This commit adds RPM and DEB targets to the electron builder manifest
and uploads the result within the packaging workflow.
Signed-off-by: David Cassany <dcassany@suse.com>
This updates nerdctl-stub to parse arguments (such as
`nerdctl build --file`) and translate the paths. On Windows (the host),
this just means convert it to `/mnt/c/...` form; on Linux (a second WSL
distribution), this means making a temporary bind mount under `/mnt/wsl/`
and converting relevant arguments to point to that instead.
In order to do the mounting, the nerdctl-stub binary needs to be setuid
root. We therefore need to copy it to somewhere under `/mnt/wsl/` as well,
since anything under `/mnt/c/` (DrvFS) doesn't support setuid properly.
In order to correctly parse the arguments, we use a generator that parses
the output of `nerdctl -help` (and various subcommands) to build our
understanding of the available subcommands and options. This may be
triggered on a Windows machine with the `rancher-desktop` WSL distribution
using `npm run generate:nerdctl-stub`. (The requirement is to be able to
execute the `nerdctl` binary to parse its output.)
Signed-off-by: Mark Yen <mark.yen@suse.com>
The node-sass package is a binding to libsass and requires building a C
extension; whereas the sass package is implemented in Dart (compiled to
JavaScript) and doesn't require a C extension. This makes it easier to
build Rancher Desktop.
Signed-off-by: Mark Yen <mark.yen@suse.com>
This adds support for use the system proxy configuration (by asking the
embedded Chrome to resolve the proxy configuration). The idea to ask
Chrome was from the electron-proxy-agent package; however, it had
significant issues on supporting system CA certificates, and the result
ended up being a complete rewrite.
We need the wrapper classes for HttpsProxyAgent and SocksProxyAgent so that
we can pass the CA options down to the eventual tls.connect() call. This
is due to https://github.com/TooTallNate/node-https-proxy-agent/issues/89
Signed-off-by: Mark Yen <mark.yen@suse.com>
This lets us drop the SPECTRON_RUN environment variable, so we can be sure
that users will not accidentally stumble upon it (causing the deprecated
remoting API to be enabled).
Signed-off-by: Mark Yen <mark.yen@suse.com>
This script handles code signing on Windows, using a certificate that is
always specified via the certificate fingerprint.
Signed-off-by: Mark Yen <mark.yen@suse.com>
This will let use write build scripts using the same language as the rest
of the application (which means possible code sharing).
Signed-off-by: Mark Yen <mark.yen@suse.com>
We plan on using Longhorn's upgrade-responder to handle upgrade pings,
backed by GitHub releases for the actual binaries. As a first step, we
need to create a custom electron-builder Publisher backend to generate the
necessary fields to be examined durin the upgrade ping process.
Note that this publisher does not actually publish anything; it just
resolves the options at build time to be written into the configuration
file.
Signed-off-by: Mark Yen <mark.yen@suse.com>
We'll be using this as part of the auto-updater implementation.
Signed-off-by: Mark Yen <mark.yen@suse.com>
# Conflicts:
# package-lock.json
# package.json
- This works because JSON is a subset of YAML, so json files are yaml-parsable
- Also include 'yaml' in package.json because we now explicitly depend on it.
Signed-off-by: Eric Promislow <epromislow@suse.com>
We were affected by one breaking change:
https://www.electronjs.org/docs/breaking-changes#default-changed-contextisolation-defaults-to-true:
'''
In Electron 12, contextIsolation will be enabled by default. To restore the previous behavior, contextIsolation: false must be specified in WebPreferences.
'''
This compromises security but enables `window.require`. Some of the external processes
we spawn take user-supplied arguments. As long as we run them using array-based methods like
`child_process.execFile(Sync)` and `child_process.spawn(Sync)`,
and not `child_process.exec(Sync)` we should be ok.
Also pull the `@types/node` entry out of `devDependencies` as electron pulls it in
and we don't directly depend on it.
Signed-off-by: Eric Promislow <epromislow@suse.com>
* Fallback to `copy+remove` when optimized `fs.rename` fails
* Write unit tests to verify this happens for renaming both
files and directories.
Signed-off-by: Eric Promislow <epromislow@suse.com>
These will help in using system certificate stores, mainly for machines on
corporate networks with MITM proxies.
Signed-off-by: Mark Yen <mark.yen@suse.com>
