From 7eec3bfb2efe2b849a835464f3852e6a26ad4bb5 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 13:02:33 +0200 Subject: [PATCH 01/16] update aur packages workflow --- .github/workflows/release.yaml | 57 ++++++++++++++++++++++++++++++++-- 1 file changed, 55 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a7fab97f..f91a16dc 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,8 +1,8 @@ name: "Build app and create release" on: push: - tags: - - v*.*.* + branches: + - ubuntu_22.04-lts-fix jobs: create-release: @@ -27,6 +27,8 @@ jobs: build-linux: needs: - create-release + outputs: + deb_sha256_amd64: ${{ steps.calculate-sha256.outputs.deb_sha256_amd64 }} runs-on: - self-hosted - Linux @@ -82,6 +84,14 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: args: "--bundles deb,rpm" + - name: Calculate DEB SHA256 + id: calculate-sha256 + run: | + DEB_FILE="src-tauri/target/release/bundle/deb/defguard-client_${{ env.VERSION }}_${{ matrix.deb_arch }}.deb" + DEB_SHA256=$(sha256sum "$DEB_FILE" | cut -d ' ' -f1) + echo "DEB SHA256: $DEB_SHA256" + echo "DEB_SHA256=$DEB_SHA256" >> ${GITHUB_ENV} + echo "deb_sha256_${{ matrix.deb_arch }}=$DEB_SHA256" >> ${GITHUB_OUTPUT} - name: Upload RPM uses: actions/upload-release-asset@v1 env: @@ -184,6 +194,49 @@ jobs: asset_name: dg-linux-${{ matrix.binary_arch }}-${{ github.ref_name }}.rpm asset_content_type: application/octet-stream + update-aur: + needs: + - create-release + - build-linux + runs-on: + - self-hosted + - Linux + - ${{ matrix.architecture }} + container: archlinux:latest + steps: + - name: Install dependencies + run: | + pacman -Syu --noconfirm + pacman -S --noconfirm git openssh base-devel + - name: Checkout AUR repository + uses: actions/checkout@v5 + with: + repository: 'ssh://aur@aur.archlinux.org/defguard-client.git' + ssh-key: ${{ secrets.AUR_SSH_KEY }} + - name: Update PKGBUILD version + run: | + VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) + echo "Updating to version: $VERSION" + + sed -i "s/^pkgver=.*/pkgver=$VERSION/" PKGBUILD + + AMD64_SHA="${{ needs.build-linux.outputs.deb_sha256_amd64 }}" + + echo "AMD64 DEB SHA256: $AMD64_SHA" + + sed -i "s/^sha256sums=.*/sha256sums=('$AMD64_SHA')/" PKGBUILD + - name: Update .SRCINFO + run: | + makepkg --printsrcinfo > .SRCINFO + + - name: Commit and push changes + run: | + # git config user.name "GitHub Actions" + # git config user.email "actions@github.com" + # git add PKGBUILD .SRCINFO + # git commit -m "Update to version ${GITHUB_REF_NAME#v}" + # git p u s h + cat PKGBUILD build-macos: needs: - create-release From 5b3f4feee2a24d70490968d53e88a0a678ca7d0c Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 13:04:26 +0200 Subject: [PATCH 02/16] typo fix --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f91a16dc..0a16ae7c 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -2,7 +2,7 @@ name: "Build app and create release" on: push: branches: - - ubuntu_22.04-lts-fix + - aur_packages jobs: create-release: From 13dda75ac09823fa867e289fb3d10e807cf070a5 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 13:08:44 +0200 Subject: [PATCH 03/16] add strategy --- .github/workflows/release.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 0a16ae7c..ee079aad 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -203,6 +203,14 @@ jobs: - Linux - ${{ matrix.architecture }} container: archlinux:latest + strategy: + fail-fast: false + matrix: + architecture: [X64] + include: + - architecture: X64 + deb_arch: amd64 + binary_arch: x86_64 steps: - name: Install dependencies run: | From b9e9122be406e111fcbdf0a6759034b2eceea243 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 13:19:31 +0200 Subject: [PATCH 04/16] change version --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ee079aad..92bc1a8b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -52,7 +52,7 @@ jobs: run: | VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) echo Version: $VERSION - echo "VERSION=$VERSION" >> ${GITHUB_ENV} + echo "VERSION=1.5.2" >> ${GITHUB_ENV} - uses: actions/setup-node@v5 with: node-version: "24" From 1fb15f9ff4157be3cdc41c9a1b0f0cad4bff13d5 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 13:45:06 +0200 Subject: [PATCH 05/16] different git checkout --- .github/workflows/release.yaml | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 92bc1a8b..e97a334e 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -52,7 +52,7 @@ jobs: run: | VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) echo Version: $VERSION - echo "VERSION=1.5.2" >> ${GITHUB_ENV} + echo "VERSION=$VERSION" >> ${GITHUB_ENV} - uses: actions/setup-node@v5 with: node-version: "24" @@ -86,6 +86,7 @@ jobs: args: "--bundles deb,rpm" - name: Calculate DEB SHA256 id: calculate-sha256 + if: matrix.deb_arch == 'amd64' run: | DEB_FILE="src-tauri/target/release/bundle/deb/defguard-client_${{ env.VERSION }}_${{ matrix.deb_arch }}.deb" DEB_SHA256=$(sha256sum "$DEB_FILE" | cut -d ' ' -f1) @@ -197,7 +198,7 @@ jobs: update-aur: needs: - create-release - - build-linux + # - build-linux runs-on: - self-hosted - Linux @@ -216,25 +217,32 @@ jobs: run: | pacman -Syu --noconfirm pacman -S --noconfirm git openssh base-devel - - name: Checkout AUR repository - uses: actions/checkout@v5 + - name: Setup SSH + uses: webfactory/ssh-agent@v0.9.0 with: - repository: 'ssh://aur@aur.archlinux.org/defguard-client.git' - ssh-key: ${{ secrets.AUR_SSH_KEY }} + ssh-private-key: ${{ secrets.AUR_SSH_KEY }} + - name: Checkout AUR repository + run: | + ssh-keyscan -H aur.archlinux.org >> ~/.ssh/known_hosts + git clone ssh://aur@aur.archlinux.org/defguard-client.git aur-repo - name: Update PKGBUILD version run: | - VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) + cd aur-repo + # VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) + VERSION="1.5.4" echo "Updating to version: $VERSION" sed -i "s/^pkgver=.*/pkgver=$VERSION/" PKGBUILD - AMD64_SHA="${{ needs.build-linux.outputs.deb_sha256_amd64 }}" + # AMD64_SHA="${{ needs.build-linux.outputs.deb_sha256_amd64 }}" + AMD64_SHA="24875c55f04d970a36d3403a414a8b72beb46eaecbc803895323c49fe033322e" echo "AMD64 DEB SHA256: $AMD64_SHA" sed -i "s/^sha256sums=.*/sha256sums=('$AMD64_SHA')/" PKGBUILD - name: Update .SRCINFO run: | + cd aur-repo makepkg --printsrcinfo > .SRCINFO - name: Commit and push changes From 094c39d17eda7a9754d2ba510df987866161de01 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 13:46:53 +0200 Subject: [PATCH 06/16] add .ssh --- .github/workflows/release.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index e97a334e..7f9bab13 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -223,6 +223,7 @@ jobs: ssh-private-key: ${{ secrets.AUR_SSH_KEY }} - name: Checkout AUR repository run: | + mkdir -p ~/.ssh ssh-keyscan -H aur.archlinux.org >> ~/.ssh/known_hosts git clone ssh://aur@aur.archlinux.org/defguard-client.git aur-repo - name: Update PKGBUILD version From 76062b5afe39be5f8c885a71c1c52f93bc80e3d9 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 13:52:41 +0200 Subject: [PATCH 07/16] fix .ssh --- .github/workflows/release.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7f9bab13..18f51ade 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -225,6 +225,8 @@ jobs: run: | mkdir -p ~/.ssh ssh-keyscan -H aur.archlinux.org >> ~/.ssh/known_hosts + chmod 644 ~/.ssh/known_hosts + export GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=accept-new" git clone ssh://aur@aur.archlinux.org/defguard-client.git aur-repo - name: Update PKGBUILD version run: | From 56e48068727e7433746c7fb9242ab95c243debb8 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 13:57:08 +0200 Subject: [PATCH 08/16] create non-root user to use makepkg --- .github/workflows/release.yaml | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 18f51ade..128e32e1 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -217,6 +217,10 @@ jobs: run: | pacman -Syu --noconfirm pacman -S --noconfirm git openssh base-devel + - name: Create non-root user + run: | + useradd -m -G wheel -s /bin/bash builduser + echo 'builduser ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers - name: Setup SSH uses: webfactory/ssh-agent@v0.9.0 with: @@ -228,6 +232,7 @@ jobs: chmod 644 ~/.ssh/known_hosts export GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=accept-new" git clone ssh://aur@aur.archlinux.org/defguard-client.git aur-repo + chown -R builduser:builduser aur-repo - name: Update PKGBUILD version run: | cd aur-repo @@ -246,15 +251,19 @@ jobs: - name: Update .SRCINFO run: | cd aur-repo - makepkg --printsrcinfo > .SRCINFO + sudo -u builduser makepkg --printsrcinfo > .SRCINFO - name: Commit and push changes run: | - # git config user.name "GitHub Actions" - # git config user.email "actions@github.com" - # git add PKGBUILD .SRCINFO - # git commit -m "Update to version ${GITHUB_REF_NAME#v}" - # git p u s h + - name: Commit and push changes + run: | + cd aur-repo + # chown -R builduser:builduser . + # sudo -u builduser git config user.name "GitHub Actions" + # sudo -u builduser git config user.email "actions@github.com" + # sudo -u builduser git add PKGBUILD .SRCINFO + # sudo -u builduser git commit -m "Update to version 1.5.4" + # sudo -u builduser git push cat PKGBUILD build-macos: needs: From 494164c26c274caeb3d08fc682cb9e25ea57905a Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 14:00:05 +0200 Subject: [PATCH 09/16] added cleaning of aur-repo directory --- .github/workflows/release.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 128e32e1..0fe64be1 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -231,6 +231,7 @@ jobs: ssh-keyscan -H aur.archlinux.org >> ~/.ssh/known_hosts chmod 644 ~/.ssh/known_hosts export GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=accept-new" + rm -rf aur-repo git clone ssh://aur@aur.archlinux.org/defguard-client.git aur-repo chown -R builduser:builduser aur-repo - name: Update PKGBUILD version From 9ef59676cc7d7e69332697257aaaeae819173b39 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 14:03:17 +0200 Subject: [PATCH 10/16] shasum typo --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 0fe64be1..ef169173 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -248,7 +248,7 @@ jobs: echo "AMD64 DEB SHA256: $AMD64_SHA" - sed -i "s/^sha256sums=.*/sha256sums=('$AMD64_SHA')/" PKGBUILD + sed -i "s/^sha256sums_x86_64=.*/sha256sums_x86_64=('$AMD64_SHA')/" PKGBUILD - name: Update .SRCINFO run: | cd aur-repo From dae989e9486253bb50474b57ffd825ada059719a Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 14:04:38 +0200 Subject: [PATCH 11/16] cat .srcinfo for debug --- .github/workflows/release.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ef169173..0e7015bd 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -266,6 +266,7 @@ jobs: # sudo -u builduser git commit -m "Update to version 1.5.4" # sudo -u builduser git push cat PKGBUILD + cat .SRCINFO build-macos: needs: - create-release From a316c3ef67f551cfaffd44e1b20ecd588e3c6d7b Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 14:09:05 +0200 Subject: [PATCH 12/16] test with build-linux --- .github/workflows/release.yaml | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 0e7015bd..1ee0a0eb 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -52,7 +52,7 @@ jobs: run: | VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) echo Version: $VERSION - echo "VERSION=$VERSION" >> ${GITHUB_ENV} + echo "VERSION=1.5.3" >> ${GITHUB_ENV} - uses: actions/setup-node@v5 with: node-version: "24" @@ -198,7 +198,7 @@ jobs: update-aur: needs: - create-release - # - build-linux + - build-linux runs-on: - self-hosted - Linux @@ -237,14 +237,13 @@ jobs: - name: Update PKGBUILD version run: | cd aur-repo - # VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) - VERSION="1.5.4" + VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) + echo "Updating to version: $VERSION" sed -i "s/^pkgver=.*/pkgver=$VERSION/" PKGBUILD - # AMD64_SHA="${{ needs.build-linux.outputs.deb_sha256_amd64 }}" - AMD64_SHA="24875c55f04d970a36d3403a414a8b72beb46eaecbc803895323c49fe033322e" + AMD64_SHA="${{ needs.build-linux.outputs.deb_sha256_amd64 }}" echo "AMD64 DEB SHA256: $AMD64_SHA" @@ -253,9 +252,6 @@ jobs: run: | cd aur-repo sudo -u builduser makepkg --printsrcinfo > .SRCINFO - - - name: Commit and push changes - run: | - name: Commit and push changes run: | cd aur-repo @@ -263,7 +259,7 @@ jobs: # sudo -u builduser git config user.name "GitHub Actions" # sudo -u builduser git config user.email "actions@github.com" # sudo -u builduser git add PKGBUILD .SRCINFO - # sudo -u builduser git commit -m "Update to version 1.5.4" + # sudo -u builduser git commit -m "Updated to $VERSION" # sudo -u builduser git push cat PKGBUILD cat .SRCINFO From d69b3a552b39eaeb7d0122d05912b047e271cefa Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 14:22:17 +0200 Subject: [PATCH 13/16] check before release --- .github/workflows/release.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1ee0a0eb..a8175357 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,8 +1,8 @@ name: "Build app and create release" on: push: - branches: - - aur_packages + tags: + - v*.*.* jobs: create-release: @@ -52,7 +52,7 @@ jobs: run: | VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) echo Version: $VERSION - echo "VERSION=1.5.3" >> ${GITHUB_ENV} + echo "VERSION=1.5.2" >> ${GITHUB_ENV} - uses: actions/setup-node@v5 with: node-version: "24" @@ -240,13 +240,11 @@ jobs: VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) echo "Updating to version: $VERSION" - sed -i "s/^pkgver=.*/pkgver=$VERSION/" PKGBUILD AMD64_SHA="${{ needs.build-linux.outputs.deb_sha256_amd64 }}" echo "AMD64 DEB SHA256: $AMD64_SHA" - sed -i "s/^sha256sums_x86_64=.*/sha256sums_x86_64=('$AMD64_SHA')/" PKGBUILD - name: Update .SRCINFO run: | From 3d29aa2ca808934c898a241ac70b3ec135489a4b Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 14:23:22 +0200 Subject: [PATCH 14/16] add on push --- .github/workflows/release.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a8175357..1873e062 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,8 +1,8 @@ name: "Build app and create release" on: push: - tags: - - v*.*.* + branches: + - aur_packages jobs: create-release: From de58d3e84bd8ebda368a17a06ca5e73fd4f47986 Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Tue, 7 Oct 2025 15:13:41 +0200 Subject: [PATCH 15/16] ready to release --- .github/workflows/release.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1873e062..26f3695e 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,8 +1,8 @@ name: "Build app and create release" on: push: - branches: - - aur_packages + tags: + - v*.*.* jobs: create-release: @@ -52,7 +52,7 @@ jobs: run: | VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) echo Version: $VERSION - echo "VERSION=1.5.2" >> ${GITHUB_ENV} + echo "VERSION=$VERSION" >> ${GITHUB_ENV} - uses: actions/setup-node@v5 with: node-version: "24" @@ -253,12 +253,12 @@ jobs: - name: Commit and push changes run: | cd aur-repo - # chown -R builduser:builduser . - # sudo -u builduser git config user.name "GitHub Actions" - # sudo -u builduser git config user.email "actions@github.com" - # sudo -u builduser git add PKGBUILD .SRCINFO - # sudo -u builduser git commit -m "Updated to $VERSION" - # sudo -u builduser git push + chown -R builduser:builduser . + sudo -u builduser git config user.name "GitHub Actions" + sudo -u builduser git config user.email "actions@github.com" + sudo -u builduser git add PKGBUILD .SRCINFO + sudo -u builduser git commit -m "Updated to $VERSION" + sudo -u builduser git push cat PKGBUILD cat .SRCINFO build-macos: From ae13e5c462e8e5c4a5bfccb615fc05ac55c6632d Mon Sep 17 00:00:00 2001 From: jakub-tldr <78603704+jakub-tldr@users.noreply.github.com> Date: Wed, 8 Oct 2025 10:08:28 +0200 Subject: [PATCH 16/16] username change --- .github/workflows/release.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 26f3695e..cecb57e4 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -254,8 +254,8 @@ jobs: run: | cd aur-repo chown -R builduser:builduser . - sudo -u builduser git config user.name "GitHub Actions" - sudo -u builduser git config user.email "actions@github.com" + sudo -u builduser git config user.name "Defguard Build System" + sudo -u builduser git config user.email "community@defguard.net" sudo -u builduser git add PKGBUILD .SRCINFO sudo -u builduser git commit -m "Updated to $VERSION" sudo -u builduser git push