diff --git a/libs/lume/scripts/build/build-debug.sh b/libs/lume/scripts/build/build-debug.sh new file mode 100755 index 00000000..452e20c3 --- /dev/null +++ b/libs/lume/scripts/build/build-debug.sh @@ -0,0 +1,4 @@ +#!/bin/sh + +swift build --product lume +codesign --force --entitlement resources/lume.entitlements --sign - .build/debug/lume diff --git a/libs/lume/scripts/build/build-release-notarized.sh b/libs/lume/scripts/build/build-release-notarized.sh new file mode 100755 index 00000000..df2b82c2 --- /dev/null +++ b/libs/lume/scripts/build/build-release-notarized.sh @@ -0,0 +1,187 @@ +#!/bin/bash + +# Set default log level if not provided +LOG_LEVEL=${LOG_LEVEL:-"normal"} + +# Function to log based on level +log() { + local level=$1 + local message=$2 + + case "$LOG_LEVEL" in + "minimal") + # Only show essential or error messages + if [ "$level" = "essential" ] || [ "$level" = "error" ]; then + echo "$message" + fi + ;; + "none") + # Show nothing except errors + if [ "$level" = "error" ]; then + echo "$message" >&2 + fi + ;; + *) + # Normal logging - show everything + echo "$message" + ;; + esac +} + +# Check required environment variables +required_vars=( + "CERT_APPLICATION_NAME" + "CERT_INSTALLER_NAME" + "APPLE_ID" + "TEAM_ID" + "APP_SPECIFIC_PASSWORD" +) + +for var in "${required_vars[@]}"; do + if [ -z "${!var}" ]; then + log "error" "Error: $var is not set" + exit 1 + fi +done + +# Get VERSION from environment or use default +VERSION=${VERSION:-"0.1.0"} + +# Move to the project root directory +pushd ../../ > /dev/null + +# Ensure .release directory exists and is clean +mkdir -p .release +log "normal" "Ensuring .release directory exists and is accessible" + +# Build the release version +log "essential" "Building release version..." +swift build -c release --product lume > /dev/null + +# Sign the binary with hardened runtime entitlements +log "essential" "Signing binary with entitlements..." +codesign --force --options runtime \ + --entitlement ./resources/lume.entitlements \ + --sign "$CERT_APPLICATION_NAME" \ + .build/release/lume 2> /dev/null + +# Create a temporary directory for packaging +TEMP_ROOT=$(mktemp -d) +mkdir -p "$TEMP_ROOT/usr/local/bin" +cp -f .build/release/lume "$TEMP_ROOT/usr/local/bin/" + +# Build the installer package +log "essential" "Building installer package..." +pkgbuild --root "$TEMP_ROOT" \ + --identifier "com.trycua.lume" \ + --version "1.0" \ + --install-location "/" \ + --sign "$CERT_INSTALLER_NAME" \ + ./.release/lume.pkg 2> /dev/null + +# Submit for notarization using stored credentials +log "essential" "Submitting for notarization..." +if [ "$LOG_LEVEL" = "minimal" ] || [ "$LOG_LEVEL" = "none" ]; then + # Minimal output - capture ID but hide details + NOTARY_OUTPUT=$(xcrun notarytool submit ./.release/lume.pkg \ + --apple-id "${APPLE_ID}" \ + --team-id "${TEAM_ID}" \ + --password "${APP_SPECIFIC_PASSWORD}" \ + --wait 2>&1) + + # Just show success or failure + if echo "$NOTARY_OUTPUT" | grep -q "status: Accepted"; then + log "essential" "Notarization successful!" + else + log "error" "Notarization failed. Please check logs." + fi +else + # Normal verbose output + xcrun notarytool submit ./.release/lume.pkg \ + --apple-id "${APPLE_ID}" \ + --team-id "${TEAM_ID}" \ + --password "${APP_SPECIFIC_PASSWORD}" \ + --wait +fi + +# Staple the notarization ticket +log "essential" "Stapling notarization ticket..." +xcrun stapler staple ./.release/lume.pkg > /dev/null 2>&1 + +# Create temporary directory for package extraction +EXTRACT_ROOT=$(mktemp -d) +PKG_PATH="$(pwd)/.release/lume.pkg" + +# Extract the pkg using xar +cd "$EXTRACT_ROOT" +xar -xf "$PKG_PATH" > /dev/null 2>&1 + +# Verify Payload exists before proceeding +if [ ! -f "Payload" ]; then + log "error" "Error: Payload file not found after xar extraction" + exit 1 +fi + +# Create a directory for the extracted contents +mkdir -p extracted +cd extracted + +# Extract the Payload +cat ../Payload | gunzip -dc | cpio -i > /dev/null 2>&1 + +# Verify the binary exists +if [ ! -f "usr/local/bin/lume" ]; then + log "error" "Error: lume binary not found in expected location" + exit 1 +fi + +# Get the release directory absolute path +RELEASE_DIR="$(realpath "$(dirname "$PKG_PATH")")" +log "normal" "Using release directory: $RELEASE_DIR" + +# Copy extracted lume to the release directory +cp -f usr/local/bin/lume "$RELEASE_DIR/lume" + +# Create symbolic link in /usr/local/bin if not in minimal mode +if [ "$LOG_LEVEL" != "minimal" ] && [ "$LOG_LEVEL" != "none" ]; then + log "normal" "Creating symbolic link..." + sudo ln -sf "$RELEASE_DIR/lume" /usr/local/bin/lume +fi + +# Get architecture and create OS identifier +ARCH=$(uname -m) +OS_IDENTIFIER="darwin-${ARCH}" + +# Create versioned archives of the package with OS identifier in the name +log "essential" "Creating archives in $RELEASE_DIR..." +cd "$RELEASE_DIR" + +# Clean up any existing artifacts first to avoid conflicts +rm -f lume-*.tar.gz lume-*.pkg.tar.gz + +# Create version-specific archives +log "essential" "Creating version-specific archives (${VERSION})..." +# Package the binary +tar -czf "lume-${VERSION}-${OS_IDENTIFIER}.tar.gz" lume > /dev/null 2>&1 +# Package the installer +tar -czf "lume-${VERSION}-${OS_IDENTIFIER}.pkg.tar.gz" lume.pkg > /dev/null 2>&1 + +# Create sha256 checksum file +log "essential" "Generating checksums..." +shasum -a 256 lume-*.tar.gz > checksums.txt +log "essential" "Package created successfully with checksums generated." + +# Show what's in the release directory +log "essential" "Files in release directory:" +ls -la "$RELEASE_DIR" + +# Ensure correct permissions +chmod 644 "$RELEASE_DIR"/*.tar.gz "$RELEASE_DIR"/*.pkg.tar.gz "$RELEASE_DIR"/checksums.txt + +popd > /dev/null + +# Clean up +rm -rf "$TEMP_ROOT" +rm -rf "$EXTRACT_ROOT" + +log "essential" "Build and packaging completed successfully." \ No newline at end of file diff --git a/libs/lume/scripts/build/build-release.sh b/libs/lume/scripts/build/build-release.sh new file mode 100755 index 00000000..9861ca56 --- /dev/null +++ b/libs/lume/scripts/build/build-release.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +pushd ../../ + +swift build -c release --product lume +codesign --force --entitlement ./resources/lume.entitlements --sign - .build/release/lume + +mkdir -p ./.release +cp -f .build/release/lume ./.release/lume + +# Create symbolic link in /usr/local/bin +sudo mkdir -p /usr/local/bin +sudo ln -sf "$(pwd)/.release/lume" /usr/local/bin/lume + +popd \ No newline at end of file diff --git a/libs/lume/scripts/install.sh b/libs/lume/scripts/install.sh deleted file mode 100644 index 66a4d059..00000000 --- a/libs/lume/scripts/install.sh +++ /dev/null @@ -1,148 +0,0 @@ -#!/bin/bash -set -e - -# Lume Installer -# This script installs Lume to your system - -# Define colors for output -BOLD=$(tput bold) -NORMAL=$(tput sgr0) -RED=$(tput setaf 1) -GREEN=$(tput setaf 2) -BLUE=$(tput setaf 4) - -# Default installation directory -DEFAULT_INSTALL_DIR="/usr/local/bin" -INSTALL_DIR="${INSTALL_DIR:-$DEFAULT_INSTALL_DIR}" - -# GitHub info -GITHUB_REPO="trycua/cua" -LATEST_RELEASE_URL="https://api.github.com/repos/$GITHUB_REPO/releases/latest" - -echo "${BOLD}${BLUE}Lume Installer${NORMAL}" -echo "This script will install Lume to your system." - -# Check if we're running with appropriate permissions -check_permissions() { - if [ "$INSTALL_DIR" = "$DEFAULT_INSTALL_DIR" ] && [ "$(id -u)" != "0" ]; then - echo "${RED}Error: Installing to $INSTALL_DIR requires root privileges.${NORMAL}" - echo "Please run with sudo or specify a different directory with INSTALL_DIR environment variable." - echo "Example: INSTALL_DIR=\$HOME/.local/bin $0" - exit 1 - fi -} - -# Detect OS and architecture -detect_platform() { - OS=$(uname -s | tr '[:upper:]' '[:lower:]') - ARCH=$(uname -m) - - if [ "$OS" != "darwin" ]; then - echo "${RED}Error: Currently only macOS is supported.${NORMAL}" - exit 1 - fi - - if [ "$ARCH" != "arm64" ]; then - echo "${RED}Error: Lume only supports macOS on Apple Silicon (ARM64).${NORMAL}" - exit 1 - fi - - PLATFORM="darwin-arm64" - echo "Detected platform: ${BOLD}$PLATFORM${NORMAL}" -} - -# Create temporary directory -create_temp_dir() { - TEMP_DIR=$(mktemp -d) - echo "Using temporary directory: $TEMP_DIR" - - # Make sure we clean up on exit - trap 'rm -rf "$TEMP_DIR"' EXIT -} - -# Download the latest release -download_release() { - echo "Downloading latest Lume release..." - - # Use the direct download link with the non-versioned symlink - DOWNLOAD_URL="https://github.com/$GITHUB_REPO/releases/latest/download/lume.tar.gz" - echo "Downloading from: $DOWNLOAD_URL" - - # Download the tarball - if command -v curl &> /dev/null; then - curl -L --progress-bar "$DOWNLOAD_URL" -o "$TEMP_DIR/lume.tar.gz" - - # Verify the download was successful - if [ ! -s "$TEMP_DIR/lume.tar.gz" ]; then - echo "${RED}Error: Failed to download Lume.${NORMAL}" - echo "The download URL may be incorrect or the file may not exist." - exit 1 - fi - - # Verify the file is a valid archive - if ! tar -tzf "$TEMP_DIR/lume.tar.gz" > /dev/null 2>&1; then - echo "${RED}Error: The downloaded file is not a valid tar.gz archive.${NORMAL}" - echo "Let's try the alternative URL..." - - # Try alternative URL - ALT_DOWNLOAD_URL="https://github.com/$GITHUB_REPO/releases/latest/download/lume-$PLATFORM.tar.gz" - echo "Downloading from alternative URL: $ALT_DOWNLOAD_URL" - curl -L --progress-bar "$ALT_DOWNLOAD_URL" -o "$TEMP_DIR/lume.tar.gz" - - # Check again - if ! tar -tzf "$TEMP_DIR/lume.tar.gz" > /dev/null 2>&1; then - echo "${RED}Error: Could not download a valid Lume archive.${NORMAL}" - echo "Please try installing Lume manually from: https://github.com/$GITHUB_REPO/releases/latest" - exit 1 - fi - fi - else - echo "${RED}Error: curl is required but not installed.${NORMAL}" - exit 1 - fi -} - -# Extract and install -install_binary() { - echo "Extracting archive..." - tar -xzf "$TEMP_DIR/lume.tar.gz" -C "$TEMP_DIR" - - echo "Installing to $INSTALL_DIR..." - - # Create install directory if it doesn't exist - mkdir -p "$INSTALL_DIR" - - # Move the binary to the installation directory - mv "$TEMP_DIR/lume" "$INSTALL_DIR/" - - # Make the binary executable - chmod +x "$INSTALL_DIR/lume" - - echo "${GREEN}Installation complete!${NORMAL}" - echo "Lume has been installed to ${BOLD}$INSTALL_DIR/lume${NORMAL}" - - # Check if the installation directory is in PATH - if [ -n "${PATH##*$INSTALL_DIR*}" ]; then - echo "${RED}Warning: $INSTALL_DIR is not in your PATH.${NORMAL}" - echo "You may need to add it to your shell profile:" - echo " For bash: echo 'export PATH=\"\$PATH:$INSTALL_DIR\"' >> ~/.bash_profile" - echo " For zsh: echo 'export PATH=\"\$PATH:$INSTALL_DIR\"' >> ~/.zshrc" - echo " For fish: echo 'fish_add_path $INSTALL_DIR' >> ~/.config/fish/config.fish" - fi -} - -# Main installation flow -main() { - check_permissions - detect_platform - create_temp_dir - download_release - install_binary - - echo "" - echo "${GREEN}${BOLD}Lume has been successfully installed!${NORMAL}" - echo "Run ${BOLD}lume${NORMAL} to get started." -} - -# Run the installation -main \ No newline at end of file diff --git a/notebooks/agent_nb.ipynb b/notebooks/agent_nb.ipynb index 12e6e577..24b2e15f 100644 --- a/notebooks/agent_nb.ipynb +++ b/notebooks/agent_nb.ipynb @@ -96,7 +96,7 @@ }, { "cell_type": "code", - "execution_count": 11, + "execution_count": 13, "metadata": {}, "outputs": [], "source": [ diff --git a/notebooks/computer_nb.ipynb b/notebooks/computer_nb.ipynb index 552a08a6..98a994cf 100644 --- a/notebooks/computer_nb.ipynb +++ b/notebooks/computer_nb.ipynb @@ -202,7 +202,15 @@ "cell_type": "code", "execution_count": null, "metadata": {}, - "outputs": [], + "outputs": [ + { + "name": "stderr", + "output_type": "stream", + "text": [ + "Computer API Server not ready yet. Will retry automatically.\n" + ] + } + ], "source": [ "async with Computer(\n", " # name=\"my_vm\", # optional, in case you want to use any other VM created using lume\n",