From 916ec6ab84c1fbbfdf9275eef53f77336bed2607 Mon Sep 17 00:00:00 2001 From: Kevin Yue Date: Sun, 3 Mar 2024 12:37:14 +0800 Subject: [PATCH] Update packaging --- .github/workflows/build.yaml | 134 ++---------------- .github/workflows/release-rpm.yaml | 118 +++++++++++++++ Makefile | 38 +++-- packaging/binary/Makefile.in | 1 + packaging/deb/rules | 2 +- .../rpm/globalprotect-openconnect.spec.in | 5 +- 6 files changed, 159 insertions(+), 139 deletions(-) create mode 100644 .github/workflows/release-rpm.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index c4372fa9..6c7e5319 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -55,7 +55,7 @@ jobs: path: | source/gp/.build/tarball/*.tar.gz - build-deb: + build-gp: needs: - setup-matrix - tarball @@ -65,130 +65,17 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Prepare workspace - run: rm -rf build-deb && mkdir build-deb + run: rm -rf build-gp && mkdir build-gp - name: Download tarball uses: actions/download-artifact@v3 with: name: artifact-source - path: build-deb + path: build-gp - name: Docker Login run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin - - name: Build DEB package in Docker + - name: Build gp in Docker run: | - docker run --rm -v $(pwd)/build-deb:/deb yuezk/gpdev:deb-builder - - name: Install DEB package in Docker - run: | - docker run --rm -v $(pwd)/build-deb:/deb yuezk/gpdev:deb-builder \ - bash -c "sudo dpkg -i /deb/*.deb; gpclient --version; gpservice --version; gpauth --version; gpgui-helper --version;" - - name: Upload DEB package - uses: actions/upload-artifact@v3 - with: - name: artifact-deb-${{ matrix.os }} - if-no-files-found: error - path: | - build-deb/*.deb - - build-rpm: - needs: - - setup-matrix - - tarball - strategy: - matrix: - os: ${{fromJson(needs.setup-matrix.outputs.matrix)}} - runs-on: ${{ matrix.os }} - steps: - - name: Prepare workspace - run: rm -rf build-rpm && mkdir build-rpm - - name: Download tarball - uses: actions/download-artifact@v3 - with: - name: artifact-source - path: build-rpm - - name: Docker Login - run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin - - name: Build RPM package in Docker - run: | - docker run --rm -v $(pwd)/build-rpm:/rpm yuezk/gpdev:rpm-builder - - name: Install RPM package in Docker - run: | - docker run --rm -v $(pwd)/build-rpm:/rpm yuezk/gpdev:rpm-builder \ - bash -c "sudo rpm -i /rpm/*.$(uname -m).rpm; gpclient --version; gpservice --version; gpauth --version; gpgui-helper --version;" - - name: Upload RPM package - uses: actions/upload-artifact@v3 - with: - name: artifact-rpm-${{ matrix.os }} - if-no-files-found: error - path: | - build-rpm/*.rpm - - build-pkgbuild: - needs: - - setup-matrix - - tarball - strategy: - matrix: - os: ${{fromJson(needs.setup-matrix.outputs.matrix)}} - runs-on: ${{ matrix.os }} - steps: - - name: Prepare workspace - run: rm -rf build-pkgbuild && mkdir build-pkgbuild - - name: Download tarball - uses: actions/download-artifact@v3 - with: - name: artifact-source - path: build-pkgbuild - - name: Docker Login - run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin - - name: Build PKGBUILD package in Docker - run: | - docker run --rm -v $(pwd)/build-pkgbuild:/pkgbuild yuezk/gpdev:pkgbuild - - name: Install PKGBUILD package in Docker - run: | - docker run --rm -v $(pwd)/build-pkgbuild:/pkgbuild yuezk/gpdev:pkgbuild \ - bash -c "sudo pacman -U --noconfirm /pkgbuild/*.pkg.tar.zst; gpclient --version; gpservice --version; gpauth --version; gpgui-helper --version;" - - name: Upload PKGBUILD package - uses: actions/upload-artifact@v3 - with: - name: artifact-pkgbuild-${{ matrix.os }} - if-no-files-found: error - path: | - build-pkgbuild/*.pkg.tar.zst - - build-binary: - needs: - - setup-matrix - - tarball - strategy: - matrix: - os: ${{fromJson(needs.setup-matrix.outputs.matrix)}} - runs-on: ${{ matrix.os }} - steps: - - name: Prepare workspace - run: rm -rf build-binary && mkdir build-binary - - name: Download tarball - uses: actions/download-artifact@v3 - with: - name: artifact-source - path: build-binary - - name: Docker Login - run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin - - name: Build binary in Docker - run: | - docker run --rm -v $(pwd)/build-binary:/binary yuezk/gpdev:binary-builder - - name: Install binary in Docker - run: | - cd build-binary - tar -xJf ./*.bin.tar.xz - docker run --rm -v $(pwd):/binary yuezk/gpdev:binary-builder \ - bash -c "cd /binary/globalprotect-openconnect*/ && sudo make install && gpclient --version && gpservice --version && gpauth --version && gpgui-helper --version;" - - name: Upload binary - uses: actions/upload-artifact@v3 - with: - name: artifact-binary-${{ matrix.os }} - if-no-files-found: error - path: | - build-binary/*.bin.tar.xz - build-binary/*.bin.tar.xz.sha256 + docker run --rm -v $(pwd)/build-gp:/gp yuezk/gpdev:gp-builder build-gpgui: needs: @@ -243,19 +130,16 @@ jobs: if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-latest needs: - - build-deb - - build-rpm - - build-pkgbuild - - build-binary + - build-gp - build-gpgui steps: - name: Prepare workspace - run: rm -rf build-artifact && mkdir build-artifact + run: rm -rf gh-release && mkdir gh-release - name: Download all artifacts uses: actions/download-artifact@v3 with: - path: build-artifact + path: gh-release - name: Create GH release uses: softprops/action-gh-release@v1 with: @@ -263,4 +147,4 @@ jobs: prerelease: ${{ contains(github.ref, 'latest') }} fail_on_unmatched_files: true files: | - build-artifact/artifact-*/* + gh-release/artifact-*/* diff --git a/.github/workflows/release-rpm.yaml b/.github/workflows/release-rpm.yaml new file mode 100644 index 00000000..5d6d3b98 --- /dev/null +++ b/.github/workflows/release-rpm.yaml @@ -0,0 +1,118 @@ +name: "Release RPM" + +on: + # release: + # type: + # - created + workflow_dispatch: + inputs: + tag: + description: 'Tag to release' + required: true + arch: + type: choice + description: 'Architecture to build' + required: true + default: all + options: + - all + - x86_64 + - arm64 + gh-release: + type: boolean + description: 'Update GitHub release' + required: true + default: true + +jobs: + check: + runs-on: ubuntu-latest + steps: + - name: Check tag exists + uses: mukunku/tag-exists-action@v1.6.0 + id: check-tag + with: + tag: ${{ github.event.inputs.tag }} + - name: Exit if tag does not exist + run: | + if [[ "${{ steps.check-tag.outputs.exists }}" == "false" ]]; then + echo "Tag ${{ github.event.inputs.tag }} does not exist" + exit 1 + fi + + # Include arm64 if ref is a tag + setup-matrix: + needs: + - check + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.set-matrix.outputs.matrix }} + steps: + - name: Set up matrix + id: set-matrix + run: | + if [[ "${{ github.event.inputs.arch }}" == "all" ]]; then + echo "matrix=[\"ubuntu-latest\", \"arm64\"]" >> $GITHUB_OUTPUT + elif [[ "${{ github.event.inputs.arch }}" == "x86_64" ]]; then + echo "matrix=[\"ubuntu-latest\"]" >> $GITHUB_OUTPUT + else + echo "matrix=[\"arm64\"]" >> $GITHUB_OUTPUT + fi + + build: + needs: + - setup-matrix + strategy: + matrix: + os: ${{fromJson(needs.setup-matrix.outputs.matrix)}} + runs-on: ${{ matrix.os }} + steps: + - name: Prepare workspace + run: rm -rf build-rpm && mkdir build-rpm + - name: Download ${{ github.event.inputs.tag }} source code + uses: robinraju/release-downloader@v1.9 + with: + token: ${{ secrets.GH_PAT }} + tag: ${{ github.event.inputs.tag }} + fileName: globalprotect-openconnect-*.tar.gz + tarBall: false + zipBall: false + out-file-path: build-rpm + - name: Docker Login + run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin + - name: Build RPM package in Docker + run: | + docker run --rm -v $(pwd)/build-rpm:/rpm -e INCLUDE_GUI=1 yuezk/gpdev:rpm-builder + - name: Install RPM package in Docker + run: | + docker run --rm -v $(pwd)/build-rpm:/rpm yuezk/gpdev:rpm-builder \ + bash -c "sudo rpm -i /rpm/*.$(uname -m).rpm; gpclient -V; gpservice -V; gpauth -V; gpgui-helper -V; gpgui -V;" + - name: Upload RPM package + uses: actions/upload-artifact@v3 + with: + name: artifact-rpm-${{ matrix.os }} + if-no-files-found: error + path: | + build-rpm/*.rpm + + gh-release: + needs: + - build + runs-on: ubuntu-latest + if: ${{ github.event.inputs.gh-release == 'true' }} + steps: + - name: Prepare workspace + run: rm -rf gh-release && mkdir gh-release + - name: Download RPM package + uses: actions/download-artifact@v3 + with: + path: gh-release + - name: Update release + uses: softprops/action-gh-release@v1 + with: + token: ${{ secrets.GH_PAT }} + prerelease: ${{ contains(github.ref, 'latest') }} + fail_on_unmatched_files: true + tag_name: ${{ github.event.inputs.tag }} + files: | + gh-release/artifact-*/* diff --git a/Makefile b/Makefile index 78a0f803..c58d0d18 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,8 @@ +.SHELLFLAGS += -e + OFFLINE ?= 0 BUILD_FE ?= 1 +INCLUDE_GUI ?= 0 CARGO ?= cargo VERSION = $(shell $(CARGO) metadata --no-deps --format-version 1 | jq -r '.packages[0].version') @@ -33,6 +36,7 @@ clean-tarball: # Create a tarball, include the cargo dependencies if OFFLINE is set to 1 tarball: clean-tarball if [ $(BUILD_FE) -eq 1 ]; then \ + echo "Building frontend..."; \ cd apps/gpgui-helper && pnpm install && pnpm build; \ fi @@ -48,9 +52,22 @@ tarball: clean-tarball tar -cJf vendor.tar.xz .vendor; \ fi + @echo "Creating tarball..." tar --exclude .vendor --exclude target --transform 's,^,${PKG}/,' -czf .build/tarball/${PKG}.tar.gz * .cargo -build: build-fe build-rs +download-gui: + rm -rf .build/gpgui + + if [ $(INCLUDE_GUI) -eq 1 ]; then \ + echo "Downloading GlobalProtect GUI..."; \ + mkdir -p .build/gpgui; \ + curl -sSL https://github.com/yuezk/GlobalProtect-openconnect/releases/download/v$(VERSION)/gpgui_$(VERSION)_$(shell uname -m).bin.tar.xz -o .build/gpgui/gpgui_$(VERSION)_x$(shell uname -m).bin.tar.xz; \ + tar -xJf .build/gpgui/*.tar.xz -C .build/gpgui; \ + else \ + echo "Skipping GlobalProtect GUI download (INCLUDE_GUI=0)"; \ + fi + +build: download-gui build-fe build-rs # Install and build the frontend # If OFFLINE is set to 1, skip it @@ -88,6 +105,10 @@ install: install -Dm755 target/release/gpservice $(DESTDIR)/usr/bin/gpservice install -Dm755 target/release/gpgui-helper $(DESTDIR)/usr/bin/gpgui-helper + if [ -f .build/gpgui/gpgui_*/gpgui ]; then \ + install -Dm755 .build/gpgui/gpgui_*/gpgui $(DESTDIR)/usr/bin/gpgui; \ + fi + install -Dm644 packaging/files/usr/share/applications/gpgui.desktop $(DESTDIR)/usr/share/applications/gpgui.desktop install -Dm644 packaging/files/usr/share/icons/hicolor/scalable/apps/gpgui.svg $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/gpgui.svg install -Dm644 packaging/files/usr/share/icons/hicolor/32x32/apps/gpgui.png $(DESTDIR)/usr/share/icons/hicolor/32x32/apps/gpgui.png @@ -144,21 +165,20 @@ check-ppa: # Usage: make ppa SERIES=focal OFFLINE=1 PUBLISH=1 ppa: check-ppa init-debian - cd .build/deb/${PKG} - - sed -i "s/@RUST@/rust-all(>=1.70)/g" debian/control + sed -i "s/@RUST@/rust-all(>=1.70)/g" .build/deb/$(PKG)/debian/control $(eval SERIES_VER = $(shell distro-info --series $(SERIES) -r | cut -d' ' -f1)) @echo "Building for $(SERIES) $(SERIES_VER)" - dch --create --distribution $(SERIES) --package $(PKG_NAME) --newversion $(VERSION)-$(REVISION)ppa$(PPA_REVISION)~ubuntu$(SERIES_VER) "Bugfix and improvements." + rm -rf .build/deb/$(PKG)/debian/changelog + cd .build/deb/$(PKG) && dch --create --distribution $(SERIES) --package $(PKG_NAME) --newversion $(VERSION)-$(REVISION)ppa$(PPA_REVISION)~ubuntu$(SERIES_VER) "Bugfix and improvements." - echo "y" | debuild -e PATH -S -sa -k"$(GPG_KEY_ID)" -p"gpg --batch --passphrase $(GPG_KEY_PASS) --pinentry-mode loopback" + cd .build/deb/$(PKG) && echo "y" | debuild -e PATH -S -sa -k"$(GPG_KEY_ID)" -p"gpg --batch --passphrase $(GPG_KEY_PASS) --pinentry-mode loopback" if [ $(PUBLISH) -eq 1 ]; then \ - dput ppa:yuezk/globalprotect-openconnect ../*.changes; \ - else - echo "Skipping ppa publish (PUBLISH=0)" + cd .build/deb/$(PKG) && dput ppa:yuezk/globalprotect-openconnect ../*.changes; \ + else \ + echo "Skipping ppa publish (PUBLISH=0)"; \ fi clean-rpm: diff --git a/packaging/binary/Makefile.in b/packaging/binary/Makefile.in index 96b7faa0..244dccb9 100644 --- a/packaging/binary/Makefile.in +++ b/packaging/binary/Makefile.in @@ -5,6 +5,7 @@ install: install -Dm755 artifacts/usr/bin/gpservice $(DESTDIR)/usr/bin/gpservice install -Dm755 artifacts/usr/bin/gpauth $(DESTDIR)/usr/bin/gpauth install -Dm755 artifacts/usr/bin/gpgui-helper $(DESTDIR)/usr/bin/gpgui-helper + install -Dm755 artifacts/usr/bin/gpgui $(DESTDIR)/usr/bin/gpgui install -Dm644 artifacts/usr/share/applications/gpgui.desktop $(DESTDIR)/usr/share/applications/gpgui.desktop install -Dm644 artifacts/usr/share/icons/hicolor/scalable/apps/gpgui.svg $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/gpgui.svg diff --git a/packaging/deb/rules b/packaging/deb/rules index ca3f8340..a4e43147 100755 --- a/packaging/deb/rules +++ b/packaging/deb/rules @@ -3,4 +3,4 @@ export OFFLINE = @OFFLINE@ BUILD_FE=0 %: - dh $@ + dh $@ --no-parallel diff --git a/packaging/rpm/globalprotect-openconnect.spec.in b/packaging/rpm/globalprotect-openconnect.spec.in index af3fde5c..12a0b0d3 100644 --- a/packaging/rpm/globalprotect-openconnect.spec.in +++ b/packaging/rpm/globalprotect-openconnect.spec.in @@ -44,10 +44,7 @@ make build OFFLINE=@OFFLINE@ BUILD_FE=0 %files %defattr(-,root,root) -%{_bindir}/gpclient -%{_bindir}/gpservice -%{_bindir}/gpauth -%{_bindir}/gpgui-helper +%{_bindir}/* %{_datadir}/applications/gpgui.desktop %{_datadir}/icons/hicolor/32x32/apps/gpgui.png %{_datadir}/icons/hicolor/128x128/apps/gpgui.png