142 Commits

Author SHA1 Message Date
Anton Iakimov
a6e6716311
ci: add shebang to jenkinsfiles 2023-07-02 09:11:54 +02:00
5f50a8c39a
nix: upgrade interpreter from 2.11.1 to 2.14.1
This is a mild upgrade that should not cause any controversy.

You can read about changes here:
- https://nixos.org/manual/nix/stable/release-notes/rl-2.12.html
- https://nixos.org/manual/nix/stable/release-notes/rl-2.13.html
- https://nixos.org/manual/nix/stable/release-notes/rl-2.14.html

Relevant `infra-ci` change:
- https://github.com/status-im/infra-ci/commit/e4e9796f

The simplest way to upgrade to `2.14` your version locally is using:
```sh
nix-channel --update
nix-env -iA nixpkgs.nixVersions.nix_2_14 nixpkgs.cacert
sudo systemctl daemon-reload
sudo systemctl restart nix-daemon
```
For MacOS the instructions are a bit different:
https://nixos.org/manual/nix/stable/installation/upgrading.html

Keep in mind you should use `nixpkgs.nixVersions.nix_2_14` instead
of just `nixpkgs.nix` to avoid getting newer than `2.14`.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-06-19 10:58:56 +02:00
f30d5b59ca
ci: drop references to unused Coveralls
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-30 18:28:52 +02:00
2493b8ad4b
ios: replace Diawi Fastlane plugin that disappered
For an unknown reason the original Diawi plugin for Fastlane has been
removed from GitHub and RubyGems pages and can no longer be used.

This replaces it with a Node.js script which does the same job.

I tried using `diawi` and `diawi-nodejs-uploader` but both had issues,
one of them being depending on far too many useless packages.

Resolves: https://github.com/status-im/status-mobile/issues/15951

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-24 10:55:38 +02:00
7e47057b2e
ci: drop useless call to doGitRebasePR
It only blocks CI builds for no good reason when branch has not been
rebased recently, which has no real benefit as GitHub already enforces
not merging outdated PRs. It's just annoying and wastes time.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/68

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-22 15:40:32 +02:00
58d20967ae
nix: use jsbundle derivation for iOS as well
For some unknown to me reason we are using a different Yarn call to
Shadow-cljs to generate the JSBundle for iOS builds, while the one
created by the Android derivation shoudl be exactly the same.

I'm changing the target to just be `make jsbundle` while keeping aliases
referencing old naming, and moving things around in `nix` folder to
reflect the fact that the derivation is no longer Android-specific.

Also, crucially, I've changed the `import` in `index.js` to use the
`./result/index.js` path, since that's what Nix creates. I'm not sure if
this clashes with any developer workflow that takes place locally, so
I'd appreciate some testing from developers.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/67

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-22 10:31:09 +02:00
andrey
6858884c83
[#15756] Token gated communities 2023-05-20 08:54:06 +01:00
10d9c34559
ci: fix Alchemy and Infura env vars for iOS
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-16 13:06:37 +02:00
8ccf2d1596
ci: fix missing Alchemy and Infura env vars
Depends on:
https://github.com/status-im/status-jenkins-lib/pull/65

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-16 11:20:29 +02:00
78131c1028
ci: add Alchemy and Infura credentials in CI
Depends on: https://github.com/status-im/status-jenkins-lib/pull/64

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-05-10 12:57:04 +02:00
fd7797322f
ci: fix missing SSH key for fetching ios certs
Otherwise builds fail with:
```
15:15:22  [16:15:22]: Cloning remote git repo...
15:15:22  [16:15:22]: If cloning the repo takes too long, you can use the `clone_branch_directly` option in match.
15:15:23  Cloning into '/tmp/d20230425-79805-70bge2'...
15:15:23  git@github.com: Permission denied (publickey).
15:15:23  fatal: Could not read from remote repository.
```
Depends on: https://github.com/status-im/status-jenkins-lib/pull/63

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-04-25 16:31:54 +02:00
5380f83cab
ci: ugprade Jenkins library to use narrow shell
Depends on:
https://github.com/status-im/status-jenkins-lib/pull/59

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-03-10 16:19:10 +01:00
ba89ac3fcf
ci: fix Jenkins lib function for reading version
Otherwise we just get `UNKNOWN` in release filenames.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/56

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-02-13 18:05:11 +01:00
361ddb338e
ci: drop uploading e2e builds to SauceLabs
Since uploads to SauceLabs were dropped from `Fastfile` in:
https://github.com/status-im/status-mobile/pull/14969

Also dropped:
- Useless Diawi upload of APK
- Useless DO Spaces upload of IPA

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2023-02-06 15:15:51 +01:00
e61889f16c
ci: add missing suffix to android e2e builds
Fix for same naming of e2e and universal builds.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-11-24 10:23:28 +01:00
3fc1ba357e
ci: bump jenkins lib to match desktop
Related to: https://github.com/status-im/status-desktop/pull/8420
Depends on: https://github.com/status-im/status-jenkins-lib/pull/53

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-11-23 19:48:55 +01:00
7dccbf2395
ci: separate buckets for mobile and desktop builds
Possible fix for slow upload speeds and failures caused by most probably
hitting per-bucket rate limits of DigitalOcean:

>- 500 total operations per second to any individual bucket.
>- 300 combined PUT, POST, COPY, DELETE, and LIST operations per second to any individual Space. We may further limit LIST operations if necessary under periods of high load.y

https://docs.digitalocean.com/products/spaces/details/limits/#rate-limits

Depends on: https://github.com/status-im/status-jenkins-lib/pull/52

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-11-22 16:55:59 +01:00
Roman Volosovskyi
c017c01c53
[#11335] Use Pokt network as an infura replacement 2022-10-19 17:00:17 +02:00
081f1a2115
ci: bump jenkins lib to use generalized nix library
Necessary so other repos can use the Nix functions.

Realted to:
https://github.com/status-im/nwaku/pull/1216

Depends on:
https://github.com/status-im/status-jenkins-lib/pull/50

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-10-03 15:43:11 +02:00
bcf919fcbb
nix: use android-sdk shell for fdroid-pr target
Also renamed `android-env` shell to `android-sdk` to be more descriptive.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-29 12:54:47 +02:00
17bb87bb87
nix: upgrade from 2.8.0 to 2.11.1
This also includes the fix for too low `LimitNOFILE`:
https://github.com/NixOS/nix/pull/6553

https://github.com/NixOS/nix/releases/tag/2.11.1

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-20 19:03:10 +02:00
38bbf84de4
ci: add wait for GitHub release to appear
Because somtimes upload is attempted so fast release doesn't exist yet:
```
+ github-release upload -u status-im -r status-mobile -t 1.20.0 -n StatusIm-Mobile-v1.20.0-cbe19b-arm64-v8a.apk -f pkg/StatusIm-Mobile-v1.20.0-cbe19b-arm64-v8a.apk
error: could not find the release corresponding to tag 1.20.0
```
https://ci.infra.status.im/job/status-mobile/job/release/job/release%252F1.20.x/

Depends on: https://github.com/status-im/status-jenkins-lib/pull/49

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-15 09:49:06 +02:00
74743630b7
ci: drop commonPrep function, call individual ones
This function did too many things, some of them unnecessary.

Requires: https://github.com/status-im/status-jenkins-lib/pull/48

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-14 16:43:59 +02:00
718e6cdbb3
ci: disable sandbox for status-go iOS builds
Otherwise we get weird failures like these:
```
clang-11: error: cannot use 'cpp-output' output with multiple -arch options
clang-11: error: invalid argument '-mmacos-version-min=10.12' not allowed with '-miphoneos-version-min=8.0'
clang-11: error: invalid argument '-mmacos-version-min=10.12' not allowed with '-miphoneos-version-min=8.0'
```
Depends on: https://github.com/status-im/status-jenkins-lib/pull/47

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-09-01 16:17:47 +02:00
70da680c1b
ci: fix keystore used when validating APK
Necessary to avoid validation errors due to missing release keystore.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/46
Issue: https://github.com/status-im/infra-ci/issues/63

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-29 12:46:19 +02:00
1b8aea87b2
ci: use different IPFS gateway for release builds
f43f43cc...86054875

Depends on: https://github.com/status-im/status-jenkins-lib/pull/44

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-26 20:02:27 +02:00
0a4d181477
ci: extrac Lint and Tests to separate job
This way we can make PRs depend only on successful tests, and not whole
builds for all platforms, which take 10 minutes or more.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-08-26 15:47:32 +02:00
1f7fd17ff1
rename status-react to status-mobile
This way the name of the repo makes at least some sense and
matches the `status-desktop` repo naming.

Also updated `status-jenkins-lib` since it also contained
references to `status-react` repo and job names.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-07-17 14:46:16 +02:00
578e542a66
ci: use newly added disableConcurrentBuilds
https://github.com/jenkinsci/workflow-job-plugin/pull/200
Removes the need to use our own convoluted implementation:
https://github.com/status-im/status-jenkins-lib/blob/17c1d0ea/vars/jenkins.groovy#L6-L27

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-07-13 20:27:20 +02:00
acfa73ab43
nix: build unsigned Android APK, sign separately
This has several benefits:

* Less abuse of `extra-sandbox-paths` Nix option
* Less inputs to the Android release build derivation
* Easier for users to sign the build themselves
* Simplification of `scripts/release-android.sh`
* Preparation for building using Nix Flakes

The only two remaining credentials passed via `extra-sandbox-paths` is
the Infura and OpenSea API keys, and there is no way around that other
than passing them via Nix arguments, but that would cause them to end up
in `/nix/store` as part of `.drv` files.

I'm also renaming `release-fdroid` to `build-fdroid` to be consistent.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/42

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-21 11:10:11 +02:00
8d62680abe
ci: use improved method to get APK architectures
Detecting APK architectures using `apkanalyzer` tool
rather than just guessing based on build type.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/41

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-11 14:57:00 +02:00
777d0581ce
nix: upgrade from 2.6.1 to 2.8.0
Minor upgrade done to match the version deployed in CI due to a bug
with `nix-copy-closure` which broken Nix cache jobs:
https://github.com/status-im/infra-ci/issues/49

This will not force upgrade on developes, nor require any `make nix-purge`.
If however and upgrade is wanted it can be simply done with `nix upgrade-nix`.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-07 11:24:58 +02:00
2bab1325d8
ci: fix nix sandbox filename by adding random string
By using just the timestamp we increase the probability of hitting a
race condition with another build due to same filename of sandbox file.

Depends on: https://github.com/status-im/status-jenkins-lib/pull/40

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-04-27 15:07:26 +04:00
0311983751
ci: upgrade Nix from 2.3.12 to 2.6.1
Due to changes in how Nix handles Git refs we need to specify
`refs/tags/` prefix in `package.json` to avoid the following error:
```
fatal: couldn't find remote ref refs/heads/v2.0.3-status-v6
error: program 'git' failed with exit code 128
```

I also had to rewrite some logic in `nix/scripts/source.sh` in order to
take account of single-user and multi-user installations.
We default to multi-user for Darwin, but not for any other OS due to
discovered issues with `nix-daemon` socket on Arch and open file limits.

I also rewrote `nix/scripts/setup.sh` and `/nix/scripts/purge.sh` to support
different types of installations. Both single-user and multi-user, as some
operating systems have issues with multi-user installations.

Resolves: https://github.com/status-im/status-react/issues/12832
Depends on: https://github.com/status-im/status-jenkins-lib/pull/37

Related changes:
* https://github.com/status-im/infra-ci/commit/84947b9f
* https://github.com/status-im/infra-ci/commit/bb98f5f3
* https://github.com/status-im/infra-ci/commit/f75d524d
* https://github.com/status-im/infra-ci/commit/d1fc92cd
* https://github.com/status-im/infra-ci/commit/87c4091e
* https://github.com/status-im/infra-ci/commit/8d6b6b3f
* https://github.com/status-im/infra-ci/commit/c4f13285
* https://github.com/status-im/infra-ci/commit/38ac698d

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-04-11 12:26:54 +02:00
Roman Volosovskyi
aa72ac5747
[#13016] Pass opensea key from env
Signed-off-by: andrey <motor4ik@gmail.com>
2022-03-21 13:59:35 +01:00
525577ab17
ci: specify nix version via agent label
Will make it easier and safer to upgrade Nix on CI hosts.

Also added architecture since we are starting to mix those.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-01-12 18:21:28 +01:00
79be879306
ci: upgrade library and use of pkgFilename()
Depends on: https://github.com/status-im/status-jenkins-lib/pull/36

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-28 21:25:34 +02:00
e2c18ea151
add commit hash to app metadata for Android and iOS
This will make identifying installed software easier.
It can also be used to generate F-Droid RPs more easily.

Depends on:
https://github.com/status-im/status-jenkins-lib/pull/35

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-09-21 11:48:45 +02:00
Andrea Maria Piana
45b9fd4b91
[Fixes: #12607] Edit messages
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2021-06-29 13:18:52 +02:00
c20d6b5782
ci: do no delete non-draft releases
We identified this issue in status-desktop release from branch
`release/0.1.0-beta.10` which had old version in VERSION file.
https://ci.status.im/job/status-desktop/job/release/job/release%252F0.1.0-beta.10/

Depends on: https://github.com/status-im/status-jenkins-lib/pull/28

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-06-08 09:19:36 +02:00
dd0031f68e
ci: add PR numbers to filenames of artifacts
This is useful for QA team when they download multiple builds.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-05-02 22:19:03 +02:00
cf9f160de9
ci: nicer artifact filenames for release builds
Depends on: https://github.com/status-im/status-jenkins-lib/pull/24

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-28 17:25:39 +02:00
594c83013c
ci: upgrade jenkins lib to 1.2.12 to generalize GH release
This is required to also ad GitHub releases to `status-desktop`.

Also renamed `status-react-jenkins` to `status-jenkins-lib` for clarity.

Depends on: https://github.com/status-im/status-react-jenkins/pull/23

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-04-19 11:47:34 +02:00
d946d473c6 fastlane: use Apple Store Connect API for CI builds
Because our CI Apple account still has 2FA disabled in order for it to
be usable in Jenkin it is now failing with an error that seems unrelated
to 2FA.

The recommended way of doing Apple authentication for CI are App Store
Connect API JWTs. The API appears to support both pushing builds as well as
updating metadata and other tasks like refreshing of provisioning
profiles.

Fixes: https://github.com/status-im/status-react/issues/11713
Issue: https://github.com/fastlane/fastlane/issues/18098
Docs: https://docs.fastlane.tools/app-store-connect-api/

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-02-04 15:10:07 +01:00
9889e80bbd
ci: parametrize publishing, make BUILD_TYPE a choice
This changes the behavior of mobile combined builds to not publish
the results of `nightly` or `release` builds unless `PUBLISH`
parameter is set to `true`.

It also makes the `BUILD_TYPE` into a dropdown choice field with
pre-defined values, like `manual` or `e2e`.

Changes:
- Add parameter definitions for `BUILD_TYPE` and `PUBLISH`
- Move uploading of `latest.json` to `Publish` stage
- Make `Publish` stage optional based on the `PUBLISH` parameter

Requires: https://github.com/status-im/status-react-jenkins/pull/21

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2021-01-08 12:54:17 +01:00
Andrea Maria Piana
b5a6f1b78f
Add nix purge command and change the behavior of nix clean
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2020-12-23 09:08:46 +01:00
458ef05740
bump jenkins library to 1.2.8 to add keychain password
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-12-02 19:34:10 +01:00
b62ff59f16
ci: make GitHub build links use CDN for downloads
Should speed up downloads for some geographical locations.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-12-02 15:53:17 +01:00
0b8c673094
ci: fix iOS signing, use same keychain name
Using different temporary keychains does not work if we do not set
`default_keychain=true`, because `codesign` then can't find the cert:
```
error: No signing certificate "iOS Distribution" found: No "iOS Distribution" signing certificate matching team ID
```
But if we set `default_keychain=true` then we cause a race condition
when the keychain is deleted by a parallel job while another is using it
as its default.

For this reason we have to use a static keychain name and keep it
between builds.

I tried disabling `default_keychain=true` in #11378 but it worked only
because the default user keychain already had the cert.

Signed-off-by: Jakub Sokołowski <jakub@status.im>
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2020-11-17 10:16:32 +01:00
3b780f4ff2
fastlane: Create temporary Keychain for iOS signing
This is a new approach to signing the iOS app by using a temporary
Keychain created only for that specific build and unlocked in advance.

By doing it this way we can avoid issues with `errSecInternalComponent`
appearing when there is no UI to open a Keychain password prompt when
running build in CI. I've described this problem in details in:
https://github.com/fastlane/fastlane/issues/15185

Thanks to `codesign:` partition ID being added to key partition list by
Fastlane `match` when importing a Keychain this approach now works:
https://github.com/fastlane/fastlane/pull/17456

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-11-03 00:03:38 +01:00