exportation 0.2.3 → 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +107 -2
- data/applescript/exportation.scpt +0 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a7a44bba53279975c5fc54d2e2e5eb0f2c16a558
|
|
4
|
+
data.tar.gz: b31bb38404206939737b059adc85c4c75067764a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b72fc28b8924e6b83b358898e8a562e389eb9d036156164503ea5368d9c3fac094a5635e3471b13d30618002f3fd40109573880aac34c49335633f009bd22875
|
|
7
|
+
data.tar.gz: 7e5a910660d54e7974ff8850e97aba439ff5ef246faba9a95029afcf2838d2f956e4832eb1e5d5d987efeff4195d698699e05f8ffc5fe8722b807df8a1317139
|
data/README.md
CHANGED
|
@@ -6,6 +6,11 @@
|
|
|
6
6
|
|
|
7
7
|
CLI tool (and Ruby API) of easy exporting, encrypting, and decrypting of certificates and private keys. It can also add certificates and private keys to an existing or new keychain :grinning:
|
|
8
8
|
|
|
9
|
+
- [Installation](#installation)
|
|
10
|
+
- [CLI Commands](#cli-commands)
|
|
11
|
+
- [Ruby API](#ruby-api)
|
|
12
|
+
- [Fastlane Integration](#fastlane-integration)
|
|
13
|
+
|
|
9
14
|
**Important:** The `export` command will take control of your "Keychain Access" app so keep all hands off your computer while that command runs
|
|
10
15
|
|
|
11
16
|
### Example usage (with prompt)
|
|
@@ -63,7 +68,7 @@ gem install exportation
|
|
|
63
68
|
- Select "Accessibility"
|
|
64
69
|
- Add **ARDAgent** and **Terminal**
|
|
65
70
|
- Click "+"
|
|
66
|
-
- Press CMD+
|
|
71
|
+
- Press CMD+SHIFT+G (to go to specific folder)
|
|
67
72
|
- **ARDAgent** should be under `/System/Library/CoreServices/RemoteManagement/`
|
|
68
73
|
- **Terminal** should be under `/Applications/Utilities/`
|
|
69
74
|
|
|
@@ -86,7 +91,7 @@ exportation encrypt exported.cer exported.p12 --password dudethis
|
|
|
86
91
|
```
|
|
87
92
|
|
|
88
93
|
### Decrypting certificate and private key
|
|
89
|
-
**Be awesome!** `decrypt` decrypts your encrypted files to use on your CI or for other developers to install. *BE
|
|
94
|
+
**Be awesome!** `decrypt` decrypts your encrypted files to use on your CI or for other developers to install. *BE CAREFUL TO NOT COMMIT THESE BACK INTO YOUR REPO*
|
|
90
95
|
```sh
|
|
91
96
|
exportation decrypt exported.cer.enc exported.p12.enc --password dudethis
|
|
92
97
|
```
|
|
@@ -147,6 +152,106 @@ keychain.add_to_keychain_list!
|
|
|
147
152
|
keychain.remove_keychain_from_list!
|
|
148
153
|
```
|
|
149
154
|
|
|
155
|
+
## Fastlane integration
|
|
156
|
+
In this `fastlane` integration, I store my encrypted certificate and private key in the `circle` directory (because I'm using [CircleCI](http://circleci.com).
|
|
157
|
+
|
|
158
|
+
The `enc_cert_and_key` lane runs on my local machine where I will export and encrypt the certificate and private key.
|
|
159
|
+
|
|
160
|
+
The `ci_build` *can run* on my local machine but is **meant to run** on CircleCI (or TravisCI). This lane decrypts the certifivate and private key from the `circle` directory and puts the decrypted files in the `build/unenc` directory.
|
|
161
|
+
|
|
162
|
+
### Exporting and encrypting
|
|
163
|
+
This lane exports the certificate and private key by controling keychain access, encrypts the files, and the removes the unencrypted files.
|
|
164
|
+
```ruby
|
|
165
|
+
lane :enc_cert_and_key do
|
|
166
|
+
require 'exportation'
|
|
167
|
+
|
|
168
|
+
# Runs keychain to export cert and private key
|
|
169
|
+
Exportation::Export.new(
|
|
170
|
+
path: "../circle",
|
|
171
|
+
filename: "dist",
|
|
172
|
+
name: "RokkinCat LLC",
|
|
173
|
+
password: ENV['PKEY_PASSWORD']
|
|
174
|
+
).run
|
|
175
|
+
|
|
176
|
+
# Encrypts cert and private key for repo storage
|
|
177
|
+
Exportation::Crypter.new(
|
|
178
|
+
files: ["../circle/dist.cer", "../circle/dist.p12"],
|
|
179
|
+
password: ENV['ENC_PASSWORD'],
|
|
180
|
+
output: "../circle/"
|
|
181
|
+
).run :en
|
|
182
|
+
|
|
183
|
+
# Removes unencrypted cert and private key
|
|
184
|
+
sh "rm -f ../circle/dist.cer"
|
|
185
|
+
sh "rm -f ../circle/dist.p12"
|
|
186
|
+
|
|
187
|
+
end
|
|
188
|
+
```
|
|
189
|
+
|
|
190
|
+
### Decrypting and importing
|
|
191
|
+
This lane decrypts the certificate and private key, creates the keychain, and imports the certificate and private key into the keychain.
|
|
192
|
+
It then uses that keychain the `xcodebuild` action to build an archive of the app.
|
|
193
|
+
```ruby
|
|
194
|
+
lane :ci_build do
|
|
195
|
+
require 'exportation'
|
|
196
|
+
|
|
197
|
+
enc_password = ENV['ENC_PASSWORD']
|
|
198
|
+
keychain_password = ENV['KEYCHAIN_PASSWORD']
|
|
199
|
+
private_key_password = ENV['PKEY_PASSWORD']
|
|
200
|
+
|
|
201
|
+
# Cleaning house and making directories
|
|
202
|
+
sh "rm -rf ../build"
|
|
203
|
+
sh "mkdir ../build"
|
|
204
|
+
sh "mkdir ../build/unenc"
|
|
205
|
+
|
|
206
|
+
# Decrypting cert and private key
|
|
207
|
+
Exportation::Crypter.new(
|
|
208
|
+
files: ["../circle/dist.cer.enc", "../circle/dist.p12.enc"],
|
|
209
|
+
password: enc_password,
|
|
210
|
+
output: "../build/unenc/"
|
|
211
|
+
).run :de
|
|
212
|
+
|
|
213
|
+
# Creating keychain to use for xcodebuild
|
|
214
|
+
keychain = Exportation::Keychain.find_or_create_keychain 'ios-build', keychain_password, '../build'
|
|
215
|
+
|
|
216
|
+
# Importing the Apple certificate and the uncrypted cert and private key
|
|
217
|
+
keychain.import_certificate '../circle/apple.cer'
|
|
218
|
+
keychain.import_certificate '../build/unenc/dist.cer'
|
|
219
|
+
keychain.import_private_key '../build/unenc/dist.p12', private_key_password
|
|
220
|
+
|
|
221
|
+
# Unlocking keychain (defaults to 1 hour) and adds keychain to user search list
|
|
222
|
+
keychain.unlock!
|
|
223
|
+
keychain.add_to_keychain_list!
|
|
224
|
+
|
|
225
|
+
# Building archive
|
|
226
|
+
xcodebuild(
|
|
227
|
+
clean: true,
|
|
228
|
+
archive: true,
|
|
229
|
+
archive_path: './build/YourApp.xcarchive',
|
|
230
|
+
workspace: ENV['WORKSPACE'],
|
|
231
|
+
scheme: ENV['SCHEME'],
|
|
232
|
+
configuration: 'Release',
|
|
233
|
+
sdk: 'iphoneos',
|
|
234
|
+
keychain: keychain.path
|
|
235
|
+
)
|
|
236
|
+
|
|
237
|
+
# Building IPA
|
|
238
|
+
xcodebuild(
|
|
239
|
+
export_archive: true,
|
|
240
|
+
export_path: './build/YourApp'
|
|
241
|
+
)
|
|
242
|
+
|
|
243
|
+
# Send to HockeyApp
|
|
244
|
+
hockey({
|
|
245
|
+
api_token: ENV['HOCKEYAPP_API_TOKEN'],
|
|
246
|
+
})
|
|
247
|
+
|
|
248
|
+
# Cleaning house again
|
|
249
|
+
sh "rm -rf ../circle/unenc"
|
|
250
|
+
keychain.remove_keychain_from_list!
|
|
251
|
+
|
|
252
|
+
end
|
|
253
|
+
```
|
|
254
|
+
|
|
150
255
|
## Using the internals
|
|
151
256
|
|
|
152
257
|
### Compiling and running the AppleScript directly
|
|
Binary file
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: exportation
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Josh Holtz
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-04-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dotenv
|