Merge pull request #3264 from gitbutlerapp/package-windows

initial attempt at windows bundling for nightly
2024-10-07 01:18:51 +03:00 · 2024-03-21 22:50:29 +01:00 · 2024-03-21 22:50:29 +01:00 · 0b8c0268ac
commit 0b8c0268ac
parent 36c555773c 2a013b0369
10 changed files with 90 additions and 113 deletions
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@ -33,6 +33,7 @@ jobs:
          - macos-latest # [macOs, x64]
          - macos-latest-xlarge # [macOs, ARM64]
          - ubuntu-20.04 # [linux, x64]
+          - windows-latest # [windows, x64]

    runs-on: ${{ matrix.platform }}

@ -47,24 +48,28 @@ jobs:
      - uses: ./.github/actions/init-env-node

      - name: Set nightly params
+        shell: bash
        if: ${{!!github.event.workflow_run }}
        run: |
          echo "channel=nightly" >> $GITHUB_ENV
          echo "bump=patch" >> $GITHUB_ENV

      - name: Use input params
+        shell: bash
        if: ${{ !github.event.workflow_run }}
        run: |
          echo "channel=${{ github.event.inputs.channel }}" >> $GITHUB_ENV
          echo "bump=${{ github.event.inputs.bump }}" >> $GITHUB_ENV

      - name: Set env variable with version
+        shell: bash
        run: |
          CURRENT_VERSION="$(curl --silent "https://app.gitbutler.com/releases/${{ env.channel }}" | jq -r '.version')"
          NEXT_VERSION=$(./scripts/next.sh "${CURRENT_VERSION}" "${{ env.bump }}")
          echo "version=$NEXT_VERSION" >> $GITHUB_ENV

      - name: import gpg key
+        shell: bash
        if: runner.os == 'Linux'
        uses: crazy-max/ghaction-import-gpg@v6
        with:
@ -72,26 +77,29 @@ jobs:
          passphrase: ${{ secrets.APPIMAGE_KEY_PASSPHRASE }}

      - name: install linux dependencies
+        shell: bash
        if: runner.os == 'Linux'
        run: sudo apt-get install -y libwebkit2gtk-4.0-dev build-essential curl wget file libssl-dev libgtk-3-dev libayatana-appindicator3-dev librsvg2-dev

      - name: Build binary
+        shell: bash
        run: |
          ./scripts/release.sh \
            --sign \
            --channel                    "${{ env.channel }}" \
            --dist                       "./release" \
-            --version                    "${{ env.version }}" \
-            --tauri-private-key          "${{ secrets.TAURI_PRIVATE_KEY }}"  \
-            --tauri-key-password         "${{ secrets.TAURI_KEY_PASSWORD }}" \
-            --apple-certificate          "${{ secrets.APPLE_CERTIFICATE }}" \
-            --apple-certificate-password "${{ secrets.APPLE_CERTIFICATE_PASSWORD }}" \
-            --apple-signing-identity     "${{ secrets.APPLE_SIGNING_IDENTITY }}" \
-            --apple-id                   "${{ secrets.APPLE_ID }}" \
-            --apple-team-id              "${{ secrets.APPLE_PROVIDER_SHORT_NAME }}" \
-            --apple-password             "${{ secrets.APPLE_PASSWORD }}" \
-            --appimage-key-id            "${{ secrets.APPIMAGE_KEY_ID }}" \
-            --appimage-key-passphrase    "${{ secrets.APPIMAGE_KEY_PASSPHRASE }}"
+            --version                    "${{ env.version }}"
+        env:
+          TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }}
+          TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }}
+          APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
+          APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
+          APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
+          APPLE_ID: ${{ secrets.APPLE_ID }}
+          APPLE_TEAM_ID: ${{ secrets.APPLE_PROVIDER_SHORT_NAME }}
+          APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
+          APPIMAGE_KEY_ID: ${{ secrets.APPIMAGE_KEY_ID }}
+          APPIMAGE_KEY_PASSPHRASE: ${{ secrets.APPIMAGE_KEY_PASSPHRASE }}

      - uses: shallwefootball/s3-upload-action@master
        name: Upload To S3
@ -105,6 +113,7 @@ jobs:

      # tell our server to update with the version number
      - name: Tell our server to update
+        shell: bash
        run: |
          curl 'https://app.gitbutler.com/api/releases' \
            --fail \
@ -114,6 +123,7 @@ jobs:
            --data '{"channel":"${{ env.channel }}","version":"${{ env.version }}-${{ github.run_number }}","sha":"${{ github.sha }}"}'

      - name: Tag release
+        shell: bash
        env:
          TAG_NAME: "${{ env.channel }}/${{ env.version }}"
        run: |
--- a/gitbutler-app/inject-git-binaries.sh
+++ b/gitbutler-app/inject-git-binaries.sh
@ -6,13 +6,18 @@ function log {
    printf "[%s] %s\n\n" "$THIS" "$*"
 }

-if [ ! -f "target/release/gitbutler-git-askpass" ] || [ ! -f "target/release/gitbutler-git-setsid" ]; then
+
+if [ -f "target/release/gitbutler-git-askpass" ] && [ -f "target/release/gitbutler-git-setsid" ]; then
+    TRIPLE="$(rustc -vV | sed -n 's|host: ||p')"
+    log injecting gitbutler-git binaries into gitbutler-app "(TRIPLE=${TRIPLE})"
+    cp -v target/release/gitbutler-git-askpass "gitbutler-app/gitbutler-git-askpass-${TRIPLE}"
+    cp -v target/release/gitbutler-git-setsid "gitbutler-app/gitbutler-git-setsid-${TRIPLE}"
+elif [ -f "target/release/gitbutler-git-askpass.exe" ] && [ -f "target/release/gitbutler-git-setsid.exe" ]; then
+    TRIPLE="$(rustc.exe -vV | sed -n 's|host: ||p')"
+    log injecting gitbutler-git binaries into gitbutler-app "(TRIPLE=${TRIPLE})"
+    cp -v target/release/gitbutler-git-askpass.exe "gitbutler-app/gitbutler-git-askpass-${TRIPLE}.exe"
+    cp -v target/release/gitbutler-git-setsid.exe "gitbutler-app/gitbutler-git-setsid-${TRIPLE}.exe"
+else
    log gitbutler-git binaries are not built
    exit 1
 fi
-
-TRIPLE="$(rustc -vV | sed -n 's|host: ||p')"
-
-log injecting gitbutler-git binaries into gitbutler-app "(TRIPLE=${TRIPLE})"
-cp -v target/release/gitbutler-git-askpass "gitbutler-app/gitbutler-git-askpass-${TRIPLE}"
-cp -v target/release/gitbutler-git-setsid "gitbutler-app/gitbutler-git-setsid-${TRIPLE}"
--- a/gitbutler-app/src/main.rs
+++ b/gitbutler-app/src/main.rs
@ -1,5 +1,9 @@
 #![feature(error_generic_member_access)]
-#![cfg_attr(target_os = "windows", feature(windows_by_handle))]
+#![cfg_attr(windows, feature(windows_by_handle))]
+#![cfg_attr(
+    all(windows, not(test), not(debug_assertions)),
+    windows_subsystem = "windows"
+)]

 pub(crate) mod analytics;
 pub(crate) mod app;
--- a/gitbutler-app/tauri.conf.json
+++ b/gitbutler-app/tauri.conf.json
@ -57,7 +57,7 @@
 				"icons/dev/icon.icns",
 				"icons/dev/icon.ico"
 			],
-			"targets": ["app", "dmg", "appimage", "deb", "updater"]
+			"targets": ["app", "dmg", "appimage", "deb", "updater", "msi"]
 		},
 		"security": {
 			"csp": {
--- a/gitbutler-app/tauri.conf.nightly.json
+++ b/gitbutler-app/tauri.conf.nightly.json
@ -1,6 +1,6 @@
 {
 	"build": {
-		"beforeBuildCommand": "pnpm build:nightly && cargo build --release -p gitbutler-git && ./gitbutler-app/inject-git-binaries.sh"
+		"beforeBuildCommand": "pnpm build:nightly && cargo build --release -p gitbutler-git && bash ./gitbutler-app/inject-git-binaries.sh"
 	},
 	"package": {
 		"productName": "GitButler Nightly"
@ -15,10 +15,13 @@
 				"icons/icon.icns",
 				"icons/icon.ico"
 			],
-            "externalBin": [
-                "gitbutler-git-setsid",
-                "gitbutler-git-askpass"
-            ]
+			"externalBin": [
+				"gitbutler-git-setsid",
+				"gitbutler-git-askpass"
+			],
+			"windows": {
+				"certificateThumbprint": null
+			}
 		},
 		"security": {
 			"csp": {
--- a/gitbutler-app/tauri.conf.release.json
+++ b/gitbutler-app/tauri.conf.release.json
@ -1,6 +1,6 @@
 {
 	"build": {
-		"beforeBuildCommand": "pnpm build && cargo build --release -p gitbutler-git && ./gitbutler-app/inject-git-binaries.sh"
+		"beforeBuildCommand": "pnpm build && cargo build --release -p gitbutler-git && bash ./gitbutler-app/inject-git-binaries.sh"
 	},
 	"package": {
 		"productName": "GitButler"
@ -15,10 +15,10 @@
 				"icons/icon.icns",
 				"icons/icon.ico"
 			],
-            "externalBin": [
-                "gitbutler-git-setsid",
-                "gitbutler-git-askpass"
-            ]
+			"externalBin": [
+				"gitbutler-git-setsid",
+				"gitbutler-git-askpass"
+			]
 		},
 		"security": {
 			"csp": {
--- a/gitbutler-git/src/bin/askpass.rs
+++ b/gitbutler-git/src/bin/askpass.rs
@ -1,3 +1,5 @@
+#![cfg_attr(windows, windows_subsystem = "windows")]
+
 #[cfg(unix)]
 #[path = "askpass/unix.rs"]
 mod unix;
--- a/gitbutler-git/src/bin/askpass/windows.rs
+++ b/gitbutler-git/src/bin/askpass/windows.rs
@ -43,7 +43,7 @@ impl UnixCompatibility for PipeStream {

        let r = unsafe {
            winapi::um::namedpipeapi::SetNamedPipeHandleState(
-                self.as_raw_handle(),
+                self.as_raw_handle() as winapi::um::winnt::HANDLE,
                std::ptr::null_mut(),
                std::ptr::null_mut(),
                timeout_ptr,
--- a/gitbutler-git/src/bin/setsid.rs
+++ b/gitbutler-git/src/bin/setsid.rs
@ -3,6 +3,7 @@
 // NOTE(qix-): build anyway. We'll address this at a later time.
 // NOTE(qix-):
 // NOTE(qix-): For now, we just stub out the main function on windows and panic.
+#![cfg_attr(windows, windows_subsystem = "windows")]

 #[cfg(unix)]
 include!("setsid/unix.rs");
--- a/scripts/release.sh
+++ b/scripts/release.sh
@ -9,17 +9,7 @@ PWD="$(dirname $(readlink -f -- $0))"
 CHANNEL=""
 DO_SIGN="false"
 DO_BUNDLE_UPDATE="false"
-TAURI_PRIVATE_KEY=""
-TAURI_KEY_PASSWORD=""
-APPLE_CERTIFICATE=""
-APPLE_CERTIFICATE_PASSWORD=""
-APPLE_SIGNING_IDENTITY=""
-APPLE_ID=""
-APPLE_PASSWORD=""
-APPIMAGE_KEY_ID=""
-APPIMAGE_KEY_PASSPHRASE=""
 VERSION=""
-SENTRY_AUTH_TOKEN="$SENTRY_AUTH_TOKEN"

 function help() {
 	local to="$1"
@ -29,16 +19,6 @@ function help() {
 	echo "flags:" 1>&$to
 	echo "  --version                     release version." 1>&$to
 	echo "  --dist                        path to store artifacts in." 1>&$to
-	echo "  --tauri-private-key           path or string of tauri updater private key." 1>&$to
-	echo "  --tauri-key-password          password for tauri updater private key." 1>&$to
-	echo "  --apple-certificate           base64 string of the .p12 certificate, exported from the keychain." 1>&$to
-	echo "  --apple-certificate-password  password for the .p12 certificate." 1>&$to
-	echo "  --apple-signing-identity      the name of the keychain entry that contains the signing certificate." 1>&$to
-	echo "  --apple-id                    the apple id to use for signing." 1>&$to
-	echo "  --apple-team-id               the apple team id to use for signing." 1>&$to
-	echo "  --apple-password              the password for the apple id." 1>&$to
-	echo "  --appimage-key-id             the gpg key id to use for signing the appimage." 1>&$to
-	echo "  --appimage-key-passphrase     the gpg key passphrase to use for signing the appimage." 1>&$to
 	echo "  --sign                        if set, will sign the app." 1>&$to
 	echo "  --channel                     the channel to use for the release (release | nightly)." 1>&$to
 	echo "  --help                        display this message." 1>&$to
@ -64,8 +44,11 @@ function os() {
 	Linux)
 		echo "linux"
 		;;
+	Windows|MSYS*|MINGW*)
+		echo "windows"
+		;;
 	*)
-		error "$os: unsupprted"
+		error "$os: unsupported"
 		;;
 	esac
 }
@ -109,56 +92,6 @@ while [[ $# -gt 0 ]]; do
 		shift
 		shift
 		;;
-	--tauri-private-key)
-		TAURI_PRIVATE_KEY="$2"
-		shift
-		shift
-		;;
-	--tauri-key-password)
-		TAURI_KEY_PASSWORD="$2"
-		shift
-		shift
-		;;
-	--apple-certificate)
-		APPLE_CERTIFICATE="$2"
-		shift
-		shift
-		;;
-	--apple-certificate-password)
-		APPLE_CERTIFICATE_PASSWORD="$2"
-		shift
-		shift
-		;;
-	--apple-signing-identity)
-		APPLE_SIGNING_IDENTITY="$2"
-		shift
-		shift
-		;;
-	--apple-id)
-		APPLE_ID="$2"
-		shift
-		shift
-		;;
-	--apple-team-id)
-		APPLE_TEAM_ID="$2"
-		shift
-		shift
-		;;
-	--apple-password)
-		APPLE_PASSWORD="$2"
-		shift
-		shift
-		;;
-	--appimage-key-id)
-		APPIMAGE_KEY_ID="$2"
-		shift
-		shift
-		;;
-	--appimage-key-passphrase)
-		APPIMAGE_KEY_PASSPHRASE="$2"
-		shift
-		shift
-		;;
 	--sign)
 		DO_SIGN="true"
 		shift
@ -174,10 +107,10 @@ while [[ $# -gt 0 ]]; do
 	esac
 done

-[ -z "$VERSION" ] && error "--version is not set"
+[ -z "${VERSION-}" ] && error "--version is not set"

-[ -z "$TAURI_PRIVATE_KEY" ] && error "--tauri-private-key is not set"
-[ -z "$TAURI_KEY_PASSWORD" ] && error "--tauri-key-password is not set"
+[ -z "${TAURI_PRIVATE_KEY-}" ] && error '$TAURI_PRIVATE_KEY is not set'
+[ -z "${TAURI_KEY_PASSWORD-}" ] && error '$TAURI_KEY_PASSWORD is not set'

 if [ "$CHANNEL" != "release" ] && [ "$CHANNEL" != "nightly" ]; then
 	error "--channel must be either 'release' or 'nightly'"
@ -188,12 +121,12 @@ export TAURI_KEY_PASSWORD="$TAURI_KEY_PASSWORD"

 if [ "$DO_SIGN" = "true" ]; then
 	if [ "$OS" = "macos" ]; then
-		[ -z "$APPLE_CERTIFICATE" ] && error "--apple-certificate is not set"
-		[ -z "$APPLE_CERTIFICATE_PASSWORD" ] && error "--apple-certificate-password is not set"
-		[ -z "$APPLE_SIGNING_IDENTITY" ] && error "--apple-signing-identity is not set"
-		[ -z "$APPLE_ID" ] && error "--apple-id is not set"
-		[ -z "$APPLE_TEAM_ID" ] && error "--apple-team-id is not set"
-		[ -z "$APPLE_PASSWORD" ] && error "--apple-password is not set"
+		[ -z "${APPLE_CERTIFICATE-}" ] && error '$APPLE_CERTIFICATE is not set'
+		[ -z "${APPLE_CERTIFICATE_PASSWORD-}" ] && error '$APPLE_CERTIFICATE_PASSWORD is not set'
+		[ -z "${APPLE_SIGNING_IDENTITY-}" ] && error '$APPLE_SIGNING_IDENTITY is not set'
+		[ -z "${APPLE_ID-}" ] && error '$APPLE_ID is not set'
+		[ -z "${APPLE_TEAM_ID-}" ] && error '$APPLE_TEAM_ID is not set'
+		[ -z "${APPLE_PASSWORD-}" ] && error '$APPLE_PASSWORD is not set'
 		export APPLE_CERTIFICATE="$APPLE_CERTIFICATE"
 		export APPLE_CERTIFICATE_PASSWORD="$APPLE_CERTIFICATE_PASSWORD"
 		export APPLE_SIGNING_IDENTITY="$APPLE_SIGNING_IDENTITY"
@ -201,11 +134,14 @@ if [ "$DO_SIGN" = "true" ]; then
 		export APPLE_TEAM_ID="$APPLE_TEAM_ID"
 		export APPLE_PASSWORD="$APPLE_PASSWORD"
 	elif [ "$OS" == "linux" ]; then
-		[ -z "$APPIMAGE_KEY_ID" ] && error "--appimage-key-id is not set"
-		[ -z "$APPIMAGE_KEY_PASSPHRASE" ] && error "--appimage-key-passphrase is not set"
+		[ -z "${APPIMAGE_KEY_ID-}" ] && error '$APPIMAGE_KEY_ID is not set'
+		[ -z "${APPIMAGE_KEY_PASSPHRASE-}" ] && error '$APPIMAGE_KEY_PASSPHRASE is not set'
 		export SIGN=1
 		export SIGN_KEY="$APPIMAGE_KEY_ID"
 		export APPIMAGETOOL_SIGN_PASSPHRASE="$APPIMAGE_KEY_PASSPHRASE"
+	elif [ "$OS" == "windows" ]; then
+		info "$OS: signing is not (yet) supported; skipping"
+		DO_SIGN="false"
 	else
 		error "signing is not supported on $(uname -s)"
 	fi
@ -217,6 +153,7 @@ info "  version: $VERSION"
 info "  os: $OS"
 info "  arch: $ARCH"
 info "  dist: $DIST"
+info "  sign: $DO_SIGN"

 TMP_DIR="$(mktemp -d)"
 trap "rm -rf '$TMP_DIR'" exit
@ -271,6 +208,21 @@ elif [ "$OS" = "linux" ]; then
 	info "  - $RELEASE_DIR/$(basename "$APPIMAGE_UPDATER")"
 	info "  - $RELEASE_DIR/$(basename "$APPIMAGE_UPDATER_SIG")"
 	info "  - $RELEASE_DIR/$(basename "$DEB")"
+elif [ "$OS" = "windows" ]; then
+	WINDOWS_INSTALLER="$(find $BUNDLE_DIR/windows -name \*.msi)"
+	WINDOWS_UPDATER="$(find $BUNDLE_DIR/windows -name \*.msi.zip)"
+	WINDOWS_UPDATER_SIG="$(find $BUNDLE_DIR/windows -name \*.msi.zip.sig)"
+
+	cp "$WINDOWS_INSTALLER" "$RELEASE_DIR"
+	cp "$WINDOWS_UPDATER" "$RELEASE_DIR"
+	cp "$WINDOWS_UPDATER_SIG" "$RELEASE_DIR"
+
+	info "built:"
+	info "  - $RELEASE_DIR/$(basename "$WINDOWS_INSTALLER")"
+	info "  - $RELEASE_DIR/$(basename "$WINDOWS_UPDATER")"
+	info "  - $RELEASE_DIR/$(basename "$WINDOWS_UPDATER_SIG")"
+else
+	error "unsupported os: $OS"
 fi

 info "done! bye!"