RubyGems - adsedare - Versions diffs - 0.0.1 → 0.0.2 - Mend

adsedare 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml +4 -4
data/adsedare.gemspec +1 -1
data/lib/adsedare/capabilities.rb +43 -38
data/lib/adsedare/export_options.rb +90 -0
data/lib/adsedare/keychain.rb +131 -0
data/lib/adsedare/version.rb +1 -1
data/lib/adsedare/xcodeproj.rb +76 -0
data/lib/adsedare.rb +22 -287
data/lib/appstoreconnect.rb +65 -65
data/lib/starship/2fa_provider.rb +4 -4
data/lib/starship/auth_helper.rb +87 -88
data/lib/starship.rb +60 -60
metadata +4 -1

data/lib/adsedare.rb CHANGED Viewed

@@ -8,8 +8,11 @@ require "plist"
 require_relative "adsedare/version"
 require_relative "adsedare/capabilities"
-require_relative "logging"
+require_relative "adsedare/keychain"
+require_relative "adsedare/xcodeproj"
+require_relative "adsedare/export_options"
+require_relative "logging"
 require_relative "starship"
 require_relative "appstoreconnect"
@@ -22,20 +25,20 @@ module Adsedare
     def renew_profiles(project_path = nil, certificate_id = nil, team_id = nil)
       raise "Project path is not set" unless project_path
       raise "Certificate ID is not set" unless certificate_id
       project = Xcodeproj::Project.open(project_path)
       project_dir = File.dirname(project_path)
       bundle_entitlements = {}
       project.targets.each do |target|
         target.build_configurations.each do |config|
           bundle_identifier = config.build_settings["PRODUCT_BUNDLE_IDENTIFIER"]
           entitlements_path = config.build_settings["CODE_SIGN_ENTITLEMENTS"]
           # If team_id is not set, use the first one from the project
           team_id ||= config.build_settings["DEVELOPMENT_TEAM"]
           if entitlements_path
             full_entitlements_path = File.join(project_dir, entitlements_path)
             bundle_entitlements[bundle_identifier] = full_entitlements_path
@@ -51,10 +54,10 @@ module Adsedare
         unless bundle_id
           logger.warn "Bundle '#{bundle_identifier}' is missing in Apple Developer portal. Will create."
           bundle_id = Starship::Client.create_bundle(
-            bundle_identifier,
+            bundle_identifier,
             team_id,
             # You cannot create bundle without this capability
-            [ SimpleCapability.new("IN_APP_PURCHASE").to_bundle_capability(nil, nil) ]
+            [SimpleCapability.new("IN_APP_PURCHASE").to_bundle_capability(nil, nil)]
           )["data"]["id"]
           bundle_by_identifier[bundle_identifier] = bundle_id
           logger.info "Bundle '#{bundle_identifier}' created with ID '#{bundle_id}'"
@@ -88,7 +91,7 @@ module Adsedare
     def install_profiles(project_path = nil)
       raise "Project path is not set" unless project_path
       project = Xcodeproj::Project.open(project_path)
       project_bundles = project.targets.map do |target|
@@ -116,11 +119,11 @@ module Adsedare
           next
         end
-        logger.info "Bundle '#{bundle_identifier}' resolved to Bundle ID '#{bundle_id['id']}'"
+        logger.info "Bundle '#{bundle_identifier}' resolved to Bundle ID '#{bundle_id["id"]}'"
         profiles = bundle_id["relationships"]["profiles"]["data"]
         unless profiles
-          logger.warn "Profile for Bundle ID '#{bundle_id['id']}' is missing in App Store Connect. Skipping."
+          logger.warn "Profile for Bundle ID '#{bundle_id["id"]}' is missing in App Store Connect. Skipping."
           next
         end
@@ -136,11 +139,11 @@ module Adsedare
         end
         unless ad_hoc_profile
-          logger.warn "Profile for Bundle ID '#{bundle_id['id']}' is missing in App Store Connect. Skipping."
+          logger.warn "Profile for Bundle ID '#{bundle_id["id"]}' is missing in App Store Connect. Skipping."
           next
         end
-        logger.info "Profile for Bundle ID '#{bundle_id['id']}' resolved to Profile '#{ad_hoc_profile['attributes']['name']}'"
+        logger.info "Profile for Bundle ID '#{bundle_id["id"]}' resolved to Profile '#{ad_hoc_profile["attributes"]["name"]}'"
         uuid = ad_hoc_profile["attributes"]["uuid"]
         profile_content = Base64.decode64(ad_hoc_profile["attributes"]["profileContent"])
@@ -149,275 +152,8 @@ module Adsedare
         FileUtils.mkdir_p(File.dirname(profile_path))
         File.write(profile_path, profile_content)
-        logger.info "Profile '#{ad_hoc_profile['attributes']['name']}' installed to '#{profile_path}'"
-      end
-    end
-    def create_keychain(keychain_path = nil, keychain_password = nil, make_default = true)
-      raise "Keychain path is not set" unless keychain_path
-      raise "Keychain password is not set" unless keychain_password
-      keychain_path = File.expand_path(keychain_path)
-      logger.info "Creating keychain at '#{keychain_path}'"
-      FileUtils.mkdir_p(File.dirname(keychain_path))
-      status = system("security create-keychain -p #{keychain_password} #{keychain_path}")
-      unless status
-        logger.error "Failed to create keychain at '#{keychain_path}'"
-        return
-      end
-      apple_certs = [
-        "AppleWWDRCAG2.cer",
-        "AppleWWDRCAG3.cer",
-        "AppleWWDRCAG4.cer",
-        "AppleWWDRCAG5.cer",
-        "AppleWWDRCAG6.cer",
-        "AppleWWDRCAG7.cer",
-        "AppleWWDRCAG8.cer",
-        "DeveloperIDG2CA.cer"
-      ]
-      apple_certs.each do |cert|
-        logger.info "Downloading certificate '#{cert}'"
-        response = Faraday.get(
-          "https://www.apple.com/certificateauthority/#{cert}"
-        )
-        unless response.status == 200
-          logger.error "Failed to download certificate '#{cert}'"
-          next
-        end
-        file = Tempfile.new(cert)
-        file.write(response.body)
-        file.close
-        install_certificate(file.path, keychain_path)
-        file.unlink
-      end
-      logger.info "Downloading certificate 'AppleWWDRCA.cer'"
-      response = Faraday.get(
-        "https://developer.apple.com/certificationauthority/AppleWWDRCA.cer"
-      )
-      unless response.status == 200
-        logger.error "Failed to download certificate 'AppleWWDRCA.cer'"
-      else
-        file = Tempfile.new("AppleWWDRCA.cer")
-        file.write(response.body)
-        file.close
-        install_certificate(file.path, keychain_path)
-        file.unlink
-      end
-      ad_hoc_certificate = ENV["AD_HOC_CERTIFICATE"]
-      ad_hoc_private_key = ENV["AD_HOC_PRIVATE_KEY"]
-      ad_hoc_key_password = ENV["AD_HOC_KEY_PASSWORD"]
-      unless ad_hoc_certificate || ad_hoc_private_key || ad_hoc_key_password
-        logger.warn "AD_HOC_CERTIFICATE, AD_HOC_PRIVATE_KEY, or AD_HOC_KEY_PASSWORD is not set"
-        return
-      end
-      install_certificate(ad_hoc_private_key, keychain_path, ad_hoc_key_password, "priv")
-      install_certificate(ad_hoc_certificate, keychain_path, "", "cert")
-      if make_default
-        status = system("security default-keychain -d user -s #{keychain_path}")
-        unless status
-          logger.warn "Failed to set default keychain"
-          return
-        end
-      end
-      status = system("security set-keychain-settings #{keychain_path}")
-      unless status
-        logger.error "Failed to set keychain settings"
-        return
-      end
-      status = system("security set-key-partition-list -S apple-tool:,apple: -k #{keychain_password} #{keychain_path}")
-      unless status
-        logger.error "Failed to set keychain partition list"
-        return
-      end
-      status = system("security unlock-keychain -p #{keychain_password} #{keychain_path}")
-      unless status
-        logger.error "Failed to unlock keychain"
-        return
-      end
-      logger.info "Keychain created at '#{keychain_path}'"
-    end
-    def make_export_options(project_path = nil, export_path = nil, team_id = nil, options = {})
-      raise "Project path is not set" unless project_path
-      raise "Export path is not set" unless export_path
-      project = Xcodeproj::Project.open(project_path)
-      export_options = {
-        "method" => "ad-hoc",
-        "destination" => "export",
-        "signingStyle" => "manual",
-        "provisioningProfiles" => {}
-      }.merge(options)
-      project_bundles = []
-      project.targets.each do |target|
-        target.build_configurations.each do |config|
-          team_id ||= config.build_settings["DEVELOPMENT_TEAM"]
-          project_bundles << config.build_settings["PRODUCT_BUNDLE_IDENTIFIER"]
-        end
-      end
-      export_options["teamID"] = team_id
-      logger.info "Fetching bundles with profiles for team ID '#{team_id}'"
-      bundles_with_profiles = AppStoreConnect::Client.get_bundles_with_profiles(project_bundles)
-      bundle_by_identifier = {}
-      profiles_by_id = {}
-      bundles_with_profiles["data"].each do |bundle_id|
-        bundle_by_identifier[bundle_id["attributes"]["identifier"]] = bundle_id
-      end
-      bundles_with_profiles["included"].each do |profile|
-        profiles_by_id[profile["id"]] = profile
-      end
-      project_bundles.each do |bundle_identifier|
-        bundle_id = bundle_by_identifier[bundle_identifier]
-        unless bundle_id
-          logger.warn "Bundle '#{bundle_identifier}' is missing in App Store Connect. Skipping."
-          next
-        end
-        logger.info "Bundle '#{bundle_identifier}' resolved to Bundle ID '#{bundle_id['id']}'"
-        profiles = bundle_id["relationships"]["profiles"]["data"]
-        unless profiles
-          logger.warn "Profile for Bundle ID '#{bundle_id['id']}' is missing in App Store Connect. Skipping."
-          next
-        end
-        ad_hoc_profile = nil
-        profiles.each do |profile|
-          profile_id = profile["id"]
-          profile = profiles_by_id[profile_id]
-          if profile["attributes"]["profileType"] == "IOS_APP_ADHOC" && profile["attributes"]["profileState"] == "ACTIVE"
-            ad_hoc_profile = profile
-            break
-          end
-        end
-        unless ad_hoc_profile
-          logger.warn "Profile for Bundle ID '#{bundle_id['id']}' is missing in App Store Connect. Skipping."
-          next
-        end
-        logger.info "Profile for Bundle ID '#{bundle_id['id']}' resolved to Profile '#{ad_hoc_profile['attributes']['name']}'"
-        profile_name = ad_hoc_profile["attributes"]["name"]
-        export_options["provisioningProfiles"][bundle_identifier] = profile_name
-      end
-      options_plist = Plist::Emit.dump(export_options)
-      File.write(export_path, options_plist)
-      return export_options
-    end
-    def patch_project(project_path, team_id = nil)
-      raise "Project path is not set" unless project_path
-      project = Xcodeproj::Project.open(project_path)
-      project_bundles = project.targets.map do |target|
-        target.build_configurations.map do |config|
-          config.build_settings["PRODUCT_BUNDLE_IDENTIFIER"]
-        end
-      end.flatten.uniq
-      bundles_with_profiles = AppStoreConnect::Client.get_bundles_with_profiles(project_bundles)
-      bundle_by_identifier = {}
-      profiles_by_id = {}
-      bundles_with_profiles["data"].each do |bundle_id|
-        bundle_by_identifier[bundle_id["attributes"]["identifier"]] = bundle_id
-      end
-      bundles_with_profiles["included"].each do |profile|
-        profiles_by_id[profile["id"]] = profile
-      end
-      project.targets.each do |target|
-        target.build_configurations.each do |config|
-          bundle_identifier = config.build_settings["PRODUCT_BUNDLE_IDENTIFIER"]
-          bundle_id = bundle_by_identifier[bundle_identifier]
-          unless bundle_id
-            logger.warn "Bundle '#{bundle_identifier}' is missing in App Store Connect. Skipping."
-            next
-          end
-          logger.info "Bundle '#{bundle_identifier}' resolved to Bundle ID '#{bundle_id['id']}'"
-          profiles = bundle_id["relationships"]["profiles"]["data"]
-          unless profiles
-            logger.warn "Profile for Bundle ID '#{bundle_id['id']}' is missing in App Store Connect. Skipping."
-            next
-          end
-          ad_hoc_profile = nil
-          profiles.each do |profile|
-            profile_id = profile["id"]
-            profile = profiles_by_id[profile_id]
-            if profile["attributes"]["profileType"] == "IOS_APP_ADHOC" && profile["attributes"]["profileState"] == "ACTIVE"
-              ad_hoc_profile = profile
-              break
-            end
-          end
-          unless ad_hoc_profile
-            logger.warn "Profile for Bundle ID '#{bundle_id['id']}' is missing in App Store Connect. Skipping."
-            next
-          end
-          config.build_settings["CODE_SIGN_IDENTITY"] = "iPhone Distribution"
-          config.build_settings["CODE_SIGN_STYLE"] = "Manual"
-          if team_id
-            config.build_settings["DEVELOPMENT_TEAM"] = team_id
-          end
-          config.build_settings["PROVISIONING_PROFILE_SPECIFIER"] = ad_hoc_profile["attributes"]["name"]
-        end
+        logger.info "Profile '#{ad_hoc_profile["attributes"]["name"]}' installed to '#{profile_path}'"
       end
-      project.save
-    end
-    private
-    def install_certificate(certificate_path, keychain_path, certificate_password = "", certificate_type = "cert")
-      certificate_name = File.basename(certificate_path)
-      logger.info "Installing certificate '#{certificate_name}' to keychain '#{keychain_path}'"
-      status = system("security import #{certificate_path} -k #{keychain_path} -t #{certificate_type} -A -P #{certificate_password} -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild")
-      unless status
-        logger.error "Failed to install certificate '#{certificate_name}' to keychain '#{keychain_path}'"
-        return
-      end
-      logger.info "Certificate '#{certificate_name}' installed to keychain '#{keychain_path}'"
     end
     def get_devices(team_id)
@@ -474,7 +210,7 @@ module Adsedare
       if need_update
         logger.warn "Profile '#{profile["provisioningProfile"]["name"]}' is missing one or more devices."
         Starship::Client.regen_provisioning_profile(profile, team_id, deviceIds)
         logger.info "Profile '#{profile["provisioningProfile"]["name"]}' updated."
@@ -490,7 +226,7 @@ module Adsedare
       logger.info "Checking capabilities for bundle '#{bundle_identifier}'"
       capabilities = parse_entitlements(entitlements_path)
       need_update = false
       capabilities.each do |capability|
@@ -502,11 +238,10 @@ module Adsedare
       if need_update
         logger.warn "Bundle '#{bundle_identifier}' is missing one or more capabilities."
-        new_capabilities = (
-          # You can't remove IN_APP_PURCHASE capability for some reason
-          capabilities + [ SimpleCapability.new("IN_APP_PURCHASE") ]
-        ).map { |capability| capability.to_bundle_capability(bundle_info, team_id) }
+        # You can't remove IN_APP_PURCHASE capability for some reason
+        new_capabilities = capabilities + [SimpleCapability.new("IN_APP_PURCHASE")]
+        new_capabilities = new_capabilities.map { |capability| capability.to_bundle_capability(bundle_info, team_id) }
         Starship::Client.patch_bundle(bundle_info, team_id, new_capabilities)
         logger.info "Bundle '#{bundle_identifier}' capabilities updated."

data/lib/appstoreconnect.rb CHANGED Viewed

@@ -7,80 +7,80 @@ require "jwt"
 module AppStoreConnect
   class Client
     BASE_URL = "https://api.appstoreconnect.apple.com/v1"
     class << self
-        def get_bundles_with_profiles(bundle_identifiers)
-            response = request(
-                BASE_URL + "/bundleIds",
-                method: :get,
-                params: {
-                    "fields[bundleIds]" => "name,platform,identifier,profiles",
-                    "filter[identifier]" => bundle_identifiers.join(","),
-                    "fields[profiles]" => "name,profileType,profileState,profileContent,uuid",
-                    "include" => "profiles",
-                }
-            )
-            if response.status == 200
-                JSON.parse(response.body)
-            else
-                puts response.body
-                raise "Failed to get bundle IDs: #{response.status}"
-            end
-        end
-        private
+      def get_bundles_with_profiles(bundle_identifiers)
+        response = request(
+          BASE_URL + "/bundleIds",
+          method: :get,
+          params: {
+            "fields[bundleIds]" => "name,platform,identifier,profiles",
+            "filter[identifier]" => bundle_identifiers.join(","),
+            "fields[profiles]" => "name,profileType,profileState,profileContent,uuid",
+            "include" => "profiles",
+          },
+        )
-        def request(endpoint, method: :get, params: nil, body: nil, headers: nil)
-            default_headers = {
-                "Authorization" => "Bearer #{jwt_token}",
-                "Content-Type" => "application/json",
-                "Accept" => "application/json",
-            }
+        if response.status == 200
+          JSON.parse(response.body)
+        else
+          puts response.body
+          raise "Failed to get bundle IDs: #{response.status}"
+        end
+      end
-            if headers
-                default_headers = default_headers.merge(headers)
-            end
+      private
-            response = case method
-            when :get
-              Faraday.get(endpoint, params, default_headers)
-            when :post
-              Faraday.post(endpoint, body, default_headers)
-            when :put
-              Faraday.put(endpoint, body, default_headers)
-            when :delete
-              Faraday.delete(endpoint, default_headers)
-            when :patch
-              Faraday.patch(endpoint, body, default_headers)
-            end
+      def request(endpoint, method: :get, params: nil, body: nil, headers: nil)
+        default_headers = {
+          "Authorization" => "Bearer #{jwt_token}",
+          "Content-Type" => "application/json",
+          "Accept" => "application/json",
+        }
-            return response
+        if headers
+          default_headers = default_headers.merge(headers)
         end
-        def jwt_token
-            key_id = ENV["APPSTORE_CONNECT_KEY_ID"]
-            key = ENV["APPSTORE_CONNECT_KEY"]
-            issuer_id = ENV["APPSTORE_CONNECT_ISSUER_ID"]
+        response = case method
+          when :get
+            Faraday.get(endpoint, params, default_headers)
+          when :post
+            Faraday.post(endpoint, body, default_headers)
+          when :put
+            Faraday.put(endpoint, body, default_headers)
+          when :delete
+            Faraday.delete(endpoint, default_headers)
+          when :patch
+            Faraday.patch(endpoint, body, default_headers)
+          end
-            private_key = OpenSSL::PKey.read(key)
-            token = JWT.encode(
-                {
-                    iss: issuer_id,
-                    exp: Time.now.to_i + 20 * 60,
-                    aud: "appstoreconnect-v1",
-                },
-                private_key,
-                "ES256",
-                header_fields = {
-                    alg: "ES256",
-                    kid: key_id,
-                    typ: "JWT"
-                }
-            )
+        return response
+      end
-            return token
-        end
+      def jwt_token
+        key_id = ENV["APPSTORE_CONNECT_KEY_ID"]
+        key = ENV["APPSTORE_CONNECT_KEY"]
+        issuer_id = ENV["APPSTORE_CONNECT_ISSUER_ID"]
+        private_key = OpenSSL::PKey.read(key)
+        token = JWT.encode(
+          {
+            iss: issuer_id,
+            exp: Time.now.to_i + 20 * 60,
+            aud: "appstoreconnect-v1",
+          },
+          private_key,
+          "ES256",
+          header_fields = {
+            alg: "ES256",
+            kid: key_id,
+            typ: "JWT",
+          }
+        )
+        return token
+      end
     end
   end
 end

data/lib/starship/2fa_provider.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module Starship
   class TwoFactorProvider
     def initialize
     end
     # Get the 2FA code
     # @param session_id [String] The session ID from Apple
     # @param scnt [String] The scnt value from Apple
@@ -14,7 +14,7 @@ module Starship
     def get_code(session_id, scnt)
       raise NotImplementedError, "Subclasses must implement get_code"
     end
     # Verify if this provider can handle the given 2FA type
     # @param type [String] The 2FA type (sms, voice, etc.)
     # @return [Boolean] Whether this provider can handle the given type
@@ -22,7 +22,7 @@ module Starship
       raise NotImplementedError, "Subclasses must implement can_handle?"
     end
   end
   # Manual 2FA provider that prompts the user for a code
   class ManualTwoFactorProvider < TwoFactorProvider
     include Logging
@@ -32,7 +32,7 @@ module Starship
       code = gets.chomp.strip
       code
     end
     def can_handle?(type)
       true
     end