diff --git a/.github/workflows/aur.yml b/.github/workflows/aur.yml deleted file mode 100644 index 303ce398c..000000000 --- a/.github/workflows/aur.yml +++ /dev/null @@ -1,95 +0,0 @@ -name: Create PR for AUR - -on: - release: - types: [published] - workflow_dispatch: - inputs: - tag: - description: 'Release tag' - required: true - -jobs: - get-version: - uses: ./.github/workflows/get-version.yml - with: - version: ${{ inputs.tag }} - tarball: - name: Determines tarball url and compute checksum - runs-on: ubuntu-latest - needs: [get-version] - if: github.event_name == 'workflow_dispatch' || needs.get-version.outputs.versionType == 'stable' - env: - INPUT_TAG: ${{ inputs.tag }} - outputs: - url: ${{ steps.url.outputs.url}} - sha256: ${{ steps.sha256.outputs.sha256}} - steps: - - name: Determine tarball url - id: url - run: | - URL=""; - if [[ -n "${INPUT_TAG}" ]]; then - URL="https://github.com/cryptomator/cryptomator/archive/refs/tags/${INPUT_TAG}.tar.gz" - else - URL="https://github.com/cryptomator/cryptomator/archive/refs/tags/${{ github.event.release.tag_name }}.tar.gz" - fi - echo "url=${URL}" >> "$GITHUB_OUTPUT" - - name: Download source tarball and compute checksum - id: sha256 - run: | - curl --silent --fail-with-body -L -H "Accept: application/vnd.github+json" ${{ steps.url.outputs.url }} --output cryptomator.tar.gz - TARBALL_SHA256=$(sha256sum cryptomator.tar.gz | cut -d ' ' -f1) - echo "sha256=${TARBALL_SHA256}" >> "$GITHUB_OUTPUT" - aur: - name: Create PR for AUR - runs-on: ubuntu-latest - needs: [tarball, get-version] - env: - AUR_PR_URL: tbd - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - repository: 'cryptomator/aur' - token: ${{ secrets.CRYPTOBOT_PR_TOKEN }} - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install makepkg pacman-package-manager - - name: Checkout release branch - run: | - git checkout -b release/${{ needs.get-version.outputs.semVerStr }} - - name: Update build file - run: | - sed -i -e 's|^pkgver=.*$|pkgver=${{ needs.get-version.outputs.semVerStr }}|' PKGBUILD - sed -i -e 's|^pkgrel=.*$|pkgrel=1|' PKGBUILD - sed -i -e "s|^sha256sums=.*$|sha256sums=('${{ needs.tarball.outputs.sha256 }}'|" PKGBUILD - makepkg --printsrcinfo > .SRCINFO - - name: Commit and push - run: | - git config user.name "${{ github.actor }}" - git config user.email "${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com" - git config push.autoSetupRemote true - git stage . - git commit -m "Prepare release ${{needs.get-version.outputs.semVerStr}}" - git push - - name: Create pull request - run: | - printf "> [!IMPORTANT]\n> Todos:\n> - [ ] Update build instructions\n> - [ ] Check for JDK update\n> - [ ] Check for JFX update" > pr_body.md - PR_URL=$(gh pr create --title "Release ${{ needs.get-version.outputs.semVerStr }}" --body-file pr_body.md) - echo "AUR_PR_URL=$PR_URL" >> "$GITHUB_ENV" - env: - GH_TOKEN: ${{ secrets.CRYPTOBOT_PR_TOKEN }} - - name: Slack Notification - if: github.event_name == 'release' - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 - env: - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} - SLACK_USERNAME: 'Cryptobot' - SLACK_ICON: false - SLACK_ICON_EMOJI: ':bot:' - SLACK_CHANNEL: 'cryptomator-desktop' - SLACK_TITLE: "AUR release PR created for ${{ github.event.repository.name }} ${{ github.event.release.tag_name }} created." - SLACK_MESSAGE: "See <${{ env.AUR_PR_URL }}|PR> on how to proceed." - SLACK_FOOTER: false - MSG_MINIMAL: true \ No newline at end of file diff --git a/.github/workflows/linux-makepkg.yml b/.github/workflows/linux-makepkg.yml new file mode 100644 index 000000000..60638cb5b --- /dev/null +++ b/.github/workflows/linux-makepkg.yml @@ -0,0 +1,197 @@ +name: Build Arch package + +on: + release: + types: [published] + workflow_dispatch: + inputs: + version: + description: 'Version' + required: false + create-pr: + description: 'Create a PR for AUR mirror' + type: boolean + default: false + push: + branches-ignore: + - 'dependabot/**' + paths: + - '.github/workflows/aur.yml' + - 'dist/linux/aur/**' + - 'dist/linux/common/**' + - 'dist/linux/resources/**' + +jobs: + get-version: + uses: ./.github/workflows/get-version.yml + with: + version: ${{ inputs.version }} + + makepkg: + name: Build with makepkg + needs: [get-version] + runs-on: ubuntu-latest + container: + image: archlinux:base-devel + env: + PKGDEST: ${{ github.workspace }}/pkgdest + SRCDEST: ${{ github.workspace }}/srcdest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Prepare pacman + run: | + pacman-key --init + pacman-key --populate archlinux + pacman -Syu --noconfirm --needed git base-devel sudo gnupg maven unzip + - name: Create build user + run: | + useradd -m builder + echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers.d/builder + chown -R builder:builder "$GITHUB_WORKSPACE" + install -d -m 0755 -o builder -g builder "$PKGDEST" "$SRCDEST" + - name: Set package version + run: | + sed -i -e 's|^pkgver=.*$|pkgver=${{ needs.get-version.outputs.semVerStr }}|' dist/linux/aur/PKGBUILD + - name: Build package with makepkg + working-directory: dist/linux/aur + run: | + sudo -u builder env \ + PKGDEST="$PKGDEST" \ + SRCDEST="$SRCDEST" \ + makepkg --syncdeps --cleanbuild --noconfirm --log + - name: Upload package artifact + uses: actions/upload-artifact@v4 + with: + name: arch-package-${{ github.run_number }} + if-no-files-found: error + path: | + ${{ env.PKGDEST }}/*.pkg.tar.zst + + tarball: + name: Determines tarball url and compute checksum + runs-on: ubuntu-latest + needs: [get-version] + if: github.event_name == 'workflow_dispatch' && inputs.create-pr || needs.get-version.outputs.versionType == 'stable' + outputs: + url: ${{ steps.url.outputs.url}} + sha256: ${{ steps.sha256.outputs.sha256}} + steps: + - name: Determine tarball url + id: url + run: | + URL=""; + if [[ -n "${INPUT_VERSION}" ]]; then + URL="https://github.com/cryptomator/cryptomator/archive/refs/tags/${INPUT_VERSION}.tar.gz" + else + URL="https://github.com/cryptomator/cryptomator/archive/refs/tags/${{ github.event.release.tag_name }}.tar.gz" + fi + echo "url=${URL}" >> "$GITHUB_OUTPUT" + env: + INPUT_VERSION: ${{ inputs.version }} + - name: Download source tarball and compute checksum + id: sha256 + run: | + curl --silent --fail-with-body -L -H "Accept: application/vnd.github+json" ${{ steps.url.outputs.url }} --output cryptomator.tar.gz + TARBALL_SHA256=$(sha256sum cryptomator.tar.gz | cut -d ' ' -f1) + echo "sha256=${TARBALL_SHA256}" >> "$GITHUB_OUTPUT" + + aur: + name: Create PR for AUR + runs-on: ubuntu-latest + needs: [tarball, get-version] + container: + image: archlinux:base-devel + env: + PKGDEST: ${{ github.workspace }}/pkgdest + SRCDEST: ${{ github.workspace }}/srcdest + steps: + - name: Prepare pacman + run: | + pacman-key --init + pacman-key --populate archlinux + pacman -Syu --noconfirm --needed git base-devel sudo gnupg maven unzip github-cli + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + repository: 'cryptomator/aur' + token: ${{ secrets.CRYPTOBOT_PR_TOKEN }} + - name: Create build user + run: | + useradd -m builder + echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers.d/builder + chown -R builder:builder "$GITHUB_WORKSPACE" + install -d -m 0755 -o builder -g builder "$PKGDEST" "$SRCDEST" + - name: Import Cryptomator release signing key + # try first ubuntu. on failure try openpgp keyservers + run: | + sudo -u builder gpg --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys 58117AFA1F85B3EEC154677D615D449FE6E6A235 || \ + sudo -u builder gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys 58117AFA1F85B3EEC154677D615D449FE6E6A235 + - name: Checkout release branch + run: | + git checkout -b release/${{ needs.get-version.outputs.semVerStr }} + - name: Determine pkgrel + id: pkgrel + run: | + TARGET_VERSION='${{ needs.get-version.outputs.semVerStr }}' + CURRENT_VERSION="$(sed -nE 's/^pkgver=(.*)$/\1/p' PKGBUILD | head -n1)" + CURRENT_REL="$(sed -nE 's/^pkgrel=([0-9]+).*$/\1/p' PKGBUILD | head -n1)" + + if [[ "$CURRENT_VERSION" == "$TARGET_VERSION" && "$CURRENT_REL" =~ ^[0-9]+$ ]]; then + NEXT_REL=$((CURRENT_REL + 1)) + REL_MODE="bump" + else + NEXT_REL=1 + REL_MODE="reset" + fi + + echo "value=${NEXT_REL}" >> "$GITHUB_OUTPUT" + echo "mode=${REL_MODE}" >> "$GITHUB_OUTPUT" + - name: Update build file + run: | + sed -i -e 's|^pkgver=.*$|pkgver=${{ needs.get-version.outputs.semVerStr }}|' PKGBUILD + sed -i -e 's|^pkgrel=.*$|pkgrel=${{ steps.pkgrel.outputs.value }}|' PKGBUILD + sed -i -e 's|^source=.*$|$TAR_SOURCE|' PKGBUILD + sed -i -e "s|^sha256sums=.*$|$TAR_SHA|" PKGBUILD + makepkg --printsrcinfo > .SRCINFO + env: + TAR_SOURCE: |- + source=("cryptomator-${pkgver//_/-}.tar.gz::https://github.com/cryptomator/cryptomator/archive/refs/tags/${pkgver//_/-}.tar.gz" + "cryptomator-${pkgver//_/-}.tar.gz.asc::https://github.com/cryptomator/cryptomator/releases/download/${pkgver//_/-}/cryptomator-${pkgver//_/-}.tar.gz.asc") + TAR_SHA: |- + sha256sums=('${{needs.tarball.outputs.sha256}}' + 'SKIP') + - name: Build package with makepkg + run: | + sudo -u builder env \ + PKGDEST="$PKGDEST" \ + SRCDEST="$SRCDEST" \ + makepkg --syncdeps --cleanbuild --noconfirm --log + - name: Commit and push + run: | + git config user.name "cryptobot" + git config user.email "automation@cryptomator.org " + git config push.autoSetupRemote true + git stage . + git commit -m "Prepare release ${{ needs.get-version.outputs.semVerStr }}-${{ steps.pkgrel.outputs.value }} (${{ steps.pkgrel.outputs.mode }} pkgrel)" + git push + - name: Create pull request + id: create-pr + run: | + printf "> [!IMPORTANT]\n> Todos:\n> - [ ] Update build instructions\n> - [ ] Check for JDK update\n> - [ ] Check for JFX update" > pr_body.md + PR_URL=$(gh pr create --title "Release ${{ needs.get-version.outputs.semVerStr }}" --body-file pr_body.md) + echo "url=$PR_URL" >> "$GITHUB_OUTPUT" + env: + GH_TOKEN: ${{ secrets.CRYPTOBOT_PR_TOKEN }} + - name: Slack Notification + if: github.event_name == 'release' + uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 + env: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_CRYPTOMATOR_DESKTOP }} + SLACK_USERNAME: 'Cryptobot' + SLACK_ICON: false + SLACK_ICON_EMOJI: ':bot:' + SLACK_CHANNEL: 'cryptomator-desktop' + SLACK_TITLE: "AUR release PR created for ${{ github.event.repository.name }} ${{ github.event.release.tag_name }} created." + SLACK_MESSAGE: "See <${{ steps.create-pr.outputs.url }}|PR> on how to proceed." + SLACK_FOOTER: false + MSG_MINIMAL: true diff --git a/dist/linux/aur/PKGBUILD b/dist/linux/aur/PKGBUILD new file mode 100644 index 000000000..222d53624 --- /dev/null +++ b/dist/linux/aur/PKGBUILD @@ -0,0 +1,116 @@ +# Maintainer: Aaron Graves +# Contributor: Julian Raufelder +# Contributor: Morten Linderud +# Contributor: Sebastian Stenzel +# Contributor: Armin Schrenk + +pkgname=cryptomator +pkgver=1.19.0_SNAPSHOT +pkgrel=1 +pkgdesc="Multiplatform transparent client-side encryption of your files in the cloud." +arch=('any') +url="https://cryptomator.org/" +license=('GPL3') +depends=('fuse3' 'alsa-lib' 'hicolor-icon-theme' 'libxtst' 'libnet' 'libxrender') +makedepends=('maven' 'unzip') +optdepends=('keepassxc-cryptomator: Use KeePassXC to store vault passwords' 'ttf-hanazono: Install this font when using Japanese system language') +_jdkver=24.0.1+9 +_jfxver=25 +_src_app_dir=cryptomator-${pkgver//_/-} +source=("${_src_app_dir}::git+file://${startdir}/../../.."); +source_x86_64=("jdk-${_jdkver}.tar.gz::https://github.com/adoptium/temurin${_jdkver:0:2}-binaries/releases/download/jdk-${_jdkver//\+/%2B}/OpenJDK${_jdkver:0:2}U-jdk_x64_linux_hotspot_${_jdkver//\+/_}.tar.gz" + "openjfx-${_jfxver}.zip::https://download2.gluonhq.com/openjfx/${_jfxver}/openjfx-${_jfxver}_linux-x64_bin-jmods.zip") +source_aarch64=("jdk-${_jdkver}.tar.gz::https://github.com/adoptium/temurin${_jdkver:0:2}-binaries/releases/download/jdk-${_jdkver//\+/%2B}/OpenJDK${_jdkver:0:2}U-jdk_aarch64_linux_hotspot_${_jdkver//\+/_}.tar.gz" + "openjfx-${_jfxver}.zip::https://download2.gluonhq.com/openjfx/${_jfxver}/openjfx-${_jfxver}_linux-aarch64_bin-jmods.zip") +noextract=("jdk-${_jdkver}.tar.gz" "openjfx-${_jfxver}.zip") +sha256sums=('SKIP') +sha256sums_x86_64=('78832cb5ea4074f2215cde0d01d6192d09c87636fc24b36647aea61fb23b8272' + '96e520f48610d8ffb94ca30face1f11ffe8a977ddc1c4ff80b1a9e9f048bd94e') +sha256sums_aarch64=('a598260e340028d9b2383c23df16aa286769a661bd3bf28a52e8c1a5774b1110' + '9ad4ca7b769ca4ee6419f1e99143dd6ff812f8be4fddb46a7d7cacbeea148af4') +options=('!strip') + +validpgpkeys=('58117AFA1F85B3EEC154677D615D449FE6E6A235') + +build() { + export JAVA_HOME="${srcdir}/jdk-${_jdkver}" + JMODS_PATH="${srcdir}/openjfx-${_jfxver}-jmods" + #JEP 493 + if ! $(${JAVA_HOME}/bin/jlink --help | grep -q "Linking from run-time image enabled"); then + JMODS_PATH="${JMODS_PATH}:${JAVA_HOME}/jmods:" + fi + + tar xfz "jdk-${_jdkver}.tar.gz" + + mkdir "openjfx-${_jfxver}-jmods" + unzip -j "openjfx-${_jfxver}.zip" \*/javafx.base.jmod \*/javafx.controls.jmod \*/javafx.fxml.jmod \*/javafx.graphics.jmod -d "openjfx-${_jfxver}-jmods" + + cd "${srcdir}/${_src_app_dir}" + + mvn -B clean package -DskipTests -Plinux + + cp LICENSE.txt target + cp target/cryptomator-*.jar target/mods + + cd target + + "$JAVA_HOME/bin/jlink" \ + --output runtime \ + --module-path "$JMODS_PATH" \ + --add-modules java.base,java.desktop,java.instrument,java.logging,java.naming,java.net.http,java.scripting,java.sql,java.xml,javafx.base,javafx.graphics,javafx.controls,javafx.fxml,jdk.crypto.ec,jdk.crypto.cryptoki,jdk.unsupported,jdk.security.auth,jdk.accessibility,jdk.management.jfr,jdk.net,java.compiler \ + --strip-native-commands \ + --no-header-files \ + --no-man-pages \ + --strip-debug \ + --compress=zip-0 + + ##Note: jpackage does not allow -beta suffixes, have to strip those + "$JAVA_HOME/bin/jpackage" \ + --type app-image \ + --runtime-image runtime \ + --input libs \ + --module-path mods \ + --module org.cryptomator.desktop/org.cryptomator.launcher.Cryptomator \ + --dest . \ + --name cryptomator \ + --vendor "Skymatic GmbH" \ + --copyright "(C) 2016 - 2025 Skymatic GmbH" \ + --java-options '--enable-native-access=javafx.graphics,org.cryptomator.jfuse.linux.amd64,org.cryptomator.jfuse.linux.aarch64,org.purejava.appindicator' \ + --java-options "--sun-misc-unsafe-memory-access=allow" \ + --java-options "-Xss5m" \ + --java-options "-Xmx256m" \ + --java-options "-Dfile.encoding=\"utf-8\"" \ + --java-options "-Djava.net.useSystemProxies=true" \ + --java-options "-Dcryptomator.logDir=\"@{userhome}/.local/share/Cryptomator/logs\"" \ + --java-options "-Dcryptomator.pluginDir=\"@{userhome}/.local/share/Cryptomator/plugins\"" \ + --java-options "-Dcryptomator.settingsPath=\"@{userhome}/.config/Cryptomator/settings.json:~/.Cryptomator/settings.json\"" \ + --java-options "-Dcryptomator.p12Path=\"@{userhome}/.config/Cryptomator/key.p12\"" \ + --java-options "-Dcryptomator.ipcSocketPath=\"@{userhome}/.config/Cryptomator/ipc.socket\"" \ + --java-options "-Dcryptomator.mountPointsDir=\"@{userhome}/.local/share/Cryptomator/mnt\"" \ + --java-options "-Dcryptomator.showTrayIcon=true" \ + --java-options "-Dcryptomator.disableUpdateCheck=true" \ + --java-options "-Dcryptomator.buildNumber=\"aur-${pkgrel}\"" \ + --java-options "-Dcryptomator.appVersion=\"${pkgver//_/-}\"" \ + --java-options "-Dcryptomator.integrationsLinux.autoStartCmd=\"cryptomator\"" \ + --java-options "-Dcryptomator.networking.truststore.p12Path=\"/etc/cryptomator/certs.p12\"" \ + --app-version "${pkgver//_*/}" \ + --verbose +} + +package() { + install -Dm644 "${srcdir}/${_src_app_dir}/dist/linux/common/application-vnd.cryptomator.vault.xml" "${pkgdir}/usr/share/mime/packages/cryptomator-vault.xml" + install -Dm644 "${srcdir}/${_src_app_dir}/dist/linux/common/org.cryptomator.Cryptomator.desktop" "${pkgdir}/usr/share/applications/org.cryptomator.Cryptomator.desktop" + install -Dm644 "${srcdir}/${_src_app_dir}/dist/linux/common/org.cryptomator.Cryptomator256.png" "${pkgdir}/usr/share/icons/hicolor/256x256/apps/org.cryptomator.Cryptomator.png" + install -Dm644 "${srcdir}/${_src_app_dir}/dist/linux/common/org.cryptomator.Cryptomator512.png" "${pkgdir}/usr/share/icons/hicolor/512x512/apps/org.cryptomator.Cryptomator.png" + install -Dm644 "${srcdir}/${_src_app_dir}/dist/linux/common/org.cryptomator.Cryptomator.svg" "${pkgdir}/usr/share/icons/hicolor/scalable/apps/org.cryptomator.Cryptomator.svg" + install -Dm644 "${srcdir}/${_src_app_dir}/dist/linux/common/org.cryptomator.Cryptomator.tray.svg" "${pkgdir}/usr/share/icons/hicolor/scalable/apps/org.cryptomator.Cryptomator.tray.svg" + install -Dm644 "${srcdir}/${_src_app_dir}/dist/linux/common/org.cryptomator.Cryptomator.tray-unlocked.svg" "${pkgdir}/usr/share/icons/hicolor/scalable/apps/org.cryptomator.Cryptomator.tray-unlocked.svg" + install -Dm644 "${srcdir}/${_src_app_dir}/dist/linux/common/org.cryptomator.Cryptomator.tray.svg" "${pkgdir}/usr/share/icons/hicolor/symbolic/apps/org.cryptomator.Cryptomator.tray-symbolic.svg" + install -Dm644 "${srcdir}/${_src_app_dir}/dist/linux/common/org.cryptomator.Cryptomator.tray-unlocked.svg" "${pkgdir}/usr/share/icons/hicolor/symbolic/apps/org.cryptomator.Cryptomator.tray-unlocked-symbolic.svg" + + cp -R "${srcdir}/${_src_app_dir}/target/cryptomator" "${pkgdir}/opt/" + install -Dm644 "${srcdir}/${_src_app_dir}/target/LICENSE.txt" -t "${pkgdir}/usr/share/licenses/${pkgname}" + + mkdir -p "${pkgdir}/usr/bin" + ln -s "/opt/cryptomator/bin/cryptomator" "${pkgdir}/usr/bin/cryptomator" +}