fastlane-plugin-verify_ipa 0.2.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 42b7db74543c5f6bc6a5ed8c8cd8ba34bfabde66
+  data.tar.gz: 338343d1b42adffb30af58d44f70028db4f2e7a1
+SHA512:
+  metadata.gz: c3659616ced5fa968695cf27e7ae13dbc642a24450092c75c01c7a02f03153a36c3b802d164eb968583d4a619d88d91cea2f85e88f5930f8f923a027835623a5
+  data.tar.gz: 3d4c4de32c3266934c9777fdf4a82f538ed5bf2fa742c601d20b4fe427d9e27bd6a17527db73328867bd38c16728f67d762eeb4646d1e0272c5c293a0d67d6c6

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 Derek Yang <yanghada@gmail.com>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,52 @@
+# verify_ipa plugin
+
+[![fastlane Plugin Badge](https://rawcdn.githack.com/fastlane/fastlane/master/fastlane/assets/plugin-badge.svg)](https://rubygems.org/gems/fastlane-plugin-verify_ipa)
+
+## Getting Started
+
+This project is a [fastlane](https://github.com/fastlane/fastlane) plugin. To get started with `fastlane-plugin-verify_ipa`, add it to your project by running:
+
+```bash
+fastlane add_plugin verify_ipa
+```
+
+## About verify_ipa
+
+verify_ipa
+
+**Note to author:** Add a more detailed description about this plugin here. If your plugin contains multiple actions, make sure to mention them here.
+
+## Example
+
+Check out the [example `Fastfile`](fastlane/Fastfile) to see how to use this plugin. Try it by cloning the repo, running `fastlane install_plugins` and `bundle exec fastlane test`.
+
+**Note to author:** Please set up a sample project to make it easy for users to explore what your plugin does. Provide everything that is necessary to try out the plugin in this project (including a sample Xcode/Android project if necessary)
+
+## Run tests for this plugin
+
+To run both the tests, and code style validation, run
+
+```
+rake
+```
+
+To automatically fix many of the styling issues, use
+```
+rubocop -a
+```
+
+## Issues and Feedback
+
+For any other issues and feedback about this plugin, please submit it to this repository.
+
+## Troubleshooting
+
+If you have trouble using plugins, check out the [Plugins Troubleshooting](https://docs.fastlane.tools/plugins/plugins-troubleshooting/) guide.
+
+## Using `fastlane` Plugins
+
+For more information about how the `fastlane` plugin system works, check out the [Plugins documentation](https://docs.fastlane.tools/plugins/create-plugin/).
+
+## About `fastlane`
+
+`fastlane` is the easiest way to automate beta deployments and releases for your iOS and Android apps. To learn more, check out [fastlane.tools](https://fastlane.tools).

data/lib/fastlane/plugin/verify_ipa.rb

@@ -0,0 +1,16 @@
+require 'fastlane/plugin/verify_ipa/version'
+
+module Fastlane
+  module VerifyIpa
+    # Return all .rb files inside the "actions" and "helper" directory
+    def self.all_classes
+      Dir[File.expand_path('**/{actions,helper}/*.rb', File.dirname(__FILE__))]
+    end
+  end
+end
+
+# By default we want to import all available actions and helpers
+# A plugin can contain any number of actions and plugins
+Fastlane::VerifyIpa.all_classes.each do |current|
+  require current
+end

data/lib/fastlane/plugin/verify_ipa/actions/verify_ipa_entitlements_action.rb

@@ -0,0 +1,85 @@
+require 'plist'
+
+module Fastlane
+  module Actions
+    class VerifyIpaEntitlementsAction < Action
+      def self.run(params)
+        Dir.mktmpdir do |dir|
+          app_path = Helper::VerifyIpaHelper.app_path(params, dir)
+          entitlements = self.read_entitlements(params, app_path)
+          self.verify_entitlements(params, entitlements)
+        end
+      end
+
+      def self.read_entitlements(params, app_path)
+        profile_path = "#{app_path}/embedded.mobileprovision"
+        profile_plist = sh("security cms -D -i #{profile_path}")
+        UI.user_error!("Unable to extract profile") unless $? == 0
+
+        profile = Plist.parse_xml(profile_plist)
+        profile['Entitlements']
+      end
+
+      def self.verify_entitlements(params, entitlements)
+        if params[:application_identifier]
+          self.verify_param(:application_identifier, params[:application_identifier], entitlements['application-identifier'])
+        end
+        if params[:team_identifier]
+          self.verify_param(:team_identifier, params[:team_identifier], entitlements['com.apple.developer.team-identifier'])
+        end
+        if params[:aps_environment]
+          self.verify_param(:aps_environment, params[:aps_environment], entitlements['aps-environment'])
+        end
+        if params[:other_params]
+          params[:other_params].keys.each do |key|
+            self.verify_param(key, params[:other_params][key], entitlements[key.to_s.tr('_', '-')])
+          end
+        end
+
+        UI.success("Entitlements are verified.")
+      end
+
+      def self.verify_param(param, expected, actual)
+        UI.user_error!("Mismatched #{param}. Expected: '#{expected}'; Found: '#{actual}'") unless expected == actual
+      end
+
+      def self.description
+        'Verify ipa entitlements'
+      end
+
+      def self.authors
+        ['Derek Yang']
+      end
+
+      def self.available_options
+        [
+          FastlaneCore::ConfigItem.new(key: :ipa_path,
+                                  env_name: 'VERIFY_IPA_IPA_PATH',
+                               description: 'Explicitly set the ipa path',
+                                  optional: true),
+          FastlaneCore::ConfigItem.new(key: :application_identifier,
+                                  env_name: 'VERIFY_IPA_APPLICATION_IDENTIFIER',
+                               description: 'Key application-identifier in Entitlements',
+                                  optional: true),
+          FastlaneCore::ConfigItem.new(key: :team_identifier,
+                                  env_name: 'VERIFY_IPA_TEAM_IDENTIFIER',
+                               description: 'Key com.apple.developer.team-identifier in Entitlements',
+                                  optional: true),
+          FastlaneCore::ConfigItem.new(key: :aps_environment,
+                                  env_name: 'VERIFY_IPA_APS_ENVIRONMENT',
+                               description: 'Key aps-environment in Entitlements',
+                                  optional: true),
+          FastlaneCore::ConfigItem.new(key: :other_params,
+                                  env_name: 'VERIFY_IPA_OTHER_PARAMS',
+                               description: 'A hash of entitlement key and expected values',
+                                  optional: true,
+                                      type: Hash)
+        ]
+      end
+
+      def self.is_supported?(platform)
+        [:ios].include?(platform)
+      end
+    end
+  end
+end

data/lib/fastlane/plugin/verify_ipa/actions/verify_ipa_files_action.rb

@@ -0,0 +1,60 @@
+module Fastlane
+  module Actions
+    class VerifyIpaFilesAction < Action
+      def self.run(params)
+        Dir.mktmpdir do |dir|
+          app_path = Helper::VerifyIpaHelper.app_path(params, dir)
+          self.verify_files(params, app_path)
+        end
+      end
+
+      def self.verify_files(params, app_path)
+        files_on_blacklist = []
+        files_on_whitelist = []
+
+        Dir.chdir(app_path) do
+          params[:blacklist].each { |pattern| files_on_blacklist << Dir.glob(pattern) }
+          params[:whitelist].each { |pattern| files_on_whitelist << Dir.glob(pattern) } if params[:whitelist]
+
+          invalid_files = files_on_blacklist.flatten - files_on_whitelist.flatten
+          UI.user_error!("Found files on the blacklist: #{invalid_files}") unless invalid_files.empty?
+        end
+      end
+
+      def self.description
+        'Verify files in ipa file'
+      end
+
+      def self.details
+        'Make sure no sensible files (e.g. build script or mock data with sensible info) are accidentally included in ipa file'
+      end
+
+      def self.authors
+        ['Derek Yang']
+      end
+
+      def self.available_options
+        [
+          FastlaneCore::ConfigItem.new(key: :ipa_path,
+                                  env_name: 'VERIFY_IPA_IPA_PATH',
+                               description: 'Explicitly set the ipa path',
+                                  optional: true),
+          FastlaneCore::ConfigItem.new(key: :blacklist,
+                                  env_name: 'VERIFY_IPA_BLACKLIST',
+                               description: 'A list of glob patterns that define what files should NOT make their way into the ipa',
+                                  optional: false,
+                                      type: Array),
+          FastlaneCore::ConfigItem.new(key: :whitelist,
+                                  env_name: 'VERIFY_IPA_WHITELIST',
+                               description: 'A list of glob patterns that are allowed to be included in the ipa',
+                                  optional: true,
+                                      type: Array)
+        ]
+      end
+
+      def self.is_supported?(platform)
+        [:ios].include?(platform)
+      end
+    end
+  end
+end

data/lib/fastlane/plugin/verify_ipa/helper/verify_ipa_helper.rb

@@ -0,0 +1,15 @@
+module Fastlane
+  module Helper
+    class VerifyIpaHelper
+      def self.app_path(params, dir)
+        ipa_path = params[:ipa_path] || Actions.lane_context[SharedValues::IPA_OUTPUT_PATH] || ''
+        UI.user_error!("Unable to find ipa file '#{ipa_path}'.") unless File.exist?(ipa_path)
+
+        ipa_path = File.expand_path(ipa_path)
+        `unzip '#{ipa_path}' -d #{dir}`
+        UI.user_error!("Unable to unzip ipa '#{ipa_path}'") unless $? == 0
+        File.expand_path("#{dir}/Payload/*.app")
+      end
+    end
+  end
+end

data/lib/fastlane/plugin/verify_ipa/version.rb

@@ -0,0 +1,5 @@
+module Fastlane
+  module VerifyIpa
+    VERSION = "0.2.0"
+  end
+end

metadata

@@ -0,0 +1,148 @@
+--- !ruby/object:Gem::Specification
+name: fastlane-plugin-verify_ipa
+version: !ruby/object:Gem::Version
+  version: 0.2.0
+platform: ruby
+authors:
+- Derek Yang
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-03-04 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: plist
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: fastlane
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.18.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.18.2
+description: 
+email: yanghada@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- lib/fastlane/plugin/verify_ipa.rb
+- lib/fastlane/plugin/verify_ipa/actions/verify_ipa_entitlements_action.rb
+- lib/fastlane/plugin/verify_ipa/actions/verify_ipa_files_action.rb
+- lib/fastlane/plugin/verify_ipa/helper/verify_ipa_helper.rb
+- lib/fastlane/plugin/verify_ipa/version.rb
+homepage: https://github.com/dyang/verify_ipa
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.10
+signing_key: 
+specification_version: 4
+summary: verify_ipa
+test_files: []