ci(AppImage): Build a linux AppImage

Author: amilcarlucas

.github/workflows/build_windows_macos.yml

@@ -16,7 +16,7 @@ permissions:
   contents: read
 
 jobs:
-  build:
+  build_windows:
     runs-on: 'windows-latest'
     strategy:
       matrix:
@@ -246,23 +246,116 @@ jobs:
           path: macos/Output/*.dmg
           retention-days: 7
 
+  build_linux:
+    runs-on: 'ubuntu-20.04'  # Use a consistent Linux environment for building the AppImage
+    strategy:
+      matrix:
+        python-version: ['3.14']
+
+    permissions:
+      contents: write
+      id-token: write
+
+    steps:
+      - name: Harden the runner (Audit all outbound calls)
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
+        with:
+          egress-policy: audit
+
+      - name: Checkout
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+      - name: Install system dependencies for tkinter
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -y --no-install-recommends \
+            python3-tk \
+            tk-dev \
+            tcl-dev \
+            squashfs-tools
+
+      - name: Set up Python
+        id: setup-python
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install .[linux_dist]
+
+      - name: Verify tkinter is available
+        run: |
+          python - <<'PY'
+          import tkinter
+          print(f"tkinter OK, TkVersion={tkinter.TkVersion}")
+          PY
+
+      - name: Write the git commit hash to file
+        run: |
+          git rev-parse HEAD | tr -d '\n' > git_hash.txt
+
+      - name: Build Linux app with PyInstaller
+        run: |
+          pyinstaller --clean linux/ardupilot_methodic_configurator.spec
+
+      - name: Build AppImage
+        run: |
+          set -euo pipefail
+          VERSION=$(python -c "import ardupilot_methodic_configurator; print(ardupilot_methodic_configurator.__version__)")
+          APP_NAME="ardupilot_methodic_configurator"
+          APPIMAGE_NAME="${APP_NAME}_${VERSION}_linux_setup.AppImage"
+          APPDIR="linux/AppDir"
+          OUTPUT_DIR="linux/Output"
+
+          # Create AppDir structure
+          rm -rf "$APPDIR"
+          mkdir -p "$APPDIR" "$OUTPUT_DIR"
+
+          # Copy PyInstaller output
+          cp -R "dist/${APP_NAME}" "$APPDIR/"
+
+          # Copy desktop file and icon
+          cp "linux/${APP_NAME}.desktop" "$APPDIR/"
+          cp "ardupilot_methodic_configurator/images/ArduPilot_icon.png" "$APPDIR/${APP_NAME}.png"
+
+          # Copy AppRun and make executable
+          cp "linux/AppRun" "$APPDIR/AppRun"
+          chmod +x "$APPDIR/AppRun"
+
+          # Download appimagetool (use --appimage-extract-and-run since FUSE is unavailable in CI)
+          # Pinned to 1.9.1 for security and reproducibility
+          wget -q "https://github.com/AppImage/appimagetool/releases/download/1.9.1/appimagetool-x86_64.AppImage" \
+            -O appimagetool
+          chmod +x appimagetool
+
+          ARCH=x86_64 ./appimagetool --appimage-extract-and-run "$APPDIR" "$OUTPUT_DIR/$APPIMAGE_NAME"
+
+      - name: Upload Linux build artifacts
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        with:
+          name: linux-appimage
+          path: linux/Output/*.AppImage
+          retention-days: 7
+
   # Generate SLSA provenance using the official generic workflow
 #  provenance:
-#    needs: [build]
+#    needs: [build_windows]
 #    permissions:
 #      actions: read    # To read the workflow path
 #      id-token: write  # To sign the provenance
 #      contents: write  # To add assets to a release
 #    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@4876e96b8268fd8b7b8d8574718d06c0d0426d40 # latest commit
 #    with:
-#      base64-subjects: "${{ needs.build.outputs.hashes }}"
+#      base64-subjects: "${{ needs.build_windows.outputs.hashes }}"
 #      upload-assets: ${{ startsWith(github.ref, 'refs/tags/v') }}  # Only upload to releases for v* tags
 #      continue-on-error: false  # Explicit error handling - fail fast for security issues
 
   # Release job that depends on provenance generation
   release:
-    #    needs: [build, provenance]
-    needs: [build, build_macos]
+    #    needs: [build_windows, provenance]
+    needs: [build_windows, build_macos, build_linux]
     runs-on: windows-latest
     if: startsWith(github.ref, 'refs/tags/v') || github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
     permissions:
@@ -277,7 +370,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
-      - name: Download build artifacts
+      - name: Download Windows build artifacts
         uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           name: windows-installer
@@ -289,16 +382,24 @@ jobs:
           name: macos-dmg
           path: release-artifacts
 
+      - name: Download Linux build artifacts
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
+        with:
+          name: linux-appimage
+          path: release-artifacts
+
       - name: Rename installer for pre-release
         if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
         shell: pwsh
         run: |
-          $files = Get-ChildItem release-artifacts\*.* | Where-Object { $_.Extension -in '.exe', '.dmg' }
+          $files = Get-ChildItem release-artifacts\*.* | Where-Object { $_.Extension -in '.exe', '.dmg', '.AppImage' }
           foreach ($file in $files) {
             if ($file.Extension -eq '.exe') {
               $newName = $file.Name -replace 'ardupilot_methodic_configurator_.*_windows_setup\.exe$', 'ardupilot_methodic_configurator_latest_pre_release_windows_setup.exe'
             } elseif ($file.Extension -eq '.dmg') {
               $newName = $file.Name -replace 'ardupilot_methodic_configurator_.*_macos_setup\.dmg$', 'ardupilot_methodic_configurator_latest_pre_release_macos_setup.dmg'
+            } elseif ($file.Extension -eq '.AppImage') {
+              $newName = $file.Name -replace 'ardupilot_methodic_configurator_.*_linux_setup\.AppImage$', 'ardupilot_methodic_configurator_latest_pre_release_linux_setup.AppImage'
             } else {
               continue
             }

README.md

@@ -3,7 +3,7 @@
 | Lint | Quality | Test | Security | Deploy | Maintain |
 | ---- | ------- | ---- | -------- | ------ | -------- |
 | [![Pylint](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pylint.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pylint.yml) | [![Codacy Badge](https://app.codacy.com/project/badge/Grade/720794ed54014c58b9eaf7a097a4e98e)](https://app.codacy.com/gh/amilcarlucas/MethodicConfigurator/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) | [![pytest status](https://gist.githubusercontent.com/amilcarlucas/81b511dc0ff92b8072613d1cd100832e/raw/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pytest.yml) | [![Known Vulnerabilities](https://snyk.io/test/github/amilcarlucas/MethodicConfigurator/badge.svg)](https://app.snyk.io/org/amilcarlucas/project/c8fd6e29-715b-4949-b828-64eff84f5fe1) | [![pages-build-deployment](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pages/pages-build-deployment/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pages/pages-build-deployment) | [![Average time to resolve an issue](http://isitmaintained.com/badge/resolution/ArduPilot/MethodicConfigurator.svg)](http://isitmaintained.com/project/ArduPilot/MethodicConfigurator) |
-| [![test Python cleanliness](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/ruff.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/ruff.yml) | [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9101/badge)](https://www.bestpractices.dev/projects/9101) | [![Pytest tests](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pytest.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pytest.yml) | [![CodeQL](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/github-code-scanning/codeql/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/github-code-scanning/codeql) | [![Upload MethodicConfigurator Package](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/python-publish.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/python-publish.yml) | [![Percentage of issues still open](http://isitmaintained.com/badge/open/ArduPilot/MethodicConfigurator.svg)](http://isitmaintained.com/project/ArduPilot/MethodicConfigurator) |
+| [![test Python cleanliness](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/ruff.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/ruff.yml) | [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9101/badge)](https://www.bestpractices.dev/projects/9101) | [![Pytest tests](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pytest.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pytest.yml) | [![CodeQL](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/codeql.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/codeql.yml) | [![Upload MethodicConfigurator Package](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/python-publish.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/python-publish.yml) | [![Percentage of issues still open](http://isitmaintained.com/badge/open/ArduPilot/MethodicConfigurator.svg)](http://isitmaintained.com/project/ArduPilot/MethodicConfigurator) |
 | [![mypy](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/mypy.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/mypy.yml) | [![REUSE status](https://api.reuse.software/badge/github.com/ArduPilot/MethodicConfigurator)](https://api.reuse.software/info/github.com/ArduPilot/MethodicConfigurator) | [![Coverage Status](https://coveralls.io/repos/github/ArduPilot/MethodicConfigurator/badge.svg?branch=master)](https://coveralls.io/github/ArduPilot/MethodicConfigurator?branch=master) | [![gitavscan](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/gitavscan.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/gitavscan.yml) | [![pypi](https://img.shields.io/pypi/v/ardupilot-methodic-configurator.svg)](https://pypi.org/project/ardupilot-methodic-configurator/) | [![python versions](https://img.shields.io/pypi/pyversions/ardupilot-methodic-configurator.svg)](https://pypi.python.org/pypi/ardupilot-methodic-configurator) |
 | [![Pyright](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pyright.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/pyright.yml) | [![md-link-check](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/markdown-link-check.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/markdown-link-check.yml) | [![Coverity Scan Build Status](https://scan.coverity.com/projects/30346/badge.svg)](https://scan.coverity.com/projects/ardupilot-methodic-configurator) | [![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/ArduPilot/MethodicConfigurator/badge)](https://scorecard.dev/viewer/?uri=github.com/ArduPilot/MethodicConfigurator) | [![PyPI - Downloads](https://img.shields.io/pypi/dm/ardupilot-methodic-configurator?link=https%3A%2F%2Fpypi.org%2Fproject%2Fardupilot-methodic-configurator%2F)](https://pypistats.org/packages/ardupilot-methodic-configurator) | [![Code Climate](https://codeclimate.com/github/amilcarlucas/MethodicConfigurator.png)](https://codeclimate.com/github/amilcarlucas/MethodicConfigurator) |
 | [![markdown-lint](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/markdown-lint.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/markdown-lint.yml) | [![pre-commit](https://results.pre-commit.ci/badge/github/ArduPilot/MethodicConfigurator/master.svg)](https://results.pre-commit.ci/latest/github/ArduPilot/MethodicConfigurator/master) | [![Discord](https://img.shields.io/badge/Discord-%235865F2.svg?logo=discord&logoColor=white)](https://discord.com/channels/674039678562861068/1308233496535371856) | | [![Windows Build](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/build_windows_macos.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/windows_build.yml) | [![Update Flight Controller IDs](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/update_flightcontroller_ids.yml/badge.svg)](https://github.com/ArduPilot/MethodicConfigurator/actions/workflows/update_flightcontroller_ids.yml) |

REUSE.toml

@@ -181,6 +181,11 @@ path = ["windows/ardupilot_methodic_configurator*", "windows/settings_template.j
 SPDX-FileCopyrightText = "2024-2026 Amilcar Lucas"
 SPDX-License-Identifier = "GPL-3.0-or-later"
 
+[[annotations]]
+path = ["linux/ardupilot_methodic_configurator*", "linux/AppRun"]
+SPDX-FileCopyrightText = "2024-2026 Amilcar Lucas"
+SPDX-License-Identifier = "GPL-3.0-or-later"
+
 [[annotations]]
 path = [".dockerignore", "docker-compose.yml", "Dockerfile"]
 SPDX-FileCopyrightText = "2026 ArduPilot methodic configurator developers"

linux/AppRun

@@ -0,0 +1,11 @@
+#!/bin/bash
+# AppRun entry point for the ArduPilot Methodic Configurator AppImage
+#
+# SPDX-FileCopyrightText: 2024-2026 Amilcar do Carmo Lucas <amilcar.lucas@iav.de>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+SELF=$(readlink -f "$0")
+HERE="${SELF%/*}"
+export PATH="${HERE}/ardupilot_methodic_configurator:${PATH}"
+exec "${HERE}/ardupilot_methodic_configurator/ardupilot_methodic_configurator" "$@"

linux/ardupilot_methodic_configurator.desktop

@@ -0,0 +1,7 @@
+[Desktop Entry]
+Name=ArduPilot Methodic Configurator
+Exec=ardupilot_methodic_configurator
+Icon=ardupilot_methodic_configurator
+Type=Application
+Categories=Utility;Science;
+Comment=Configure ArduPilot flight controller parameters in a methodical, traceable way

linux/ardupilot_methodic_configurator.spec

@@ -0,0 +1,82 @@
+# -*- mode: python -*-
+# spec file for pyinstaller to build ardupilot_methodic_configurator for Linux
+#
+# SPDX-FileCopyrightText: 2024-2026 Amilcar do Carmo Lucas <amilcar.lucas@iav.de>
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from PyInstaller.utils.hooks import collect_data_files, collect_submodules
+import certifi
+import os
+
+spec_file = globals().get("__file__")
+if spec_file:
+    spec_dir = os.path.abspath(os.path.dirname(spec_file))
+else:
+    spec_dir = os.path.abspath(os.getcwd())
+
+
+def _find_project_root(base_dir: str) -> str:
+    candidates = [base_dir, os.path.abspath(os.path.join(base_dir, ".."))]
+    for candidate in candidates:
+        package_init = os.path.join(candidate, "ardupilot_methodic_configurator", "__init__.py")
+        if os.path.exists(package_init):
+            return candidate
+    return base_dir
+
+
+PROJECT_ROOT = _find_project_root(spec_dir)
+PACKAGE_ROOT = os.path.join(PROJECT_ROOT, "ardupilot_methodic_configurator")
+
+
+certifi_cacert = certifi.where()
+
+datas = [(certifi_cacert, "certifi")]
+
+git_hash_path = os.path.join(PROJECT_ROOT, "git_hash.txt")
+if os.path.exists(git_hash_path):
+    datas.append((git_hash_path, "ardupilot_methodic_configurator"))
+
+datas += collect_data_files("ardupilot_methodic_configurator")
+
+hidden_imports = (
+    [
+        "packaging",
+        "packaging.version",
+        "packaging.specifiers",
+    ]
+    + collect_submodules("ardupilot_methodic_configurator.modules")
+    + collect_submodules("pymavlink")
+)
+
+analysis = Analysis(
+    [os.path.join(PACKAGE_ROOT, "__main__.py")],
+    pathex=[PROJECT_ROOT, PACKAGE_ROOT],
+    hiddenimports=hidden_imports,
+    datas=datas,
+    hookspath=None,
+    runtime_hooks=None,
+)
+
+pyz = PYZ(analysis.pure)
+
+exe = EXE(
+    pyz,
+    analysis.scripts,
+    exclude_binaries=True,
+    name="ardupilot_methodic_configurator",
+    debug=False,
+    strip=False,
+    upx=False,
+    console=False,
+)
+
+coll = COLLECT(
+    exe,
+    analysis.binaries,
+    analysis.zipfiles,
+    analysis.datas,
+    strip=False,
+    upx=False,
+    name="ardupilot_methodic_configurator",
+)

pyproject.toml

@@ -114,6 +114,12 @@ mac_dist = [
     "packaging==26.2",
 ]
 
+linux_dist = [
+    "pip==26.0.1",
+    "pyinstaller==6.20.0",
+    "packaging==26.2",
+]
+
 [project.scripts]
 ardupilot_methodic_configurator = "ardupilot_methodic_configurator.__main__:main"
 extract_param_defaults = "ardupilot_methodic_configurator.extract_param_defaults:main"