diff options
| author | David Lönnhager <david.l@mullvad.net> | 2025-03-12 17:41:48 +0100 |
|---|---|---|
| committer | David Lönnhager <david.l@mullvad.net> | 2025-03-20 15:06:46 +0100 |
| commit | aa5db48005bf9d2bd9c010dbf6a509605b3eb164 (patch) | |
| tree | 65de617acb5201ca0042bba62f65e83ae2439ee8 | |
| parent | e5b0413051697ef6bfec7518b05a07537dbc31f5 (diff) | |
| download | mullvadvpn-aa5db48005bf9d2bd9c010dbf6a509605b3eb164.tar.xz mullvadvpn-aa5db48005bf9d2bd9c010dbf6a509605b3eb164.zip | |
Add --upload flag to installer-downloader build script
This flag causes a signed build to be uploaded to app-build-linux
| -rwxr-xr-x | installer-downloader/build.sh | 61 |
1 files changed, 59 insertions, 2 deletions
diff --git a/installer-downloader/build.sh b/installer-downloader/build.sh index efa060ae22..fe6148e291 100755 --- a/installer-downloader/build.sh +++ b/installer-downloader/build.sh @@ -28,9 +28,9 @@ CARGO_TARGET_DIR=${CARGO_TARGET_DIR:-"../target"} export CARGO_TARGET_DIR # Temporary build directory -BUILD_DIR="./build" +BUILD_DIR="$SCRIPT_DIR/build" # Successfully built (and signed) artifacts -DIST_DIR="../dist" +DIST_DIR="$SCRIPT_DIR/../dist" BUNDLE_NAME="MullvadVPNInstaller" BUNDLE_ID="net.mullvad.$BUNDLE_NAME" @@ -45,6 +45,9 @@ mkdir -p "$DIST_DIR" # Whether to sign and notarized produced binaries SIGN="false" +# Whether to upload signed binaries +UPLOAD="false" + # Temporary keychain to store the .p12 in. # This is automatically created/replaced when signing on macOS. SIGN_KEYCHAIN_PATH="$HOME/Library/Keychains/mv-metadata-keychain-db" @@ -55,6 +58,9 @@ while [[ "$#" -gt 0 ]]; do --sign) SIGN="true" ;; + --upload) + UPLOAD="true" + ;; *) log_error "Unknown parameter: $1" exit 1 @@ -63,6 +69,11 @@ while [[ "$#" -gt 0 ]]; do shift done +if [[ "$UPLOAD" == "true" && "$SIGN" != "true" ]]; then + log_error "'--upload' requires '--sign' to be specified" + exit 1 +fi + # Check that we have the correct environment set for signing function assert_can_sign { if [[ "$(uname -s)" == "Darwin" ]]; then @@ -305,6 +316,46 @@ function dist_windows_app { mv "$BUILD_DIR/$FILENAME.exe" "$DIST_DIR/" } +# Upload whatever matches the first argument to the Linux build server +# Arguments: +# - local file +# - version +function upload_sftp { + local local_path=$1 + local version=$2 + echo "Uploading \"$local_path\" to app-build-linux:upload/installer-downloader/$version" + sftp app-build-linux <<EOF +mkdir upload/installer-downloader +mkdir upload/installer-downloader/$version +chmod 770 upload/installer-downloader +chmod 770 upload/installer-downloader/$version +cd upload/installer-downloader/$version +put "$local_path" +bye +EOF +} + +# Upload latest build and checksum in the dist directory to Linux build server +# The artifacts MUST have been built already +# The working directory MUST be $DIST_DIR +# +# Arguments: +# - version +function upload { + local version=$1 + local files=( "$FILENAME."* ) + + local checksums_path + checksums_path="desktop-downloader+$(hostname)+$version.sha256" + + sha256sum "${files[@]}" > "$checksums_path" + + for file in "${files[@]}"; do + upload_sftp "$file" "$version" || return 1 + done + upload_sftp "$checksums_path" "$version" || return 1 +} + function main { if [[ "$SIGN" != "false" ]]; then assert_can_sign @@ -327,6 +378,12 @@ function main { build_executable dist_windows_app fi + + if [[ "$UPLOAD" == "true" ]]; then + local version + version=$(product_version) + (cd "$DIST_DIR" && upload "$version") || return 1 + fi } main |