trim private key #47
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
# ------------- NOTE | |
# please setup some secrets before running this workflow: | |
# DOCKER_IMAGE should be the target image name on docker hub (e.g. "rustdesk/rustdesk-server-s6" ) | |
# DOCKER_IMAGE_CLASSIC should be the target image name on docker hub for the old build (e.g. "rustdesk/rustdesk-server" ) | |
# DOCKER_USERNAME is the username you normally use to login at https://hub.docker.com/ | |
# DOCKER_PASSWORD is a token you should create under "account settings / security" with read/write access | |
on: | |
workflow_dispatch: | |
push: | |
tags: | |
- 'v[0-9]+.[0-9]+.[0-9]+' | |
- '[0-9]+.[0-9]+.[0-9]+' | |
- 'v[0-9]+.[0-9]+.[0-9]+-[0-9]+' | |
- '[0-9]+.[0-9]+.[0-9]+-[0-9]+' | |
env: | |
CARGO_TERM_COLOR: always | |
LATEST_TAG: latest | |
jobs: | |
# binary build | |
build: | |
name: Build - ${{ matrix.job.name }} | |
runs-on: ubuntu-20.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
job: | |
- { name: "amd64", target: "x86_64-unknown-linux-musl" } | |
- { name: "arm64v8", target: "aarch64-unknown-linux-musl" } | |
- { name: "armv7", target: "armv7-unknown-linux-musleabihf" } | |
- { name: "i386", target: "i686-unknown-linux-musl" } | |
- { name: "amd64fb", target: "x86_64-unknown-freebsd" } | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Install toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: "1.70.0" | |
override: true | |
default: true | |
components: rustfmt | |
profile: minimal | |
target: ${{ matrix.job.target }} | |
- name: Build | |
uses: actions-rs/cargo@v1 | |
with: | |
command: build | |
args: --release --all-features --target=${{ matrix.job.target }} | |
use-cross: true | |
- name: Exec chmod | |
run: chmod -v a+x target/${{ matrix.job.target }}/release/* | |
- name: Publish Artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: binaries-linux-${{ matrix.job.name }} | |
path: | | |
target/${{ matrix.job.target }}/release/hbbr | |
target/${{ matrix.job.target }}/release/hbbs | |
target/${{ matrix.job.target }}/release/rustdesk-utils | |
if-no-files-found: error | |
build-win: | |
name: Build - windows | |
runs-on: windows-2019 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Install toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: "1.70.0" | |
override: true | |
default: true | |
components: rustfmt | |
profile: minimal | |
target: x86_64-pc-windows-msvc | |
- name: Build | |
uses: actions-rs/cargo@v1 | |
with: | |
command: build | |
args: --release --all-features --target=x86_64-pc-windows-msvc | |
use-cross: true | |
- name: Install NSIS | |
run: | | |
iwr -useb get.scoop.sh -outfile 'install.ps1' | |
.\install.ps1 -RunAsAdmin | |
scoop update | |
scoop bucket add extras | |
scoop install nsis | |
- name: Install Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 16 | |
- name: Sign exe files | |
uses: GermanBluefox/code-sign-action@v7 | |
if: false | |
with: | |
certificate: '${{ secrets.WINDOWS_PFX_BASE64 }}' | |
password: '${{ secrets.WINDOWS_PFX_PASSWORD }}' | |
certificatesha1: '${{ secrets.WINDOWS_PFX_SHA1_THUMBPRINT }}' | |
folder: 'target\x86_64-pc-windows-msvc\release' | |
recursive: false | |
- name: Build UI browser file | |
run: | | |
npm i | |
npm run build | |
working-directory: ./ui/html | |
- name: Build UI setup file | |
run: | | |
rustup default nightly | |
cargo build --release | |
xcopy /y ..\target\x86_64-pc-windows-msvc\release\*.exe setup\bin\ | |
xcopy /y target\release\*.exe setup\ | |
mkdir setup\logs | |
makensis /V1 setup.nsi | |
mkdir SignOutput | |
mv RustDeskServer.Setup.exe SignOutput\ | |
mv ..\target\x86_64-pc-windows-msvc\release\*.exe SignOutput\ | |
working-directory: ./ui | |
- name: Sign UI setup file | |
uses: GermanBluefox/code-sign-action@v7 | |
if: false | |
with: | |
certificate: '${{ secrets.WINDOWS_PFX_BASE64 }}' | |
password: '${{ secrets.WINDOWS_PFX_PASSWORD }}' | |
certificatesha1: '${{ secrets.WINDOWS_PFX_SHA1_THUMBPRINT }}' | |
folder: './ui/SignOutput' | |
recursive: false | |
- name: Publish Artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: binaries-windows-x86_64 | |
path: | | |
ui\SignOutput\hbbr.exe | |
ui\SignOutput\hbbs.exe | |
ui\SignOutput\rustdesk-utils.exe | |
ui\SignOutput\RustDeskServer.Setup.exe | |
if-no-files-found: error | |
# github (draft) release with all binaries | |
release: | |
name: Github release | |
needs: | |
- build | |
- build-win | |
runs-on: ubuntu-20.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
job: | |
- { os: "linux", name: "amd64" } | |
- { os: "linux", name: "arm64v8" } | |
- { os: "linux", name: "armv7" } | |
- { os: "linux", name: "i386" } | |
- { os: "linux", name: "amd64fb" } | |
- { os: "windows", name: "x86_64" } | |
steps: | |
- name: Download binaries (${{ matrix.job.os }} - ${{ matrix.job.name }}) | |
uses: actions/download-artifact@v3 | |
with: | |
name: binaries-${{ matrix.job.os }}-${{ matrix.job.name }} | |
path: ${{ matrix.job.name }} | |
- name: Exec chmod | |
run: chmod -v a+x ${{ matrix.job.name }}/* | |
- name: Pack files (${{ matrix.job.os }} - ${{ matrix.job.name }}) | |
run: | | |
sudo apt update | |
DEBIAN_FRONTEND=noninteractive sudo apt install -y zip | |
zip ${{ matrix.job.name }}/rustdesk-server-${{ matrix.job.os }}-${{ matrix.job.name }}.zip ${{ matrix.job.name }}/* | |
- name: Create Release (${{ matrix.job.os }} - (${{ matrix.job.name }}) | |
uses: softprops/action-gh-release@v1 | |
with: | |
draft: true | |
files: ${{ matrix.job.name }}/rustdesk-server-${{ matrix.job.os }}-${{ matrix.job.name }}.zip | |
# docker build and push of single-arch images | |
docker: | |
name: Docker push - ${{ matrix.job.name }} | |
needs: build | |
runs-on: ubuntu-22.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
job: | |
- { name: "amd64", docker_platform: "linux/amd64", s6_platform: "x86_64" } | |
- { name: "arm64v8", docker_platform: "linux/arm64", s6_platform: "aarch64" } | |
- { name: "armv7", docker_platform: "linux/arm/v7", s6_platform: "armhf" } | |
- { name: "i386", docker_platform: "linux/386", s6_platform: "i686" } | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Download binaries | |
uses: actions/download-artifact@v3 | |
with: | |
name: binaries-linux-${{ matrix.job.name }} | |
path: docker/rootfs/usr/bin | |
- name: Make binaries executable | |
run: chmod -v a+x docker/rootfs/usr/bin/* | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to Docker Hub | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: registry.hub.docker.com/${{ secrets.DOCKER_IMAGE }} | |
- name: Get git tag | |
id: vars | |
run: | | |
T=${GITHUB_REF#refs/*/} | |
M=${T%%.*} | |
echo "GIT_TAG=$T" >> $GITHUB_ENV | |
echo "MAJOR_TAG=$M" >> $GITHUB_ENV | |
- name: Build and push Docker image | |
uses: docker/build-push-action@v3 | |
with: | |
context: "./docker" | |
platforms: ${{ matrix.job.docker_platform }} | |
push: true | |
build-args: | | |
S6_ARCH=${{ matrix.job.s6_platform }} | |
tags: | | |
${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }} | |
${{ secrets.DOCKER_IMAGE }}:${{ env.GIT_TAG }}-${{ matrix.job.name }} | |
${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }} | |
labels: ${{ steps.meta.outputs.labels }} | |
# docker build and push of multiarch images | |
docker-manifest: | |
name: Docker manifest | |
needs: docker | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Log in to Docker Hub | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Get git tag | |
id: vars | |
run: | | |
T=${GITHUB_REF#refs/*/} | |
M=${T%%.*} | |
echo "GIT_TAG=$T" >> $GITHUB_ENV | |
echo "MAJOR_TAG=$M" >> $GITHUB_ENV | |
# manifest for :1.2.3 tag | |
# this has to run only if invoked by a new tag | |
- name: Create and push manifest (:ve.rs.ion) | |
uses: Noelware/docker-manifest-action@master | |
if: github.event_name != 'workflow_dispatch' | |
with: | |
base-image: ${{ secrets.DOCKER_IMAGE }}:${{ env.GIT_TAG }} | |
extra-images: ${{ secrets.DOCKER_IMAGE }}:${{ env.GIT_TAG }}-amd64,${{ secrets.DOCKER_IMAGE }}:${{ env.GIT_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE }}:${{ env.GIT_TAG }}-armv7,${{ secrets.DOCKER_IMAGE }}:${{ env.GIT_TAG }}-i386 | |
push: true | |
# manifest for :1 tag (major release) | |
- name: Create and push manifest (:major) | |
uses: Noelware/docker-manifest-action@master | |
with: | |
base-image: ${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }} | |
extra-images: ${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-amd64,${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-armv7,${{ secrets.DOCKER_IMAGE }}:${{ env.MAJOR_TAG }}-i386 | |
push: true | |
# manifest for :latest tag | |
- name: Create and push manifest (:latest) | |
uses: Noelware/docker-manifest-action@master | |
with: | |
base-image: ${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }} | |
extra-images: ${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-amd64,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-armv7,${{ secrets.DOCKER_IMAGE }}:${{ env.LATEST_TAG }}-i386 | |
push: true | |
# docker build and push of single-arch images | |
docker-classic: | |
name: Docker push - ${{ matrix.job.name }} | |
needs: build | |
runs-on: ubuntu-22.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
job: | |
- { name: "amd64", docker_platform: "linux/amd64" } | |
- { name: "arm64v8", docker_platform: "linux/arm64" } | |
- { name: "armv7", docker_platform: "linux/arm/v7" } | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Download binaries | |
uses: actions/download-artifact@v3 | |
with: | |
name: binaries-linux-${{ matrix.job.name }} | |
path: docker-classic/ | |
- name: Make binaries executable | |
run: chmod -v a+x docker-classic/* | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to Docker Hub | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: registry.hub.docker.com/${{ secrets.DOCKER_IMAGE_CLASSIC }} | |
- name: Get git tag | |
id: vars | |
run: | | |
T=${GITHUB_REF#refs/*/} | |
M=${T%%.*} | |
echo "GIT_TAG=$T" >> $GITHUB_ENV | |
echo "MAJOR_TAG=$M" >> $GITHUB_ENV | |
- name: Build and push Docker image | |
uses: docker/build-push-action@v3 | |
with: | |
context: "./docker-classic" | |
platforms: ${{ matrix.job.docker_platform }} | |
push: true | |
tags: | | |
${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }} | |
${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-${{ matrix.job.name }} | |
${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }} | |
labels: ${{ steps.meta.outputs.labels }} | |
# docker build and push of multiarch images | |
docker-manifest-classic: | |
name: Docker manifest | |
needs: docker | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Log in to Docker Hub | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Get git tag | |
id: vars | |
run: | | |
T=${GITHUB_REF#refs/*/} | |
M=${T%%.*} | |
echo "GIT_TAG=$T" >> $GITHUB_ENV | |
echo "MAJOR_TAG=$M" >> $GITHUB_ENV | |
# manifest for :1.2.3 tag | |
# this has to run only if invoked by a new tag | |
- name: Create and push manifest (:ve.rs.ion) | |
uses: Noelware/docker-manifest-action@master | |
if: github.event_name != 'workflow_dispatch' | |
with: | |
base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }} | |
extra-images: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-amd64,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.GIT_TAG }}-armv7 | |
push: true | |
# manifest for :1 tag (major release) | |
- name: Create and push manifest (:major) | |
uses: Noelware/docker-manifest-action@master | |
with: | |
base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }} | |
extra-images: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-amd64,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.MAJOR_TAG }}-armv7 | |
push: true | |
# manifest for :latest tag | |
- name: Create and push manifest (:latest) | |
uses: Noelware/docker-manifest-action@master | |
with: | |
base-image: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }} | |
extra-images: ${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-amd64,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-arm64v8,${{ secrets.DOCKER_IMAGE_CLASSIC }}:${{ env.LATEST_TAG }}-armv7 | |
push: true | |
deb-package: | |
name: debian package - ${{ matrix.job.name }} | |
needs: build | |
runs-on: ubuntu-22.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
job: | |
- { name: "amd64", debian_platform: "amd64", crossbuild_package: "" } | |
- { name: "arm64v8", debian_platform: "arm64", crossbuild_package: "crossbuild-essential-arm64" } | |
- { name: "armv7", debian_platform: "armhf", crossbuild_package: "crossbuild-essential-armhf" } | |
- { name: "i386", debian_platform: "i386", crossbuild_package: "crossbuild-essential-i386" } | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Create packaging env | |
run: | | |
sudo apt update | |
DEBIAN_FRONTEND=noninteractive sudo apt install -y devscripts build-essential debhelper pkg-config ${{ matrix.job.crossbuild_package }} | |
mkdir -p debian-build/${{ matrix.job.name }}/bin | |
- name: Download binaries | |
uses: actions/download-artifact@v3 | |
with: | |
name: binaries-linux-${{ matrix.job.name }} | |
path: debian-build/${{ matrix.job.name }}/bin | |
- name: Build package for ${{ matrix.job.name }} arch | |
run: | | |
chmod -v a+x debian-build/${{ matrix.job.name }}/bin/* | |
cp -vr debian systemd debian-build/${{ matrix.job.name }}/ | |
cat debian/control.tpl | sed 's/{{ ARCH }}/${{ matrix.job.debian_platform }}/' > debian-build/${{ matrix.job.name }}/debian/control | |
cd debian-build/${{ matrix.job.name }}/ | |
debuild -i -us -uc -b -a${{ matrix.job.debian_platform }} | |
- name: Create Release | |
uses: softprops/action-gh-release@v1 | |
with: | |
draft: true | |
files: | | |
debian-build/rustdesk-server-hbbr_*_${{ matrix.job.debian_platform }}.deb | |
debian-build/rustdesk-server-hbbs_*_${{ matrix.job.debian_platform }}.deb | |
debian-build/rustdesk-server-utils_*_${{ matrix.job.debian_platform }}.deb |