Merge pull request #73 from DefGuard/dev

chore: merge dev into main

.eslintrc.cjs

@@ -33,7 +33,7 @@ module.exports = {
         code: 90,
         comments: 140,
         tabWidth: 2,
-        ignorePattern: '^import .* |.*LL\\..*|.*d=.*',
+        ignorePattern: '^(import .* |.*LL\\..*|.*d=.*|.*from \')',
         ignoreComments: true,
         ignoreRegExpLiterals: true,
         ignoreTemplateLiterals: true,

.gitattributes

@@ -0,0 +1,2 @@
+* text=auto
+* text eol=lf

.github/release.yml

@@ -0,0 +1,16 @@
+changelog:
+  exclude:
+    labels:
+      - ignore-for-release
+  categories:
+    - title: Breaking Changes 🛠
+      labels:
+        - Semver-Major
+        - breaking-change
+    - title: Exciting New Features 🎉
+      labels:
+        - Semver-Minor
+        - enhancement
+    - title: Other Changes
+      labels:
+        - "*"

.github/workflows/lint.yaml

@@ -0,0 +1,51 @@
+name: 'lint'
+
+on:
+  push:
+    branches:
+      - main
+      - dev
+
+  pull_request:
+    branches:
+      - main
+      - dev
+
+jobs:
+  lint-web:
+    runs-on: self-hosted
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: 'recursive'
+      - uses: actions/setup-node@v3
+        with:
+          node-version: '20'
+
+      - uses: pnpm/action-setup@v2
+        with:
+          version: 8
+          run_install: false
+
+      - name: Get pnpm store directory
+        shell: bash
+        run: |
+          echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
+
+      - uses: actions/cache@v3
+        name: Setup pnpm cache
+        with:
+          path: ${{ env.STORE_PATH }}
+          key: ${{ runner.os }}-pnpm-lint-store-${{ hashFiles('**/pnpm-lock.yaml') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-lint-store-
+
+      - name: Install deps
+        run: pnpm install --frozen-lockfile
+
+      - name: Run Eslint and Prettier Lint
+        run: pnpm lint
+
+      - name: Check TSC
+        run: pnpm tsc

.github/workflows/release.yaml

@@ -0,0 +1,275 @@
+name: "Build app & create release"
+
+on:
+  push:
+    tags:
+      - v*.*.*
+
+jobs:
+  build-wireguard-go:
+    strategy:
+      fail-fast: false
+      matrix:
+        architecture: [arm64, amd64]
+
+    runs-on: [self-hosted, macOS]
+
+    steps:
+     - uses: actions/checkout@v4
+       with:
+         repository: WireGuard/wireguard-go
+         ref: master
+         fetch-depth: 0
+     - name: Set up Go
+       uses: actions/setup-go@v4
+       with:
+         go-version: '1.20'
+     - name: Build wireguard-go binary
+       run: make
+       env:
+        GOOS: darwin
+        GOARCH: ${{ matrix.architecture }}
+     - name: Upload binary artifact arm64
+       if: matrix.architecture == 'arm64'
+       uses: actions/upload-artifact@v3
+       with:
+         name: wireguard-go-aarch64-apple-darwin
+         path: wireguard-go
+     - name: Upload binary artifact amd64
+       if: matrix.architecture == 'amd64'
+       uses: actions/upload-artifact@v3
+       with:
+         name: wireguard-go-x86_64-apple-darwin
+         path: wireguard-go
+
+  create-release:
+    name: create-release
+    runs-on: self-hosted
+    outputs:
+      upload_url: ${{ steps.release.outputs.upload_url }}
+    steps:
+      - name: Create GitHub release
+        id: release
+        uses: softprops/action-gh-release@v1
+        if: startsWith(github.ref, 'refs/tags/')
+        with:
+          draft: true
+          generate_release_notes: true
+
+  build-linux:
+    needs:
+      - create-release
+
+    runs-on:
+      - self-hosted
+      - Linux
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: "recursive"
+
+      - name: Write release version
+        run: |
+          VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1)
+          echo Version: $VERSION
+          echo "VERSION=$VERSION" >> $GITHUB_ENV
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: "20"
+
+      - uses: pnpm/action-setup@v2
+        with:
+          version: 8
+          run_install: false
+
+      - name: Get pnpm store directory
+        shell: bash
+        run: |
+          echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
+
+      - uses: actions/cache@v3
+        name: Setup pnpm cache
+        with:
+          path: ${{ env.STORE_PATH }}
+          key: ${{ runner.os }}-pnpm-build-store-${{ hashFiles('**/pnpm-lock.yaml') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-build-store-
+
+      - name: Install deps
+        run: pnpm install --frozen-lockfile
+      - uses: dtolnay/rust-toolchain@stable
+
+      - name: install linux deps
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.0-dev libappindicator3-dev librsvg2-dev patchelf libssl-dev unzip
+
+      - name: install protobuf compiler
+        run: |
+          PB_REL='https://github.com/protocolbuffers/protobuf/releases'
+          PB_VERSION='3.20.0' && curl -LO $PB_REL/download/v$PB_VERSION/protoc-$PB_VERSION-linux-x86_64.zip
+          sudo unzip protoc-$PB_VERSION-linux-x86_64.zip bin/protoc include/google/* -d /usr/local
+
+      - name: Build packages
+        uses: tauri-apps/tauri-action@v0
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Upload DEB
+        uses: actions/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.create-release.outputs.upload_url }}
+          asset_path: src-tauri/target/release/bundle/deb/defguard-client_${{ env.VERSION }}_amd64.deb
+          asset_name: defguard-client_${{ env.VERSION }}_amd64.deb
+          asset_content_type: application/octet-stream
+
+      - name: Upload AppImage
+        if: matrix.platform == 'Linux'
+        uses: actions/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.create-release.outputs.upload_url }}
+          asset_path: src-tauri/target/release/bundle/appimage/defguard-client_${{ env.VERSION }}_amd64.AppImage
+          asset_name: defguard-client_${{ env.VERSION }}_amd64.AppImage
+          asset_content_type: application/octet-stream
+
+      - name: Rename client binary
+        run: mv src-tauri/target/release/defguard-client defguard-client-linux-x86_64-${{ github.ref_name }}
+
+      - name: Tar client binary
+        uses: a7ul/[email protected]
+        with:
+          command: c
+          files: |
+            defguard-client-linux-x86_64-${{ github.ref_name }}
+          outPath: defguard-client-linux-x86_64-${{ github.ref_name }}.tar.gz
+
+      - name: Upload client archive
+        uses: actions/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.create-release.outputs.upload_url }}
+          asset_path: defguard-client-linux-x86_64-${{ github.ref_name }}.tar.gz
+          asset_name: defguard-client-linux-x86_64-${{ github.ref_name }}.tar.gz
+          asset_content_type: application/octet-stream
+
+      - name: Rename daemon binary
+        run: mv src-tauri/target/release/defguard-service defguard-service-linux-x86_64-${{ github.ref_name }}
+
+      - name: Tar daemon binary
+        uses: a7ul/[email protected]
+        with:
+          command: c
+          files: |
+            defguard-service-linux-x86_64-${{ github.ref_name }}
+          outPath: defguard-service-linux-x86_64-${{ github.ref_name }}.tar.gz
+
+      - name: Upload daemon archive
+        uses: actions/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.create-release.outputs.upload_url }}
+          asset_path: defguard-service-linux-x86_64-${{ github.ref_name }}.tar.gz
+          asset_name: defguard-service-linux-x86_64-${{ github.ref_name }}.tar.gz
+          asset_content_type: application/octet-stream
+
+  build-macos:
+    needs:
+      - create-release
+      - build-wireguard-go
+
+    strategy:
+      fail-fast: false
+      matrix:
+        target: [aarch64-apple-darwin, x86_64-apple-darwin]
+
+    runs-on:
+      - self-hosted
+      - macOS
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: "recursive"
+
+      - name: Write release version
+        run: |
+          VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1)
+          echo Version: $VERSION
+          echo "VERSION=$VERSION" >> $GITHUB_ENV
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: "20"
+
+      - uses: pnpm/action-setup@v2
+        with:
+          version: 8
+          run_install: false
+
+      - name: Get pnpm store directory
+        shell: bash
+        run: echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV
+
+      - uses: actions/cache@v3
+        name: Setup pnpm cache
+        with:
+          path: ${{ env.STORE_PATH }}
+          key: ${{ runner.os }}-pnpm-build-store-${{ hashFiles('**/pnpm-lock.yaml') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-build-store-
+
+      - name: Install deps
+        run: pnpm install --frozen-lockfile
+      - uses: dtolnay/rust-toolchain@stable
+
+      - name: Install protobuf compiler
+        run: brew install protobuf
+
+      - name: Install ARM target
+        run: rustup target add aarch64-apple-darwin
+
+      - name: Download wireguard-go binary
+        uses: actions/download-artifact@v3
+        with:
+          name: wireguard-go-${{ matrix.target }}
+          path: src-tauri/resources-macos/binaries/wireguard-go-${{ matrix.target }}
+
+      - name: Unlock keychain
+        run: security -v unlock-keychain -p "${{ secrets.KEYCHAIN_PASSWORD }}" /Users/admin/Library/Keychains/login.keychain
+
+      - name: Build app
+        uses: tauri-apps/tauri-action@v0
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          APPLE_SIGNING_IDENTITY: "Developer ID Application: TEONITE (6WD6W6WQNV)"
+          APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
+          APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
+          APPLE_ID: "[email protected]"
+          APPLE_PASSWORD: ${{ secrets.NOTARYTOOL_APP_SPECIFIC_PASSWORD }}
+          APPLE_TEAM_ID: "6WD6W6WQNV"
+        with:
+          args: --target ${{ matrix.target }} -v
+
+      - name: Build installation package
+        run: |
+          bash build-macos-package.sh src-tauri/target/${{ matrix.target }} src-tauri/resources-macos/scripts "Developer ID Installer: TEONITE (6WD6W6WQNV)" /Users/admin/Library/Keychains/login.keychain
+          xcrun notarytool submit --wait --apple-id [email protected] --password ${{ secrets.NOTARYTOOL_APP_SPECIFIC_PASSWORD }} --team-id 6WD6W6WQNV src-tauri/target/${{ matrix.target }}/product-signed/defguard.pkg
+          xcrun stapler staple src-tauri/target/${{ matrix.target }}/product-signed/defguard.pkg
+
+      - name: Upload installation package
+        uses: actions/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.create-release.outputs.upload_url }}
+          asset_path: src-tauri/target/${{ matrix.target }}/product-signed/defguard.pkg
+          asset_name: defguard-${{ matrix.target }}-${{ env.VERSION }}.pkg
+          asset_content_type: application/octet-stream