-02 22:19:03 +02:00
Jakub Sokołowski cf9f160de9
ci: nicer artifact filenames for release builds
Depends on: https://github.com/status-im/status-jenkins-lib/pull/24

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-28 17:25:39 +02:00
Jakub Sokołowski 594c83013c
ci: upgrade jenkins lib to 1.2.12 to generalize GH release
This is required to also ad GitHub releases to `status-desktop`.

Also renamed `status-react-jenkins` to `status-jenkins-lib` for clarity.

Depends on: https://github.com/status-im/status-react-jenkins/pull/23

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-19 11:47:34 +02:00
Jakub Sokołowski d946d473c6 fastlane: use Apple Store Connect API for CI builds
Because our CI Apple account still has 2FA disabled in order for it to
be usable in Jenkin it is now failing with an error that seems unrelated
to 2FA.

The recommended way of doing Apple authentication for CI are App Store
Connect API JWTs. The API appears to support both pushing builds as well as
updating metadata and other tasks like refreshing of provisioning
profiles.

Fixes: https://github.com/status-im/status-react/issues/11713
Issue: https://github.com/fastlane/fastlane/issues/18098
Docs: https://docs.fastlane.tools/app-store-connect-api/

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-02-04 15:10:07 +01:00
Jakub Sokołowski 9889e80bbd
ci: parametrize publishing, make BUILD_TYPE a choice
This changes the behavior of mobile combined builds to not publish
the results of `nightly` or `release` builds unless `PUBLISH`
parameter is set to `true`.

It also makes the `BUILD_TYPE` into a dropdown choice field with
pre-defined values, like `manual` or `e2e`.

Changes:
- Add parameter definitions for `BUILD_TYPE` and `PUBLISH`
- Move uploading of `latest.json` to `Publish` stage
- Make `Publish` stage optional based on the `PUBLISH` parameter

Requires: https://github.com/status-im/status-react-jenkins/pull/21

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2021-01-08 12:54:17 +01:00
Andrea Maria Piana b5a6f1b78f
Add nix purge command and change the behavior of nix clean
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2020-12-23 09:08:46 +01:00
Jakub Sokołowski 458ef05740
bump jenkins library to 1.2.8 to add keychain password
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-12-02 19:34:10 +01:00
Jakub Sokołowski b62ff59f16
ci: make GitHub build links use CDN for downloads
Should speed up downloads for some geographical locations.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-12-02 15:53:17 +01:00
Jakub Sokołowski 0b8c673094
ci: fix iOS signing, use same keychain name
Using different temporary keychains does not work if we do not set
`default_keychain=true`, because `codesign` then can't find the cert:
```
error: No signing certificate "iOS Distribution" found: No "iOS Distribution" signing certificate matching team ID
```
But if we set `default_keychain=true` then we cause a race condition
when the keychain is deleted by a parallel job while another is using it
as its default.

For this reason we have to use a static keychain name and keep it
between builds.

I tried disabling `default_keychain=true` in #11378 but it worked only
because the default user keychain already had the cert.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2020-11-17 10:16:32 +01:00
Jakub Sokołowski 3b780f4ff2
fastlane: Create temporary Keychain for iOS signing
This is a new approach to signing the iOS app by using a temporary
Keychain created only for that specific build and unlocked in advance.

By doing it this way we can avoid issues with `errSecInternalComponent`
appearing when there is no UI to open a Keychain password prompt when
running build in CI. I've described this problem in details in:
https://github.com/fastlane/fastlane/issues/15185

Thanks to `codesign:` partition ID being added to key partition list by
Fastlane `match` when importing a Keychain this approach now works:
https://github.com/fastlane/fastlane/pull/17456

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-03 00:03:38 +01:00
Jakub Sokołowski c4cac2cef7
fix availability of INFURA_TOKEN for Android build
The env variable `INFURA_TOKEN` is used at build time of JS bundle, not
the final APK file. We never passed the `secretsFile` to the
derivation for JS bundle so it never saw the `INFURA_TOKEN`.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-10-05 16:36:05 +02:00
Jakub Sokołowski 93ed3eb7ff
ci: add public download url to build description
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-10-01 17:32:10 +02:00
Jakub Sokołowski c866082cde
ci: use more buckets for different builds
* `status-im-releases` for release builds
* `status-im-nightlies` for nightlies

I want to reserve the `status-im` bucket for use with the site.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-09-28 20:10:14 +02:00
Jakub Sokołowski eeff44eea7
ci: fix Android release builds not splitting ABIs
This was caused by Groovy script logic not checking `params.BUILT_TYPE`.

Related: https://github.com/status-im/status-react-jenkins/pull/14

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-10 14:48:23 +02:00
Jakub Sokołowski f904d7b543
nix: add --console=plain to gradle call
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-06 14:34:07 +02:00
Jakub Sokołowski 7a80eca73c
jenkin: fix GitHub releases
Specifically filenames and the diff link.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-06 14:28:21 +02:00
Jakub Sokołowski 84286782f6
bump status-react-jenkins to 1.2.0
This updates a bunch of things in the Jenkins logic.
For details of that see:
https://github.com/status-im/status-react-jenkins/pull/12

It grew out of the changes I made to make PR builds available in Desktop client:
https://github.com/status-im/nim-status-client/pull/507

Changes:
- Bump `status-react-jenkins` library to newer version, probably `1.2.0`
- Update use of `utils.pkgFilename()` in `ci/Jenkinsfile.combined`
- Make all iOS builds go into the same folder: `status-ios`
- Drop e2e build type, infer it from Android ABIs set to `x86` only
- Simplify logic in `nix/mobile/android/release.nix.`

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-13 12:13:47 +02:00
Jakub Sokołowski 7d7462356e
ci: lower build timeouts to 20 minutes
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-08 12:33:33 +02:00
Jakub Sokołowski 112132aa94
drop all desktop related files and references
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-08 10:26:51 +02:00
Jakub Sokołowski b95056f3ce
ci: fix what version is set for iOS PR builds
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-06 09:47:39 +02:00
Gheorghe Pinzaru d916751160
Add PR Scheme for iOs build
Build PR Scheme in PR build

use named parameters, use pr_build boolean

Signed-off-by: Jakub Sokołowski <jakub@status.im>

Enable capabilities

Signed-off-by: Jakub Sokołowski <jakub@status.im>

Add custom app icon

Remove user defined profile

Add PR scheme

Explicit provide provisioning profiles

Fix pr schema

Bump jenkins

Pod bump

Describe pr_build argument

Signed-off-by: Gheorghe Pinzaru <feross95@gmail.com>
2020-06-29 16:16:35 +03:00
Jakub Sokołowski 41e04b9555
disable play store release
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-06-23 17:17:50 +02:00
Andrea Maria Piana 1714970e4e
Use Infura token pulled from environment
This way we can use different token for e2e, release, and devel builds.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2020-06-19 19:26:40 +02:00
Jakub Sokołowski 284c26055f
update Jenkins library to allow vebose Fastlane calls
For more details see status-react-jenkins change:
https://github.com/status-im/status-react-jenkins/pull/7

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-06-02 18:50:43 +02:00
Jakub Sokołowski a96b35996f
drop scripts/copy-translations.sh as useless
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-05-14 09:46:22 +02:00
Jakub Sokołowski 157d054e33
jenkins: allow combined jobs to copy artifacts
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-05-12 09:14:49 +02:00
Gheorghe Pinzaru c34df26e19
Move icons assets into resources
Fix logout icon usage

Update icons docs

Remove scripting

change jenkins

Signed-off-by: Gheorghe Pinzaru <feross95@gmail.com>
2020-05-08 14:12:52 +03:00
yenda d5ef218584
use shadow-cljs
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: yenda <eric@status.im>
2020-04-30 15:43:46 +02:00
Jakub Sokołowski 7b6b620ceb
nix: use overlays instead of packageOverrides
Changes:
- Add `nix/DETAILS.md` for more in-depth info
- Rename some of `config.status-im` variables
- Drop `env` argument for Android build
- Use `overlays` instead of `packageOverrides`
- Move the `pkgs` overlay to `nix/overlay.nix`
- Move `nix/status-go/utils.nix` to `nix/tools`
- Make `shell.nix` use the `shells.default` only
- Use `default.nix` as target for `nix/scripts/shell.sh`
- Make `nix/scripts/shell.sh` use `--attr` instead of `target`
- Drop the `target` argument in favour of using `--attr`
- Drop unnecessary `src` from `nix/mobile/ios/default.nix`
- Move `mkShell` and `mergeSh` under `lib`
- Move `patched-go` package to `nix/pkgs` directory
- Move `gomobile` package to `nix/pkgs` directory
- Move `ANDROID_ABI_SPLIT` to `config.status-im.android.abi-split`
- Move `ANDROID_ABI_INCLUDE to `config.status-im.android.abi-include`

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-04-29 11:53:33 +02:00
Jakub Sokołowski 5fab3268bd
allow lint stage fail in CI and still upload build result
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-27 09:19:46 +01:00
Jakub Sokołowski 0306f1cfbd
ci: re-add Play Store upload case for release
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-25 11:17:06 +01:00
Jakub Sokołowski 4a7c03b1cc
avoid building jsbundle twice, drop jsbundle stage
Because we run nix/scripts/clean.sh after building JSBundle it is
removed from Nix store and can't be reused in the Bundle stage.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-17 22:11:54 +01:00
Jakub Sokołowski 4e567cf782
use status-react-jenkins as CI library
This PR extracts all the ci/*.groovy scripts into a separate private repo located at:
https://github.com/status-im/status-react-jenkins

The main reasons for a separate repo are:

* Hiding the internal details of our CI setup
* Hiding names of Jenkins credentials available in CI jobs
* Lowering attack surface for malicious external contributors
* Increasing focus on PRs related to CI setup

You can read more about how Jenkins pipeline shared libraries work here:
https://jenkins.io/doc/book/pipeline/shared-libraries/

In simple terms I've added the repo to the main Jenkins configuration in "Global Pipeline Libraries" section and load it using:

  library 'status-react-jenkins@master'

Which makes globally available all of the libraries defined in the `vars` directory of that repo.
This also eliminates the need for statements like `android = load 'ci/android.groovy'`.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-03-11 19:11:36 +01:00