Merge pull request #606 from atsign-foundation/release-v4.0.0

chore: Release v4.0.0
atsign-foundation · Dec 8, 2023 · e79a1dd · e79a1dd
2 parents 0349f69 + 5d1da29
commit e79a1dd
Show file tree

Hide file tree

Showing 15 changed files with 88 additions and 41 deletions.
diff --git a/.github/workflows/dockerhub_sshnpd.yml b/.github/workflows/dockerhub_sshnpd.yml
@@ -15,9 +15,9 @@ jobs:
       matrix:
         include:
           - name: sshnpd
-            dockerfile: ./packages/sshnoports/templates/docker/Dockerfile
+            dockerfile: ./packages/sshnoports/tools/Dockerfile
           - name: activate_sshnpd
-            dockerfile: ./packages/sshnoports/templates/docker/Dockerfile.activate
+            dockerfile: ./packages/sshnoports/tools/Dockerfile.activate
     runs-on: ubuntu-latest
     steps:
       - name: Checkout

diff --git a/.github/workflows/multibuild.yaml b/.github/workflows/multibuild.yaml
@@ -2,6 +2,12 @@ name: Multibuild
 
 on:
   workflow_dispatch:
+    inputs:
+      x64_only:
+        description: "Run x64 builds only"
+        required: true
+        default: false
+        type: boolean
 
 permissions: # added using https://github.com/step-security/secure-repo
   contents: read
@@ -54,8 +60,8 @@ jobs:
         run: dart compile exe bin/sshrvd.dart -v -o sshnp/sshrvd${{ matrix.ext }}
       - if: ${{ matrix.os != 'windows-latest' }}
         run: dart compile exe bin/sshrvd.dart -D ENABLE_SNOOP=true -v -o sshnp/debug/sshrvd${{ matrix.ext }}
-      - run: cp -r bundles/core/ sshnp/
-      - run: cp -r bundles/${{ matrix.bundle }}/ sshnp/
+      - run: cp -r bundles/core/* sshnp/
+      - run: cp -r bundles/${{ matrix.bundle }}/* sshnp/
       - run: cp LICENSE sshnp
       - run: tar -cvzf tarball/${{ matrix.output-name }}.tgz sshnp
       - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
@@ -65,6 +71,7 @@ jobs:
           if-no-files-found: error
 
   other_build:
+    if: ${{ ! inputs.x64_only }}
     needs: verify_tags
     runs-on: ubuntu-latest
     defaults:

diff --git a/packages/noports_core/CHANGELOG.md b/packages/noports_core/CHANGELOG.md
@@ -1,3 +1,3 @@
 # 4.0.0
 
-- Initial release based off of the 4.0.0 pre-release code of sshnoports
+- Initial release
diff --git a/packages/noports_core/lib/src/version.dart b/packages/noports_core/lib/src/version.dart
diff --git a/packages/noports_core/pubspec.yaml b/packages/noports_core/pubspec.yaml
@@ -2,7 +2,7 @@ name: noports_core
 description: Core library code for sshnoports
 homepage: https://docs.atsign.com/
 
-version: 4.0.0-dev.4
+version: 4.0.0
 
 environment:
   sdk: ">=3.0.0 <4.0.0"

diff --git a/packages/sshnoports/bin/sshnp.dart b/packages/sshnoports/bin/sshnp.dart
@@ -41,12 +41,12 @@ void main(List<String> args) async {
 
   await runZonedGuarded(() async {
     final String homeDirectory = getHomeDirectory()!;
-
+    SshnpParams? params;
     try {
       final argResults = parser.parse(args);
       final coreArgs = parser.extractCoreArgs(args);
 
-      final params = SshnpParams.fromPartial(
+      params = SshnpParams.fromPartial(
         SshnpPartialParams.fromArgList(
           coreArgs,
           parserType: ParserType.commandLine,
@@ -122,13 +122,15 @@ void main(List<String> args) async {
       exit(1);
     } on SshnpError catch (error, stackTrace) {
       stderr.writeln(error.toString());
-      stderr.writeln('\nStack Trace: ${stackTrace.toString()}');
+      if (params?.verbose ?? true) {
+        stderr.writeln('\nStack Trace: ${stackTrace.toString()}');
+      }
       exit(1);
     }
   }, (Object error, StackTrace stackTrace) async {
     if (error is ArgumentError) return;
     if (error is SshnpError) return;
-    stderr.writeln('Unknown error: ${error.toString()}');
+    stderr.writeln('Error: ${error.toString()}');
     stderr.writeln('\nStack Trace: ${stackTrace.toString()}');
     exit(1);
   });

diff --git a/packages/sshnoports/bundles/shell/headless/sshnpd.sh b/packages/sshnoports/bundles/shell/headless/sshnpd.sh
@@ -1,8 +1,10 @@
 #!/bin/sh
+# disable "var is referenced but not assigned" warning for template
+# shellcheck disable=SC2154
+
 sleep 10; # allow machine to bring up network
+export USER="$user"
 while true; do
-  # disable "var is referenced but not assigned" warning for template
-  # shellcheck disable=SC2154
   "$HOME"/.local/bin/sshnpd -a "$device_atsign" -m "$manager_atsign" -d "$device_name" -v
   sleep 10
 done
diff --git a/packages/sshnoports/bundles/shell/headless/sshrvd.sh b/packages/sshnoports/bundles/shell/headless/sshrvd.sh
@@ -1,8 +1,10 @@
 #!/bin/sh
+# disable "var is referenced but not assigned" warning for template
+# shellcheck disable=SC2154
+
 sleep 10; # allow machine to bring up network
+export USER="$user"
 while true; do
-  # disable "var is referenced but not assigned" warning for template
-  # shellcheck disable=SC2154
   "$HOME"/.local/bin/sshrvd -a "$atsign" -i "$internet_address"
   sleep 10
 done
diff --git a/packages/sshnoports/bundles/shell/install.sh b/packages/sshnoports/bundles/shell/install.sh
@@ -9,6 +9,8 @@ define_env() {
   user_home="$HOME"
   user_bin_dir="$user_home/.local/bin"
   user_sshnpd_dir="$user_home/.sshnpd"
+  user_log_dir="$user_sshnpd_dir/logs"
+  user_ssh_dir="$user_home/.ssh"
 }
 
 is_root() {
@@ -36,7 +38,10 @@ root_only() {
 # USAGE #
 
 usage() {
-  echo "${arg_zero || 'install.sh' } [command]"
+  if [ -z "$arg_zero" ]; then
+    arg_zero='install.sh'
+  fi
+  echo "$arg_zero [command]"
   echo "Available commands:"
   echo "at_activate     - install at_activate"
   echo "sshnp           - install sshnp"
@@ -60,6 +65,14 @@ usage() {
   echo "                  available services: [sshnpd, sshrvd]"
 }
 
+# SETUP AUTHORIZED KEYS #
+
+setup_authorized_keys() {
+  mkdir -p "$user_ssh_dir"
+  touch "$user_ssh_dir/authorized_keys"
+  chmod 644 "$user_ssh_dir/authorized_keys"
+}
+
 # INSTALL BINARIES #
 
 install_single_binary() {
@@ -71,6 +84,10 @@ install_single_binary() {
   mkdir -p "$dest"
   cp "$script_dir/$1" "$dest/$1"
   echo "Installed $1 to $dest"
+  if is_root & ! [ -f "$user_bin_dir/$1" ] ; then
+    ln -sf "$dest/$1" "$user_bin_dir/$1"
+    echo "Linked $user_bin_dir/$1 to $dest"
+  fi
 }
 
 install_base_binaries() {
@@ -117,6 +134,7 @@ post_systemd_message() {
 install_systemd_unit() {
   unit_name="$1"
   no_mac
+  mkdir -p "$systemd_dir"
   dest="$systemd_dir/$unit_name"
   cp "$script_dir/systemd/$unit_name" "$dest"
   post_systemd_message
@@ -145,6 +163,7 @@ systemd() {
       usage;
       exit 1;
   esac
+  setup_authorized_keys
 }
 
 # HEADLESS SERVICES #
@@ -164,8 +183,12 @@ post_headless_message() {
 
 install_headless_job() {
   job_name=$1
-  dest="$user_bin_dir/$job_name"
-  cp "$script_dir/headless/$job_name" "$dest"
+  mkdir -p "$user_bin_dir"
+  mkdir -p "$user_log_dir"
+  dest="$user_bin_dir/$job_name.sh"
+  if ! [ -f "$dest" ]; then
+    cp "$script_dir/headless/$job_name.sh" "$dest"
+  fi
 
   log_file="$user_sshnpd_dir/logs/$job_name.log"
   err_file="$user_sshnpd_dir/logs/$job_name.err"
@@ -174,12 +197,14 @@ install_headless_job() {
   cron_entry="@reboot $command"
   crontab_contents=$(crontab -l 2>/dev/null)
 
-  has_existing_entry=$(echo "$crontab_contents" | grep -Fxq "$cron_entry")
-  if $has_existing_entry; then
-    echo "cron job already installed, killing old $job_name process"
-    pgrep "$command" | xargs kill
+  if echo "$crontab_contents" | grep -Fxq "$cron_entry"; then
+    echo "cron job already installed, killing any old $job_name.sh processes"
+    pids=$(pgrep "$command")
+    if [ -n "$pids" ]; then
+     echo "$pids" | xargs kill
+    fi
   else
-    echo "Installing cron job: $cron_entry"
+     echo "Installing cron job: $cron_entry"
     (echo "$crontab_contents"; echo "$cron_entry") | crontab -;
   fi
 
@@ -190,11 +215,12 @@ install_headless_job() {
 install_headless_sshnpd() {
   install_single_binary "sshnpd"
   install_single_binary "sshrv"
-  install_headless_job "sshnpd.sh"
+  install_headless_job "sshnpd"
 }
 
 install_headless_sshrvd() {
   install_single_binary "sshrvd"
+  install_headless_job "sshrvd"
 }
 
 headless() {
@@ -207,6 +233,7 @@ headless() {
       usage;
       exit 1;
   esac
+  setup_authorized_keys
 }
 
 # TMUX SESSION #
@@ -226,15 +253,18 @@ post_tmux_message() {
 
 install_tmux_service() {
   service_name=$1
-  dest="$user_bin_dir/$service_name"
-  cp "$script_dir/headless/$service_name" "$dest"
+  mkdir -p "$user_bin_dir"
+  dest="$user_bin_dir/$service_name.sh"
+
+  if ! [ -f "$dest" ]; then
+    cp "$script_dir/headless/$service_name.sh" "$dest"
+  fi
 
   command="tmux new-session -d -s $service_name && tmux send-keys -t $service_name $dest C-m"
   cron_entry="@reboot $command"
   crontab_contents=$(crontab -l 2>/dev/null)
 
-  has_existing_entry=$(echo "$crontab_contents" | grep -Fxq "$cron_entry")
-  if $has_existing_entry; then
+  if echo "$crontab_contents" | grep -Fxq "$cron_entry"; then
     echo "cron job already installed, killing old tmux session"
     tmux kill-session -t "$service_name"
   else
@@ -249,10 +279,12 @@ install_tmux_service() {
 install_tmux_sshnpd() {
   install_single_binary "sshnpd"
   install_single_binary "sshrv"
+  install_tmux_service "sshnpd"
 }
 
 install_tmux_sshrvd() {
   install_single_binary "sshrvd"
+  install_tmux_service "sshrvd"
 }
 
 tmux() {
@@ -265,6 +297,7 @@ tmux() {
       usage;
       exit 1;
   esac
+  setup_authorized_keys
 }
 
 # MAIN #
@@ -277,7 +310,7 @@ main() {
   case "$1" in
     --help|'') usage; exit 0;;
     at_activate|sshnp|sshnpd|sshrv|sshrvd) install_single_binary "$1";;
-    binaries) install_binaries;;
+    binaries) install_base_binaries;;
     debug_sshrvd) install_debug_sshrvd;;
     debug) install_debug_binaries;;
     all) install_all_binaries;;

diff --git a/packages/sshnoports/lib/src/version.dart b/packages/sshnoports/lib/src/version.dart
diff --git a/packages/sshnoports/pubspec.lock b/packages/sshnoports/pubspec.lock
@@ -564,10 +564,11 @@ packages:
   noports_core:
     dependency: "direct main"
     description:
-      path: "../noports_core"
-      relative: true
-    source: path
-    version: "4.0.0-dev.4"
+      name: noports_core
+      sha256: "795bca376f4169c5313439fdf21274f3d82fa2bec2c88b4909f27fadd7053d0a"
+      url: "https://pub.dev"
+    source: hosted
+    version: "4.0.0"
   openssh_ed25519:
     dependency: transitive
     description:

diff --git a/packages/sshnoports/pubspec.yaml b/packages/sshnoports/pubspec.yaml
@@ -1,13 +1,13 @@
 name: sshnoports
 publish_to: none
 
-version: 4.0.0-rc.8
+version: 4.0.0
 
 environment:
   sdk: ">=3.0.0 <4.0.0"
 
 dependencies:
-  noports_core: 4.0.0-dev.4
+  noports_core: 4.0.0
   at_onboarding_cli: 1.4.0
 
 dependency_overrides:

diff --git a/packages/sshnoports/tools/Dockerfile b/packages/sshnoports/tools/Dockerfile
@@ -24,7 +24,7 @@ ENV BINARYDIR=/usr/local/at
 ENV USER_ID=1024
 ENV GROUP_ID=1024
 
-COPY --from=buildimage /app/packages/sshnoports/templates/docker/.startup.sh ${HOMEDIR}/
+COPY --from=buildimage /app/packages/sshnoports/bundles/core/docker/.startup.sh ${HOMEDIR}/
 RUN \
   set -eux ; \
   apt-get update ; \

diff --git a/tools/notarize-macos.sh b/tools/notarize-macos.sh
@@ -56,10 +56,10 @@ codesign \
   --options=runtime \
   -s "$SIGNING_IDENTITY" \
   -v \
-  "$WORKING_DIR"/sshnp/{ssh*,at_activate};
+  "$WORKING_DIR"/sshnp/{ssh*,at_activate,debug/sshrvd};
 
 echo Verifying signatures:
-codesign -vvv --deep --strict "$WORKING_DIR"/sshnp/{ssh*,at_activate};
+codesign -vvv --deep --strict "$WORKING_DIR"/sshnp/{ssh*,at_activate,debug/sshrvd};
 
 # Zip the signed binaries
 ditto -c -k --keepParent "$WORKING_DIR"/sshnp "$WORKING_DIR/$OUTPUT_FILE".zip

diff --git a/tools/package-macos-arm64.sh b/tools/package-macos-arm64.sh
@@ -52,8 +52,8 @@ eval "$DART compile exe -o $OUTPUT_DIR/sshrv $SRC_DIR/bin/sshrv.dart"
 eval "$DART compile exe -o $OUTPUT_DIR/at_activate $SRC_DIR/bin/activate_cli.dart"
 eval "$DART compile exe -o $OUTPUT_DIR/debug/sshrvd -D ENABLE_SNOOP=true $SRC_DIR/bin/sshrvd.dart"
 
-cp -r "$SRC_DIR/bundles/core/" "$OUTPUT_DIR/";
-cp -r "$SRC_DIR/bundles/shell/" "$OUTPUT_DIR/";
+cp -r "$SRC_DIR/bundles/core"/* "$OUTPUT_DIR/";
+cp -r "$SRC_DIR/bundles/shell"/* "$OUTPUT_DIR/";
 cp "$SRC_DIR"/LICENSE "$OUTPUT_DIR/";
 
 "$SCRIPT_DIRECTORY/notarize-macos.sh" "$OUTPUT_DIR_PATH" sshnp-macos-arm64