fastlane 2.160.0 → 2.165.0

data/match/lib/match/storage/s3_storage.rb

@@ -19,6 +19,8 @@ module Match
       attr_reader :username
       attr_reader :team_id
       attr_reader :team_name
+      attr_reader :api_key_path
+      attr_reader :api_key
 
       def self.configure(params)
         s3_region = params[:s3_region]
@@ -43,7 +45,9 @@ module Match
           readonly: params[:readonly],
           username: params[:username],
           team_id: params[:team_id],
-          team_name: params[:team_name]
+          team_name: params[:team_name],
+          api_key_path: params[:api_key_path],
+          api_key: params[:api_key]
         )
       end
 
@@ -55,7 +59,9 @@ module Match
                      readonly: nil,
                      username: nil,
                      team_id: nil,
-                     team_name: nil)
+                     team_name: nil,
+                     api_key_path: nil,
+                     api_key: nil)
         @s3_bucket = s3_bucket
         @s3_region = s3_region
         @s3_client = Fastlane::Helper::S3ClientHelper.new(access_key: s3_access_key, secret_access_key: s3_secret_access_key, region: s3_region)
@@ -64,6 +70,8 @@ module Match
         @username = username
         @team_id = team_id
         @team_name = team_name
+        @api_key_path = api_key_path
+        @api_key = api_key
       end
 
       # To make debugging easier, we have a custom exception here
@@ -180,10 +188,18 @@ module Match
           # see `prefixed_working_directory` comments for more details
           return self.team_id
         else
-          spaceship = SpaceshipEnsure.new(self.username, self.team_id, self.team_name)
+          UI.user_error!("The `team_id` option is required. fastlane cannot automatically determine portal team id via the App Store Connect API (yet)") if self.team_id.to_s.empty?
+
+          spaceship = SpaceshipEnsure.new(self.username, self.team_id, self.team_name, api_token)
           return spaceship.team_id
         end
       end
+
+      def api_token
+        api_token ||= Spaceship::ConnectAPI::Token.create(self.api_key) if self.api_key
+        api_token ||= Spaceship::ConnectAPI::Token.from_json_file(self.api_key_path) if self.api_key_path
+        return api_token
+      end
     end
   end
 end

data/scan/lib/scan/detect_values.rb

@@ -187,15 +187,12 @@ module Scan
         end
       end
 
+      # Convert array to lazy enumerable (evaluate map only when needed)
       # grab the first unempty evaluated array
-      if default
-        Scan.devices = [matches, default].lazy.map { |x|
-          arr = x.call
-          arr unless arr.empty?
-        }.reject(&:nil?).first
-      else
-        Scan.devices = []
-      end
+      Scan.devices = [matches, default].lazy.reject(&:nil?).map { |x|
+        arr = x.call
+        arr unless arr.empty?
+      }.reject(&:nil?).first
     end
 
     def self.min_xcode8?

data/scan/lib/scan/runner.rb

@@ -16,6 +16,7 @@ module Scan
   class Runner
     def initialize
       @test_command_generator = TestCommandGenerator.new
+      @device_boot_datetime = DateTime.now
     end
 
     def run
@@ -184,7 +185,7 @@ module Scan
       UI.header("Collecting system logs")
       Scan.devices.each do |device|
         log_identity = "#{device.name}_#{device.os_type}_#{device.os_version}"
-        FastlaneCore::Simulator.copy_logs(device, log_identity, Scan.config[:output_directory])
+        FastlaneCore::Simulator.copy_logs(device, log_identity, Scan.config[:output_directory], @device_boot_datetime)
       end
     end
 

data/sigh/lib/assets/resign.sh

@@ -535,7 +535,7 @@ function resign {
     fi
 
     # Check for and resign OnDemandResource folders
-    ODR_DIR="$(dirname $APP_PATH)/OnDemandResources"
+    ODR_DIR="$(dirname "$APP_PATH")/OnDemandResources"
     if [ -d "$ODR_DIR" ]; then
         for assetpack in "$ODR_DIR"/*
         do

data/sigh/lib/sigh/download_all.rb

@@ -9,10 +9,16 @@ module Sigh
   class DownloadAll
     # Download all valid provisioning profiles
     def download_all(download_xcode_profiles: false)
-      UI.message("Starting login with user '#{Sigh.config[:username]}'")
-      Spaceship.login(Sigh.config[:username], nil)
-      Spaceship.select_team
-      UI.message("Successfully logged in")
+      if (token = api_token)
+        UI.message("Creating authorization token for App Store Connect API")
+        Spaceship::ConnectAPI.token = token
+      else
+        # Team selection passed though FASTLANE_ITC_TEAM_ID and FASTLANE_ITC_TEAM_NAME environment variables
+        # Prompts select team if multiple teams and none specified
+        UI.message("Starting login with user '#{Sigh.config[:username]}'")
+        Spaceship::ConnectAPI.login(Sigh.config[:username], nil, use_portal: true, use_tunes: false)
+        UI.message("Successfully logged in")
+      end
 
       if download_xcode_profiles
         UI.deprecated("The App Store Connect API does not support querying for Xcode managed profiles: --download_code_profiles is deprecated")
@@ -53,6 +59,12 @@ module Sigh
       download_profiles(profiles)
     end
 
+    def api_token
+      api_token ||= Spaceship::ConnectAPI::Token.create(Sigh.config[:api_key]) if Sigh.config[:api_key]
+      api_token ||= Spaceship::ConnectAPI::Token.from_json_file(Sigh.config[:api_key_path]) if Sigh.config[:api_key_path]
+      return api_token
+    end
+
     # @param profiles [Array] Array of all the provisioning profiles we want to download
     def download_profiles(profiles)
       UI.important("No profiles available for download") if profiles.empty?

data/sigh/lib/sigh/options.rb

@@ -54,6 +54,25 @@ module Sigh
                                      code_gen_sensitive: true,
                                      default_value: CredentialsManager::AppfileConfig.try_fetch_value(:app_identifier),
                                      default_value_dynamic: true),
+
+        # App Store Connect API
+        FastlaneCore::ConfigItem.new(key: :api_key_path,
+                                     env_name: "SIGH_API_KEY_PATH",
+                                     description: "Path to your App Store Connect API Key JSON file (https://docs.fastlane.tools/app-store-connect-api/#using-fastlane-api-key-json-file)",
+                                     optional: true,
+                                     conflicting_options: [:api_key],
+                                     verify_block: proc do |value|
+                                       UI.user_error!("Couldn't find API key JSON file at path '#{value}'") unless File.exist?(value)
+                                     end),
+        FastlaneCore::ConfigItem.new(key: :api_key,
+                                     env_name: "SIGH_API_KEY",
+                                     description: "Your App Store Connect API Key information (https://docs.fastlane.tools/app-store-connect-api/#use-return-value-and-pass-in-as-an-option)",
+                                     type: Hash,
+                                     optional: true,
+                                     sensitive: true,
+                                     conflicting_options: [:api_key_path]),
+
+        # Apple ID
         FastlaneCore::ConfigItem.new(key: :username,
                                      short_option: "-u",
                                      env_name: "SIGH_USERNAME",
@@ -82,6 +101,8 @@ module Sigh
                                      verify_block: proc do |value|
                                        ENV["FASTLANE_TEAM_NAME"] = value.to_s
                                      end),
+
+        # Other options
         FastlaneCore::ConfigItem.new(key: :provisioning_name,
                                      short_option: "-n",
                                      env_name: "SIGH_PROVISIONING_PROFILE_NAME",

data/sigh/lib/sigh/runner.rb

@@ -17,11 +17,16 @@ module Sigh
                                          hide_keys: [:output_path],
                                              title: "Summary for sigh #{Fastlane::VERSION}")
 
-      # Team selection passed though FASTLANE_ITC_TEAM_ID and FASTLANE_ITC_TEAM_NAME environment variables
-      # Prompts select team if multiple teams and none specified
-      UI.message("Starting login with user '#{Sigh.config[:username]}'")
-      Spaceship::ConnectAPI.login(Sigh.config[:username], nil, use_portal: true, use_tunes: false)
-      UI.message("Successfully logged in")
+      if api_token
+        UI.message("Creating authorization token for App Store Connect API")
+        Spaceship::ConnectAPI.token = api_token
+      else
+        # Team selection passed though FASTLANE_ITC_TEAM_ID and FASTLANE_ITC_TEAM_NAME environment variables
+        # Prompts select team if multiple teams and none specified
+        UI.message("Starting login with user '#{Sigh.config[:username]}'")
+        Spaceship::ConnectAPI.login(Sigh.config[:username], nil, use_portal: true, use_tunes: false)
+        UI.message("Successfully logged in")
+      end
 
       profiles = [] if Sigh.config[:skip_fetch_profiles]
       profiles ||= fetch_profiles # download the profile if it's there
@@ -54,6 +59,12 @@ module Sigh
       return download_profile(profile)
     end
 
+    def api_token
+      @api_token ||= Spaceship::ConnectAPI::Token.create(Sigh.config[:api_key]) if Sigh.config[:api_key]
+      @api_token ||= Spaceship::ConnectAPI::Token.from_json_file(Sigh.config[:api_key_path]) if Sigh.config[:api_key_path]
+      return @api_token
+    end
+
     # The kind of provisioning profile we're interested in
     def profile_type
       return @profile_type if @profile_type
@@ -128,7 +139,7 @@ module Sigh
           # Skip certificates that failed to download
           next unless current_cert[:downloaded]
           file = Tempfile.new('cert')
-          file.write(current_cert[:downloaded])
+          file.write(current_cert[:downloaded].force_encoding('UTF-8'))
           file.close
           if FastlaneCore::CertChecker.installed?(file.path)
             installed = true
@@ -190,65 +201,95 @@ module Sigh
       profiles
     end
 
+    def fetch_certificates(certificate_types)
+      filter = {
+        certificateType: certificate_types.join(',')
+      }
+      return Spaceship::ConnectAPI::Certificate.all(filter: filter)
+    end
+
     def certificates_for_profile_and_platform
+      types = []
+
       case Sigh.config[:platform].to_s
       when 'ios', 'tvos'
         if profile_type == Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_DEVELOPMENT || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_DEVELOPMENT
-          certificates = Spaceship.certificate.development.all +
-                         Spaceship.certificate.apple_development.all
+          types = [
+            Spaceship::ConnectAPI::Certificate::CertificateType::DEVELOPMENT,
+            Spaceship::ConnectAPI::Certificate::CertificateType::IOS_DEVELOPMENT
+          ]
         elsif profile_type == Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_INHOUSE || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_INHOUSE
           # Enterprise accounts don't have access to Apple Distribution certificates
-          certificates = Spaceship.certificate.in_house.all
+          types = [
+            Spaceship::ConnectAPI::Certificate::CertificateType::IOS_DISTRIBUTION
+          ]
         # handles case where the desired certificate type is adhoc but the account is an enterprise account
         # the apple dev portal api has a weird quirk in it where if you query for distribution certificates
         # for enterprise accounts, you get nothing back even if they exist.
-        elsif (profile_type == Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_ADHOC || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_ADHOC) && Spaceship.client && Spaceship.client.in_house?
+        elsif (profile_type == Spaceship::ConnectAPI::Profile::ProfileType::IOS_APP_ADHOC || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::TVOS_APP_ADHOC) && Spaceship::ConnectAPI.client && Spaceship::ConnectAPI.client.in_house?
           # Enterprise accounts don't have access to Apple Distribution certificates
-          certificates = Spaceship.certificate.in_house.all
+          types = [
+            Spaceship::ConnectAPI::Certificate::CertificateType::IOS_DISTRIBUTION
+          ]
         else
-          # Ad hoc or App Store
-          certificates = Spaceship.certificate.production.all +
-                         Spaceship.certificate.apple_distribution.all
+          types = [
+            Spaceship::ConnectAPI::Certificate::CertificateType::DISTRIBUTION,
+            Spaceship::ConnectAPI::Certificate::CertificateType::IOS_DISTRIBUTION
+          ]
         end
 
       when 'macos', 'catalyst'
         if profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_APP_DEVELOPMENT || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_CATALYST_APP_DEVELOPMENT
-          certificates = Spaceship.certificate.mac_development.all +
-                         Spaceship.certificate.apple_development.all
+          types = [
+            Spaceship::ConnectAPI::Certificate::CertificateType::DEVELOPMENT,
+            Spaceship::ConnectAPI::Certificate::CertificateType::MAC_APP_DEVELOPMENT
+          ]
         elsif profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_APP_STORE || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_CATALYST_APP_STORE
-          certificates = Spaceship.certificate.mac_app_distribution.all +
-                         Spaceship.certificate.apple_distribution.all
+          types = [
+            Spaceship::ConnectAPI::Certificate::CertificateType::DISTRIBUTION,
+            Spaceship::ConnectAPI::Certificate::CertificateType::MAC_APP_DISTRIBUTION
+          ]
         elsif profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_APP_DIRECT || profile_type == Spaceship::ConnectAPI::Profile::ProfileType::MAC_CATALYST_APP_DIRECT
-          certificates = Spaceship.certificate.developer_id_application.all
+          types = [
+            Spaceship::ConnectAPI::Certificate::CertificateType::DEVELOPER_ID_APPLICATION
+          ]
         else
-          certificates = Spaceship.certificate.mac_app_distribution.all +
-                         Spaceship.certificate.apple_distribution.all
+          types = [
+            Spaceship::ConnectAPI::Certificate::CertificateType::DISTRIBUTION,
+            Spaceship::ConnectAPI::Certificate::CertificateType::MAC_APP_DISTRIBUTION
+          ]
         end
       end
 
-      certificates
+      fetch_certificates(types)
     end
 
     def devices_to_use
       # Only use devices if development or adhoc
       return [] if !Sigh.config[:development] && !Sigh.config[:adhoc]
 
-      device_class = case Sigh.config[:platform].to_s
-                     when 'ios'
-                       [
-                         Spaceship::ConnectAPI::Device::DeviceClass::APPLE_WATCH,
-                         Spaceship::ConnectAPI::Device::DeviceClass::IPAD,
-                         Spaceship::ConnectAPI::Device::DeviceClass::IPHONE,
-                         Spaceship::ConnectAPI::Device::DeviceClass::IPOD
-                       ].join(",")
-                     when 'tvos'
-                       Spaceship::ConnectAPI::Device::DeviceClass::APPLE_TV
-                     when 'macos', 'catalyst'
-                       Spaceship::ConnectAPI::Device::DeviceClass::MAC
-                     end
-
-      filter = { deviceClass: device_class }
-      return Spaceship::ConnectAPI::Device.all(filter: filter)
+      device_classes = case Sigh.config[:platform].to_s
+                       when 'ios'
+                         [
+                           Spaceship::ConnectAPI::Device::DeviceClass::APPLE_WATCH,
+                           Spaceship::ConnectAPI::Device::DeviceClass::IPAD,
+                           Spaceship::ConnectAPI::Device::DeviceClass::IPHONE,
+                           Spaceship::ConnectAPI::Device::DeviceClass::IPOD
+                         ]
+                       when 'tvos'
+                         [Spaceship::ConnectAPI::Device::DeviceClass::APPLE_TV]
+                       when 'macos', 'catalyst'
+                         [Spaceship::ConnectAPI::Device::DeviceClass::MAC]
+                       end
+
+      if api_token
+        return Spaceship::ConnectAPI::Device.all.select do |device|
+          device_classes.include?(device.device_class)
+        end
+      else
+        filter = { deviceClass: device_classes.join(",") }
+        return Spaceship::ConnectAPI::Device.all(filter: filter)
+      end
     end
 
     # Certificate to use based on the current distribution mode
@@ -262,7 +303,7 @@ module Sigh
         end
 
         if Sigh.config[:cert_owner_name]
-          next unless c.owner_name.strip == Sigh.config[:cert_owner_name].strip
+          next unless c.display_name.strip == Sigh.config[:cert_owner_name].strip
         end
 
         true
@@ -273,7 +314,8 @@ module Sigh
         unless Sigh.config[:skip_certificate_verification]
           certificates = certificates.find_all do |c|
             file = Tempfile.new('cert')
-            file.write(c.download_raw)
+            raw_data = Base64.decode64(c.certificate_content)
+            file.write(raw_data.force_encoding("UTF-8"))
             file.close
 
             FastlaneCore::CertChecker.installed?(file.path)
@@ -285,7 +327,7 @@ module Sigh
         UI.important("Found more than one code signing identity. Choosing the first one. Check out `fastlane sigh --help` to see all available options.")
         UI.important("Available Code Signing Identities for current filters:")
         certificates.each do |c|
-          str = ["\t- Name:", c.owner_name, "- ID:", c.id + " - Expires", c.expires.strftime("%d/%m/%Y")].join(" ")
+          str = ["\t- Name:", c.display_name, "- ID:", c.id + " - Expires", c.expires.strftime("%d/%m/%Y")].join(" ")
           UI.message(str.green)
         end
       end

data/snapshot/lib/assets/SnapshotHelper.swift

@@ -165,7 +165,11 @@ open class Snapshot: NSObject {
             }
 
             let screenshot = XCUIScreen.main.screenshot()
+            #if os(iOS)
             let image = XCUIDevice.shared.orientation.isLandscape ?  fixLandscapeOrientation(image: screenshot.image) : screenshot.image
+            #else
+            let image = screenshot.image
+            #endif
 
             guard var simulator = ProcessInfo().environment["SIMULATOR_DEVICE_NAME"], let screenshotsDir = screenshotsDirectory else { return }
 

data/snapshot/lib/snapshot/simulator_launchers/simulator_launcher_base.rb

@@ -18,6 +18,7 @@ module Snapshot
 
     def initialize(launcher_configuration: nil)
       @launcher_config = launcher_configuration
+      @device_boot_datetime = DateTime.now
     end
 
     def collected_errors
@@ -192,7 +193,7 @@ module Snapshot
 
         UI.header("Collecting system logs #{device_name} - #{language}")
         log_identity = Digest::MD5.hexdigest(components.join("-"))
-        FastlaneCore::Simulator.copy_logs(device, log_identity, language_folder)
+        FastlaneCore::Simulator.copy_logs(device, log_identity, language_folder, @device_boot_datetime)
       end
     end
   end

data/spaceship/README.md

@@ -167,7 +167,7 @@ _spaceship_ uses all those API points to offer this seamless experience.
 _spaceship_ does a lot of magic to get everything working so neatly:
 
 - **Sensible Defaults**: You only have to provide the mandatory information (e.g. new provisioning profiles contain all devices by default)
-- **Local Validation**: When pushing changes back to the Apple Dev Portal _spaceship_ will make sure only valid data is sent to Apple (e.g. automatic repairing of provisioning profiles)
+- **Local Validation**: When pushing changes back to the Apple Developer Portal _spaceship_ will make sure only valid data is sent to Apple (e.g. automatic repairing of provisioning profiles)
 - **Various request/response types**: When working with the different API endpoints, _spaceship_ has to deal with `JSON`, `XML`, `txt`, `plist` and sometimes even `HTML` responses and requests.
 - **Automatic Pagination**: Even if you have thousands of apps, profiles or certificates, _spaceship_ **can** handle your scale. It was heavily tested by first using _spaceship_ to create hundreds of profiles and then accessing them using _spaceship_.
 - **Session, Cookie and CSRF token**: All the security aspects are handled by _spaceship_.

data/spaceship/lib/spaceship/client.rb

@@ -196,7 +196,7 @@ module Spaceship
       self.new(cookie: another_client.instance_variable_get(:@cookie), current_team_id: another_client.team_id)
     end
 
-    def initialize(cookie: nil, current_team_id: nil, timeout: nil)
+    def initialize(cookie: nil, current_team_id: nil, csrf_tokens: nil, timeout: nil)
       options = {
        request: {
           timeout:       (ENV["SPACESHIP_TIMEOUT"] || timeout || 300).to_i,
@@ -204,6 +204,7 @@ module Spaceship
         }
       }
       @current_team_id = current_team_id
+      @csrf_tokens = csrf_tokens
       @cookie = cookie || HTTP::CookieJar.new
 
       @client = Faraday.new(self.class.hostname, options) do |c|
@@ -857,9 +858,7 @@ module Spaceship
 
         resp_hash = response.to_hash
         if resp_hash[:status] == 401
-          msg = "Auth lost"
-          logger.warn(msg)
-          raise UnauthorizedAccessError.new, "Unauthorized Access"
+          handle_401(response)
         end
 
         if response.body.to_s.include?("<title>302 Found</title>")
@@ -880,6 +879,12 @@ module Spaceship
       end
     end
 
+    def handle_401(response)
+      msg = "Auth lost"
+      logger.warn(msg)
+      raise UnauthorizedAccessError.new, "Unauthorized Access"
+    end
+
     def send_request_auto_paginate(method, url_or_path, params, headers, &block)
       response = send_request(method, url_or_path, params, headers, &block)
       return response unless should_process_next_rel?(response)