cloudflared-mirror/.teamcity/mac/build.sh

#!/bin/bash

set -exo pipefail

if [[ "$(uname)" != "Darwin" ]] ; then
    echo "This should be run on macOS"
    exit 1
fi

if [[ "amd64" != "${TARGET_ARCH}" && "arm64" != "${TARGET_ARCH}" ]]
then
  echo "TARGET_ARCH must be amd64 or arm64"
  exit 1
fi

go version
export GO111MODULE=on

# build 'cloudflared-darwin-amd64.tgz'
mkdir -p artifacts
TARGET_DIRECTORY=".build"
BINARY_NAME="cloudflared"
VERSION=$(git describe --tags --always --dirty="-dev")
PRODUCT="cloudflared"
APPLE_CA_CERT="apple_dev_ca.cert"
CODE_SIGN_PRIV="code_sign.p12"
CODE_SIGN_CERT="code_sign.cer"
INSTALLER_PRIV="installer.p12"
INSTALLER_CERT="installer.cer"
BUNDLE_ID="com.cloudflare.cloudflared"
SEC_DUP_MSG="security: SecKeychainItemImport: The specified item already exists in the keychain."
export PATH="$PATH:/usr/local/bin"
FILENAME="$(pwd)/artifacts/cloudflared-darwin-$TARGET_ARCH.tgz"
PKGNAME="$(pwd)/artifacts/cloudflared-$TARGET_ARCH.pkg"
mkdir -p ../src/github.com/cloudflare/    
cp -r . ../src/github.com/cloudflare/cloudflared
cd ../src/github.com/cloudflare/cloudflared 

# Imports certificates to the Apple KeyChain
import_certificate() {
    local CERTIFICATE_NAME=$1
    local CERTIFICATE_ENV_VAR=$2
    local CERTIFICATE_FILE_NAME=$3

    echo "Importing $CERTIFICATE_NAME"

    if [[ ! -z "$CERTIFICATE_ENV_VAR" ]]; then
      # write certificate to disk and then import it keychain
      echo -n -e ${CERTIFICATE_ENV_VAR} | base64 -D > ${CERTIFICATE_FILE_NAME}
      # we set || true  here and for every `security import invoke` because the  "duplicate SecKeychainItemImport" error
      # will cause set -e to exit 1. It is okay we do this because we deliberately handle this error in the lines below.
      local out=$(security import ${CERTIFICATE_FILE_NAME} -A 2>&1) || true
      local exitcode=$?
      # delete the certificate from disk
      rm -rf ${CERTIFICATE_FILE_NAME}
      if [ -n "$out" ]; then
        if [ $exitcode -eq 0 ]; then
            echo "$out"
        else
            if [ "$out" != "${SEC_DUP_MSG}" ]; then
                echo "$out" >&2
                exit $exitcode
            else
                echo "already imported code signing certificate"
            fi
        fi
      fi
    fi
}

# Imports private keys to the Apple KeyChain
import_private_keys() {
    local PRIVATE_KEY_NAME=$1
    local PRIVATE_KEY_ENV_VAR=$2
    local PRIVATE_KEY_FILE_NAME=$3
    local PRIVATE_KEY_PASS=$4

    echo "Importing $PRIVATE_KEY_NAME"

    if [[ ! -z "$PRIVATE_KEY_ENV_VAR" ]]; then
      if [[ ! -z "$PRIVATE_KEY_PASS" ]]; then
        # write private key to disk and then import it keychain
        echo -n -e ${PRIVATE_KEY_ENV_VAR} | base64 -D > ${PRIVATE_KEY_FILE_NAME}
        # we set || true  here and for every `security import invoke` because the  "duplicate SecKeychainItemImport" error
        # will cause set -e to exit 1. It is okay we do this because we deliberately handle this error in the lines below.
        local out=$(security import ${PRIVATE_KEY_FILE_NAME} -A -P "${PRIVATE_KEY_PASS}" 2>&1) || true
        local exitcode=$?
        rm -rf ${PRIVATE_KEY_FILE_NAME}
        if [ -n "$out" ]; then
          if [ $exitcode -eq 0 ]; then
              echo "$out"
          else
              if [ "$out" != "${SEC_DUP_MSG}" ]; then
                  echo "$out" >&2
                  exit $exitcode
              fi
          fi
        fi
      fi
    fi
}

# Add Apple Root Developer certificate to the key chain
import_certificate "Apple Developer CA" "${APPLE_DEV_CA_CERT}" "${APPLE_CA_CERT}"

# Add code signing private key to the key chain
import_private_keys "Developer ID Application" "${CFD_CODE_SIGN_KEY}" "${CODE_SIGN_PRIV}" "${CFD_CODE_SIGN_PASS}"

# Add code signing certificate to the key chain
import_certificate "Developer ID Application" "${CFD_CODE_SIGN_CERT}" "${CODE_SIGN_CERT}"

# Add package signing private key to the key chain
import_private_keys "Developer ID Installer" "${CFD_INSTALLER_KEY}" "${INSTALLER_PRIV}" "${CFD_INSTALLER_PASS}"

# Add package signing certificate to the key chain
import_certificate "Developer ID Installer" "${CFD_INSTALLER_CERT}" "${INSTALLER_CERT}"

# get the code signing certificate name
if [[ ! -z "$CFD_CODE_SIGN_NAME" ]]; then
  CODE_SIGN_NAME="${CFD_CODE_SIGN_NAME}"
else
  if [[ -n "$(security find-certificate -c "Developer ID Application" | cut -d'"' -f 4 -s | grep "Developer ID Application:" | head -1)" ]]; then
    CODE_SIGN_NAME=$(security find-certificate -c "Developer ID Application" | cut -d'"' -f 4 -s | grep "Developer ID Application:" | head -1)
  else
    CODE_SIGN_NAME=""
  fi
fi

# get the package signing certificate name
if [[ ! -z "$CFD_INSTALLER_NAME" ]]; then
  PKG_SIGN_NAME="${CFD_INSTALLER_NAME}"
else
  if [[ -n "$(security find-certificate -c "Developer ID Installer" | cut -d'"' -f 4 -s | grep "Developer ID Installer:" | head -1)" ]]; then
    PKG_SIGN_NAME=$(security find-certificate -c "Developer ID Installer" | cut -d'"' -f 4 -s | grep "Developer ID Installer:" | head -1)
  else
    PKG_SIGN_NAME=""
  fi
fi

# cleanup the build directory because the previous execution might have failed without cleaning up.
rm -rf "${TARGET_DIRECTORY}"
export TARGET_OS="darwin"
GOCACHE="$PWD/../../../../" GOPATH="$PWD/../../../../" CGO_ENABLED=1 make cloudflared

# sign the cloudflared binary
if [[ ! -z "$CODE_SIGN_NAME" ]]; then
  codesign -s "${CODE_SIGN_NAME}" -f -v --timestamp --options runtime ${BINARY_NAME}

 # notarize the binary
 # TODO: TUN-5789
fi

ARCH_TARGET_DIRECTORY="${TARGET_DIRECTORY}/${TARGET_ARCH}-build"
# creating build directory
rm -rf $ARCH_TARGET_DIRECTORY
mkdir -p "${ARCH_TARGET_DIRECTORY}"
mkdir -p "${ARCH_TARGET_DIRECTORY}/contents"
cp -r ".mac_resources/scripts" "${ARCH_TARGET_DIRECTORY}/scripts"

# copy cloudflared into the build directory
cp ${BINARY_NAME} "${ARCH_TARGET_DIRECTORY}/contents/${PRODUCT}"

# compress cloudflared into a tar and gzipped file
tar czf "$FILENAME" "${BINARY_NAME}"

# build the installer package
if [[ ! -z "$PKG_SIGN_NAME" ]]; then
  pkgbuild --identifier com.cloudflare.${PRODUCT} \
      --version ${VERSION} \
      --scripts ${ARCH_TARGET_DIRECTORY}/scripts \
      --root ${ARCH_TARGET_DIRECTORY}/contents \
      --install-location /usr/local/bin \
      --sign "${PKG_SIGN_NAME}" \
      ${PKGNAME}

      # notarize the package
      # TODO: TUN-5789
else
    pkgbuild --identifier com.cloudflare.${PRODUCT} \
      --version ${VERSION} \
      --scripts ${ARCH_TARGET_DIRECTORY}/scripts \
      --root ${ARCH_TARGET_DIRECTORY}/contents \
      --install-location /usr/local/bin \
      ${PKGNAME}
fi

# cleanup build directory because this script is not ran within containers,
# which might lead to future issues in subsequent runs.
rm -rf "${TARGET_DIRECTORY}"
DEVTOOLS-7321: Add scripts for macOS builds and homebrew uploads 2020-03-30 19:36:32 +00:00			`#!/bin/bash`

TUN-6984: [CI] Don't fail on unset. Dont fail on bash unset (set -u) because we initialise to machine defaults if the variables are unset within this script. 2022-12-05 17:50:49 +00:00			`set -exo pipefail`
TUN-6984: Set euo pipefile for homebrew builds 2022-11-30 15:05:21 +00:00
DEVTOOLS-7321: Add scripts for macOS builds and homebrew uploads 2020-03-30 19:36:32 +00:00			`if [[ "$(uname)" != "Darwin" ]] ; then`
			`echo "This should be run on macOS"`
			`exit 1`
			`fi`

TUN-8546: rework MacOS build script The rework consists in building and packaging the cloudflared binary based on the OS & ARCH of the system. read TARGET_ARCH from export and exit if TARGET_ARCH is not set 2024-07-17 14:39:51 +00:00			`if [[ "amd64" != "${TARGET_ARCH}" && "arm64" != "${TARGET_ARCH}" ]]`
			`then`
			`echo "TARGET_ARCH must be amd64 or arm64"`
			`exit 1`
			`fi`

DEVTOOLS-7321: Add scripts for macOS builds and homebrew uploads 2020-03-30 19:36:32 +00:00			`go version`
			`export GO111MODULE=on`

			`# build 'cloudflared-darwin-amd64.tgz'`
			`mkdir -p artifacts`
AUTH-2712 added MSI build for a windows agent 2020-07-07 15:44:07 +00:00			`TARGET_DIRECTORY=".build"`
			`BINARY_NAME="cloudflared"`
			`VERSION=$(git describe --tags --always --dirty="-dev")`
			`PRODUCT="cloudflared"`
TUN-8900: Add import of Apple Developer Certificate Authority to macOS Pipeline ## Summary During the renewal of the certificates used to sign the macOS binaries and package, we faced an issue with the new certificates requiring a specific certification authority that wasn't available in the keychain of the mac agents. Therefore, this commit adds an import step that will ensure that the Certificate Authority, usually fetched from https://www.apple.com/certificateauthority/ is imported into the keychain to validate the Developer Certificates. Closes TUN-8900 2025-01-17 15:10:16 +00:00			`APPLE_CA_CERT="apple_dev_ca.cert"`
AUTH-2653 changed to proper file extension 2020-09-04 20:11:13 +00:00			`CODE_SIGN_PRIV="code_sign.p12"`
AUTH-2712 added MSI build for a windows agent 2020-07-07 15:44:07 +00:00			`CODE_SIGN_CERT="code_sign.cer"`
AUTH-2653 changed to proper file extension 2020-09-04 20:11:13 +00:00			`INSTALLER_PRIV="installer.p12"`
AUTH-2712 added MSI build for a windows agent 2020-07-07 15:44:07 +00:00			`INSTALLER_CERT="installer.cer"`
AUTH-2653 add notarization to mac build 2020-09-09 19:19:45 +00:00			`BUNDLE_ID="com.cloudflare.cloudflared"`
AUTH-2653 handle duplicate key import errors 2020-09-04 21:36:35 +00:00			`SEC_DUP_MSG="security: SecKeychainItemImport: The specified item already exists in the keychain."`
DEVTOOLS-7321: Add scripts for macOS builds and homebrew uploads 2020-03-30 19:36:32 +00:00			`export PATH="$PATH:/usr/local/bin"`
TUN-8546: Fix final artifacts paths - The build artifacts must be placed in the checkout directory so that they can be picked up from cfsetup 2024-07-31 14:51:02 +00:00			`FILENAME="$(pwd)/artifacts/cloudflared-darwin-$TARGET_ARCH.tgz"`
			`PKGNAME="$(pwd)/artifacts/cloudflared-$TARGET_ARCH.pkg"`
DEVTOOLS-7321: Add scripts for macOS builds and homebrew uploads 2020-03-30 19:36:32 +00:00			`mkdir -p ../src/github.com/cloudflare/`
Undo change 2025-01-20 22:15:36 +00:00			`cp -r . ../src/github.com/cloudflare/cloudflared`
			`cd ../src/github.com/cloudflare/cloudflared`
AUTH-2712 added MSI build for a windows agent 2020-07-07 15:44:07 +00:00
TUN-8900: Add import of Apple Developer Certificate Authority to macOS Pipeline ## Summary During the renewal of the certificates used to sign the macOS binaries and package, we faced an issue with the new certificates requiring a specific certification authority that wasn't available in the keychain of the mac agents. Therefore, this commit adds an import step that will ensure that the Certificate Authority, usually fetched from https://www.apple.com/certificateauthority/ is imported into the keychain to validate the Developer Certificates. Closes TUN-8900 2025-01-17 15:10:16 +00:00			`# Imports certificates to the Apple KeyChain`
			`import_certificate() {`
			`local CERTIFICATE_NAME=$1`
			`local CERTIFICATE_ENV_VAR=$2`
			`local CERTIFICATE_FILE_NAME=$3`
AUTH-2653 renabled signing 2020-09-04 16:29:17 +00:00
TUN-8900: Add import of Apple Developer Certificate Authority to macOS Pipeline ## Summary During the renewal of the certificates used to sign the macOS binaries and package, we faced an issue with the new certificates requiring a specific certification authority that wasn't available in the keychain of the mac agents. Therefore, this commit adds an import step that will ensure that the Certificate Authority, usually fetched from https://www.apple.com/certificateauthority/ is imported into the keychain to validate the Developer Certificates. Closes TUN-8900 2025-01-17 15:10:16 +00:00			`echo "Importing $CERTIFICATE_NAME"`

			`if [[ ! -z "$CERTIFICATE_ENV_VAR" ]]; then`
			`# write certificate to disk and then import it keychain`
			`echo -n -e ${CERTIFICATE_ENV_VAR} \| base64 -D > ${CERTIFICATE_FILE_NAME}`
			# we set \|\| true here and for every `security import invoke` because the "duplicate SecKeychainItemImport" error
			`# will cause set -e to exit 1. It is okay we do this because we deliberately handle this error in the lines below.`
			`local out=$(security import ${CERTIFICATE_FILE_NAME} -A 2>&1) \|\| true`
			`local exitcode=$?`
			`# delete the certificate from disk`
			`rm -rf ${CERTIFICATE_FILE_NAME}`
			`if [ -n "$out" ]; then`
			`if [ $exitcode -eq 0 ]; then`
			`echo "$out"`
			`else`
			`if [ "$out" != "${SEC_DUP_MSG}" ]; then`
			`echo "$out" >&2`
			`exit $exitcode`
			`else`
			`echo "already imported code signing certificate"`
			`fi`
AUTH-2653 handle duplicate key import errors 2020-09-04 21:36:35 +00:00			`fi`
TUN-8900: Add import of Apple Developer Certificate Authority to macOS Pipeline ## Summary During the renewal of the certificates used to sign the macOS binaries and package, we faced an issue with the new certificates requiring a specific certification authority that wasn't available in the keychain of the mac agents. Therefore, this commit adds an import step that will ensure that the Certificate Authority, usually fetched from https://www.apple.com/certificateauthority/ is imported into the keychain to validate the Developer Certificates. Closes TUN-8900 2025-01-17 15:10:16 +00:00			`fi`
AUTH-2653 handle duplicate key import errors 2020-09-04 21:36:35 +00:00			`fi`
TUN-8900: Add import of Apple Developer Certificate Authority to macOS Pipeline ## Summary During the renewal of the certificates used to sign the macOS binaries and package, we faced an issue with the new certificates requiring a specific certification authority that wasn't available in the keychain of the mac agents. Therefore, this commit adds an import step that will ensure that the Certificate Authority, usually fetched from https://www.apple.com/certificateauthority/ is imported into the keychain to validate the Developer Certificates. Closes TUN-8900 2025-01-17 15:10:16 +00:00			`}`
AUTH-2653 renabled signing 2020-09-04 16:29:17 +00:00
TUN-8900: Add import of Apple Developer Certificate Authority to macOS Pipeline ## Summary During the renewal of the certificates used to sign the macOS binaries and package, we faced an issue with the new certificates requiring a specific certification authority that wasn't available in the keychain of the mac agents. Therefore, this commit adds an import step that will ensure that the Certificate Authority, usually fetched from https://www.apple.com/certificateauthority/ is imported into the keychain to validate the Developer Certificates. Closes TUN-8900 2025-01-17 15:10:16 +00:00			`# Imports private keys to the Apple KeyChain`
			`import_private_keys() {`
			`local PRIVATE_KEY_NAME=$1`
			`local PRIVATE_KEY_ENV_VAR=$2`
			`local PRIVATE_KEY_FILE_NAME=$3`
			`local PRIVATE_KEY_PASS=$4`

			`echo "Importing $PRIVATE_KEY_NAME"`

			`if [[ ! -z "$PRIVATE_KEY_ENV_VAR" ]]; then`
			`if [[ ! -z "$PRIVATE_KEY_PASS" ]]; then`
			`# write private key to disk and then import it keychain`
			`echo -n -e ${PRIVATE_KEY_ENV_VAR} \| base64 -D > ${PRIVATE_KEY_FILE_NAME}`
			# we set \|\| true here and for every `security import invoke` because the "duplicate SecKeychainItemImport" error
			`# will cause set -e to exit 1. It is okay we do this because we deliberately handle this error in the lines below.`
			`local out=$(security import ${PRIVATE_KEY_FILE_NAME} -A -P "${PRIVATE_KEY_PASS}" 2>&1) \|\| true`
			`local exitcode=$?`
			`rm -rf ${PRIVATE_KEY_FILE_NAME}`
			`if [ -n "$out" ]; then`
			`if [ $exitcode -eq 0 ]; then`
			`echo "$out"`
			`else`
			`if [ "$out" != "${SEC_DUP_MSG}" ]; then`
			`echo "$out" >&2`
			`exit $exitcode`
			`fi`
AUTH-2653 handle duplicate key import errors 2020-09-04 21:36:35 +00:00			`fi`
TUN-8900: Add import of Apple Developer Certificate Authority to macOS Pipeline ## Summary During the renewal of the certificates used to sign the macOS binaries and package, we faced an issue with the new certificates requiring a specific certification authority that wasn't available in the keychain of the mac agents. Therefore, this commit adds an import step that will ensure that the Certificate Authority, usually fetched from https://www.apple.com/certificateauthority/ is imported into the keychain to validate the Developer Certificates. Closes TUN-8900 2025-01-17 15:10:16 +00:00			`fi`
AUTH-2653 handle duplicate key import errors 2020-09-04 21:36:35 +00:00			`fi`
			`fi`
TUN-8900: Add import of Apple Developer Certificate Authority to macOS Pipeline ## Summary During the renewal of the certificates used to sign the macOS binaries and package, we faced an issue with the new certificates requiring a specific certification authority that wasn't available in the keychain of the mac agents. Therefore, this commit adds an import step that will ensure that the Certificate Authority, usually fetched from https://www.apple.com/certificateauthority/ is imported into the keychain to validate the Developer Certificates. Closes TUN-8900 2025-01-17 15:10:16 +00:00			`}`

			`# Add Apple Root Developer certificate to the key chain`
			`import_certificate "Apple Developer CA" "${APPLE_DEV_CA_CERT}" "${APPLE_CA_CERT}"`

			`# Add code signing private key to the key chain`
			`import_private_keys "Developer ID Application" "${CFD_CODE_SIGN_KEY}" "${CODE_SIGN_PRIV}" "${CFD_CODE_SIGN_PASS}"`

			`# Add code signing certificate to the key chain`
			`import_certificate "Developer ID Application" "${CFD_CODE_SIGN_CERT}" "${CODE_SIGN_CERT}"`

			`# Add package signing private key to the key chain`
			`import_private_keys "Developer ID Installer" "${CFD_INSTALLER_KEY}" "${INSTALLER_PRIV}" "${CFD_INSTALLER_PASS}"`
AUTH-2653 renabled signing 2020-09-04 16:29:17 +00:00
			`# Add package signing certificate to the key chain`
TUN-8900: Add import of Apple Developer Certificate Authority to macOS Pipeline ## Summary During the renewal of the certificates used to sign the macOS binaries and package, we faced an issue with the new certificates requiring a specific certification authority that wasn't available in the keychain of the mac agents. Therefore, this commit adds an import step that will ensure that the Certificate Authority, usually fetched from https://www.apple.com/certificateauthority/ is imported into the keychain to validate the Developer Certificates. Closes TUN-8900 2025-01-17 15:10:16 +00:00			`import_certificate "Developer ID Installer" "${CFD_INSTALLER_CERT}" "${INSTALLER_CERT}"`
AUTH-2653 renabled signing 2020-09-04 16:29:17 +00:00
			`# get the code signing certificate name`
AUTH-3103 CI build fixes 2020-09-17 15:56:18 +00:00			`if [[ ! -z "$CFD_CODE_SIGN_NAME" ]]; then`
AUTH-2653 renabled signing 2020-09-04 16:29:17 +00:00			`CODE_SIGN_NAME="${CFD_CODE_SIGN_NAME}"`
			`else`
AUTH-2653 search for the certificate and not the identity 2020-09-08 17:21:10 +00:00			`if [[ -n "$(security find-certificate -c "Developer ID Application" \| cut -d'"' -f 4 -s \| grep "Developer ID Application:" \| head -1)" ]]; then`
			`CODE_SIGN_NAME=$(security find-certificate -c "Developer ID Application" \| cut -d'"' -f 4 -s \| grep "Developer ID Application:" \| head -1)`
AUTH-2653 renabled signing 2020-09-04 16:29:17 +00:00			`else`
			`CODE_SIGN_NAME=""`
			`fi`
			`fi`

			`# get the package signing certificate name`
AUTH-3103 CI build fixes 2020-09-17 15:56:18 +00:00			`if [[ ! -z "$CFD_INSTALLER_NAME" ]]; then`
AUTH-2653 renabled signing 2020-09-04 16:29:17 +00:00			`PKG_SIGN_NAME="${CFD_INSTALLER_NAME}"`
			`else`
AUTH-2653 search for the certificate and not the identity 2020-09-08 17:21:10 +00:00			`if [[ -n "$(security find-certificate -c "Developer ID Installer" \| cut -d'"' -f 4 -s \| grep "Developer ID Installer:" \| head -1)" ]]; then`
			`PKG_SIGN_NAME=$(security find-certificate -c "Developer ID Installer" \| cut -d'"' -f 4 -s \| grep "Developer ID Installer:" \| head -1)`
AUTH-2653 renabled signing 2020-09-04 16:29:17 +00:00			`else`
			`PKG_SIGN_NAME=""`
			`fi`
			`fi`

TUN-8520: add macos arm64 build - refactor build script for macos to include arm64 build - refactor Makefile to upload all the artifacts instead of issuing one by one - update cfsetup due to 2. - place build files in specific folders - cleanup build directory before/after creating build artifacts 2024-07-05 18:39:22 +00:00			`# cleanup the build directory because the previous execution might have failed without cleaning up.`
			`rm -rf "${TARGET_DIRECTORY}"`
TUN-8546: rework MacOS build script The rework consists in building and packaging the cloudflared binary based on the OS & ARCH of the system. read TARGET_ARCH from export and exit if TARGET_ARCH is not set 2024-07-17 14:39:51 +00:00			`export TARGET_OS="darwin"`
			`GOCACHE="$PWD/../../../../" GOPATH="$PWD/../../../../" CGO_ENABLED=1 make cloudflared`
AUTH-2712 added MSI build for a windows agent 2020-07-07 15:44:07 +00:00
TUN-8546: rework MacOS build script The rework consists in building and packaging the cloudflared binary based on the OS & ARCH of the system. read TARGET_ARCH from export and exit if TARGET_ARCH is not set 2024-07-17 14:39:51 +00:00			`# sign the cloudflared binary`
			`if [[ ! -z "$CODE_SIGN_NAME" ]]; then`
			`codesign -s "${CODE_SIGN_NAME}" -f -v --timestamp --options runtime ${BINARY_NAME}`
AUTH-2712 fixed the mac build script 2020-08-18 20:33:50 +00:00
TUN-8546: rework MacOS build script The rework consists in building and packaging the cloudflared binary based on the OS & ARCH of the system. read TARGET_ARCH from export and exit if TARGET_ARCH is not set 2024-07-17 14:39:51 +00:00			`# notarize the binary`
			`# TODO: TUN-5789`
			`fi`
TUN-8520: add macos arm64 build - refactor build script for macos to include arm64 build - refactor Makefile to upload all the artifacts instead of issuing one by one - update cfsetup due to 2. - place build files in specific folders - cleanup build directory before/after creating build artifacts 2024-07-05 18:39:22 +00:00
TUN-8546: Fix final artifacts paths - The build artifacts must be placed in the checkout directory so that they can be picked up from cfsetup 2024-07-31 14:51:02 +00:00			`ARCH_TARGET_DIRECTORY="${TARGET_DIRECTORY}/${TARGET_ARCH}-build"`
TUN-8546: rework MacOS build script The rework consists in building and packaging the cloudflared binary based on the OS & ARCH of the system. read TARGET_ARCH from export and exit if TARGET_ARCH is not set 2024-07-17 14:39:51 +00:00			`# creating build directory`
			`rm -rf $ARCH_TARGET_DIRECTORY`
			`mkdir -p "${ARCH_TARGET_DIRECTORY}"`
			`mkdir -p "${ARCH_TARGET_DIRECTORY}/contents"`
			`cp -r ".mac_resources/scripts" "${ARCH_TARGET_DIRECTORY}/scripts"`

			`# copy cloudflared into the build directory`
			`cp ${BINARY_NAME} "${ARCH_TARGET_DIRECTORY}/contents/${PRODUCT}"`

			`# compress cloudflared into a tar and gzipped file`
			`tar czf "$FILENAME" "${BINARY_NAME}"`

			`# build the installer package`
			`if [[ ! -z "$PKG_SIGN_NAME" ]]; then`
			`pkgbuild --identifier com.cloudflare.${PRODUCT} \`
			`--version ${VERSION} \`
			`--scripts ${ARCH_TARGET_DIRECTORY}/scripts \`
			`--root ${ARCH_TARGET_DIRECTORY}/contents \`
			`--install-location /usr/local/bin \`
			`--sign "${PKG_SIGN_NAME}" \`
			`${PKGNAME}`

			`# notarize the package`
			`# TODO: TUN-5789`
			`else`
TUN-8520: add macos arm64 build - refactor build script for macos to include arm64 build - refactor Makefile to upload all the artifacts instead of issuing one by one - update cfsetup due to 2. - place build files in specific folders - cleanup build directory before/after creating build artifacts 2024-07-05 18:39:22 +00:00			`pkgbuild --identifier com.cloudflare.${PRODUCT} \`
TUN-8546: rework MacOS build script The rework consists in building and packaging the cloudflared binary based on the OS & ARCH of the system. read TARGET_ARCH from export and exit if TARGET_ARCH is not set 2024-07-17 14:39:51 +00:00			`--version ${VERSION} \`
			`--scripts ${ARCH_TARGET_DIRECTORY}/scripts \`
			`--root ${ARCH_TARGET_DIRECTORY}/contents \`
			`--install-location /usr/local/bin \`
			`${PKGNAME}`
			`fi`
AUTH-2712 added MSI build for a windows agent 2020-07-07 15:44:07 +00:00
TUN-8523: refactor makefile and cfsetup - remove unused targets in Makefile - order deps in cfsetup.yaml - only build cloudflared not all linux targets - rename stages to be more explicit - adjust build deps of build-linux-release - adjust build deps of build-linux-fips-release - rename github_release_pkgs_pre_cache to build_release_pre_cache - only build release release artifacts within build-linux-release - only build release release artifacts within build-linux-fips-release - remove github-release-macos - remove github-release-windows - adjust builddeps of test and test-fips - create builddeps anchor for component-test and use it in component-test-fips - remove wixl from build-linux-* - rename release-pkgs-linux to r2-linux-release - add github-release: artifacts uplooad and set release message - clean build directory before build - add step to package windows binaries - refactor windows script One of TeamCity changes is moving the artifacts to the built artifacts, hence, there is no need to cp files from artifacts to built_artifacts - create anchor for release builds - create anchor for tests stages - remove reprepro and createrepo as they are only called by release_pkgs.py 2024-07-05 18:39:22 +00:00			`# cleanup build directory because this script is not ran within containers,`
TUN-8520: add macos arm64 build - refactor build script for macos to include arm64 build - refactor Makefile to upload all the artifacts instead of issuing one by one - update cfsetup due to 2. - place build files in specific folders - cleanup build directory before/after creating build artifacts 2024-07-05 18:39:22 +00:00			`# which might lead to future issues in subsequent runs.`
			`rm -rf "${TARGET_DIRECTORY}"`