Commit Graph

30 Commits

Author SHA1 Message Date
Jakub Sokołowski acfa73ab43
nix: build unsigned Android APK, sign separately
This has several benefits:

* Less abuse of `extra-sandbox-paths` Nix option
* Less inputs to the Android release build derivation
* Easier for users to sign the build themselves
* Simplification of `scripts/release-android.sh`
* Preparation for building using Nix Flakes

The only two remaining credentials passed via `extra-sandbox-paths` is
the Infura and OpenSea API keys, and there is no way around that other
than passing them via Nix arguments, but that would cause them to end up
in `/nix/store` as part of `.drv` files.

I'm also renaming `release-fdroid` to `build-fdroid` to be consistent.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/42

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-21 11:10:11 +02:00
Jakub Sokołowski 8d62680abe
ci: use improved method to get APK architectures
Detecting APK architectures using `apkanalyzer` tool
rather than just guessing based on build type.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/41

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-11 14:57:00 +02:00
Jakub Sokołowski 2bab1325d8
ci: fix nix sandbox filename by adding random string
By using just the timestamp we increase the probability of hitting a
race condition with another build due to same filename of sandbox file.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/40

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-04-27 15:07:26 +04:00
Jakub Sokołowski 0311983751
ci: upgrade Nix from 2.3.12 to 2.6.1
Due to changes in how Nix handles Git refs we need to specify
`refs/tags/` prefix in `package.json` to avoid the following error:
```
fatal: couldn't find remote ref refs/heads/v2.0.3-status-v6
error: program 'git' failed with exit code 128
```

I also had to rewrite some logic in `nix/scripts/source.sh` in order to
take account of single-user and multi-user installations.
We default to multi-user for Darwin, but not for any other OS due to
discovered issues with `nix-daemon` socket on Arch and open file limits.

I also rewrote `nix/scripts/setup.sh` and `/nix/scripts/purge.sh` to support
different types of installations. Both single-user and multi-user, as some
operating systems have issues with multi-user installations.

Resolves: https://github.com/status-im/status-react/issues/12832
Depends on: https://github.com/status-im/status-jenkins-lib/pull/37

Related changes:
* https://github.com/status-im/infra-ci/commit/84947b9f
* https://github.com/status-im/infra-ci/commit/bb98f5f3
* https://github.com/status-im/infra-ci/commit/f75d524d
* https://github.com/status-im/infra-ci/commit/d1fc92cd
* https://github.com/status-im/infra-ci/commit/87c4091e
* https://github.com/status-im/infra-ci/commit/8d6b6b3f
* https://github.com/status-im/infra-ci/commit/c4f13285
* https://github.com/status-im/infra-ci/commit/38ac698d

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-04-11 12:26:54 +02:00
Jakub Sokołowski 79be879306
ci: upgrade library and use of pkgFilename()
Depends on: https://github.com/status-im/status-jenkins-lib/pull/36

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-28 21:25:34 +02:00
Jakub Sokołowski d4da8209cd
Revert "Remove fastlane metadata because no one use it"
Because as pointed out in this comment:
https://github.com/status-im/status-react/issues/12289#issuecomment-894008069
the lack of fastlane metadata makes F-Droid unable to find out things
like app description.

For more details see:
https://f-droid.org/en/docs/All_About_Descriptions_Graphics_and_Screenshots/#fastlane-structure

This reverts commit 3469aca1d8.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-08-12 19:28:20 +02:00
Volodymyr Kozieiev 3469aca1d8
Remove fastlane metadata because no one use it
Signed-off-by: Volodymyr Kozieiev <vkjr.sp@gmail.com>
2021-05-11 12:09:42 +03:00
Jakub Sokołowski dd0031f68e
ci: add PR numbers to filenames of artifacts
This is useful for QA team when they download multiple builds.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-05-02 22:19:03 +02:00
Jakub Sokołowski cf9f160de9
ci: nicer artifact filenames for release builds
Depends on: https://github.com/status-im/status-jenkins-lib/pull/24

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-28 17:25:39 +02:00
Jakub Sokołowski 594c83013c
ci: upgrade jenkins lib to 1.2.12 to generalize GH release
This is required to also ad GitHub releases to `status-desktop`.

Also renamed `status-react-jenkins` to `status-jenkins-lib` for clarity.

Depends on: https://github.com/status-im/status-react-jenkins/pull/23

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-19 11:47:34 +02:00
Jakub Sokołowski ef5031a4aa
ci: update Google Play JSON credential name
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-14 14:04:39 +02:00
Jakub Sokołowski d946d473c6 fastlane: use Apple Store Connect API for CI builds
Because our CI Apple account still has 2FA disabled in order for it to
be usable in Jenkin it is now failing with an error that seems unrelated
to 2FA.

The recommended way of doing Apple authentication for CI are App Store
Connect API JWTs. The API appears to support both pushing builds as well as
updating metadata and other tasks like refreshing of provisioning
profiles.

Fixes: https://github.com/status-im/status-react/issues/11713
Issue: https://github.com/fastlane/fastlane/issues/18098
Docs: https://docs.fastlane.tools/app-store-connect-api/

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-02-04 15:10:07 +01:00
Jakub Sokołowski 9889e80bbd
ci: parametrize publishing, make BUILD_TYPE a choice
This changes the behavior of mobile combined builds to not publish
the results of `nightly` or `release` builds unless `PUBLISH`
parameter is set to `true`.

It also makes the `BUILD_TYPE` into a dropdown choice field with
pre-defined values, like `manual` or `e2e`.

Changes:
- Add parameter definitions for `BUILD_TYPE` and `PUBLISH`
- Move uploading of `latest.json` to `Publish` stage
- Make `Publish` stage optional based on the `PUBLISH` parameter

Requires: https://github.com/status-im/status-react-jenkins/pull/21

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2021-01-08 12:54:17 +01:00
Jakub Sokołowski 458ef05740
bump jenkins library to 1.2.8 to add keychain password
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-12-02 19:34:10 +01:00
Jakub Sokołowski b62ff59f16
ci: make GitHub build links use CDN for downloads
Should speed up downloads for some geographical locations.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-12-02 15:53:17 +01:00
Jakub Sokołowski 0b8c673094
ci: fix iOS signing, use same keychain name
Using different temporary keychains does not work if we do not set
`default_keychain=true`, because `codesign` then can't find the cert:
```
error: No signing certificate "iOS Distribution" found: No "iOS Distribution" signing certificate matching team ID
```
But if we set `default_keychain=true` then we cause a race condition
when the keychain is deleted by a parallel job while another is using it
as its default.

For this reason we have to use a static keychain name and keep it
between builds.

I tried disabling `default_keychain=true` in #11378 but it worked only
because the default user keychain already had the cert.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2020-11-17 10:16:32 +01:00
Jakub Sokołowski 3b780f4ff2
fastlane: Create temporary Keychain for iOS signing
This is a new approach to signing the iOS app by using a temporary
Keychain created only for that specific build and unlocked in advance.

By doing it this way we can avoid issues with `errSecInternalComponent`
appearing when there is no UI to open a Keychain password prompt when
running build in CI. I've described this problem in details in:
https://github.com/fastlane/fastlane/issues/15185

Thanks to `codesign:` partition ID being added to key partition list by
Fastlane `match` when importing a Keychain this approach now works:
https://github.com/fastlane/fastlane/pull/17456

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-03 00:03:38 +01:00
Jakub Sokołowski c4cac2cef7
fix availability of INFURA_TOKEN for Android build
The env variable `INFURA_TOKEN` is used at build time of JS bundle, not
the final APK file. We never passed the `secretsFile` to the
derivation for JS bundle so it never saw the `INFURA_TOKEN`.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-10-05 16:36:05 +02:00
Jakub Sokołowski c866082cde
ci: use more buckets for different builds
* `status-im-releases` for release builds
* `status-im-nightlies` for nightlies

I want to reserve the `status-im` bucket for use with the site.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-09-28 20:10:14 +02:00
Jakub Sokołowski eeff44eea7
ci: fix Android release builds not splitting ABIs
This was caused by Groovy script logic not checking `params.BUILT_TYPE`.

Related: https://github.com/status-im/status-react-jenkins/pull/14

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-10 14:48:23 +02:00
Jakub Sokołowski f904d7b543
nix: add --console=plain to gradle call
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-06 14:34:07 +02:00
Jakub Sokołowski 7a80eca73c
jenkin: fix GitHub releases
Specifically filenames and the diff link.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-08-06 14:28:21 +02:00
Jakub Sokołowski 84286782f6
bump status-react-jenkins to 1.2.0
This updates a bunch of things in the Jenkins logic.
For details of that see:
https://github.com/status-im/status-react-jenkins/pull/12

It grew out of the changes I made to make PR builds available in Desktop client:
https://github.com/status-im/nim-status-client/pull/507

Changes:
- Bump `status-react-jenkins` library to newer version, probably `1.2.0`
- Update use of `utils.pkgFilename()` in `ci/Jenkinsfile.combined`
- Make all iOS builds go into the same folder: `status-ios`
- Drop e2e build type, infer it from Android ABIs set to `x86` only
- Simplify logic in `nix/mobile/android/release.nix.`

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-13 12:13:47 +02:00
Jakub Sokołowski 112132aa94
drop all desktop related files and references
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-08 10:26:51 +02:00
Jakub Sokołowski b95056f3ce
ci: fix what version is set for iOS PR builds
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-07-06 09:47:39 +02:00
Gheorghe Pinzaru d916751160
Add PR Scheme for iOs build
Build PR Scheme in PR build

use named parameters, use pr_build boolean

Signed-off-by: Jakub Sokołowski <jakub@status.im>

Enable capabilities

Signed-off-by: Jakub Sokołowski <jakub@status.im>

Add custom app icon

Remove user defined profile

Add PR scheme

Explicit provide provisioning profiles

Fix pr schema

Bump jenkins

Pod bump

Describe pr_build argument

Signed-off-by: Gheorghe Pinzaru <feross95@gmail.com>
2020-06-29 16:16:35 +03:00
Andrea Maria Piana 1714970e4e
Use Infura token pulled from environment
This way we can use different token for e2e, release, and devel builds.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2020-06-19 19:26:40 +02:00
Jakub Sokołowski 284c26055f
update Jenkins library to allow vebose Fastlane calls
For more details see status-react-jenkins change:
https://github.com/status-im/status-react-jenkins/pull/7

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-06-02 18:50:43 +02:00
Jakub Sokołowski a96b35996f
drop scripts/copy-translations.sh as useless
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-05-14 09:46:22 +02:00
Jakub Sokołowski 3ae5f87be3
ci: add Jenkinsfile for updating Play Store metadata
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-05-05 19:40:45 +02:00