Merge pull request #5745 from menloresearch/refactor/tauri-workflow

refactor: tauri workflow

.github/scripts/electron-checksum.py

@@ -1,28 +0,0 @@
-import hashlib
-import base64
-import sys
-
-def hash_file(file_path):
-    # Create a SHA-512 hash object
-    sha512 = hashlib.sha512()
-
-    # Read and update the hash object with the content of the file
-    with open(file_path, 'rb') as f:
-        while True:
-            data = f.read(1024 * 1024)  # Read in 1 MB chunks
-            if not data:
-                break
-            sha512.update(data)
-
-    # Obtain the hash result and encode it in base64
-    hash_base64 = base64.b64encode(sha512.digest()).decode('utf-8')
-    return hash_base64
-
-if __name__ == "__main__":
-    if len(sys.argv) < 2:
-        print("Usage: python3 script.py <file_path>")
-        sys.exit(1)
-
-    file_path = sys.argv[1]
-    hash_base64_output = hash_file(file_path)
-    print(hash_base64_output)

.github/workflows/template-tauri-build-linux-x64.yml

@@ -39,8 +39,6 @@ on:
         required: false
       TAURI_SIGNING_PRIVATE_KEY_PASSWORD:
         required: false
-      TAURI_SIGNING_PUBLIC_KEY:
-        required: false
     outputs:
       DEB_SIG:
         value: ${{ jobs.build-linux-x64.outputs.DEB_SIG }}
@@ -154,14 +152,12 @@ jobs:
           "$APP_IMAGE"
 
         env:
-          RELEASE_CHANNEL: "${{ inputs.channel }}"
+          RELEASE_CHANNEL: '${{ inputs.channel }}'
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           POSTHOG_KEY: ${{ secrets.POSTHOG_KEY }}
           POSTHOG_HOST: ${{ secrets.POSTHOG_HOST }}
-          # CORTEX_API_PORT: ${{ inputs.cortex_api_port }}
           TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
           TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
-          TAURI_SIGNING_PUBLIC_KEY: ${{ secrets.TAURI_SIGNING_PUBLIC_KEY }}
 
       # Publish app
 
@@ -180,8 +176,8 @@ jobs:
           name: jan-linux-amd64-${{ inputs.new_version }}-AppImage
           path: ./src-tauri/target/release/bundle/appimage/*.AppImage
 
-      ## create zip file and latest-linux.yml for linux electron auto updater
+      ## Set output filename for linux
-      - name: Create zip file and latest-linux.yml for linux electron auto updater
+      - name: Set output filename for linux
         id: packageinfo
         run: |
           cd ./src-tauri/target/release/bundle
@@ -198,35 +194,6 @@ jobs:
             APPIMAGE_SIG=$(cat appimage/Jan_${{ inputs.new_version }}_amd64.AppImage.sig)
           fi
 
-          DEB_FILE_SIZE=$(stat -c%s deb/$DEB_FILE_NAME)
-          APPIMAGE_FILE_SIZE=$(stat -c%s appimage/$APPIMAGE_FILE_NAME)
-          echo "deb file size: $DEB_FILE_SIZE"
-          echo "appimage file size: $APPIMAGE_FILE_SIZE"
-
-          DEB_SH512_CHECKSUM=$(python3 ../../../../.github/scripts/electron-checksum.py deb/$DEB_FILE_NAME)
-          APPIMAGE_SH512_CHECKSUM=$(python3 ../../../../.github/scripts/electron-checksum.py appimage/$APPIMAGE_FILE_NAME)
-          echo "deb sh512 checksum: $DEB_SH512_CHECKSUM"
-          echo "appimage sh512 checksum: $APPIMAGE_SH512_CHECKSUM"
-
-          CURRENT_TIME=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")
-          echo "releaseDate: $CURRENT_TIME"
-
-          # Create latest-linux.yml file
-          echo "version: ${{ inputs.new_version }}" > latest-linux.yml
-          echo "files:" >> latest-linux.yml
-          echo "  - url: $DEB_FILE_NAME" >> latest-linux.yml
-          echo "    sha512: $DEB_SH512_CHECKSUM" >> latest-linux.yml
-          echo "    size: $DEB_FILE_SIZE" >> latest-linux.yml
-          echo "  - url: $APPIMAGE_FILE_NAME" >> latest-linux.yml
-          echo "    sha512: $APPIMAGE_SH512_CHECKSUM" >> latest-linux.yml
-          echo "    size: $APPIMAGE_FILE_SIZE" >> latest-linux.yml
-          echo "path: $APPIMAGE_FILE_NAME" >> latest-linux.yml
-          echo "sha512: $APPIMAGE_SH512_CHECKSUM" >> latest-linux.yml
-          echo "releaseDate: $CURRENT_TIME" >> latest-linux.yml
-
-          cat latest-linux.yml
-          cp latest-linux.yml beta-linux.yml
-
           echo "DEB_SIG=$DEB_SIG" >> $GITHUB_OUTPUT
           echo "APPIMAGE_SIG=$APPIMAGE_SIG" >> $GITHUB_OUTPUT
           echo "DEB_FILE_NAME=$DEB_FILE_NAME" >> $GITHUB_OUTPUT
@@ -238,10 +205,6 @@ jobs:
         run: |
           cd ./src-tauri/target/release/bundle
 
-          # Upload for electron updater for nightly
-          aws s3 cp ./latest-linux.yml s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/latest-linux.yml
-          aws s3 cp ./beta-linux.yml s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/beta-linux.yml
-
           # Upload for tauri updater
           aws s3 cp ./appimage/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.AppImage s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.AppImage
           aws s3 cp ./deb/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.deb s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_amd64.deb
@@ -253,28 +216,6 @@ jobs:
           AWS_DEFAULT_REGION: ${{ secrets.DELTA_AWS_REGION }}
           AWS_EC2_METADATA_DISABLED: 'true'
 
-      ## Upload to github release for stable release
-      - name: Upload release assert if public provider is github
-        if: inputs.channel == 'stable'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        uses: actions/upload-release-asset@v1.0.1
-        with:
-          upload_url: ${{ inputs.upload_url }}
-          asset_path: ./src-tauri/target/release/bundle/latest-linux.yml
-          asset_name: latest-linux.yml
-          asset_content_type: text/yaml
-
-      - name: Upload release assert if public provider is github
-        if: inputs.channel == 'beta'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        uses: actions/upload-release-asset@v1.0.1
-        with:
-          upload_url: ${{ inputs.upload_url }}
-          asset_path: ./src-tauri/target/release/bundle/beta-linux.yml
-          asset_name: beta-linux.yml
-          asset_content_type: text/yaml
       - name: Upload release assert if public provider is github
         if: inputs.public_provider == 'github'
         env:

.github/workflows/template-tauri-build-macos.yml

@@ -49,11 +49,13 @@ on:
         required: false
       TAURI_SIGNING_PRIVATE_KEY_PASSWORD:
         required: false
-      TAURI_SIGNING_PUBLIC_KEY:
-        required: false
     outputs:
       MAC_UNIVERSAL_SIG:
         value: ${{ jobs.build-macos.outputs.MAC_UNIVERSAL_SIG }}
+      FILE_NAME:
+        value: ${{ jobs.build-macos.outputs.FILE_NAME }}
+      DMG_NAME:
+        value: ${{ jobs.build-macos.outputs.DMG_NAME }}
       TAR_NAME:
         value: ${{ jobs.build-macos.outputs.TAR_NAME }}
 
@@ -62,6 +64,8 @@ jobs:
     runs-on: macos-latest
     outputs:
       MAC_UNIVERSAL_SIG: ${{ steps.metadata.outputs.MAC_UNIVERSAL_SIG }}
+      FILE_NAME: ${{ steps.metadata.outputs.FILE_NAME }}
+      DMG_NAME: ${{ steps.metadata.outputs.DMG_NAME }}
       TAR_NAME: ${{ steps.metadata.outputs.TAR_NAME }}
     permissions:
       contents: write
@@ -170,7 +174,6 @@ jobs:
           APP_PATH: '.'
           POSTHOG_KEY: ${{ secrets.POSTHOG_KEY }}
           POSTHOG_HOST: ${{ secrets.POSTHOG_HOST }}
-          # CORTEX_API_PORT: ${{ inputs.cortex_api_port }}
           APPLE_CERTIFICATE: ${{ secrets.CODE_SIGN_P12_BASE64 }}
           APPLE_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }}
           APPLE_API_ISSUER: ${{ secrets.NOTARY_ISSUER }}
@@ -178,7 +181,6 @@ jobs:
           APPLE_API_KEY_PATH: /tmp/notary-key.p8
           TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
           TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
-          TAURI_SIGNING_PUBLIC_KEY: ${{ secrets.TAURI_SIGNING_PUBLIC_KEY }}
 
       # Publish app
 
@@ -191,8 +193,8 @@ jobs:
           path: |
             ./src-tauri/target/universal-apple-darwin/release/bundle/dmg/*.dmg
 
-      ## create zip file and latest-mac.yml for mac electron auto updater
+      ## Set output filename for mac
-      - name: create zip file and latest-mac.yml for mac electron auto updater
+      - name: Set output filename for mac
         run: |
           cd ./src-tauri/target/universal-apple-darwin/release/bundle/macos
           if [ "${{ inputs.channel }}" != "stable" ]; then
@@ -209,27 +211,6 @@ jobs:
             TAR_NAME=Jan.app.tar.gz
           fi
 
-          FILE_SIZE=$(stat -f%z $FILE_NAME)
-          echo "size: $FILE_SIZE"
-
-          SH512_CHECKSUM=$(python3 ../../../../../../.github/scripts/electron-checksum.py $FILE_NAME)
-          echo "sha512: $SH512_CHECKSUM"
-          CURRENT_TIME=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")
-          echo "releaseDate: $CURRENT_TIME"
-
-          # Create latest-mac.yml file
-          echo "version: ${{ inputs.new_version }}" > latest-mac.yml
-          echo "files:" >> latest-mac.yml
-          echo "  - url: $FILE_NAME" >> latest-mac.yml
-          echo "    sha512: $SH512_CHECKSUM" >> latest-mac.yml
-          echo "    size: $FILE_SIZE" >> latest-mac.yml
-          echo "path: $FILE_NAME" >> latest-mac.yml
-          echo "sha512: $SH512_CHECKSUM" >> latest-mac.yml
-          echo "releaseDate: $CURRENT_TIME" >> latest-mac.yml
-
-          cat latest-mac.yml
-          cp latest-mac.yml beta-mac.yml
-
           echo "::set-output name=MAC_UNIVERSAL_SIG::$MAC_UNIVERSAL_SIG"
           echo "::set-output name=FILE_NAME::$FILE_NAME"
           echo "::set-output name=DMG_NAME::$DMG_NAME"
@@ -242,12 +223,6 @@ jobs:
         run: |
           cd ./src-tauri/target/universal-apple-darwin/release/bundle
 
-          # Upload for electron updater for nightly
-          aws s3 cp ./macos/latest-mac.yml s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/latest-mac.yml
-          aws s3 cp ./macos/beta-mac.yml s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/beta-mac.yml
-          aws s3 cp ./macos/jan-${{ inputs.channel }}-mac-universal-${{ inputs.new_version }}.zip s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/jan-${{ inputs.channel }}-mac-universal-${{ inputs.new_version }}.zip
-          # aws s3 cp ./macos/jan-${{ inputs.channel }}-mac-universal-${{ inputs.new_version }}.zip.sig s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/jan-${{ inputs.channel }}-mac-universal-${{ inputs.new_version }}.zip.sig
-
           # Upload for tauri updater
           aws s3 cp ./dmg/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_universal.dmg s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/Jan-${{ inputs.channel }}_${{ inputs.new_version }}_universal.dmg
           aws s3 cp ./macos/Jan-${{ inputs.channel }}.app.tar.gz s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/Jan-${{ inputs.channel }}_${{ inputs.new_version }}.app.tar.gz
@@ -258,29 +233,6 @@ jobs:
           AWS_DEFAULT_REGION: ${{ secrets.DELTA_AWS_REGION }}
           AWS_EC2_METADATA_DISABLED: 'true'
 
-      ## Upload to github release for stable release
-      - name: Upload release assert if public provider is github
-        if: inputs.channel == 'stable'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        uses: actions/upload-release-asset@v1.0.1
-        with:
-          upload_url: ${{ inputs.upload_url }}
-          asset_path: ./src-tauri/target/universal-apple-darwin/release/bundle/macos/latest-mac.yml
-          asset_name: latest-mac.yml
-          asset_content_type: text/yaml
-
-      - name: Upload release assert if public provider is github
-        if: inputs.channel == 'beta'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        uses: actions/upload-release-asset@v1.0.1
-        with:
-          upload_url: ${{ inputs.upload_url }}
-          asset_path: ./src-tauri/target/universal-apple-darwin/release/bundle/macos/beta-mac.yml
-          asset_name: beta-mac.yml
-          asset_content_type: text/yaml
-
       - name: Upload release assert if public provider is github
         if: inputs.public_provider == 'github'
         env:

.github/workflows/template-tauri-build-windows-x64.yml

@@ -49,8 +49,6 @@ on:
         required: false
       TAURI_SIGNING_PRIVATE_KEY_PASSWORD:
         required: false
-      TAURI_SIGNING_PUBLIC_KEY:
-        required: false
     outputs:
       WIN_SIG:
         value: ${{ jobs.build-windows-x64.outputs.WIN_SIG }}
@@ -95,8 +93,10 @@ jobs:
         run: |
           echo "Version: ${{ inputs.new_version }}"
           # Update tauri.conf.json
-          jq --arg version "${{ inputs.new_version }}" '.version = $version | .bundle.createUpdaterArtifacts = true | .bundle.windows.nsis.template = "tauri.bundle.windows.nsis.template"' ./src-tauri/tauri.conf.json > /tmp/tauri.conf.json
+          jq --arg version "${{ inputs.new_version }}" '.version = $version | .bundle.createUpdaterArtifacts = true' ./src-tauri/tauri.conf.json > /tmp/tauri.conf.json
           mv /tmp/tauri.conf.json ./src-tauri/tauri.conf.json
+          jq '.bundle.windows.nsis.template = "tauri.bundle.windows.nsis.template"' ./src-tauri/tauri.windows.conf.json > /tmp/tauri.windows.conf.json
+          mv /tmp/tauri.windows.conf.json ./src-tauri/tauri.windows.conf.json
           jq --arg version "${{ inputs.new_version }}" '.version = $version' web-app/package.json > /tmp/package.json
           mv /tmp/package.json web-app/package.json
 
@@ -195,10 +195,8 @@ jobs:
           AWS_MAX_ATTEMPTS: '5'
           POSTHOG_KEY: ${{ secrets.POSTHOG_KEY }}
           POSTHOG_HOST: ${{ secrets.POSTHOG_HOST }}
-          # CORTEX_API_PORT: ${{ inputs.cortex_api_port }}
           TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
           TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
-          TAURI_SIGNING_PUBLIC_KEY: ${{ secrets.TAURI_SIGNING_PUBLIC_KEY }}
 
       - name: Upload Artifact
         uses: actions/upload-artifact@v4
@@ -207,8 +205,8 @@ jobs:
           path: |
             ./src-tauri/target/release/bundle/nsis/*.exe
 
-      ## create zip file and latest.yml for windows electron auto updater
+      ## Set output filename for windows
-      - name: create zip file and latest.yml for windows electron auto updater
+      - name: Set output filename for windows
         shell: bash
         run: |
           cd ./src-tauri/target/release/bundle/nsis
@@ -220,27 +218,6 @@ jobs:
             WIN_SIG=$(cat Jan_${{ inputs.new_version }}_x64-setup.exe.sig)
           fi
 
-          FILE_SIZE=$(stat -c %s $FILE_NAME)
-          echo "size: $FILE_SIZE"
-
-          SH512_CHECKSUM=$(python3 ../../../../../.github/scripts/electron-checksum.py $FILE_NAME)
-          echo "sha512: $SH512_CHECKSUM"
-          CURRENT_TIME=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")
-          echo "releaseDate: $CURRENT_TIME"
-
-          # Create latest.yml file
-          echo "version: ${{ inputs.new_version }}" > latest.yml
-          echo "files:" >> latest.yml
-          echo "  - url: $FILE_NAME" >> latest.yml
-          echo "    sha512: $SH512_CHECKSUM" >> latest.yml
-          echo "    size: $FILE_SIZE" >> latest.yml
-          echo "path: $FILE_NAME" >> latest.yml
-          echo "sha512: $SH512_CHECKSUM" >> latest.yml
-          echo "releaseDate: $CURRENT_TIME" >> latest.yml
-
-          cat latest.yml
-          cp latest.yml beta.yml
-
           echo "::set-output name=WIN_SIG::$WIN_SIG"
           echo "::set-output name=FILE_NAME::$FILE_NAME"
         id: metadata
@@ -252,10 +229,6 @@ jobs:
         run: |
           cd ./src-tauri/target/release/bundle/nsis
 
-          # Upload for electron updater for nightly
-          aws s3 cp ./latest.yml s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/latest.yml
-          aws s3 cp ./beta.yml s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/beta.yml
-
           # Upload for tauri updater
           aws s3 cp ./${{ steps.metadata.outputs.FILE_NAME }} s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/${{ steps.metadata.outputs.FILE_NAME }}
           aws s3 cp ./${{ steps.metadata.outputs.FILE_NAME }}.sig s3://${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}/temp-${{ inputs.channel }}/${{ steps.metadata.outputs.FILE_NAME }}.sig
@@ -265,29 +238,6 @@ jobs:
           AWS_DEFAULT_REGION: ${{ secrets.DELTA_AWS_REGION }}
           AWS_EC2_METADATA_DISABLED: 'true'
 
-      ## Upload to github release for stable release
-      - name: Upload release assert if public provider is github
-        if: inputs.channel == 'stable'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        uses: actions/upload-release-asset@v1.0.1
-        with:
-          upload_url: ${{ inputs.upload_url }}
-          asset_path: ./src-tauri/target/release/bundle/nsis/latest.yml
-          asset_name: latest.yml
-          asset_content_type: text/yaml
-
-      - name: Upload release assert if public provider is github
-        if: inputs.channel == 'beta'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        uses: actions/upload-release-asset@v1.0.1
-        with:
-          upload_url: ${{ inputs.upload_url }}
-          asset_path: ./src-tauri/target/release/bundle/nsis/beta.yml
-          asset_name: beta.yml
-          asset_content_type: text/yaml
-
       - name: Upload release assert if public provider is github
         if: inputs.public_provider == 'github'
         env:

src-tauri/tauri.bundle.windows.nsis.template

@@ -452,7 +452,7 @@ Function .onInit
     StrCpy $PassiveMode 1
   ${EndIf}
   ; always run in passive mode
-  StrCpy $PassiveMode 1
+  ; StrCpy $PassiveMode 1
 
   ${GetOptions} $CMDLINE "/NS" $NoShortcutMode
   ${IfNot} ${Errors}

src-tauri/tauri.linux.conf.json

@@ -1,13 +1,8 @@
 {
   "bundle": {
     "targets": ["deb", "appimage"],
-    "resources": [
+    "resources": ["resources/pre-install/**/*"],
-      "resources/pre-install/**/*"
+    "externalBin": ["binaries/cortex-server", "resources/bin/uv"],
-    ],
-    "externalBin": [
-      "binaries/cortex-server",
-      "resources/bin/uv"
-    ],
     "linux": {
       "appimage": {
         "bundleMediaFramework": false,