fix: SSH connection sometimes doesn't read until EOF (#375) #222
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: edge | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| NODE_ENV: production | |
| APP_CHANNEL: edge | |
| jobs: | |
| create-release: | |
| name: Ensure edge release exists | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Create or update edge release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| # Check if edge release already exists | |
| if gh release view edge >/dev/null 2>&1; then | |
| echo "Edge release already exists, updating body..." | |
| gh release edit edge --notes "**Rolling edge build** - updated with commit ${{ github.sha }} | |
| **β οΈ This is an unstable development build - use at your own risk** | |
| Latest commit: ${{ github.event.head_commit.message }} | |
| Built from: ${{ github.sha }}" | |
| gh release view edge --json assets | jq -r '.assets[].name' | \ | |
| while read name; do \ | |
| echo Deleting existing asset: "$name" | |
| gh release delete-asset edge "$name" -y | |
| done | |
| else | |
| echo "Creating new edge release..." | |
| gh release create edge \ | |
| --title "Edge Release (Rolling)" \ | |
| --notes "**Rolling edge build** - updated with commit ${{ github.sha }} | |
| **β οΈ This is an unstable development build - use at your own risk** | |
| Latest commit: ${{ github.event.head_commit.message }} | |
| Built from: ${{ github.sha }}" \ | |
| --prerelease \ | |
| --latest=false | |
| fi | |
| build-edge: | |
| name: Build edge release | |
| needs: create-release | |
| permissions: | |
| contents: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - platform: "depot-macos-latest" | |
| args: "--target aarch64-apple-darwin" | |
| - platform: "ubuntu-22.04" | |
| args: "" | |
| - platform: "depot-ubuntu-24.04-arm-4" | |
| args: "--target aarch64-unknown-linux-gnu" | |
| runs-on: ${{ matrix.platform }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: webfactory/ssh-agent@v0.9.0 | |
| with: | |
| ssh-private-key: ${{ secrets.TS_CLONE_DEPLOY_KEY }} | |
| - name: install dependencies (ubuntu only) | |
| if: matrix.platform == 'ubuntu-22.04' || matrix.platform == 'depot-ubuntu-24.04-arm-4' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-dev patchelf libasound2-dev | |
| - name: Run sccache-cache | |
| uses: mozilla-actions/sccache-action@v0.0.7 | |
| - name: Setup Bun | |
| uses: oven-sh/setup-bun@v2 | |
| with: | |
| bun-version: latest | |
| - name: setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - name: install Rust stable | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| targets: ${{ matrix.platform == 'depot-macos-latest' && 'aarch64-apple-darwin' || (matrix.platform == 'depot-ubuntu-24.04-arm-4' && 'aarch64-unknown-linux-gnu' || '') }} | |
| - name: install frontend dependencies | |
| run: bun install | |
| - name: update edge version | |
| id: update-edge-version | |
| run: | | |
| # Get the current version from Cargo.toml | |
| version=$(grep -m 1 '^version = ' Cargo.toml | sed 's/version = "\([^"]*\)".*/\1/') | |
| # Get the short commit SHA | |
| commit_sha=$(git rev-parse --short HEAD) | |
| # Create the new version string | |
| new_version="${version}-${commit_sha}" | |
| # Replace the version in both Cargo.toml files | |
| sed -i.bak "s/^version = \"${version}\"/version = \"${new_version}\"/" Cargo.toml | |
| sed -i.bak "s/^version = \"${version}\"/version = \"${new_version}\"/" backend/Cargo.toml | |
| echo "new_version=${new_version}" >> $GITHUB_OUTPUT | |
| - uses: tauri-apps/tauri-action@v0 | |
| id: tauri-action | |
| env: | |
| TAURI_BUNDLER_DMG_IGNORE_CI: false | |
| APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
| APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY}} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} | |
| TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }} | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| SENTRY_RELEASE: ${{ steps.update-edge-version.outputs.new_version }} | |
| NODE_OPTIONS: "--max-old-space-size=6144" | |
| RUSTC_WRAPPER: sccache | |
| IS_EDGE_BUILD: true | |
| with: | |
| args: ${{ matrix.args }} | |
| - name: Rename platform-specific files and upload to GitHub release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| # Get the artifact paths from tauri-action output | |
| echo "Artifact paths: ${{ steps.tauri-action.outputs.artifactPaths }}" | |
| # Remove brackets and read into array | |
| paths_str=$(echo "${{ steps.tauri-action.outputs.artifactPaths }}" | sed 's/^\[//;s/\]$//') | |
| IFS=',' read -ra paths <<< "$paths_str" | |
| # Determine platform suffix based on matrix args | |
| platform_suffix="" | |
| if [[ "${{ matrix.args }}" == *"aarch64-apple-darwin"* ]]; then | |
| platform_suffix="-aarch64" | |
| fi | |
| # Rename files and upload to GitHub release | |
| for file in "${paths[@]}"; do | |
| echo "Checking file: $file" | |
| if [[ "$file" == *.deb ]] || [[ "$file" == *.rpm ]]; then | |
| # Extract directory and filename | |
| dir=$(dirname "$file") | |
| filename=$(basename "$file") | |
| echo "Processing file: $filename" | |
| new_filename=$(echo "$filename" | sed 's/Atuin Desktop/Atuin_Desktop/g') | |
| echo "New filename: $new_filename" | |
| if [[ "$filename" != "$new_filename" ]]; then | |
| new_path="$dir/$new_filename" | |
| echo "Renaming: $file -> $new_path" | |
| mv "$file" "$new_path" | |
| gh release upload "edge" "$new_path" --clobber | |
| else | |
| echo "No rename needed for: $filename" | |
| gh release upload "edge" "$file" --clobber | |
| fi | |
| elif [[ "$file" == *.app.tar.gz ]] || [[ "$file" == *.app.tar.gz.sig ]]; then | |
| # Rename macOS files to include platform suffix | |
| if [[ -n "$platform_suffix" ]]; then | |
| dir=$(dirname "$file") | |
| filename=$(basename "$file") | |
| echo "Processing macOS file: $filename" | |
| if [[ "$file" == *.app.tar.gz.sig ]]; then | |
| new_filename=$(echo "$filename" | sed "s/\.app\.tar\.gz\.sig$/${platform_suffix}.app.tar.gz.sig/") | |
| elif [[ "$file" == *.app.tar.gz ]]; then | |
| new_filename=$(echo "$filename" | sed "s/\.app\.tar\.gz$/${platform_suffix}.app.tar.gz/") | |
| fi | |
| new_path="$dir/$new_filename" | |
| echo "Renaming: $file -> $new_path" | |
| mv "$file" "$new_path" | |
| gh release upload "edge" "$new_path" --clobber | |
| else | |
| gh release upload "edge" "$file" --clobber | |
| fi | |
| elif [[ "$file" == *.app ]]; then | |
| # skip this file | |
| echo "Skipping raw .app bundle: $file" | |
| elif [[ "$file" == *.AppImage ]]; then | |
| # skip AppImage files | |
| echo "Skipping AppImage: $file" | |
| else | |
| gh release upload "edge" "$file" --clobber | |
| fi | |
| done | |
| build-edge-cef: | |
| name: Build edge release (CEF) | |
| needs: create-release | |
| permissions: | |
| contents: write | |
| runs-on: depot-macos-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: webfactory/ssh-agent@v0.9.0 | |
| with: | |
| ssh-private-key: ${{ secrets.TS_CLONE_DEPLOY_KEY }} | |
| - name: Run sccache-cache | |
| uses: mozilla-actions/sccache-action@v0.0.7 | |
| - name: Setup Bun | |
| uses: oven-sh/setup-bun@v2 | |
| with: | |
| bun-version: latest | |
| - name: setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - name: install Rust stable | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| targets: aarch64-apple-darwin | |
| - name: Install CEF tauri-cli | |
| run: cargo install --git https://github.com/tauri-apps/tauri --branch feat/cef tauri-cli | |
| - name: install frontend dependencies | |
| run: bun install | |
| - name: update edge version | |
| id: update-edge-version | |
| run: | | |
| # Get the current version from Cargo.toml | |
| version=$(grep -m 1 '^version = ' Cargo.toml | sed 's/version = "\([^"]*\)".*/\1/') | |
| # Get the short commit SHA | |
| commit_sha=$(git rev-parse --short HEAD) | |
| # Create the new version string | |
| new_version="${version}-${commit_sha}" | |
| # Replace the version in both Cargo.toml files | |
| sed -i.bak "s/^version = \"${version}\"/version = \"${new_version}\"/" Cargo.toml | |
| sed -i.bak "s/^version = \"${version}\"/version = \"${new_version}\"/" backend/Cargo.toml | |
| echo "new_version=${new_version}" >> $GITHUB_OUTPUT | |
| - name: Build with CEF | |
| env: | |
| TAURI_BUNDLER_DMG_IGNORE_CI: false | |
| APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
| APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} | |
| TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }} | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| SENTRY_RELEASE: ${{ steps.update-edge-version.outputs.new_version }} | |
| NODE_OPTIONS: "--max-old-space-size=6144" | |
| RUSTC_WRAPPER: sccache | |
| IS_EDGE_BUILD: true | |
| run: node script/tauri cef build --target aarch64-apple-darwin | |
| - name: Find and upload CEF artifacts | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| # Find built artifacts in target directory | |
| artifact_dir="target/aarch64-apple-darwin/release/bundle" | |
| echo "Looking for artifacts in: $artifact_dir" | |
| # Find .app.tar.gz and .app.tar.gz.sig files | |
| for file in "$artifact_dir/macos"/*.app.tar.gz "$artifact_dir/macos"/*.app.tar.gz.sig; do | |
| if [[ -f "$file" ]]; then | |
| filename=$(basename "$file") | |
| # Add -cef suffix before the extension | |
| if [[ "$file" == *.app.tar.gz.sig ]]; then | |
| new_filename=$(echo "$filename" | sed 's/\.app\.tar\.gz\.sig$/-cef-aarch64.app.tar.gz.sig/') | |
| elif [[ "$file" == *.app.tar.gz ]]; then | |
| new_filename=$(echo "$filename" | sed 's/\.app\.tar\.gz$/-cef-aarch64.app.tar.gz/') | |
| fi | |
| echo "Uploading: $filename as $new_filename" | |
| mv "$file" "$(dirname "$file")/$new_filename" | |
| gh release upload "edge" "$(dirname "$file")/$new_filename" --clobber --repo "${{ github.repository }}" | |
| fi | |
| done | |
| # Also upload DMG if it exists | |
| for file in "$artifact_dir/dmg"/*.dmg; do | |
| if [[ -f "$file" ]]; then | |
| filename=$(basename "$file") | |
| # DMG already has _aarch64 in name, just add -cef suffix | |
| new_filename=$(echo "$filename" | sed 's/\.dmg$/-cef.dmg/') | |
| echo "Uploading DMG: $filename as $new_filename" | |
| mv "$file" "$(dirname "$file")/$new_filename" | |
| gh release upload "edge" "$(dirname "$file")/$new_filename" --clobber --repo "${{ github.repository }}" | |
| fi | |
| done |