From 8f92109520165e3cde5db0f696b5c62abb141c2c Mon Sep 17 00:00:00 2001 From: sowle Date: Wed, 2 Jun 2021 00:19:06 +0300 Subject: [PATCH 1/9] increment build number script fix --- utils/increment_build_number.sh | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/utils/increment_build_number.sh b/utils/increment_build_number.sh index e9f78c08..c309f973 100644 --- a/utils/increment_build_number.sh +++ b/utils/increment_build_number.sh @@ -3,12 +3,11 @@ curr_path=${BASH_SOURCE%/*} version_file_path=../src/version.h.in pushd $curr_path + +# clear old local changes if any +git checkout -- src/* + git pull --ff-only -if [ $? -ne 0 ]; then - echo "Failed to pull" - popd - exit $? -fi build_no_before=`cat $version_file_path | grep 'PROJECT_VERSION_BUILD_NO ' | awk {'print $3'}` @@ -19,15 +18,11 @@ build_no_after=`cat $version_file_path | grep 'PROJECT_VERSION_BUILD_NO ' | awk echo "$build_no_before -> $build_no_after" echo $(pwd -P) + git status git commit -a -m"=== build number: $build_no_before -> $build_no_after ===" git push -if [ $? -ne 0 ]; then - echo "Failed to push" - popd - exit $? -fi echo "Build number was succesefully incremented." popd From ba2b2f4d9a00dac94aa985aa31b41a274b7f8cc1 Mon Sep 17 00:00:00 2001 From: sowle Date: Wed, 2 Jun 2021 00:46:10 +0300 Subject: [PATCH 2/9] increment build number script fix 2 --- utils/increment_build_number.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/increment_build_number.sh b/utils/increment_build_number.sh index c309f973..3666c956 100644 --- a/utils/increment_build_number.sh +++ b/utils/increment_build_number.sh @@ -5,7 +5,7 @@ version_file_path=../src/version.h.in pushd $curr_path # clear old local changes if any -git checkout -- src/* +git checkout -- ../src/* git pull --ff-only From 3748d9d6951c78b35907b02c3fa6e0dafcd221fd Mon Sep 17 00:00:00 2001 From: zano build machine Date: Wed, 2 Jun 2021 00:47:04 +0300 Subject: [PATCH 3/9] === build number: 121 -> 122 === --- src/version.h.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/version.h.in b/src/version.h.in index ba7e8f4c..2e088804 100644 --- a/src/version.h.in +++ b/src/version.h.in @@ -8,6 +8,6 @@ #define PROJECT_REVISION "0" #define PROJECT_VERSION PROJECT_MAJOR_VERSION "." PROJECT_MINOR_VERSION "." PROJECT_REVISION -#define PROJECT_VERSION_BUILD_NO 121 +#define PROJECT_VERSION_BUILD_NO 122 #define PROJECT_VERSION_BUILD_NO_STR STRINGIFY_EXPAND(PROJECT_VERSION_BUILD_NO) #define PROJECT_VERSION_LONG PROJECT_VERSION "." PROJECT_VERSION_BUILD_NO_STR "[" BUILD_COMMIT_ID "]" From 7704c8468e26a5546a7d2ca5ef6d99ff8cfc113a Mon Sep 17 00:00:00 2001 From: sowle Date: Mon, 14 Jun 2021 18:06:13 +0300 Subject: [PATCH 4/9] windows build: restore signing --- utils/build_script_windows.bat | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/utils/build_script_windows.bat b/utils/build_script_windows.bat index d1adaf8e..a224b843 100644 --- a/utils/build_script_windows.bat +++ b/utils/build_script_windows.bat @@ -170,11 +170,11 @@ set installer_path=%BUILDS_PATH%\builds\%installer_file% @echo " SIGNING ...." -:: %ZANO_SIGN_CMD% %installer_path% -:: IF %ERRORLEVEL% NEQ 0 ( -:: @echo "failed to sign installer" -:: goto error -:: ) +%ZANO_SIGN_CMD% %installer_path% +IF %ERRORLEVEL% NEQ 0 ( + @echo "failed to sign installer" + goto error +) @echo " UPLOADING TO SERVER ...." From 4d8d385d5d291c31ed9087f07204b433bf1372e0 Mon Sep 17 00:00:00 2001 From: sowle Date: Tue, 29 Jun 2021 18:16:11 +0300 Subject: [PATCH 5/9] build certification and notarization for macos --- src/CMakeLists.txt | 1 + utils/build_script_mac_osx.sh | 64 ++++++++++++++++++++++++++++++++-- utils/macos_entitlements.plist | 8 +++++ 3 files changed, 70 insertions(+), 3 deletions(-) create mode 100644 utils/macos_entitlements.plist diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 3f36b1d5..807d2a16 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -199,6 +199,7 @@ if(BUILD_GUI) if(APPLE) target_link_libraries(Zano ${COCOA_LIBRARY}) + set_property(TARGET Zano PROPERTY XCODE_ATTRIBUTE_ENABLE_HARDENED_RUNTIME YES) endif() if(MSVC) target_link_libraries(Zano shlwapi.lib) diff --git a/utils/build_script_mac_osx.sh b/utils/build_script_mac_osx.sh index b9b989db..832e9b90 100755 --- a/utils/build_script_mac_osx.sh +++ b/utils/build_script_mac_osx.sh @@ -1,4 +1,5 @@ -set -x #echo on +set -x # echo on +set +e # switch off exit on error curr_path=${BASH_SOURCE%/*} # check that all the required environment vars are set @@ -21,6 +22,8 @@ if [ "$testnet" == true ]; then ARCHIVE_NAME_PREFIX=${ARCHIVE_NAME_PREFIX}testnet- fi +# cd "$ZANO_BUILD_DIR/release/src" +# if false; then rm -rf $ZANO_BUILD_DIR; mkdir -p "$ZANO_BUILD_DIR/release"; cd "$ZANO_BUILD_DIR/release" @@ -101,12 +104,44 @@ if [ $? -ne 0 ]; then exit 1 fi -codesign -s "Zano" --deep -vv -f Zano.app +#fi + +codesign -s "Developer ID Application: Zano Limited" --timestamp --options runtime -f --entitlements ../../../utils/macos_entitlements.plist --deep ./Zano.app +#codesign -s "Zano" --deep -vv -f Zano.app if [ $? -ne 0 ]; then - echo "Failed to sign application" + echo "Failed to sign Zano.app" exit 1 fi + +rm -f Zano.zip + +# creating archive for notarizing +echo "Creating archive for notarizing" +/usr/bin/ditto -c -k --keepParent ./Zano.app ./Zano.zip + +#fi + +# notarization +echo "Notarizing..." +tmpfile="tmptmptmp" +xcrun altool --notarize-app --primary-bundle-id "org.zano.desktop" -u "andrey@zano.org" -p "@keychain:Developer-altool" --file ./Zano.zip > $tmpfile 2>&1 +NOTARIZE_RES=$? +NOTARIZE_OUTPUT=$( cat $tmpfile ) +rm $tmpfile +echo "NOTARIZE_OUTPUT=$NOTARIZE_OUTPUT" +if [ $NOTARIZE_RES -ne 0 ]; then + echo "Notarization failed" + exit 1 +fi + +GUID=$(echo "$NOTARIZE_OUTPUT" | egrep -Ewo '[[:xdigit:]]{8}(-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}') +if [ ${#GUID} -ne 36 ]; then + echo "Couldn't get correct GUID from the response, got only \"$GUID\"" + exit 1 +fi + + read version_str <<< $(DYLD_LIBRARY_PATH=$ZANO_BOOST_LIBS_PATH ./connectivity_tool --version | awk '/^Zano/ { print $2 }') version_str=${version_str} echo $version_str @@ -134,7 +169,30 @@ if [ $? -ne 0 ]; then exit 1 fi + +success=0 + +# check notarization status +for i in {1..10}; do + xcrun altool --notarization-info $GUID -u "andrey@zano.org" -p "@keychain:Developer-altool" > $tmpfile 2>&1 + NOTARIZE_OUTPUT=$( cat $tmpfile ) + rm $tmpfile + NOTARIZATION_LOG_URL=$(echo "$NOTARIZE_OUTPUT" | sed -n "s/.*LogFileURL\: \([[:graph:]]*\).*/\1/p") + if [ $(#NOTARIZATION_LOG_URL) -ge 30 ]; then + success=1 + curl -L $NOTARIZATION_LOG_URL + break + fi + sleep 60 +done + cd ../../.. + +if [ $success -ne 1 ]; then + echo "Build notarizaton failed" + exit 1 +fi + echo "Build success" echo "############### Uploading... ################" diff --git a/utils/macos_entitlements.plist b/utils/macos_entitlements.plist new file mode 100644 index 00000000..68015469 --- /dev/null +++ b/utils/macos_entitlements.plist @@ -0,0 +1,8 @@ + + + + + com.apple.security.cs.disable-executable-page-protection + + + From 755ed3249a2522ee32dca76f3557707778e1a56c Mon Sep 17 00:00:00 2001 From: sowle Date: Thu, 29 Jul 2021 00:00:51 +0300 Subject: [PATCH 6/9] predownload & checkpoint for mainnet @ 1161000 --- src/common/pre_download.h | 4 ++-- src/currency_core/checkpoints_create.h | 11 ++++++----- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/src/common/pre_download.h b/src/common/pre_download.h index 6ea723b0..cbefbe93 100644 --- a/src/common/pre_download.h +++ b/src/common/pre_download.h @@ -21,8 +21,8 @@ namespace tools }; #ifndef TESTNET - static constexpr pre_download_entry c_pre_download_mdbx = { "http://95.217.43.225/pre-download/zano_mdbx_95_1000000.pak", "6b0bbba85bc420eaae5ec68373e528f70bffaa17fb111c796e951d06ad71e4fe", 1104150892, 2147450880 }; - static constexpr pre_download_entry c_pre_download_lmdb = { "http://95.217.43.225/pre-download/zano_lmdb_95_1000000.pak", "b4d45c727dbf1b92671f9fd1a9624e79019e890bd3d33cb71e011ab4bcb0d21e", 1450748151, 2114449408 }; + static constexpr pre_download_entry c_pre_download_mdbx = { "http://95.217.42.247/pre-download/zano_mdbx_95_1161000.pak", "6869c606999262b1356191b4a52e5e9690f2b38b0ae4b201729bcaab39d61bed", 1323126902, 2415882240 }; + static constexpr pre_download_entry c_pre_download_lmdb = { "http://95.217.42.247/pre-download/zano_lmdb_95_1161000.pak", "ed103b80028d393a6f41e4e833d1fdebfbd52d27b31330ecb208a4a0ea3eb167", 1737711839, 2413572096 }; #else static constexpr pre_download_entry c_pre_download_mdbx = { "", "", 0, 0 }; static constexpr pre_download_entry c_pre_download_lmdb = { "", "", 0, 0 }; diff --git a/src/currency_core/checkpoints_create.h b/src/currency_core/checkpoints_create.h index ea87d78c..059d190e 100644 --- a/src/currency_core/checkpoints_create.h +++ b/src/currency_core/checkpoints_create.h @@ -17,13 +17,14 @@ namespace currency inline bool create_checkpoints(currency::checkpoints& checkpoints) { #ifdef TESTNET - //ADD_CHECKPOINT(50000, "492ef71f5d722a8a182d65eb0ff731b740e023a2d64881f43db9af7b39ba7988"); + #else // MAINNET - ADD_CHECKPOINT(425000, "46a6c36d5dec2d484d5e4845a8525ca322aafc06915ed9c8da2a241b51b7d1e8"); - ADD_CHECKPOINT(525000, "8c1ac57e67448130207a224b2d6e33ccdc64d6dd1c59dbcf9ad2361dc0d07d51"); - ADD_CHECKPOINT(600000, "d9fe316086e1aaea07d94082973ec764eff5fc5a05ed6e1eca273cee59daeeb4"); - ADD_CHECKPOINT(900000, "2205b73cd79d4937b087b02a8b001171b73c34464bc4a952834eaf7c2bd63e86"); + ADD_CHECKPOINT(425000, "46a6c36d5dec2d484d5e4845a8525ca322aafc06915ed9c8da2a241b51b7d1e8"); + ADD_CHECKPOINT(525000, "8c1ac57e67448130207a224b2d6e33ccdc64d6dd1c59dbcf9ad2361dc0d07d51"); + ADD_CHECKPOINT(600000, "d9fe316086e1aaea07d94082973ec764eff5fc5a05ed6e1eca273cee59daeeb4"); + ADD_CHECKPOINT(900000, "2205b73cd79d4937b087b02a8b001171b73c34464bc4a952834eaf7c2bd63e86"); + ADD_CHECKPOINT(1161000, "96990d851b484e30190678756ba2a4d3a2f92b987e2470728ac1e38b2bf35908"); #endif return true; From 44f41af5b88be099c1763665402776ac329923a0 Mon Sep 17 00:00:00 2001 From: sowle Date: Thu, 29 Jul 2021 00:02:06 +0300 Subject: [PATCH 7/9] === build number: 122 -> 123 === --- src/version.h.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/version.h.in b/src/version.h.in index 2e088804..65a5944d 100644 --- a/src/version.h.in +++ b/src/version.h.in @@ -8,6 +8,6 @@ #define PROJECT_REVISION "0" #define PROJECT_VERSION PROJECT_MAJOR_VERSION "." PROJECT_MINOR_VERSION "." PROJECT_REVISION -#define PROJECT_VERSION_BUILD_NO 122 +#define PROJECT_VERSION_BUILD_NO 123 #define PROJECT_VERSION_BUILD_NO_STR STRINGIFY_EXPAND(PROJECT_VERSION_BUILD_NO) #define PROJECT_VERSION_LONG PROJECT_VERSION "." PROJECT_VERSION_BUILD_NO_STR "[" BUILD_COMMIT_ID "]" From 52eb568cea67185415426ea8df6cffccdd934165 Mon Sep 17 00:00:00 2001 From: sowle Date: Thu, 29 Jul 2021 02:11:08 +0300 Subject: [PATCH 8/9] macos build script fixes merged from develop --- utils/build_script_mac_osx.sh | 121 ++++++++++++++++++---------------- utils/macosx_dmg_builder.sh | 1 + 2 files changed, 64 insertions(+), 58 deletions(-) diff --git a/utils/build_script_mac_osx.sh b/utils/build_script_mac_osx.sh index 832e9b90..bb70d5fc 100755 --- a/utils/build_script_mac_osx.sh +++ b/utils/build_script_mac_osx.sh @@ -22,8 +22,11 @@ if [ "$testnet" == true ]; then ARCHIVE_NAME_PREFIX=${ARCHIVE_NAME_PREFIX}testnet- fi -# cd "$ZANO_BUILD_DIR/release/src" -# if false; then +######### DEBUG ########## +#cd "$ZANO_BUILD_DIR/release/src" +#rm *.dmg +#if false; then +##### end of DEBUG ###### rm -rf $ZANO_BUILD_DIR; mkdir -p "$ZANO_BUILD_DIR/release"; cd "$ZANO_BUILD_DIR/release" @@ -104,44 +107,13 @@ if [ $? -ne 0 ]; then exit 1 fi -#fi - codesign -s "Developer ID Application: Zano Limited" --timestamp --options runtime -f --entitlements ../../../utils/macos_entitlements.plist --deep ./Zano.app -#codesign -s "Zano" --deep -vv -f Zano.app if [ $? -ne 0 ]; then echo "Failed to sign Zano.app" exit 1 fi -rm -f Zano.zip - -# creating archive for notarizing -echo "Creating archive for notarizing" -/usr/bin/ditto -c -k --keepParent ./Zano.app ./Zano.zip - -#fi - -# notarization -echo "Notarizing..." -tmpfile="tmptmptmp" -xcrun altool --notarize-app --primary-bundle-id "org.zano.desktop" -u "andrey@zano.org" -p "@keychain:Developer-altool" --file ./Zano.zip > $tmpfile 2>&1 -NOTARIZE_RES=$? -NOTARIZE_OUTPUT=$( cat $tmpfile ) -rm $tmpfile -echo "NOTARIZE_OUTPUT=$NOTARIZE_OUTPUT" -if [ $NOTARIZE_RES -ne 0 ]; then - echo "Notarization failed" - exit 1 -fi - -GUID=$(echo "$NOTARIZE_OUTPUT" | egrep -Ewo '[[:xdigit:]]{8}(-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}') -if [ ${#GUID} -ne 36 ]; then - echo "Couldn't get correct GUID from the response, got only \"$GUID\"" - exit 1 -fi - - read version_str <<< $(DYLD_LIBRARY_PATH=$ZANO_BOOST_LIBS_PATH ./connectivity_tool --version | awk '/^Zano/ { print $2 }') version_str=${version_str} echo $version_str @@ -160,6 +132,8 @@ if [ $? -ne 0 ]; then exit 1 fi +#fi + package_filename=${ARCHIVE_NAME_PREFIX}${version_str}.dmg source ../../../utils/macosx_dmg_builder.sh @@ -169,35 +143,11 @@ if [ $? -ne 0 ]; then exit 1 fi - -success=0 - -# check notarization status -for i in {1..10}; do - xcrun altool --notarization-info $GUID -u "andrey@zano.org" -p "@keychain:Developer-altool" > $tmpfile 2>&1 - NOTARIZE_OUTPUT=$( cat $tmpfile ) - rm $tmpfile - NOTARIZATION_LOG_URL=$(echo "$NOTARIZE_OUTPUT" | sed -n "s/.*LogFileURL\: \([[:graph:]]*\).*/\1/p") - if [ $(#NOTARIZATION_LOG_URL) -ge 30 ]; then - success=1 - curl -L $NOTARIZATION_LOG_URL - break - fi - sleep 60 -done - -cd ../../.. - -if [ $success -ne 1 ]; then - echo "Build notarizaton failed" - exit 1 -fi - echo "Build success" echo "############### Uploading... ################" -package_filepath=$ZANO_BUILD_DIR/release/src/$package_filename +package_filepath=$package_filename scp $package_filepath zano_build_server:/var/www/html/builds/ if [ $? -ne 0 ]; then @@ -215,3 +165,58 @@ sha256: $checksum" echo "$mail_msg" echo "$mail_msg" | mail -s "Zano macOS-x64 ${build_prefix_label}${testnet_label}build $version_str" ${emails} + + +###################### +# notarization +###################### + +cd package_folder + +echo "Notarizing..." + +# creating archive for notarizing +echo "Creating archive for notarizing" +rm -f Zano.zip +/usr/bin/ditto -c -k --keepParent ./Zano.app ./Zano.zip + +tmpfile="tmptmptmp" +xcrun altool --notarize-app --primary-bundle-id "org.zano.desktop" -u "andrey@zano.org" -p "@keychain:Developer-altool" --file ./Zano.zip > $tmpfile 2>&1 +NOTARIZE_RES=$? +NOTARIZE_OUTPUT=$( cat $tmpfile ) +rm $tmpfile +echo "NOTARIZE_OUTPUT=$NOTARIZE_OUTPUT" +if [ $NOTARIZE_RES -ne 0 ]; then + echo "Notarization failed" + exit 1 +fi + +GUID=$(echo "$NOTARIZE_OUTPUT" | egrep -Ewo '[[:xdigit:]]{8}(-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}') +if [ ${#GUID} -ne 36 ]; then + echo "Couldn't get correct GUID from the response, got only \"$GUID\"" + exit 1 +fi + + +success=0 + +# check notarization status +for i in {1..10}; do + xcrun altool --notarization-info $GUID -u "andrey@zano.org" -p "@keychain:Developer-altool" > $tmpfile 2>&1 + NOTARIZE_OUTPUT=$( cat $tmpfile ) + rm $tmpfile + NOTARIZATION_LOG_URL=$(echo "$NOTARIZE_OUTPUT" | sed -n "s/.*LogFileURL\: \([[:graph:]]*\).*/\1/p") + if [ ${#NOTARIZATION_LOG_URL} -ge 30 ]; then + success=1 + curl -L $NOTARIZATION_LOG_URL + break + fi + sleep 60 +done + +if [ $success -ne 1 ]; then + echo "Build notarization failed" + exit 1 +fi + +echo "Notarization done" diff --git a/utils/macosx_dmg_builder.sh b/utils/macosx_dmg_builder.sh index 7defc9cc..4fb211f8 100644 --- a/utils/macosx_dmg_builder.sh +++ b/utils/macosx_dmg_builder.sh @@ -19,6 +19,7 @@ function build_fancy_dmg() # $1 - path to package folder, $2 - dmg output filena --icon Zano.app 112 115 \ --hide-extension Zano.app \ --app-drop-link 365 115 \ + --no-internet-enable \ $2 \ $1 From 2687daa507480e4ab0582800128f56e95bc0308f Mon Sep 17 00:00:00 2001 From: sowle Date: Thu, 29 Jul 2021 06:01:43 +0300 Subject: [PATCH 9/9] predownload files updated --- src/common/pre_download.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/common/pre_download.h b/src/common/pre_download.h index cbefbe93..e119d505 100644 --- a/src/common/pre_download.h +++ b/src/common/pre_download.h @@ -21,8 +21,8 @@ namespace tools }; #ifndef TESTNET - static constexpr pre_download_entry c_pre_download_mdbx = { "http://95.217.42.247/pre-download/zano_mdbx_95_1161000.pak", "6869c606999262b1356191b4a52e5e9690f2b38b0ae4b201729bcaab39d61bed", 1323126902, 2415882240 }; - static constexpr pre_download_entry c_pre_download_lmdb = { "http://95.217.42.247/pre-download/zano_lmdb_95_1161000.pak", "ed103b80028d393a6f41e4e833d1fdebfbd52d27b31330ecb208a4a0ea3eb167", 1737711839, 2413572096 }; + static constexpr pre_download_entry c_pre_download_mdbx = { "http://95.217.42.247/pre-download/zano_mdbx_95_1161000.pak", "26660ffcdaf80a43a586e64a1a6da042dcb9ff3b58e14ce1ec9a775b995dc146", 1330022593, 2684313600 }; + static constexpr pre_download_entry c_pre_download_lmdb = { "http://95.217.42.247/pre-download/zano_lmdb_95_1161000.pak", "9dd03f08dea396fe32e6483a8221b292be35fa41c29748f119f11c3275956cdc", 1787475468, 2600247296 }; #else static constexpr pre_download_entry c_pre_download_mdbx = { "", "", 0, 0 }; static constexpr pre_download_entry c_pre_download_lmdb = { "", "", 0, 0 };