Class: Sigh::Runner

Inherits:
Object
  • Object
show all
Defined in:
sigh/lib/sigh/runner.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#spaceshipObject

Returns the value of attribute spaceship.



11
12
13
 
# File 'sigh/lib/sigh/runner.rb', line 11

def spaceship
  @spaceship
end

Instance Method Details

#certificates_for_profile_and_platformObject 



192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
 
# File 'sigh/lib/sigh/runner.rb', line 192

def certificates_for_profile_and_platform
  case Sigh.config[:platform].to_s
  when 'ios', 'tvos'
    if profile_type == Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_DEVELOPMENT || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_DEVELOPMENT
      certificates = Spaceship.certificate.development.all +
                     Spaceship.certificate.apple_development.all
    elsif profile_type == Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_INHOUSE || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_INHOUSE
      # Enterprise accounts don't have access to Apple Distribution certificates
      certificates = Spaceship.certificate.in_house.all
    # handles case where the desired certificate type is adhoc but the account is an enterprise account
    # the apple dev portal api has a weird quirk in it where if you query for distribution certificates
    # for enterprise accounts, you get nothing back even if they exist.
    elsif (profile_type == Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_ADHOC || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_ADHOC) && Spaceship.client && Spaceship.client.in_house?
      # Enterprise accounts don't have access to Apple Distribution certificates
      certificates = Spaceship.certificate.in_house.all
    else
      # Ad hoc or App Store
      certificates = Spaceship.certificate.production.all +
                     Spaceship.certificate.apple_distribution.all
    end

  when 'macos', 'catalyst'
    if profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_APP_DEVELOPMENT || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_CATALYST_APP_DEVELOPMENT
      certificates = Spaceship.certificate.mac_development.all +
                     Spaceship.certificate.apple_development.all
    elsif profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_APP_STORE || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_CATALYST_APP_STORE
      certificates = Spaceship.certificate.mac_app_distribution.all +
                     Spaceship.certificate.apple_distribution.all
    elsif profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_APP_DIRECT || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_CATALYST_APP_DIRECT
      certificates = Spaceship.certificate.developer_id_application.all
    else
      certificates = Spaceship.certificate.mac_app_distribution.all +
                     Spaceship.certificate.apple_distribution.all
    end
  end

  certificates
end

#certificates_to_useObject

Certificate to use based on the current distribution mode



254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
 
# File 'sigh/lib/sigh/runner.rb', line 254

def certificates_to_use
  certificates = certificates_for_profile_and_platform

  # Filter them
  certificates = certificates.find_all do |c|
    if Sigh.config[:cert_id]
      next unless c.id == Sigh.config[:cert_id].strip
    end

    if Sigh.config[:cert_owner_name]
      next unless c.owner_name.strip == Sigh.config[:cert_owner_name].strip
    end

    true
  end

  # verify certificates
  if Helper.mac?
    unless Sigh.config[:skip_certificate_verification]
      certificates = certificates.find_all do |c|
        file = Tempfile.new('cert')
        file.write(c.download_raw)
        file.close

        FastlaneCore::CertChecker.installed?(file.path)
      end
    end
  end

  if certificates.count > 1 && !Sigh.config[:development]
    UI.important("Found more than one code signing identity. Choosing the first one. Check out `fastlane sigh --help` to see all available options.")
    UI.important("Available Code Signing Identities for current filters:")
    certificates.each do |c|
      str = ["\t- Name:", c.owner_name, "- ID:", c.id + " - Expires", c.expires.strftime("%d/%m/%Y")].join(" ")
      UI.message(str.green)
    end
  end

  if certificates.count == 0
    filters = ""
    filters << "Owner Name: '#{Sigh.config[:cert_owner_name]}' " if Sigh.config[:cert_owner_name]
    filters << "Certificate ID: '#{Sigh.config[:cert_id]}' " if Sigh.config[:cert_id]
    UI.important("No certificates for filter: #{filters}") if filters.length > 0
    message = "Could not find a matching code signing identity for type '#{profile_type_pretty_type}'. "
    message += "It is recommended to use match to manage code signing for you, more information on https://codesigning.guide. "
    message += "If you don't want to do so, you can also use cert to generate a new one: https://fastlane.tools/cert"
    UI.user_error!(message)
  end

  return certificates if Sigh.config[:development] # development profiles support multiple certificates
  return [certificates.first]
end

#create_profile!Object

Create a new profile and return it



150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
 
# File 'sigh/lib/sigh/runner.rb', line 150

def create_profile!
  app_identifier = Sigh.config[:app_identifier]
  name = Sigh.config[:provisioning_name] || [app_identifier, profile_type_pretty_type].join(' ')

  unless Sigh.config[:skip_fetch_profiles]
    profile = Spaceship::ConnectAPI::Profile.all.find { |p| p.name == name }
    if profile
      UI.user_error!("The name '#{name}' is already taken, and fail_on_name_taken is true") if Sigh.config[:fail_on_name_taken]
      UI.error("The name '#{name}' is already taken, using another one.")
      name += " #{Time.now.to_i}"
    end
  end

  bundle_id = Spaceship::ConnectAPI::BundleId.find(app_identifier)
  unless bundle_id
    UI.user_error!("Could not find App with App Identifier '#{Sigh.config[:app_identifier]}'")
  end

  UI.important("Creating new provisioning profile for '#{Sigh.config[:app_identifier]}' with name '#{name}' for '#{Sigh.config[:platform]}' platform")

  profile = Spaceship::ConnectAPI::Profile.create(
    name: name,
    profile_type: profile_type,
    bundle_id_id: bundle_id.id,
    certificate_ids: certificates_to_use.map(&:id),
    device_ids: devices_to_use.map(&:id),
    template_name: Sigh.config[:template_name]
  )

  profile
end

#devices_to_useObject 



231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
 
# File 'sigh/lib/sigh/runner.rb', line 231

def devices_to_use
  # Only use devices if development or adhoc
  return [] if !Sigh.config[:development] && !Sigh.config[:adhoc]

  device_class = case Sigh.config[:platform].to_s
                 when 'ios'
                   [
                     Spaceship::ConnectAPI::Device::DeviceClass::APPLE_WATCH,
                     Spaceship::ConnectAPI::Device::DeviceClass::IPAD,
                     Spaceship::ConnectAPI::Device::DeviceClass::IPHONE,
                     Spaceship::ConnectAPI::Device::DeviceClass::IPOD
                   ].join(",")
                 when 'tvos'
                   Spaceship::ConnectAPI::Device::DeviceClass::APPLE_TV
                 when 'macos', 'catalyst'
                   Spaceship::ConnectAPI::Device::DeviceClass::MAC
                 end

  filter = { deviceClass: device_class }
  return Spaceship::ConnectAPI::Device.all(filter: filter)
end

#download_profile(profile) ⇒ Object

Downloads and stores the provisioning profile



308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
 
# File 'sigh/lib/sigh/runner.rb', line 308

def download_profile(profile)
  UI.important("Downloading provisioning profile...")
  profile_name ||= "#{profile_type_pretty_type}_#{Sigh.config[:app_identifier]}"

  if Sigh.config[:platform].to_s == 'tvos'
    profile_name += "_tvos"
  elsif Sigh.config[:platform].to_s == 'catalyst'
    profile_name += "_catalyst"
  end

  if ['macos', 'catalyst'].include?(Sigh.config[:platform].to_s)
    profile_name += '.provisionprofile'
  else
    profile_name += '.mobileprovision'
  end

  tmp_path = Dir.mktmpdir("profile_download")
  output_path = File.join(tmp_path, profile_name)
  File.open(output_path, "wb") do |f|
    content = Base64.decode64(profile.profile_content)
    f.write(content)
  end

  UI.success("Successfully downloaded provisioning profile...")
  return output_path
end

#ensure_app_exists!Object

Makes sure the current App ID exists. If not, it will show an appropriate error message



336
337
338
339
340
341
342
343
 
# File 'sigh/lib/sigh/runner.rb', line 336

def ensure_app_exists!
  # Only ensuring by app identifier
  # We used to ensure by platform (IOS and MAC_OS) but now apps are
  # always UNIVERSAL as of 2020-07-30
  return if Spaceship::ConnectAPI::BundleId.find(Sigh.config[:app_identifier])
  print_produce_command(Sigh.config)
  UI.user_error!("Could not find App with App Identifier '#{Sigh.config[:app_identifier]}'")
end

#fetch_profilesObject

Fetches a profile matching the user’s search requirements



85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
 
# File 'sigh/lib/sigh/runner.rb', line 85

def fetch_profiles
  UI.message("Fetching profiles...")

  # Filtering on 'profileType' seems to be undocumented as of 2020-07-30
  # but works on both web session and official API
  results = Spaceship::ConnectAPI::Profile.all(filter: { profileType: profile_type }, includes: "bundleId,certificates").select do |profile|
    profile.bundle_id.identifier == Sigh.config[:app_identifier]
  end

  results = results.find_all do |current_profile|
    if current_profile.valid? || Sigh.config[:force]
      true
    else
      UI.message("Provisioning Profile '#{current_profile.name}' is not valid, skipping this one...")
      false
    end
  end

  # Take the provisioning profile name into account
  results = filter_profiles_by_name(results) if Sigh.config[:provisioning_name].to_s.length > 0
  return results if Sigh.config[:skip_certificate_verification]

  UI.message("Verifying certificates...")
  return results.find_all do |current_profile|
    installed = false

    # Attempts to download all certificates from this profile
    # for checking if they are installed.
    # `cert.download_raw` can fail if the user is a
    # "member" and not an a "admin"
    raw_certs = current_profile.certificates.map do |cert|
      begin
        raw_cert = Base64.decode64(cert.certificate_content)
      rescue => error
        UI.important("Cannot download cert #{cert.id} - #{error.message}")
        raw_cert = nil
      end
      { downloaded: raw_cert, cert: cert }
    end

    # Makes sure we have the certificate installed on the local machine
    raw_certs.each do |current_cert|
      # Skip certificates that failed to download
      next unless current_cert[:downloaded]
      file = Tempfile.new('cert')
      file.write(current_cert[:downloaded])
      file.close
      if FastlaneCore::CertChecker.installed?(file.path)
        installed = true
      else
        UI.message("Certificate for Provisioning Profile '#{current_profile.name}' not available locally: #{current_cert[:cert].id}, skipping this one...")
      end
    end

    # Don't need to check if certificate is valid because it comes with the
    # profile in the response
    installed
  end
end

#filter_profiles_by_name(profiles) ⇒ Object 



182
183
184
185
186
187
188
189
190
 
# File 'sigh/lib/sigh/runner.rb', line 182

def filter_profiles_by_name(profiles)
  filtered = profiles.select { |p| p.name.strip == Sigh.config[:provisioning_name].strip }
  if Sigh.config[:ignore_profiles_with_different_name]
    profiles = filtered
  elsif (filtered || []).count > 0
    profiles = filtered
  end
  profiles
end

#print_produce_command(config) ⇒ Object 



345
346
347
348
349
350
351
352
353
354
355
356
357
 
# File 'sigh/lib/sigh/runner.rb', line 345

def print_produce_command(config)
  UI.message("")
  UI.message("==========================================".yellow)
  UI.message("Could not find App ID with bundle identifier '#{config[:app_identifier]}'")
  UI.message("You can easily generate a new App ID on the Developer Portal using 'produce':")
  UI.message("")
  UI.message("fastlane produce -u #{config[:username]} -a #{config[:app_identifier]} --skip_itc".yellow)
  UI.message("")
  UI.message("You will be asked for any missing information, like the full name of your app")
  UI.message("If the app should also be created on App Store Connect, remove the " + "--skip_itc".yellow + " from the command above")
  UI.message("==========================================".yellow)
  UI.message("")
end

#profile_typeObject

The kind of provisioning profile we’re interested in



57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
# File 'sigh/lib/sigh/runner.rb', line 57

def profile_type
  return @profile_type if @profile_type

  case Sigh.config[:platform]
  when "ios"
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_STORE
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_INHOUSE if Spaceship.client.in_house?
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_ADHOC if Sigh.config[:adhoc]
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_DEVELOPMENT if Sigh.config[:development]
  when "tvos"
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_STORE
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_INHOUSE if Spaceship.client.in_house?
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_ADHOC if Sigh.config[:adhoc]
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_DEVELOPMENT if Sigh.config[:development]
  when "macos"
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::MAC_APP_STORE
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::MAC_APP_DEVELOPMENT if Sigh.config[:development]
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::MAC_APP_DIRECT if Sigh.config[:developer_id]
  when "catalyst"
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::MAC_CATALYST_APP_STORE
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::MAC_CATALYST_APP_DEVELOPMENT if Sigh.config[:development]
    @profile_type = Spaceship::ConnectAPI::Profile::ProfileType::MAC_CATALYST_APP_DIRECT if Sigh.config[:developer_id]
  end

  @profile_type
end

#profile_type_pretty_typeObject 



145
146
147
 
# File 'sigh/lib/sigh/runner.rb', line 145

def profile_type_pretty_type
  return Sigh.profile_pretty_type(profile_type)
end

#runObject

Uses the spaceship to create or download a provisioning profile returns the path the newly created provisioning profile (in /tmp usually)



15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'sigh/lib/sigh/runner.rb', line 15

def run
  FastlaneCore::PrintTable.print_values(config: Sigh.config,
                                     hide_keys: [:output_path],
                                         title: "Summary for sigh #{Fastlane::VERSION}")

  UI.message("Starting login with user '#{Sigh.config[:username]}'")
  Spaceship.(Sigh.config[:username], nil)
  Spaceship.select_team
  UI.message("Successfully logged in")

  profiles = [] if Sigh.config[:skip_fetch_profiles]
  profiles ||= fetch_profiles # download the profile if it's there

  if profiles.count > 0
    UI.success("Found #{profiles.count} matching profile(s)")
    profile = profiles.first

    if Sigh.config[:force]
      # Recreating the profile ensures it has all of the requested properties (cert, name, etc.)
      UI.important("Recreating the profile")
      profile.delete!
      profile = create_profile!
    end
  else
    UI.user_error!("No matching provisioning profile found and can not create a new one because you enabled `readonly`") if Sigh.config[:readonly]
    UI.important("No existing profiles found, that match the certificates you have installed locally! Creating a new provisioning profile for you")
    ensure_app_exists!
    profile = create_profile!
  end

  UI.user_error!("Something went wrong fetching the latest profile") unless profile

  if [Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_INHOUSE, Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_INHOUSE].include?(profile_type)
    ENV["SIGH_PROFILE_ENTERPRISE"] = "1"
  else
    ENV.delete("SIGH_PROFILE_ENTERPRISE")
  end

  return download_profile(profile)
end