sarman/tftsr-devops_investigation
1
1
Fork 0
Code Issues 4 Pull Requests Actions 34 Packages Projects 3 Releases 6 Wiki Activity

chore: merge master into beta — resolve libsodium workflow conflicts #108

Merged
sarman merged 5 commits from fix/sync-master-to-beta into beta 2026-06-18 00:21:23 +00:00
Conversation 0 Commits 5 Files Changed 3 +54
6 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 10b931809b - Show all commits

1
.docker/Dockerfile.linux-amd64
View File

@ -14,6 +14,7 @@ RUN apt-get update -qq \
libgtk-3-dev \ libgtk-3-dev \
libayatana-appindicator3-dev \ libayatana-appindicator3-dev \
librsvg2-dev \ librsvg2-dev \
libsodium-dev \
patchelf \ patchelf \
pkg-config \ pkg-config \
curl \ curl \

2
.docker/Dockerfile.linux-arm64
View File

@ -14,6 +14,7 @@ RUN apt-get update -qq \
&& apt-get install -y -qq --no-install-recommends \ && apt-get install -y -qq --no-install-recommends \
ca-certificates curl git gcc g++ make patchelf pkg-config perl jq \ ca-certificates curl git gcc g++ make patchelf pkg-config perl jq \
gcc-aarch64-linux-gnu g++-aarch64-linux-gnu \ gcc-aarch64-linux-gnu g++-aarch64-linux-gnu \
libsodium-dev \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Step 2: Enable arm64 multiarch. Ubuntu uses ports.ubuntu.com for arm64 to avoid # Step 2: Enable arm64 multiarch. Ubuntu uses ports.ubuntu.com for arm64 to avoid
@ -32,6 +33,7 @@ RUN dpkg --add-architecture arm64 \
libssl-dev:arm64 \ libssl-dev:arm64 \
libgtk-3-dev:arm64 \ libgtk-3-dev:arm64 \
librsvg2-dev:arm64 \ librsvg2-dev:arm64 \
libsodium-dev:arm64 \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Step 3: Node.js 22 # Step 3: Node.js 22

4
.gitea/workflows/auto-tag.yml
View File

@ -345,6 +345,7 @@ jobs:
env: env:
APPIMAGE_EXTRACT_AND_RUN: "1" APPIMAGE_EXTRACT_AND_RUN: "1"
run: | run: |
apt-get update -qq && apt-get install -y --no-install-recommends libsodium-dev
npm ci --legacy-peer-deps npm ci --legacy-peer-deps
CI=true npx tauri build --target x86_64-unknown-linux-gnu CI=true npx tauri build --target x86_64-unknown-linux-gnu
- name: Upload artifacts - name: Upload artifacts
@ -444,6 +445,8 @@ jobs:
CARGO_TARGET_X86_64_PC_WINDOWS_GNU_LINKER: x86_64-w64-mingw32-gcc CARGO_TARGET_X86_64_PC_WINDOWS_GNU_LINKER: x86_64-w64-mingw32-gcc
OPENSSL_NO_VENDOR: "0" OPENSSL_NO_VENDOR: "0"
OPENSSL_STATIC: "1" OPENSSL_STATIC: "1"
SODIUM_LIB_DIR: /usr/x86_64-w64-mingw32/lib
SODIUM_STATIC: "1"
run: | run: |
npm ci --legacy-peer-deps npm ci --legacy-peer-deps
CI=true npx tauri build --target x86_64-pc-windows-gnu CI=true npx tauri build --target x86_64-pc-windows-gnu
@ -633,6 +636,7 @@ jobs:
OPENSSL_STATIC: "1" OPENSSL_STATIC: "1"
APPIMAGE_EXTRACT_AND_RUN: "1" APPIMAGE_EXTRACT_AND_RUN: "1"
run: | run: |
apt-get update -qq && apt-get install -y --no-install-recommends libsodium-dev:arm64
npm ci --legacy-peer-deps npm ci --legacy-peer-deps
CI=true npx tauri build --target aarch64-unknown-linux-gnu --bundles deb,rpm CI=true npx tauri build --target aarch64-unknown-linux-gnu --bundles deb,rpm
- name: Upload artifacts - name: Upload artifacts

4
.gitea/workflows/release-beta.yml
View File

@ -225,6 +225,7 @@ jobs:
env: env:
APPIMAGE_EXTRACT_AND_RUN: "1" APPIMAGE_EXTRACT_AND_RUN: "1"
run: | run: |
apt-get update -qq && apt-get install -y --no-install-recommends libsodium-dev
npm ci --legacy-peer-deps npm ci --legacy-peer-deps
CI=true npx tauri build --target x86_64-unknown-linux-gnu CI=true npx tauri build --target x86_64-unknown-linux-gnu
- name: Upload artifacts - name: Upload artifacts
@ -317,6 +318,8 @@ jobs:
CARGO_TARGET_X86_64_PC_WINDOWS_GNU_LINKER: x86_64-w64-mingw32-gcc CARGO_TARGET_X86_64_PC_WINDOWS_GNU_LINKER: x86_64-w64-mingw32-gcc
OPENSSL_NO_VENDOR: "0" OPENSSL_NO_VENDOR: "0"
OPENSSL_STATIC: "1" OPENSSL_STATIC: "1"
SODIUM_LIB_DIR: /usr/x86_64-w64-mingw32/lib
SODIUM_STATIC: "1"
run: | run: |
npm ci --legacy-peer-deps npm ci --legacy-peer-deps
CI=true npx tauri build --target x86_64-pc-windows-gnu CI=true npx tauri build --target x86_64-pc-windows-gnu
@ -492,6 +495,7 @@ jobs:
OPENSSL_STATIC: "1" OPENSSL_STATIC: "1"
APPIMAGE_EXTRACT_AND_RUN: "1" APPIMAGE_EXTRACT_AND_RUN: "1"
run: | run: |
apt-get update -qq && apt-get install -y --no-install-recommends libsodium-dev:arm64
npm ci --legacy-peer-deps npm ci --legacy-peer-deps
CI=true npx tauri build --target aarch64-unknown-linux-gnu --bundles deb,rpm CI=true npx tauri build --target aarch64-unknown-linux-gnu --bundles deb,rpm
- name: Upload artifacts - name: Upload artifacts

3
.gitea/workflows/test.yml
View File

@ -45,6 +45,7 @@ jobs:
libayatana-appindicator3-dev \ libayatana-appindicator3-dev \
librsvg2-dev \ librsvg2-dev \
libdbus-1-dev \ libdbus-1-dev \
libsodium-dev \
pkg-config pkg-config
- name: Install Rust components - name: Install Rust components
run: rustup component add rustfmt run: rustup component add rustfmt
@ -87,6 +88,7 @@ jobs:
libayatana-appindicator3-dev \ libayatana-appindicator3-dev \
librsvg2-dev \ librsvg2-dev \
libdbus-1-dev \ libdbus-1-dev \
libsodium-dev \
pkg-config pkg-config
- name: Install clippy - name: Install clippy
run: rustup component add clippy run: rustup component add clippy
@ -124,6 +126,7 @@ jobs:
libayatana-appindicator3-dev \ libayatana-appindicator3-dev \
librsvg2-dev \ librsvg2-dev \
libdbus-1-dev \ libdbus-1-dev \
libsodium-dev \
pkg-config pkg-config
- run: cargo test --manifest-path src-tauri/Cargo.toml -- --test-threads=1 - run: cargo test --manifest-path src-tauri/Cargo.toml -- --test-threads=1

40
PR_LIBSODIUM_FIX.md Normal file
View File

@ -0,0 +1,40 @@
# fix(ci): add libsodium to all build environments
## Description
All CI builds started failing with:
```
libsodium not found via pkg-config or vcpkg
```
`tauri-plugin-stronghold` depends on `libsodium-sys-stable` v1.24.0, which does **not** compile libsodium from source — it requires a pre-installed system library. None of the builder Docker images or the inline test job apt installs included `libsodium-dev`, so every build involving Rust compilation has been broken since `tauri-plugin-stronghold` was added.
The Windows cross-compile Dockerfile already pre-built libsodium from source (into `/usr/x86_64-w64-mingw32`), but the workflow never set `SODIUM_LIB_DIR` to tell the crate where to look, so it also failed via the same code path.
There is a secondary timing constraint: `build-images.yml` and `auto-tag.yml` both trigger on push to `master`. Even after Dockerfiles are fixed, the rebuilt images won't be ready in time for the concurrent release builds. Inline `apt-get install` is added to the workflow build steps to bridge that window; once images are rebuilt, the inline install becomes a harmless no-op.
## Acceptance Criteria
- [ ] `rust-fmt-check`, `rust-clippy`, and `rust-tests` CI jobs pass
- [ ] `build-linux-amd64` produces `.deb`/`.rpm` artifacts
- [ ] `build-linux-arm64` produces `.deb`/`.rpm` artifacts
- [ ] `build-windows-amd64` produces installer artifacts
- [ ] `build-macos-arm64` produces `.dmg` artifact (macOS runner assumed to have `libsodium` via Homebrew; if not, add `brew install libsodium || true` to the Build step)
## Work Implemented
| File | Change |
|---|---|
| `.docker/Dockerfile.linux-amd64` | Added `libsodium-dev` to apt packages baked into the image |
| `.docker/Dockerfile.linux-arm64` | Added `libsodium-dev` (amd64 host) in Step 1 and `libsodium-dev:arm64` (cross target) in Step 2 |
| `.gitea/workflows/test.yml` | Added `libsodium-dev` to the system deps apt install in `rust-fmt-check`, `rust-clippy`, and `rust-tests` |
| `.gitea/workflows/auto-tag.yml` | Inline `apt-get install libsodium-dev` before build (linux-amd64 and linux-arm64 jobs); `SODIUM_LIB_DIR`/`SODIUM_STATIC` env vars for Windows job |
| `.gitea/workflows/release-beta.yml` | Same three changes as `auto-tag.yml` |
## Testing Needed
1. Merge this PR to `master` — verify `Auto Tag` workflow succeeds across all four platform jobs
2. Push to `beta` — verify `Release Beta` workflow succeeds
3. After `Build CI Docker Images` workflow finishes rebuilding images, trigger a manual release run to confirm inline apt installs are redundant (both paths should work)
4. **macOS**: if `build-macos-arm64` still fails with a libsodium error, add `brew install libsodium || true` to the Build step in both `auto-tag.yml` and `release-beta.yml`