Merge pull request #450 from nimblehq/feature/330-fix-signing

[#330] Modify signing automatically when generating a project
nimblehq · Apr 28, 2023 · e99d0dc · e99d0dc
2 parents 9544585 + 67d66ba
commit e99d0dc
Show file tree

Hide file tree

Showing 6 changed files with 80 additions and 45 deletions.
diff --git a/.github/workflows/test_upload_build_to_test_flight.yml b/.github/workflows/test_upload_build_to_test_flight.yml
@@ -7,6 +7,7 @@ name: Test Upload Build to TestFlight
 ### API_KEY_ID
 ### ISSUER_ID
 ### APPSTORE_CONNECT_API_KEY
+### TEAM_ID
 
 on:
   pull_request
@@ -51,12 +52,13 @@ jobs:
         MATCH_REPO: ${{ secrets.MATCH_REPO }}
         API_KEY_ID: ${{ secrets.API_KEY_ID }}
         ISSUER_ID: ${{ secrets.ISSUER_ID }}
+        TEAM_ID: ${{ secrets.TEAM_ID }}
 
     - name: Set Up Test Project for App Store
       run: bundle exec fastlane setUpTestProject
 
     - name: Update Provision Profile
-      run: bundle exec fastlane updateProvisionSettings
+      run: bundle exec fastlane syncAppStoreCodeSigning
       env:
         MATCH_PASSWORD: ${{ secrets.MATCH_PASS }}
 

diff --git a/fastlane/Constants/Constant.swift b/fastlane/Constants/Constant.swift
@@ -79,11 +79,16 @@ extension Constant {
     enum Environment: String {
 
         case staging = "Staging"
-        case production = ""
+        case production = "Production"
 
         var productName: String { "\(Constant.projectName) \(rawValue)".trimmed }
 
-        var scheme: String { "\(Constant.projectName) \(rawValue)".trimmed }
+        var scheme: String {
+            switch self {
+            case .staging: return "\(Constant.projectName) \(rawValue)".trimmed
+            case .production: return Constant.projectName
+            }
+        }
 
         var bundleId: String {
             switch self {
@@ -116,13 +121,37 @@ extension Constant {
 
     enum BuildType: String {
 
+        case development
         case adHoc = "ad-hoc"
         case appStore = "app-store"
 
         var value: String { return rawValue }
-
+
+        var match: String {
+            switch self {
+            case .development: return "development"
+            case .adHoc: return "adhoc"
+            case .appStore: return "appstore"
+            }
+        }
+
+        var configuration: String {
+            switch self {
+            case .development: return "Debug"
+            case .adHoc, .appStore: return "Release"
+            }
+        }
+
+        var codeSignIdentity: String {
+            switch self {
+            case .development: return "iPhone Developer"
+            case .adHoc, . appStore: return "iPhone Distribution"
+            }
+        }
+
         var method: String {
             switch self {
+            case .development: return "Development"
             case .adHoc: return "AdHoc"
             case .appStore: return "AppStore"
             }

diff --git a/fastlane/Fastfile.swift b/fastlane/Fastfile.swift
@@ -12,35 +12,43 @@ class Fastfile: LaneFile {
 
     // MARK: - Code signing
 
-    func syncDevelopmentCodeSigningLane() {
+    func syncDevelopmentStagingCodeSigningLane() {
         desc("Sync the Development match signing for the Staging build")
         Match.syncCodeSigning(
             type: .development,
-            appIdentifier: [Constant.stagingBundleId]
+            environment: .staging
+        )
+    }
+
+    func syncDevelopmentProductionCodeSigningLane() {
+        desc("Sync the Development match signing for the Production build")
+        Match.syncCodeSigning(
+            type: .development,
+            environment: .production
         )
     }
 
     func syncAdHocStagingCodeSigningLane() {
         desc("Sync the Ad Hoc match signing for the Staging build")
         Match.syncCodeSigning(
             type: .adHoc,
-            appIdentifier: [Constant.stagingBundleId]
+            environment: .staging
         )
     }
 
     func syncAdHocProductionCodeSigningLane() {
         desc("Sync the Ad Hoc match signing for the Production build")
         Match.syncCodeSigning(
             type: .adHoc,
-            appIdentifier: [Constant.productionBundleId]
+            environment: .production
         )
     }
 
     func syncAppStoreCodeSigningLane() {
         desc("Sync the App Store match signing for the Production build")
         Match.syncCodeSigning(
             type: .appStore,
-            appIdentifier: [Constant.productionBundleId]
+            environment: .production
         )
     }
 
@@ -80,7 +88,7 @@ class Fastfile: LaneFile {
     }
 
     func buildProductionAndUploadToFirebaseLane() {
-        desc("Build Staging app and upload to Firebase")
+        desc("Build Production app and upload to Firebase")
 
         setAppVersion()
         bumpBuild()
@@ -145,20 +153,6 @@ class Fastfile: LaneFile {
         )
     }
 
-    func updateProvisionSettingsLane() {
-        desc("Update Provision Profile")
-        syncAppStoreCodeSigningLane()
-        updateCodeSigningSettings(
-            path: Constant.projectPath,
-            useAutomaticSigning: .userDefined(false),
-            teamId: .userDefined(EnvironmentParser.string(key: "sigh_\(Constant.productionBundleId)_appstore_team-id")),
-            codeSignIdentity: .userDefined("iPhone Distribution"),
-            profileName: .userDefined(EnvironmentParser.string(
-                key: "sigh_\(Constant.productionBundleId)_appstore_profile-name"
-            ))
-        )
-    }
-
     func setUpTestProjectLane() {
         desc("Disable Exempt Encryption")
         Test.disableExemptEncryption()
@@ -176,8 +170,8 @@ class Fastfile: LaneFile {
             teamId: .userDefined(Constant.teamId)
         )
 
-        Match.syncCodeSigning(type: .development, appIdentifier: [], isForce: true)
-        Match.syncCodeSigning(type: .adHoc, appIdentifier: [], isForce: true)
+        Match.syncCodeSigning(type: .development, environment: .staging, isForce: true)
+        Match.syncCodeSigning(type: .adHoc, environment: .staging, isForce: true)
     }
 
     // MARK: - Utilities

diff --git a/fastlane/Helpers/Build.swift b/fastlane/Helpers/Build.swift
@@ -52,7 +52,7 @@ enum Build {
             exportMethod: .userDefined(type.value),
             exportOptions: .userDefined([
                 "provisioningProfiles": [
-                    environment.bundleId: "match \(type.method) \(environment.bundleId)"
+                    environment.bundleId: Match.createProfileName(type: type, environment: environment)
                 ]
             ]),
             buildPath: .userDefined(Constant.buildPath),

diff --git a/fastlane/Helpers/Match.swift b/fastlane/Helpers/Match.swift
@@ -8,13 +8,13 @@
 
 enum Match {
 
-    static func syncCodeSigning(type: MatchType, appIdentifier: [String], isForce: Bool = false) {
+    static func syncCodeSigning(type: Constant.BuildType, environment: Constant.Environment, isForce: Bool = false) {
         if isCi() {
             Keychain.create()
             match(
-                type: type.value,
+                type: type.match,
                 readonly: .userDefined(!isForce),
-                appIdentifier: appIdentifier,
+                appIdentifier: [environment.bundleId],
                 username: .userDefined(Constant.userName),
                 teamId: .userDefined(Constant.teamId),
                 gitUrl: Constant.matchURL,
@@ -24,26 +24,36 @@ enum Match {
             )
         } else {
             match(
-                type: type.value,
+                type: type.match,
                 readonly: .userDefined(!isForce),
-                appIdentifier: appIdentifier,
+                appIdentifier: [environment.bundleId],
                 username: .userDefined(Constant.userName),
                 teamId: .userDefined(Constant.teamId),
                 gitUrl: Constant.matchURL,
                 force: .userDefined(isForce)
             )
         }
+        updateCodeSigning(type: type, environment: environment)
     }
-}
-
-extension Match {
-
-    enum MatchType: String {
-
-        case development
-        case adHoc = "adhoc"
-        case appStore = "appstore"
-
-        var value: String { return rawValue }
+
+    static func updateCodeSigning(type: Constant.BuildType, environment: Constant.Environment) {
+        // Update Code signing from automatic to manual
+        updateCodeSigningSettings(
+            path: Constant.projectPath,
+            useAutomaticSigning: .userDefined(false),
+            teamId: .userDefined(Constant.teamId),
+            targets: .userDefined([Constant.projectName]),
+            buildConfigurations: .userDefined([Self.createBuildConfiguration(type: type, environment: environment)]),
+            codeSignIdentity: .userDefined(type.codeSignIdentity),
+            profileName: .userDefined(Self.createProfileName(type: type, environment: environment))
+        )
+    }
+
+    static func createBuildConfiguration(type: Constant.BuildType, environment: Constant.Environment) -> String {
+        "\(type.configuration) \(environment.rawValue)"
+    }
+
+    static func createProfileName(type: Constant.BuildType, environment: Constant.Environment) -> String {
+        "match \(type.method) \(environment.bundleId)"
     }
 }
diff --git a/set_up_test_testflight.sh b/set_up_test_testflight.sh
@@ -1,12 +1,12 @@
-echo "import('./Tests/Fastfile')" | cat - fastlane/Fastfile | tee fastlane/Fastfile &> /dev/null
-
+readonly CONSTANT_TEAM_ID="<#teamId#>"
 readonly CONSTANT_API_KEY_ID="<#API_KEY_ID#>"
 readonly CONSTANT_ISSUER_ID="<#ISSUER_ID#>"
 readonly CONSTANT_MATCH_REPO="[email protected]:{organization}\/{repo}.git"
 
 readonly WORKING_DIR=$(cd -P -- "$(dirname -- "$0")" && pwd -P)
 MATCH_REPO_ESCAPED=$(echo "${MATCH_REPO//\//\\\/}")
 
+LC_ALL=C find $WORKING_DIR -type f -exec sed -i "" "s/$CONSTANT_TEAM_ID/$TEAM_ID/g" {} +
 LC_ALL=C find $WORKING_DIR -type f -exec sed -i "" "s/$CONSTANT_API_KEY_ID/$API_KEY_ID/g" {} +
 LC_ALL=C find $WORKING_DIR -type f -exec sed -i "" "s/$CONSTANT_ISSUER_ID/$ISSUER_ID/g" {} +
 LC_ALL=C find $WORKING_DIR -type f -exec sed -i "" "s/$CONSTANT_MATCH_REPO/$MATCH_REPO_ESCAPED/g" {} +