summaryrefslogtreecommitdiffhomepage
path: root/ci
AgeCommit message (Collapse)AuthorFilesLines
2023-07-14Remove Jonathan's gpg key while he's on leaveOskar Nyberg1-34/+0
2023-07-13Add Marco's gpg keyLinus Färnstrand1-0/+35
2023-07-06Add Jonatans gpg keyLinus Färnstrand1-0/+35
2023-06-29Remove Hank's key. He will likely not commit more for the appLinus Färnstrand1-37/+0
2023-06-29Add Linus new gpg keyLinus Färnstrand1-0/+46
2023-06-09Fix CI verification scriptJonathan1-1/+1
The verification script running on github would complain that the first commit of a PR changed all of the locked down files if this commit was unsigned. The reason was that in our github enviornment we don't fetch the entire git history but instead only the needed commits (so called shallow repository). The entire history is therefore folded into the first commit in the shallow repo. Since this history contains modifications of locked down files and since this commit is not signed the script will think this commit modified files its not allowed to. This fix deepens the shallow repo by 1 after fetching. It also clarifies a print in verification script to be more descriptive.
2023-06-05Verify that important files have not been accidentally removedMarkus Pettersson1-7/+19
Verify that we do not remove any file we deem important. If any such file is removed, they should also be removed from the list this CI job uses, and as such we raise a flag. Update the CI job to also check that all files in the list of important files still exists in the working directory/at the HEAD where it's being executed from.
2023-05-26Exclude `android/` and `ios/` tags from desktop buildsMarkus Pettersson1-1/+2
2023-05-08Add build server code for asking for the macOS installer key passphraseLinus Färnstrand1-0/+11
2023-03-14Allow using mold in containersLinus Färnstrand2-2/+4
Opt in with USE_MOLD=true
2023-03-08Add ci script to build & publish iOS appsEmīls1-0/+96
2023-03-03Refactor rsync call to separate bash functionLinus Färnstrand1-2/+8
2023-03-03Add --mkpath to rsync to create directories recursivelyLinus Färnstrand1-2/+2
2023-03-03Change bash function format to match our style guide in buildserver-*Linus Färnstrand2-8/+8
2023-03-03Adjust build and upload scripts to work on new build serverLinus Färnstrand2-4/+10
2023-03-02Move checking out a git reference to functionLinus Färnstrand1-14/+20
2023-03-02Return error code from build_ref and catch it in main loop insteadLinus Färnstrand1-8/+8
2023-03-02Add comment on why we don't update Rust on LinuxLinus Färnstrand1-0/+1
2023-03-02Build Linux builds in containerLinus Färnstrand1-19/+43
2023-02-28Make TAG_PATTERN_TO_BUILD a string instead of string-arrayOskar Nyberg1-1/+1
2023-02-28Disable SC2207 since tags can't include spacesOskar Nyberg2-0/+6
2023-02-28Add quotes around variablesOskar Nyberg2-10/+10
2023-02-28Add -r to read to handle spaces correctlyOskar Nyberg1-1/+1
This isn't really needed but it's easier to add than to add the shellcheck exception.
2023-02-27Extract upload server domain to variableLinus Färnstrand1-2/+3
2023-02-27Extract gpg fingerprint to variableLinus Färnstrand1-2/+2
2023-02-27Minor refactorLinus Färnstrand1-2/+1
2023-02-27Remove unused variableLinus Färnstrand1-1/+0
2023-02-27Change indentation 2->4 spaces in buildserver-upload.shLinus Färnstrand3-214/+214
2023-02-23Rename all mentions of the "master" branch to "main"Linus Färnstrand3-3/+3
2023-02-21Update Emils GPG key to the new one (049F58CC80D9C78452151EE6EF0CCD68D0E5B9B1)Linus Färnstrand1-61/+32
2023-02-20Fix tag being included in release buildsOskar Nyberg1-1/+3
2023-02-20Build test executable in buildserver-buildOskar Nyberg2-5/+12
2023-02-08Create a common sha-file for all build-files and upload them at the same timeOskar Nyberg2-59/+64
2023-01-19Move ci xml tidy scriptAlbin1-37/+0
2023-01-10Support orchestrator in instrumented test scriptAlbin1-31/+0
2022-12-08Disable Android builds in old build server scriptAlbin1-2/+2
2022-12-08Specify credential dir in build server scriptAlbin1-1/+2
2022-12-08Build Android in container on build serverAlbin1-1/+1
2022-12-08Add Android-only buildserver build scriptAlbin1-0/+103
2022-11-01Ensure android app is re-installed in gh actionsAlbin1-1/+15
This makes the instrumentation more robust as it avoids any potential signature mismatch (which is acceptable in a ci environment). It also makes sure that no app data/cache is left from previous runs.
2022-09-29Add arm64 Linux packages to build server scriptsDavid Lönnhager2-3/+6
2022-08-29Add Hank's gpg keyLinus Färnstrand1-0/+37
2022-07-05Create verification script and github actionJonathan9-0/+727
Create a script which verifies that a set of "locked down" files are not changed in commits that have not been signed. Create a github workflow that runs the script in the CI. The script accepts --whitelist <commit> and --import-gpg-keys arguments. The default settings are supposed to work on the build server without importing the gpg keys from the trusted_keys.pub file and running with a hardcoded whitelist commit. Make the CI workflow use these arguments as it is supposed to in .github. The public keys that can be imported are specified as files in the ci/keys/ directory. The files that are locked down are specified in the .github workflow as a single source of truth. This requires some complicated parsing in the verification script as well as a dependency from the verification script to the workflow YAML. These are not ideal design choices however the alternative is to not have a single source of truth for the locked down files as the github workflow can not depend on an external file. The mullvad signing key is named to be first in the list in order to be imported first. The whitelisted commit is the latest master before this commit
2022-06-14Fix always passing instrumented test scriptAlbin1-2/+13
Adb will not return an error code once the tests fail, so therefore this needs to be handled by parsing logs.
2022-05-16Replace complex expression with for loopJonathan1-1/+4
Replace a complicated expression for renaming files in the buildserver with a for loop with a slightly less complex expression. This hopefully will reduce their fragility.
2022-05-16Add the artifact tagging code to the buildserverJonathan1-1/+14
Move the appropriate artifact tagging code to the buildserver script. Previously the tag was right before the `.deb` and `.rpm` which causes issues for the uploading on the buildserver. This makes sure that the tag information is put before the `_amd64` and `_x86_64`
2022-04-22Remove nvm call from build server build scriptOskar Nyberg1-3/+0
2022-02-10Cache Windows modules in GitHub Actions workflowDavid Lönnhager1-7/+0
2022-02-01Run instrumented tests using prebuilt apksAlbin1-0/+6
2021-12-30Update documentation and build server script for new argumentsLinus Färnstrand1-1/+1