From 8aba77b351c425f46e7a77bb81fba4982099a006 Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Thu, 19 Jun 2025 14:20:27 +0200
Subject: [PATCH 01/12] Update bitnami shell image to version 112-debian-12-r47

Replace the achieved image with the  right one
---
 offline/tasks/proc_system_containers.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/offline/tasks/proc_system_containers.sh b/offline/tasks/proc_system_containers.sh
index cf6e46c7b..b33d629f7 100755
--- a/offline/tasks/proc_system_containers.sh
+++ b/offline/tasks/proc_system_containers.sh
@@ -40,7 +40,7 @@ docker.io/library/nginx:1.25.4-alpine
 bats/bats:1.11.1
 cr.step.sm/smallstep/step-ca:0.25.3-rc7
 registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20231011-8b53cabe0
-docker.io/bitnami/bitnami-shell:11-debian-11-r38
+docker.io/bitnami/os-shell:112-debian-12-r47
 docker.io/bitnami/postgresql:14.5.0-debian-11-r24
 EOF
 }

From cb95c9aa0e0eeae212a3a219a365d13db1b90cb3 Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Thu, 19 Jun 2025 15:10:26 +0200
Subject: [PATCH 02/12] chore: trigger workflow with empty commit


From 6eeae8c40ccc37fdce795cb0e49ee8dd3c0dcae2 Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Thu, 19 Jun 2025 16:00:16 +0200
Subject: [PATCH 03/12] fix: update bitnami shell image

---
 offline/tasks/proc_system_containers.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/offline/tasks/proc_system_containers.sh b/offline/tasks/proc_system_containers.sh
index b33d629f7..d126ae171 100755
--- a/offline/tasks/proc_system_containers.sh
+++ b/offline/tasks/proc_system_containers.sh
@@ -40,7 +40,7 @@ docker.io/library/nginx:1.25.4-alpine
 bats/bats:1.11.1
 cr.step.sm/smallstep/step-ca:0.25.3-rc7
 registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20231011-8b53cabe0
-docker.io/bitnami/os-shell:112-debian-12-r47
+docker.io/bitnami/os-shell:12-debian-12-r47
 docker.io/bitnami/postgresql:14.5.0-debian-11-r24
 EOF
 }

From 9b833e61071bb0a443bc83185ecc331c96eb0876 Mon Sep 17 00:00:00 2001
From: mohit rajain <mohit.rajain@wire.com>
Date: Thu, 19 Jun 2025 16:52:35 +0200
Subject: [PATCH 04/12] enabling verbose logs process_charts.sh

---
 offline/tasks/process_charts.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/offline/tasks/process_charts.sh b/offline/tasks/process_charts.sh
index 9827143d9..40a7966d1 100755
--- a/offline/tasks/process_charts.sh
+++ b/offline/tasks/process_charts.sh
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-set -euo pipefail
+set -xeuo pipefail
 
 OUTPUT_DIR=""
 # Default exclude list
@@ -50,4 +50,4 @@ sed -i '/-integration/d' "${HELM_IMAGE_TREE_FILE}"
 grep -vE "$EXCLUDE_PATTERN"  "${OUTPUT_DIR}"/images | create-container-dump  "${OUTPUT_DIR}"/containers-helm
 
 tar cf "${OUTPUT_DIR}"/containers-helm.tar -C "${OUTPUT_DIR}" containers-helm
-mv "${OUTPUT_DIR}/containers-helm/images.json" "${OUTPUT_DIR}"/versions/containers_helm_images.json
\ No newline at end of file
+mv "${OUTPUT_DIR}/containers-helm/images.json" "${OUTPUT_DIR}"/versions/containers_helm_images.json

From 72002c260f0c0bc0c3f24ddc187475444c9ab0ca Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Thu, 19 Jun 2025 17:16:30 +0200
Subject: [PATCH 05/12] Debug issue by running only the default step

---
 .github/workflows/offline.yml | 70 +++++++++++++++++------------------
 1 file changed, 35 insertions(+), 35 deletions(-)

diff --git a/.github/workflows/offline.yml b/.github/workflows/offline.yml
index 7a5be8bb9..3d26654fb 100644
--- a/.github/workflows/offline.yml
+++ b/.github/workflows/offline.yml
@@ -38,47 +38,47 @@ jobs:
           echo ::set-output name=UPLOAD_NAME::$GITHUB_SHA
           # echo ::set-output name=UPLOAD_NAME::${SOURCE_TAG:-$GITHUB_SHA}
 
-      # demo profile build
-      - name: Process the demo profile build
-        run: ./offline/demo-build/build.sh
-        env:
-          GPG_PRIVATE_KEY: '${{ secrets.GPG_PRIVATE_KEY }}'
-          DOCKER_LOGIN: '${{ secrets.DOCKER_LOGIN }}'
+      # # demo profile build
+      # - name: Process the demo profile build
+      #   run: ./offline/demo-build/build.sh
+      #   env:
+      #     GPG_PRIVATE_KEY: '${{ secrets.GPG_PRIVATE_KEY }}'
+      #     DOCKER_LOGIN: '${{ secrets.DOCKER_LOGIN }}'
 
-      - name: Copy demo build assets tarball to S3 and clean up
-        run: |
-          # Upload tarball for each profile by specifying their OUTPUT_TAR path
-          aws s3 cp offline/demo-build/output/assets.tgz s3://public.wire.com/artifacts/wire-server-deploy-static-demo-${{ steps.upload_name.outputs.UPLOAD_NAME }}.tgz
-          echo "Uploaded to: https://s3-$AWS_REGION.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-demo-${{ steps.upload_name.outputs.UPLOAD_NAME }}.tgz"
-          # remove the assets from the build to optimize the space on the server
-          rm -rf offline/demo-build/output/*
-        env:
-          AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
-          AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}'
-          AWS_REGION: "eu-west-1"
+      # - name: Copy demo build assets tarball to S3 and clean up
+      #   run: |
+      #     # Upload tarball for each profile by specifying their OUTPUT_TAR path
+      #     aws s3 cp offline/demo-build/output/assets.tgz s3://public.wire.com/artifacts/wire-server-deploy-static-demo-${{ steps.upload_name.outputs.UPLOAD_NAME }}.tgz
+      #     echo "Uploaded to: https://s3-$AWS_REGION.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-demo-${{ steps.upload_name.outputs.UPLOAD_NAME }}.tgz"
+      #     # remove the assets from the build to optimize the space on the server
+      #     rm -rf offline/demo-build/output/*
+      #   env:
+      #     AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
+      #     AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}'
+      #     AWS_REGION: "eu-west-1"
 
-      # min profile build
-      - name: Process the min profile build
-        run: ./offline/min-build/build.sh
-        env:
-          GPG_PRIVATE_KEY: '${{ secrets.GPG_PRIVATE_KEY }}'
-          DOCKER_LOGIN: '${{ secrets.DOCKER_LOGIN }}'
+      # # min profile build
+      # - name: Process the min profile build
+      #   run: ./offline/min-build/build.sh
+      #   env:
+      #     GPG_PRIVATE_KEY: '${{ secrets.GPG_PRIVATE_KEY }}'
+      #     DOCKER_LOGIN: '${{ secrets.DOCKER_LOGIN }}'
 
-      - name: Copy min build assets tarball to S3
-        run: |
-          # Upload tarball for each profile by specifying their OUTPUT_TAR path
-          aws s3 cp offline/min-build/output/assets.tgz s3://public.wire.com/artifacts/wire-server-deploy-static-min-${{ steps.upload_name.outputs.UPLOAD_NAME }}.tgz
-          echo "Uploaded to: https://s3-$AWS_REGION.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-min-${{ steps.upload_name.outputs.UPLOAD_NAME }}.tgz"
-          # remove the archives from the build to optimize the space on the server
-          rm -rf offline/min-build/output/*
-        env:
-          AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
-          AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}'
-          AWS_REGION: "eu-west-1"
+      # - name: Copy min build assets tarball to S3
+      #   run: |
+      #     # Upload tarball for each profile by specifying their OUTPUT_TAR path
+      #     aws s3 cp offline/min-build/output/assets.tgz s3://public.wire.com/artifacts/wire-server-deploy-static-min-${{ steps.upload_name.outputs.UPLOAD_NAME }}.tgz
+      #     echo "Uploaded to: https://s3-$AWS_REGION.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-min-${{ steps.upload_name.outputs.UPLOAD_NAME }}.tgz"
+      #     # remove the archives from the build to optimize the space on the server
+      #     rm -rf offline/min-build/output/*
+      #   env:
+      #     AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
+      #     AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}'
+      #     AWS_REGION: "eu-west-1"
 
       # deafult profile build
       - name: Process the default profile build
-        run: ./offline/default-build/build.sh
+        run: ./offline/default-build/build.sh --verbose
         env:
           GPG_PRIVATE_KEY: '${{ secrets.GPG_PRIVATE_KEY }}'
           DOCKER_LOGIN: '${{ secrets.DOCKER_LOGIN }}'

From 22440e4e096792570f454f54164f2d2928b40e36 Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Thu, 19 Jun 2025 17:22:44 +0200
Subject: [PATCH 06/12] Forces Nix to build locally instead of using prebuilt
 binaries

---
 .github/workflows/offline.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/offline.yml b/.github/workflows/offline.yml
index 3d26654fb..0735913d4 100644
--- a/.github/workflows/offline.yml
+++ b/.github/workflows/offline.yml
@@ -28,7 +28,7 @@ jobs:
           signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
 
       - name: Install nix environment
-        run: nix-env -f default.nix -iA env
+        run: nix-env --option build-use-substitutes false -f default.nix -iA env
 
       - name: Get upload name
         id: upload_name

From d622ada80a89cd3613627a1f8f910d1ed19cc994 Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Thu, 19 Jun 2025 18:19:29 +0200
Subject: [PATCH 07/12] try not using the cache

---
 .github/workflows/offline.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/offline.yml b/.github/workflows/offline.yml
index 0735913d4..1669e18e7 100644
--- a/.github/workflows/offline.yml
+++ b/.github/workflows/offline.yml
@@ -22,13 +22,13 @@ jobs:
         with:
           submodules: true
       - uses: cachix/install-nix-action@v27
-      - uses: cachix/cachix-action@v15
+      # - uses: cachix/cachix-action@v15
         with:
           name: wire-server
           signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
 
       - name: Install nix environment
-        run: nix-env --option build-use-substitutes false -f default.nix -iA env
+        run: nix-env -f default.nix -iA env
 
       - name: Get upload name
         id: upload_name

From b6348cdf8886bd87e01a305b3962e5312bd9b2ae Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Fri, 20 Jun 2025 05:07:44 +0200
Subject: [PATCH 08/12] remove the postgres images

---
 .github/workflows/offline.yml           | 2 +-
 offline/tasks/proc_system_containers.sh | 2 --
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/.github/workflows/offline.yml b/.github/workflows/offline.yml
index 1669e18e7..3d26654fb 100644
--- a/.github/workflows/offline.yml
+++ b/.github/workflows/offline.yml
@@ -22,7 +22,7 @@ jobs:
         with:
           submodules: true
       - uses: cachix/install-nix-action@v27
-      # - uses: cachix/cachix-action@v15
+      - uses: cachix/cachix-action@v15
         with:
           name: wire-server
           signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
diff --git a/offline/tasks/proc_system_containers.sh b/offline/tasks/proc_system_containers.sh
index d126ae171..469afb512 100755
--- a/offline/tasks/proc_system_containers.sh
+++ b/offline/tasks/proc_system_containers.sh
@@ -40,8 +40,6 @@ docker.io/library/nginx:1.25.4-alpine
 bats/bats:1.11.1
 cr.step.sm/smallstep/step-ca:0.25.3-rc7
 registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20231011-8b53cabe0
-docker.io/bitnami/os-shell:12-debian-12-r47
-docker.io/bitnami/postgresql:14.5.0-debian-11-r24
 EOF
 }
 

From 75c7ffbcbd2e189cad22dec7a7040a3895afdeda Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Fri, 20 Jun 2025 05:19:56 +0200
Subject: [PATCH 09/12] Trigger build [no-cache]

---
 .github/workflows/offline.yml | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/offline.yml b/.github/workflows/offline.yml
index 3d26654fb..7fcc3c10a 100644
--- a/.github/workflows/offline.yml
+++ b/.github/workflows/offline.yml
@@ -27,9 +27,17 @@ jobs:
           name: wire-server
           signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
 
-      - name: Install nix environment
-        run: nix-env -f default.nix -iA env
-
+      # - name: Install nix environment
+      #   run: nix-env -f default.nix -iA env
+      - name: Build Nix environment (with optional cache skip)
+        run: |
+          if echo "${{ github.event.head_commit.message }}" | grep -q "\[no-cache\]"; then
+            echo "Skipping binary cache: forcing full rebuild..."
+            nix-build default.nix -A env --option build-use-substitutes false -L
+          else
+            echo "Using cache to build env..."
+            nix-build default.nix -A env -L
+          fi
       - name: Get upload name
         id: upload_name
         run: |

From b6247d283642b9092b51ba34962bb6555ee379a2 Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Fri, 20 Jun 2025 05:25:15 +0200
Subject: [PATCH 10/12] try to build with no-cache

---
 .github/workflows/offline.yml | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/offline.yml b/.github/workflows/offline.yml
index 7fcc3c10a..c0766fcb0 100644
--- a/.github/workflows/offline.yml
+++ b/.github/workflows/offline.yml
@@ -29,15 +29,8 @@ jobs:
 
       # - name: Install nix environment
       #   run: nix-env -f default.nix -iA env
-      - name: Build Nix environment (with optional cache skip)
-        run: |
-          if echo "${{ github.event.head_commit.message }}" | grep -q "\[no-cache\]"; then
-            echo "Skipping binary cache: forcing full rebuild..."
-            nix-build default.nix -A env --option build-use-substitutes false -L
-          else
-            echo "Using cache to build env..."
-            nix-build default.nix -A env -L
-          fi
+      - name: Build Nix environment (no cache)
+        run: nix-build default.nix -A env --option build-use-substitutes false
       - name: Get upload name
         id: upload_name
         run: |

From c57af644c78d288535fbdef14e521a3188bea290 Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Fri, 20 Jun 2025 09:34:59 +0200
Subject: [PATCH 11/12] fix: remove stale bitnami-shell from nix store

---
 .github/workflows/offline.yml | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/offline.yml b/.github/workflows/offline.yml
index c0766fcb0..d6a35bf9d 100644
--- a/.github/workflows/offline.yml
+++ b/.github/workflows/offline.yml
@@ -27,10 +27,17 @@ jobs:
           name: wire-server
           signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
 
-      # - name: Install nix environment
-      #   run: nix-env -f default.nix -iA env
-      - name: Build Nix environment (no cache)
-        run: nix-build default.nix -A env --option build-use-substitutes false
+      - name: Remove stale bitnami-shell from nix store (optional)
+        run: |
+          paths=$(nix path-info -r -f default.nix env | grep bitnami-shell || true)
+          if [ -n "$paths" ]; then
+            echo "Deleting stale bitnami-shell paths"
+            sudo nix-store --delete $paths
+          else
+            echo "Nothing to delete."
+          fi
+      - name: Install nix environment
+        run: nix-env -f default.nix -iA env
       - name: Get upload name
         id: upload_name
         run: |

From 3e803e509414eb31cb595eff0b7be1cecf5c1999 Mon Sep 17 00:00:00 2001
From: sghosh23 <amisukanta02@gmail.com>
Date: Fri, 20 Jun 2025 10:02:17 +0200
Subject: [PATCH 12/12] try verbose logging

---
 .github/workflows/offline.yml  | 10 ----------
 offline/default-build/build.sh |  2 +-
 2 files changed, 1 insertion(+), 11 deletions(-)

diff --git a/.github/workflows/offline.yml b/.github/workflows/offline.yml
index d6a35bf9d..ee011a464 100644
--- a/.github/workflows/offline.yml
+++ b/.github/workflows/offline.yml
@@ -26,16 +26,6 @@ jobs:
         with:
           name: wire-server
           signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
-
-      - name: Remove stale bitnami-shell from nix store (optional)
-        run: |
-          paths=$(nix path-info -r -f default.nix env | grep bitnami-shell || true)
-          if [ -n "$paths" ]; then
-            echo "Deleting stale bitnami-shell paths"
-            sudo nix-store --delete $paths
-          else
-            echo "Nothing to delete."
-          fi
       - name: Install nix environment
         run: nix-env -f default.nix -iA env
       - name: Get upload name
diff --git a/offline/default-build/build.sh b/offline/default-build/build.sh
index d4b5d6286..910610ad3 100755
--- a/offline/default-build/build.sh
+++ b/offline/default-build/build.sh
@@ -62,7 +62,7 @@ cp -r "${ROOT_DIR}"/values "${OUTPUT_DIR}"/
 "${TASKS_DIR}"/build_linux_pkgs.sh "${OUTPUT_DIR}" "${ROOT_DIR}"
 
 # Creating system containers tarball
-"${TASKS_DIR}"/proc_system_containers.sh "${OUTPUT_DIR}"
+bash -x "${TASKS_DIR}"/proc_system_containers.sh "${OUTPUT_DIR}"
 
 # Processing wire binaries
 "${TASKS_DIR}"/proc_wire_binaries.sh "${OUTPUT_DIR}" "${ROOT_DIR}"