Merge pull request #6407 from jandubois/prepare-for-1.12.3

Prepare for 1.12.3
rancher-sandbox · Feb 1, 2024 · 5b0276f · 5b0276f
2 parents 07d2c03 + 8604c48
commit 5b0276f
Show file tree

Hide file tree

Showing 7 changed files with 40 additions and 19 deletions.
diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt
@@ -68,6 +68,7 @@ bindir
 binfmt
 bitnami
 blkio
+blockmap
 bootfs
 bosco
 bottlesofbeeronthewall

diff --git a/package.json b/package.json
@@ -2,7 +2,7 @@
  "name": "rancher-desktop",
  "productName": "Rancher Desktop",
  "license": "Apache-2.0",
- "version": "1.12.2",
+ "version": "1.12.3",
  "author": {
  "name": "SUSE",
  "email": "containers@suse.com"

diff --git a/pkg/rancher-desktop/assets/dependencies.yaml b/pkg/rancher-desktop/assets/dependencies.yaml
@@ -1,9 +1,9 @@
 lima: 0.19.0.rd5
 limaAndQemu: 1.31.2
 alpineLimaISO:
- isoVersion: 0.2.31.rd11
+ isoVersion: 0.2.31.rd12
  alpineVersion: 3.18.0
-WSLDistro: "0.51"
+WSLDistro: 0.51.1
 kuberlr: 0.4.4
 helm: 3.13.3
 dockerCLI: 24.0.7

diff --git a/scripts/lib/sign-macos.ts b/scripts/lib/sign-macos.ts
@@ -31,7 +31,7 @@ type SigningConfig = {
  remove: string[];
 };
 
-export async function sign(workDir: string): Promise<string> {
+export async function sign(workDir: string): Promise<string[]> {
  const certFingerprint = process.env.CSC_FINGERPRINT ?? '';
  const appleId = process.env.APPLEID;
  const appleIdPassword = process.env.AC_PASSWORD;
@@ -125,28 +125,42 @@ export async function sign(workDir: string): Promise<string> {
  throw new Error(message.join('\n'));
  }
 
- console.log('Building disk image...');
+ console.log('Building disk image and update archive...');
  const arch = process.env.M1 ? Arch.arm64 : Arch.x64;
  const productFileName = config.productName?.replace(/\s+/g, '.');
  const productArch = process.env.M1 ? 'aarch64' : 'x86_64';
- const artifactName = `${ productFileName }-\${version}.${ productArch }.\${ext}`;
+ const artifactName = `${ productFileName }-\${version}-mac.${ productArch }.\${ext}`;
+ const formats = ['dmg', 'zip'];
 
  // Build the dmg, explicitly _not_ using an identity; we just signed
  // everything as we wanted already.
  const results = await build({
- targets: new Map([[Platform.MAC, new Map([[arch, ['dmg']]])]]),
+ targets: new Map([[Platform.MAC, new Map([[arch, formats]])]]),
  config: _.merge<Configuration, Configuration>(config, { mac: { artifactName, identity: null } }),
  prepackaged: appDir,
  });
 
- const dmgFile = results.find(v => v.endsWith('.dmg'));
+ // The .dmg and the .zip have slightly different file names, so we need to
+ // deal with them separately.
+
+ const dmgFile = results.find(f => f.endsWith('.dmg'));
+ const zipFile = results.find(f => f.endsWith('.zip'));
 
  if (!dmgFile) {
- throw new Error(`Could not find signed disk image`);
+ throw new Error(`Could not find build disk image`);
+ }
+ if (!zipFile) {
+ throw new Error(`Could not find build zip file`);
  }
- await spawnFile('codesign', ['--sign', certFingerprint, '--timestamp', dmgFile], { stdio: 'inherit' });
 
- return dmgFile;
+ const dmgRenamedFile = dmgFile.replace('-mac.', '.');
+
+ await fs.promises.rename(dmgFile, dmgRenamedFile);
+ await Promise.all([dmgRenamedFile, zipFile].map((f) => {
+ return spawnFile('codesign', ['--sign', certFingerprint, '--timestamp', f], { stdio: 'inherit' });
+ }));
+
+ return Object.values([dmgRenamedFile, zipFile]);
 }
 
 /**

diff --git a/scripts/lib/sign-win32.ts b/scripts/lib/sign-win32.ts
@@ -44,7 +44,7 @@ interface ElectronBuilderConfiguration {
  }
 }
 
-export async function sign(workDir: string): Promise<string> {
+export async function sign(workDir: string): Promise<string[]> {
  const certFingerprint = process.env.CSC_FINGERPRINT ?? '';
  const certPassword = process.env.CSC_KEY_PASSWORD ?? '';
 
@@ -98,7 +98,7 @@ export async function sign(workDir: string): Promise<string> {
 
  await signFn(...filesToSign);
 
- return await buildWiX(workDir, unpackedDir, signFn);
+ return [await buildWiX(workDir, unpackedDir, signFn)];
 }
 
 /**

diff --git a/scripts/sign.ts b/scripts/sign.ts
@@ -21,7 +21,7 @@ async function signArchive(archive: string): Promise<void> {
  await fs.promises.mkdir(distDir, { recursive: true });
  const workDir = await fs.promises.mkdtemp(path.join(distDir, 'sign-'));
  const archiveDir = path.join(workDir, 'unpacked');
- let artifact: string | undefined;
+ let artifacts: string[] | undefined;
 
  try {
  // Extract the archive
@@ -32,20 +32,23 @@ async function signArchive(archive: string): Promise<void> {
  // Detect the archive type
  for (const file of await fs.promises.readdir(archiveDir)) {
  if (file.endsWith('.exe')) {
- artifact = await windows.sign(workDir);
+ artifacts = await windows.sign(workDir);
  break;
  }
  if (file.endsWith('.app')) {
- artifact = await macos.sign(workDir);
+ artifacts = await macos.sign(workDir);
  break;
  }
  }
 
- if (!artifact) {
+ if (!artifacts) {
  throw new Error(`Could not find any files to sign in ${ archive }`);
  }
- await computeChecksum(artifact);
- console.log(`Signed result: ${ artifact }`);
+ await Promise.all(artifacts.map(f => computeChecksum(f)));
+
+ for (const line of ['Signed results:', ...artifacts.map(f => ` - ${ f }`)]) {
+ console.log(line);
+ }
  } finally {
  await fs.promises.rm(workDir, { recursive: true, maxRetries: 3 });
  }

diff --git a/src/go/nerdctl-stub/nerdctl_commands_generated.go b/src/go/nerdctl-stub/nerdctl_commands_generated.go