Skip to content

Fix macosx ventura updater #768

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Feb 15, 2023
Merged

Fix macosx ventura updater #768

merged 13 commits into from
Feb 15, 2023

Conversation

cmaglie
Copy link
Member

@cmaglie cmaglie commented Feb 14, 2023

Please check if the PR fulfills these requirements

  • The PR has no duplicates (please search among the Pull Requests
    before creating one)
  • Tests for the changes have been added (for bug fixes / features)
  • What kind of change does this PR introduce?
    Implements a new auto-update procedure to handle the new security features of MacOS Ventura.
  • What is the current behavior?
    The old auto-update replaces the Agent executable binary in place, this method does not work anymore because it breaks MacOS Ventura checks for the application's signature.
  • What is the new behavior?
    The new auto-update method replaces the whole .app folder.
    It also uses the MacOS Cocoa SDK function openApplicationAtURL:url to restart the app after the upgrade.
  • Does this PR introduce a breaking change?
    No
  • Other information:

umbynos and others added 6 commits February 14, 2023 10:44
@umbynos @cmaglie
Upload the signed bundle to s3 (#756)
c124427 
* remove some code duplication regarding prerelease calculation

* add upload of the notarized bundle to s3 download bucket

* add upload of the notarized bundle to s3 download bucket
@umbynos @cmaglie
add json to enable autoupdate with the new agent logic (#759)
4af6250 
* add json to enable autoupdate with the new agent logic

* binary output of the archive https://unix.stackexchange.com/questions/3675/how-can-i-get-a-base64-encoded-shax-on-the-cli

* workaround to allow darwin-arm64 to autoupdate

* parallelize bundle creation and notarization.
This will be helpful if/when we decide to build for darwin-arm64.
For now this is useful because we do not offer a binary for m1 yet,
`runtime.GOARCH` on an m1 machine returns ARM64, so the call for the update file would fail
@cmaglie
Implemented the autoupdater for MacOS
f557b29
@cmaglie
Added more logging and fixed upgrade procedure
3d60bed
@cmaglie
Use MacOS openApplicationAtURL syscall to re-run updated app
803e4ca
@cmaglie
Bump minimum required macosx version to 10.15
d8e770c 
This is required because the auto-update uses the function

warning: 'openApplicationAtURL:configuration:completionHandler:' is only available on macOS 10.15 or newer [-Wunguarded-availability-new]
@cmaglie cmaglie requested a review from umbynos February 14, 2023 09:54
@cmaglie cmaglie self-assigned this Feb 14, 2023
@cmaglie cmaglie added type: enhancement Proposed improvement topic: code Related to content of the project itself labels Feb 14, 2023
@per1234 per1234 added type: imperfection Perceived defect in any part of project os: macos Specific to macOS operating system and removed type: enhancement Proposed improvement labels Feb 14, 2023
@codecov-commenter
Copy link

codecov-commenter commented Feb 14, 2023
edited
Loading

Codecov Report

Base: 11.25% // Head: 11.33% // Increases project coverage by +0.07% 🎉

Coverage data is based on head (18a25e9) compared to base (6c9aec1).
Patch coverage: 0.00% of modified lines in pull request are covered.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #768      +/-   ##
==========================================
+ Coverage   11.25%   11.33%   +0.07%     
==========================================
  Files          52       53       +1     
  Lines        3961     3936      -25     
==========================================
  Hits          446      446              
+ Misses       3460     3435      -25     
  Partials       55       55
Flag Coverage Δ
unit 11.33% <0.00%> (+0.07%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
systray/exec_default.go 0.00% <0.00%> (ø)
systray/systray.go 0.00% <0.00%> (ø)
update.go 0.00% <0.00%> (ø)
updater/updater.go 0.00% <0.00%> (ø)
updater/updater_default.go 0.00% <0.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@cmaglie cmaglie force-pushed the fix-macosx-ventura-updater branch from adcbfcd to a484330 Compare February 14, 2023 10:27
@umbynos
Copy link
Contributor

umbynos commented Feb 14, 2023
edited
Loading

We just run some e2e test with @cmaglie, That's why the CI is failing.
We tested a config copy and it works ✔️
We tested a full update: 1.2.7 -> 0.0.1 -> 0.0.2 and is seems to be solid ✔️
Only thing missing is that in #767 we removed the copy from -temp binary to the actual one (see here). This is a problem because if the user stops the agent for some reason, he's stuck with 1.2.7 version.

@cmaglie cmaglie force-pushed the fix-macosx-ventura-updater branch from c73b2d3 to 097bc2b Compare February 14, 2023 17:20
@umbynos umbynos linked an issue Feb 15, 2023 that may be closed by this pull request
Rewrite the update logic to download and replace the app bundle #737
Closed
2 tasks
@cmaglie cmaglie merged commit 9d3750c into main Feb 15, 2023
@cmaglie cmaglie deleted the fix-macosx-ventura-updater branch February 15, 2023 13:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@umbynos umbynos umbynos approved these changes

Assignees

@cmaglie cmaglie

Labels
os: macos Specific to macOS operating system topic: code Related to content of the project itself type: imperfection Perceived defect in any part of project
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Rewrite the update logic to download and replace the app bundle
4 participants
@cmaglie @codecov-commenter @umbynos @per1234