From b0d03f0fa561b147ecd73639e5e01762753a32c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adam=20Ciarcin=CC=81ski?= Date: Tue, 18 Nov 2025 10:47:47 +0100 Subject: [PATCH 1/3] Add depends to FreeBSD package --- .github/workflows/release.yml | 21 ++++++++++----------- Cargo.lock | 8 ++++---- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c03b43890d..01cd91764c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -107,7 +107,7 @@ jobs: - name: Install Rust stable uses: actions-rs/toolchain@v1 with: - toolchain: 1.89.0 + toolchain: stable target: ${{ matrix.target }} override: true @@ -173,12 +173,12 @@ jobs: fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type deb --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}-${{ matrix.target }}.deb" - name: Run `packer init` - if: matrix.build == 'linux' && matrix.arch == 'amd64' + if: matrix.build == 'linux' id: init run: "packer init ./images/ami/core.pkr.hcl" - name: Build AMI images for multiple regions - if: matrix.build == 'linux' && matrix.arch == 'amd64' + if: matrix.build == 'linux' run: | regions=(us-east-1 eu-west-1 ap-northeast-1 eu-central-1) for region in "${regions[@]}"; do @@ -216,6 +216,7 @@ jobs: COMPONENT=$([[ "${{ github.ref_name }}" == *"-"* ]] && echo "pre-release" || echo "release") # if tag contain "-" assume it's pre-release. deb-s3 upload -l --bucket=apt.defguard.net --access-key-id=${{ secrets.AWS_ACCESS_KEY_APT }} --secret-access-key=${{ secrets.AWS_SECRET_KEY_APT }} --s3-region=eu-north-1 --no-fail-if-exists --codename=trixie --component="$COMPONENT" defguard-${{ env.VERSION }}-${{ matrix.target }}.deb + - name: Build RPM package if: matrix.build == 'linux' uses: defGuard/fpm-action@main @@ -239,7 +240,7 @@ jobs: uses: defGuard/fpm-action@main with: fpm_args: "defguard-${{ github.ref_name }}-${{ matrix.target }}=/usr/local/bin/defguard defguard.service.freebsd=/usr/local/etc/rc.d/defguard" - fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type freebsd --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}_${{ matrix.target }}.pkg --freebsd-osversion '*'" + fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type freebsd --depends openssl --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}_${{ matrix.target }}.pkg --freebsd-osversion '*'" - name: Upload FreeBSD if: matrix.build == 'freebsd' @@ -253,16 +254,14 @@ jobs: asset_content_type: application/octet-stream apt-sign: - needs: + needs: - build-binaries runs-on: - self-hosted - Linux - X64 - strategy: - fail-fast: false steps: - - name: Sign APT repository on trixie + - name: Sign APT repository run: | export AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_APT }} export AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_KEY_APT }} @@ -272,15 +271,15 @@ jobs: for DIST in trixie; do aws s3 cp s3://apt.defguard.net/dists/${DIST}/Release . - + curl -X POST "${{ secrets.DEFGUARD_SIGNING_URL }}?signature_type=both" \ -H "Authorization: Bearer ${{ secrets.DEFGUARD_SIGNING_API_KEY }}" \ -F "file=@Release" \ -o response.json - + cat response.json | jq -r '.files["Release.gpg"].content' | base64 --decode > Release.gpg cat response.json | jq -r '.files.Release.content' | base64 --decode > InRelease - + aws s3 cp Release.gpg s3://apt.defguard.net/dists/${DIST}/ --acl public-read aws s3 cp InRelease s3://apt.defguard.net/dists/${DIST}/ --acl public-read diff --git a/Cargo.lock b/Cargo.lock index ecb8387668..a0722d94d6 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -669,9 +669,9 @@ checksum = "bba18ee93d577a8428902687bcc2b6b45a56b1981a1f6d779731c86cc4c5db18" [[package]] name = "clap" -version = "4.5.51" +version = "4.5.52" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c26d721170e0295f191a69bd9a1f93efcdb0aff38684b61ab5750468972e5f5" +checksum = "aa8120877db0e5c011242f96806ce3c94e0737ab8108532a76a3300a01db2ab8" dependencies = [ "clap_builder", "clap_derive", @@ -679,9 +679,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.51" +version = "4.5.52" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75835f0c7bf681bfd05abe44e965760fea999a5286c6eb2d59883634fd02011a" +checksum = "02576b399397b659c26064fbc92a75fede9d18ffd5f80ca1cd74ddab167016e1" dependencies = [ "anstream", "anstyle", From e2557457a24acb9e39ae3e903ef9addf7a82af32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adam=20Ciarcin=CC=81ski?= Date: Tue, 18 Nov 2025 12:17:50 +0100 Subject: [PATCH 2/3] Fixy fixy --- .fpm | 1 + .github/workflows/release.yml | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.fpm b/.fpm index 546ce641cf..5257fc5da6 100644 --- a/.fpm +++ b/.fpm @@ -3,3 +3,4 @@ --description "defguard core service" --url "https://defguard.net/" --maintainer "teonite" +--depends openssl diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 01cd91764c..b858dec298 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -107,7 +107,7 @@ jobs: - name: Install Rust stable uses: actions-rs/toolchain@v1 with: - toolchain: stable + toolchain: 1.89.0 # "stable" causes rust-lld: error on aarch64-linux target: ${{ matrix.target }} override: true @@ -240,7 +240,7 @@ jobs: uses: defGuard/fpm-action@main with: fpm_args: "defguard-${{ github.ref_name }}-${{ matrix.target }}=/usr/local/bin/defguard defguard.service.freebsd=/usr/local/etc/rc.d/defguard" - fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type freebsd --depends openssl --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}_${{ matrix.target }}.pkg --freebsd-osversion '*'" + fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type freebsd --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}_${{ matrix.target }}.pkg --freebsd-osversion '*'" - name: Upload FreeBSD if: matrix.build == 'freebsd' From a8d7a43f353b858c9cdda04cd3f1b6540bb90bfc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adam=20Ciarcin=CC=81ski?= Date: Tue, 18 Nov 2025 13:16:36 +0100 Subject: [PATCH 3/3] Final cleanup --- .fpm | 5 ++--- .github/workflows/release.yml | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.fpm b/.fpm index 5257fc5da6..062ba199b1 100644 --- a/.fpm +++ b/.fpm @@ -1,6 +1,5 @@ -s dir --name defguard ---description "defguard core service" +--description "Defguard Core service" --url "https://defguard.net/" ---maintainer "teonite" ---depends openssl +--maintainer "Defguard" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b858dec298..9e352b507a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -240,7 +240,7 @@ jobs: uses: defGuard/fpm-action@main with: fpm_args: "defguard-${{ github.ref_name }}-${{ matrix.target }}=/usr/local/bin/defguard defguard.service.freebsd=/usr/local/etc/rc.d/defguard" - fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type freebsd --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}_${{ matrix.target }}.pkg --freebsd-osversion '*'" + fpm_opts: "--architecture ${{ matrix.arch }} --debug --output-type freebsd --version ${{ env.VERSION }} --package defguard-${{ env.VERSION }}_${{ matrix.target }}.pkg --freebsd-osversion '*' --depends openssl" - name: Upload FreeBSD if: matrix.build == 'freebsd'