npm - @daemux/store-automator - Versions diffs - 0.10.87 → 0.10.88 - Mend

@daemux/store-automator 0.10.87 → 0.10.88

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/.claude-plugin/marketplace.json +2 -2
package/package.json +1 -1
package/plugins/store-automator/.claude-plugin/plugin.json +1 -1
package/templates/github/IOS_NATIVE_CI_SETUP.md +36 -28
package/templates/scripts/ci/ios-native/cfg_resolve.py +16 -125
package/templates/scripts/ci/ios-native/read_config.py +112 -209
package/templates/ios-native-ci.config.yaml.template +0 -43

package/.claude-plugin/marketplace.json CHANGED Viewed

@@ -5,14 +5,14 @@
   },
   "metadata": {
     "description": "App Store & Google Play automation for Flutter apps",
-    "version": "0.10.87"
+    "version": "0.10.88"
   },
   "plugins": [
     {
       "name": "store-automator",
       "source": "./plugins/store-automator",
       "description": "3 agents for app store publishing: reviewer, meta-creator, media-designer",
-      "version": "0.10.87",
+      "version": "0.10.88",
       "keywords": [
         "flutter",
         "app-store",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@daemux/store-automator",
-  "version": "0.10.87",
+  "version": "0.10.88",
   "description": "Full App Store & Google Play automation for Flutter apps with Claude Code agents",
   "type": "module",
   "bin": {

package/plugins/store-automator/.claude-plugin/plugin.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "store-automator",
-  "version": "0.10.87",
+  "version": "0.10.88",
   "description": "App Store & Google Play automation agents for Flutter app publishing",
   "author": {
     "name": "Daemux"

package/templates/github/IOS_NATIVE_CI_SETUP.md CHANGED Viewed

@@ -1,32 +1,26 @@
 # iOS Native TestFlight CI — Setup Guide
-Drop-in TestFlight automation for native Swift/SwiftUI iOS apps. One workflow, one credential file — and optionally a config file. All logic lives in the shared composite action `daemux/daemux-plugins/.github/actions/ios-native-testflight`.
+**Zero config.** Drop-in TestFlight automation for native Swift/SwiftUI iOS apps. Two files in your repo are all you need:
-**As of v0.18.0, `ci.config.yaml` is entirely optional.** With just `creds/AuthKey_*.p8` at the repo root and the 18-line `deploy.yml`, CI auto-detects your project, workspace, scheme, bundle id, team id, and App Store Connect app id. Add a `ci.config.yaml` only when you need to override auto-detection (e.g., multiple `.xcodeproj` at root, a non-application scheme, a pinned configuration).
+1. `.github/workflows/deploy.yml` (18 lines, copied verbatim)
+2. `creds/AuthKey_<KEY_ID>_Issuer_<UUID>.p8` (your ASC API key)
+There is **no** `ci.config.yaml`. The composite action auto-detects your project, workspace, scheme, bundle id, team id, and App Store Connect numeric app id from the Xcode project + ASC API. To override any auto-detected value, pass it via the action's `with:` block in `deploy.yml`.
+All logic lives in the shared composite action `daemux/daemux-plugins/.github/actions/ios-native-testflight`.
 ## Prerequisites
 - **Private GitHub repo** (holds the ASC API key `.p8` file).
 - **Apple Developer Program** membership with an App Store Connect user that can create API keys.
 - **ASC API Key** with `App Manager` role, downloaded as `AuthKey_<KEY_ID>.p8` (Apple lets you download this exactly once).
-- Xcode project builds locally on macOS 15 / Xcode 16.
+- Xcode project builds locally on macOS 15 / Xcode 16+.
 ## Step 1 — Copy the workflow
 Copy `.github/workflows/deploy.yml` verbatim from this template. No edits required. It triggers on push to `main` and via `workflow_dispatch`.
-## Step 2 — (Optional) Copy `ci.config.yaml`
-**Skip this step entirely** unless you need to override auto-detection. The CI figures out sane defaults for every field from your Xcode project.
-If you want explicit control, copy `ios-native-ci.config.yaml.template` to your repo root as `ci.config.yaml` and set just the fields you want to pin:
-- `xcode.project` — if you have multiple `*.xcodeproj` at the repo root.
-- `xcode.scheme` — if you have multiple application-type schemes.
-- `app.bundle_id` — if auto-detect picks the wrong one (rare).
-- Everything else has a sensible default.
-## Step 3 — Drop in the ASC API key
+## Step 2 — Drop in the ASC API key
 Rename the downloaded key to include both the key id and the issuer uuid, then put it under `creds/`:
@@ -38,7 +32,7 @@ Example: `creds/AuthKey_5NBDY6YXJ6_Issuer_69a6de77-xxxx-xxxx-xxxx-xxxxxxxxxxxx.p
 The composite action parses the key id and issuer id from the filename — no GitHub secrets to configure.
-## Step 4 — Register the app in App Store Connect (one-time)
+## Step 3 — Register the app in App Store Connect (one-time)
 App Store Connect requires a human-in-the-loop 2FA step the first time. Either:
@@ -47,13 +41,11 @@ App Store Connect requires a human-in-the-loop 2FA step the first time. Either:
 Subsequent builds need neither — the ASC API key handles everything.
-## Step 5 — MARKETING_VERSION
+## Step 4 — MARKETING_VERSION
 Leave your Xcode project's `MARKETING_VERSION` at `1.0` initially. CI auto-rolls the marketing version forward (patch bump) whenever the prior version hits `READY_FOR_SALE` in App Store Connect. Until then, the pipeline keeps bumping the build number against the current marketing version.
-## Step 6 — Push to `main`
-Minimal (no config file):
+## Step 5 — Push to `main`
 ```bash
 git add .github/workflows/deploy.yml creds/AuthKey_*.p8
@@ -61,25 +53,41 @@ git commit -m "ci: add iOS TestFlight pipeline"
 git push origin main
 ```
-With an optional config file:
+GitHub Actions triggers the workflow. On success, the build appears in TestFlight within 5–15 minutes (Apple processing delay).
-```bash
-git add .github/workflows/deploy.yml ci.config.yaml creds/AuthKey_*.p8
-git commit -m "ci: add iOS TestFlight pipeline"
-git push origin main
+## Overrides (optional)
+If auto-detection picks the wrong value, pin it in `deploy.yml`:
+```yaml
+- uses: daemux/daemux-plugins/.github/actions/ios-native-testflight@main
+  with:
+    project: MyApp.xcodeproj           # if multiple .xcodeproj at root
+    workspace: MyApp.xcworkspace       # wins over project
+    scheme: MyApp                      # if multiple application schemes
+    configuration: Release             # default: Release
+    bundle-id: com.example.myapp       # if PRODUCT_BUNDLE_IDENTIFIER is wrong
+    team-id: ABCDE12345                # if your ASC key is multi-team
+    app-store-apple-id: '1234567890'   # to skip the ASC API lookup
+    app-store-whats-new: |
+      - New feature X
+      - Bug fixes
+    app-store-locale: en-US
+    uses-non-exempt-encryption: 'false'
 ```
-GitHub Actions triggers the workflow. On success, the build appears in TestFlight within 5–15 minutes (Apple processing delay).
+Every input is optional. Omitted ones are auto-detected.
 ## Troubleshooting
 | Error | Likely Cause | Fix |
 |-------|--------------|-----|
 | `No ASC key found in creds/` | File missing or misnamed | Filename must match `AuthKey_<KEY_ID>_Issuer_<ISSUER_UUID>.p8` exactly |
-| `No ASC app found for bundle <id>` | App not yet registered in ASC | Run Step 4 (create the app record) |
+| `Multiple ASC keys found in creds/` | More than one .p8 | Remove the unused one(s) — only a single key is supported |
+| `No ASC app found for bundle <id>` | App not yet registered in ASC | Run Step 3 (create the app record) |
 | `MARKETING_VERSION not set` | Missing in `.pbxproj` | Set `MARKETING_VERSION = 1.0;` in your target's build settings |
 | Apple refuses new version | Prior version not in `READY_FOR_SALE` | Let the existing version finish review, or manually bump `MARKETING_VERSION` in Xcode |
-| `Scheme not found` | Scheme not shared | In Xcode: Product → Scheme → Manage Schemes → tick "Shared", commit `*.xcscheme` |
+| `Scheme not found` | Scheme not shared, or auto-detect picked wrong one | In Xcode: Product → Scheme → Manage Schemes → tick "Shared", commit `*.xcscheme`. Or pass `scheme:` in the workflow `with:` block. |
 ## Credential rotation

package/templates/scripts/ci/ios-native/cfg_resolve.py CHANGED Viewed

@@ -1,19 +1,15 @@
 #!/usr/bin/env python3
 """
-Config loading + value-resolution helpers for ios-native-testflight.
+Shared helpers for ios-native-testflight read_config.py.
-Pulled out of read_config.py to keep any single file under the 400-line /
-10-function project limits.
+Now that ci.config.yaml is gone, this module only contains the helpers
+that interact with the filesystem or App Store Connect — no YAML or
+config-precedence logic remains.
 Contents:
-    load_config         YAML loader (returns {} if missing)
     emit                $GITHUB_ENV writer (handles multi-line via heredoc)
-    dig / pick          Safe nested dict access
-    pick_with_source    Flat-path-first, legacy-alias-second lookup
-    resolve             Apply input -> config -> auto -> default precedence
-    auto_project_glob   Repo-root *.xcodeproj / *.xcworkspace autodetect
-    as_str_bool         YAML bool -> "true"/"false"/None
     find_p8             Locate ASC .p8 key in creds/
+    derive_team_if_empty  ASC API fallback for team_id
     lookup_app_id_via_api  Subprocess helper — calls lookup_app_id.py
 """
@@ -21,14 +17,12 @@ from __future__ import annotations
 import os
 import re
+import subprocess
 import sys
 from pathlib import Path
-from typing import Any
-import yaml
 from asc_common import make_jwt
-from cfg_io import fail, log, notice
+from cfg_io import fail, log
 from team_resolver import derive_team_id
@@ -37,27 +31,6 @@ P8_RE = re.compile(
 )
-def load_config(workspace: Path, rel_path: str) -> dict:
-    """Load a YAML config from ``workspace/rel_path``. Returns {} if missing."""
-    cfg_path = workspace / rel_path
-    if not cfg_path.is_file():
-        notice(
-            f"{rel_path} not found at {cfg_path}; proceeding with inputs and defaults only"
-        )
-        return {}
-    try:
-        with cfg_path.open("r") as fh:
-            data = yaml.safe_load(fh)
-    except yaml.YAMLError as exc:
-        fail(f"failed to parse {rel_path}: {exc}")
-    if data is None:
-        return {}
-    if not isinstance(data, dict):
-        fail(f"{rel_path} root must be a mapping")
-    log(f"loaded config from {cfg_path}")
-    return data
 def emit(env_file: Path, name: str, value: str) -> None:
     """Append NAME=VALUE (or multi-line NAME<<EOF ... EOF) to $GITHUB_ENV."""
     if value is None:
@@ -73,82 +46,12 @@ def emit(env_file: Path, name: str, value: str) -> None:
             fh.write(f"{name}={value}\n")
-def dig(cfg: dict, *path: str, default: Any = None) -> Any:
-    """Safe nested .get across dict path. Returns default if any key missing."""
-    node: Any = cfg
-    for key in path:
-        if not isinstance(node, dict):
-            return default
-        node = node.get(key)
-        if node is None:
-            return default
-    return node
-def pick(cfg: dict, *paths: tuple) -> Any:
-    """Return the first non-None/non-empty value among a series of paths."""
-    for path in paths:
-        val = dig(cfg, *path)
-        if val not in (None, ""):
-            return val
-    return None
-def pick_with_source(cfg: dict, flat: tuple, legacy: tuple) -> tuple[Any, str]:
-    """Return (value, source) — flat path wins; legacy alias as fallback."""
-    flat_val = dig(cfg, *flat)
-    if flat_val not in (None, ""):
-        return flat_val, "config"
-    legacy_val = dig(cfg, *legacy)
-    if legacy_val not in (None, ""):
-        return legacy_val, "config(legacy)"
-    return None, "config"
-def resolve(
-    input_val: str,
-    cfg_val: Any,
-    *,
-    cfg_source: str = "config",
-    auto_val: str = "",
-    default: str = "",
-) -> tuple[str, str]:
-    """Apply precedence: input > config > auto > default > empty."""
-    if input_val:
-        return input_val, "input"
-    if cfg_val not in (None, ""):
-        return str(cfg_val), cfg_source
-    if auto_val:
-        return auto_val, "auto-detect"
-    if default:
-        return default, "default"
-    return "", "empty"
-def auto_project_glob(workspace: Path, suffix: str) -> str:
-    """Return the single matching *suffix file at repo root, else empty."""
-    matches = sorted(workspace.glob(f"*{suffix}"))
-    if len(matches) == 1:
-        return matches[0].name
-    return ""
-def as_str_bool(val: Any) -> str | None:
-    """Normalize YAML bool / string / None to 'true'|'false'|None."""
-    if val is None:
-        return None
-    if isinstance(val, bool):
-        return "true" if val else "false"
-    s = str(val).strip().lower()
-    if s in ("true", "yes", "1"):
-        return "true"
-    if s in ("false", "no", "0"):
-        return "false"
-    return s  # let downstream validate
-def find_p8(workspace: Path, cfg: dict) -> tuple[Path, str, str | None]:
-    """Locate the ASC .p8 key. Returns (path, key_id, issuer_from_filename)."""
+def find_p8(workspace: Path) -> tuple[Path, str, str | None]:
+    """Locate the ASC .p8 key. Returns (path, key_id, issuer_from_filename).
+    If multiple keys are found we fail with an actionable message — there is
+    no longer a config-based disambiguation channel.
+    """
     creds_dir = workspace / "creds"
     matches = sorted(creds_dir.glob("AuthKey_*.p8"))
     if not matches:
@@ -170,23 +73,13 @@ def find_p8(workspace: Path, cfg: dict) -> tuple[Path, str, str | None]:
             "Found .p8 file(s) in creds/ but none match the required naming "
             "pattern AuthKey_<KEY_ID>[_Issuer_<UUID>].p8"
         )
     if len(parsed) == 1:
         return parsed[0]
-    config_key_id = pick(cfg, ("credentials", "apple", "key_id"), ("asc", "key_id"))
-    if not config_key_id:
-        names = ", ".join(p.name for p, _, _ in parsed)
-        fail(
-            f"Multiple ASC keys found in creds/ ({names}). "
-            "Set credentials.apple.key_id in ci.config.yaml to choose one."
-        )
-    for entry in parsed:
-        if entry[1] == config_key_id:
-            return entry
+    names = ", ".join(p.name for p, _, _ in parsed)
     fail(
-        f"credentials.apple.key_id={config_key_id} did not match any .p8 in "
-        f"creds/ (found key_ids: {', '.join(k for _, k, _ in parsed)})"
+        f"Multiple ASC keys found in creds/ ({names}). Remove the unused "
+        "ones — only a single key is supported."
     )
@@ -217,8 +110,6 @@ def derive_team_if_empty(
 def lookup_app_id_via_api(bundle_id: str, scripts_dir: Path) -> str:
     """Invoke lookup_app_id.py to resolve apple_id via ASC API."""
-    import subprocess
     script = scripts_dir / "lookup_app_id.py"
     if not script.is_file():
         fail(f"lookup_app_id.py not found at {script}")

package/templates/scripts/ci/ios-native/read_config.py CHANGED Viewed

@@ -1,38 +1,29 @@
 #!/usr/bin/env python3
 """
-Read ci.config.yaml + discover ASC API key in creds/, then emit derived CI
-environment variables to $GITHUB_ENV.
-Schema (flat — primary, canonical):
-    app.{bundle_id, team_id, app_store_apple_id}
-    xcode.{project, workspace, scheme, configuration, profile_name}
-    ios.{uses_non_exempt_encryption}
-    testflight.{whats_new, locale}
-    ci.{run_tests, test_command, test_destination}
-    credentials.apple.{key_id, issuer_id}  OR  asc.{key_id, issuer_id}
-Legacy aliases (accepted for back-compat, never preferred):
-    ios.native.{project, workspace, scheme, configuration, profile_name,
-                team_id, app_store_apple_id, uses_non_exempt_encryption,
-                whats_new, locale, run_tests, test_command, test_destination,
-                tests.{run, command, destination}}
-    app_store.locale (third-tier fallback only)
+Discover ASC API key in creds/ + auto-detect Xcode project/scheme/bundle,
+then emit derived CI environment variables to $GITHUB_ENV.
+There is NO config file. This script reads only:
+  - INPUT_* env vars (the composite action's `with:` overrides)
+  - creds/AuthKey_<KEY_ID>_Issuer_<UUID>.p8 (the only required file)
+  - the Xcode project (via auto_detect.py + xcodebuild)
+  - the App Store Connect API (for team_id and app_store_apple_id)
 Precedence for every CFG_* value:
-    1. Explicit action input (INPUT_* env var)
-    2. Flat-schema config value
-    3. Legacy ios.native.* alias
-    4. Auto-detected value (xcodeproj/xcworkspace glob) or built-in default
-    5. Empty string (composite action step applies its own default / skips)
+    1. INPUT_* env var (composite action input)
+    2. Auto-detected value (xcodebuild, ASC API, glob)
+    3. Built-in default ("Release", "false", "en-US", whatsNew boilerplate)
+    4. Empty string (downstream step skips or applies its own fallback)
-Built-in defaults (emitted when no config/input exists):
+Built-in defaults emitted when nothing else applies:
     CFG_CONFIGURATION=Release, CFG_USES_NON_EXEMPT=false,
-    CFG_RUN_TESTS=false, CFG_LOCALE=en-US, CFG_PROFILE_NAME="<scheme> CI".
-All other CFG_* fields emit empty and rely on action.yml-level fallbacks.
+    CFG_RUN_TESTS=false, CFG_LOCALE=en-US,
+    CFG_PROFILE_NAME="<scheme> CI", CFG_WHATS_NEW=<boilerplate>.
 The ASC .p8 key is located by globbing ``creds/AuthKey_*.p8`` with filename
-regex AuthKey_<KEY_ID>[_Issuer_<ISSUER_UUID>].p8. Multiple matches require
-``credentials.apple.key_id`` (or ``asc.key_id``) in config to disambiguate.
+regex AuthKey_<KEY_ID>[_Issuer_<ISSUER_UUID>].p8. If multiple match, we fail
+with an instruction to remove the unwanted one(s) — there is no longer a
+config-based disambiguation channel.
 Writes to $GITHUB_ENV:
     ASC_KEY_ID, ASC_ISSUER_ID, ASC_KEY_P8_PATH, ASC_KEY_P8,
@@ -56,17 +47,10 @@ from pathlib import Path
 import auto_detect
 from cfg_io import fail, log
 from cfg_resolve import (
-    as_str_bool,
-    auto_project_glob,
     derive_team_if_empty,
-    dig,
     emit,
     find_p8,
-    load_config,
     lookup_app_id_via_api,
-    pick,
-    pick_with_source,
-    resolve,
 )
@@ -77,63 +61,54 @@ DEFAULT_WHATS_NEW = (
 )
-def emit_credentials(env_file: Path, cfg: dict, workspace: Path) -> dict:
+def _pick(input_val: str, *, auto_val: str = "", default: str = "") -> tuple[str, str]:
+    """Apply precedence: input > auto > default > empty."""
+    if input_val:
+        return input_val, "input"
+    if auto_val:
+        return auto_val, "auto-detect"
+    if default:
+        return default, "default"
+    return "", "empty"
+def emit_credentials(env_file: Path, workspace: Path) -> dict:
     """Discover .p8, derive ASC_KEY_ID / ISSUER / PATH, emit to env_file.
     Returns {'key_id', 'issuer_id', 'key_path'} for downstream use.
     """
-    p8_path, key_id_from_file, issuer_from_file = find_p8(workspace, cfg)
+    p8_path, key_id_from_file, issuer_from_file = find_p8(workspace)
     try:
         p8_contents = p8_path.read_text()
     except OSError as exc:
         fail(f"cannot read {p8_path}: {exc}")
-    cfg_key_id = pick(cfg, ("credentials", "apple", "key_id"), ("asc", "key_id"))
-    cfg_issuer = pick(cfg, ("credentials", "apple", "issuer_id"), ("asc", "issuer_id"))
-    asc_key_id = cfg_key_id or key_id_from_file
-    asc_issuer = cfg_issuer or issuer_from_file
-    if not asc_issuer:
+    if not issuer_from_file:
         fail(
-            "ASC issuer id unknown: neither the filename contains _Issuer_<UUID> "
-            "nor credentials.apple.issuer_id is set in ci.config.yaml."
+            "ASC issuer id unknown: rename the .p8 to "
+            "AuthKey_<KEY_ID>_Issuer_<UUID>.p8 so the issuer id is in the filename."
         )
-    emit(env_file, "ASC_KEY_ID", str(asc_key_id))
-    emit(env_file, "ASC_ISSUER_ID", str(asc_issuer))
+    emit(env_file, "ASC_KEY_ID", str(key_id_from_file))
+    emit(env_file, "ASC_ISSUER_ID", str(issuer_from_file))
     emit(env_file, "ASC_KEY_P8_PATH", str(p8_path))
     emit(env_file, "ASC_KEY_P8", p8_contents)
-    log(f"ASC_KEY_ID={asc_key_id} (source: {'config' if cfg_key_id else 'filename'})")
-    log(f"ASC_ISSUER_ID={asc_issuer} (source: {'config' if cfg_issuer else 'filename'})")
+    log(f"ASC_KEY_ID={key_id_from_file} (source: filename)")
+    log(f"ASC_ISSUER_ID={issuer_from_file} (source: filename)")
     log(f"ASC_KEY_P8_PATH={p8_path}")
-    return {"key_id": str(asc_key_id), "issuer_id": str(asc_issuer), "key_path": str(p8_path)}
-def _auto_detect_bundle_if_empty(
-    bundle: tuple[str, str],
-    workspace: Path | None,
-    xcode: dict | None,
-) -> tuple[str, str]:
-    """Call auto_detect_bundle_id only when bundle is unresolved."""
-    if bundle[0] or workspace is None or xcode is None or not xcode.get("scheme"):
-        return bundle
-    detected = auto_detect.auto_detect_bundle_id(
-        workspace,
-        xcode.get("project", ""),
-        xcode.get("workspace", ""),
-        xcode["scheme"],
-        xcode.get("configuration", "Release"),
-    )
-    if detected:
-        return detected, "auto-detect"
-    return bundle
+    return {
+        "key_id": str(key_id_from_file),
+        "issuer_id": str(issuer_from_file),
+        "key_path": str(p8_path),
+    }
-def _auto_detect_project_workspace(
+def _detect_project_workspace(
     workspace: Path,
     project: tuple[str, str],
     ws_val: tuple[str, str],
 ) -> tuple[tuple[str, str], tuple[str, str]]:
-    """Run auto_detect.auto_detect_project when both are unset; return the pair."""
+    """Run auto_detect.auto_detect_project when both are unset."""
     if project[0] or ws_val[0]:
         return project, ws_val
     auto_proj, auto_ws = auto_detect.auto_detect_project(workspace)
@@ -144,47 +119,25 @@ def _auto_detect_project_workspace(
     return project, ws_val
-def resolve_xcode(cfg: dict, workspace: Path, inp: dict) -> dict:
+def resolve_xcode(workspace: Path, inp: dict) -> dict:
     """Resolve project / workspace / scheme / configuration / profile_name.
-    Falls back to ``auto_detect`` (glob + xcodebuild -list + showBuildSettings)
-    when neither input nor config nor the older single-suffix glob finds a
-    value. This is what lets ``ci.config.yaml`` be omitted entirely.
+    Inputs win; otherwise we shell out to xcodebuild via auto_detect.
     """
-    proj_cfg, proj_src = pick_with_source(cfg, ("xcode", "project"), ("ios", "native", "project"))
-    ws_cfg, ws_src = pick_with_source(cfg, ("xcode", "workspace"), ("ios", "native", "workspace"))
-    scheme_cfg, scheme_src = pick_with_source(cfg, ("xcode", "scheme"), ("ios", "native", "scheme"))
-    config_cfg, config_src = pick_with_source(
-        cfg, ("xcode", "configuration"), ("ios", "native", "configuration"),
-    )
-    profile_cfg, profile_src = pick_with_source(
-        cfg, ("xcode", "profile_name"), ("ios", "native", "profile_name"),
-    )
+    project = _pick(inp["PROJECT"])
+    ws_val = _pick(inp["WORKSPACE"])
+    project, ws_val = _detect_project_workspace(workspace, project, ws_val)
-    project = resolve(
-        inp["PROJECT"], proj_cfg, cfg_source=proj_src,
-        auto_val=auto_project_glob(workspace, ".xcodeproj"),
-    )
-    ws_val = resolve(
-        inp["WORKSPACE"], ws_cfg, cfg_source=ws_src,
-        auto_val=auto_project_glob(workspace, ".xcworkspace"),
-    )
-    project, ws_val = _auto_detect_project_workspace(workspace, project, ws_val)
+    configuration = _pick(inp["CONFIGURATION"], default="Release")
-    configuration = resolve(
-        inp["CONFIGURATION"], config_cfg, cfg_source=config_src, default="Release",
-    )
-    scheme = resolve(inp["SCHEME"], scheme_cfg, cfg_source=scheme_src)
+    scheme = _pick(inp["SCHEME"])
     if not scheme[0] and (project[0] or ws_val[0]):
         detected = auto_detect.auto_detect_scheme(workspace, project[0], ws_val[0])
         if detected:
             scheme = (detected, "auto-detect")
     default_profile = f"{scheme[0]} CI" if scheme[0] else ""
-    profile_name = resolve(
-        inp["PROFILE_NAME"], profile_cfg, cfg_source=profile_src, default=default_profile,
-    )
+    profile_name = _pick(inp["PROFILE_NAME"], default=default_profile)
     return {
         "project": project,
         "workspace": ws_val,
@@ -194,127 +147,81 @@ def resolve_xcode(cfg: dict, workspace: Path, inp: dict) -> dict:
     }
+def _detect_bundle(
+    bundle: tuple[str, str], workspace: Path, xcode: dict,
+) -> tuple[str, str]:
+    """Auto-detect PRODUCT_BUNDLE_IDENTIFIER when bundle is unresolved."""
+    if bundle[0] or not xcode.get("scheme"):
+        return bundle
+    detected = auto_detect.auto_detect_bundle_id(
+        workspace,
+        xcode.get("project", ""),
+        xcode.get("workspace", ""),
+        xcode["scheme"],
+        xcode.get("configuration", "Release"),
+    )
+    if detected:
+        return detected, "auto-detect"
+    return bundle
+def _resolve_apple_id(
+    inp: dict, bundle: tuple[str, str], creds: dict, scripts_dir: Path,
+) -> tuple[str, str]:
+    """Resolve App Store numeric app id: input -> ASC API lookup -> empty."""
+    if inp["APP_STORE_APPLE_ID"]:
+        return inp["APP_STORE_APPLE_ID"], "input"
+    if not bundle[0]:
+        return "", "empty"
+    os.environ["ASC_KEY_ID"] = creds["key_id"]
+    os.environ["ASC_ISSUER_ID"] = creds["issuer_id"]
+    os.environ["ASC_KEY_PATH"] = creds["key_path"]
+    return lookup_app_id_via_api(bundle[0], scripts_dir), "api-lookup"
 def resolve_app(
-    cfg: dict,
     inp: dict,
     creds: dict,
     scripts_dir: Path,
     *,
-    workspace: Path | None = None,
-    xcode: dict | None = None,
+    workspace: Path,
+    xcode: dict,
 ) -> dict:
-    """Resolve bundle_id / team_id / app_store_apple_id (with ASC-API fallback).
+    """Resolve bundle_id / team_id / app_store_apple_id."""
+    bundle = _pick(inp["BUNDLE_ID"])
+    bundle = _detect_bundle(bundle, workspace, xcode)
-    When ``workspace`` and ``xcode`` are passed and bundle_id is unset from
-    both input and config, we call ``auto_detect_bundle_id`` to ask
-    xcodebuild for ``PRODUCT_BUNDLE_IDENTIFIER``.
-    """
-    bundle_cfg, bundle_src = pick_with_source(cfg, ("app", "bundle_id"), ("ios", "native", "bundle_id"))
-    team_cfg, team_src = pick_with_source(cfg, ("app", "team_id"), ("ios", "native", "team_id"))
-    apple_cfg, apple_src = pick_with_source(
-        cfg, ("app", "app_store_apple_id"), ("ios", "native", "app_store_apple_id"),
-    )
-    bundle = resolve(inp["BUNDLE_ID"], bundle_cfg, cfg_source=bundle_src)
-    bundle = _auto_detect_bundle_if_empty(bundle, workspace, xcode)
-    team = resolve(inp["TEAM_ID"], team_cfg, cfg_source=team_src)
-    # team_id is documented as optional because the ASC API key is bound to
-    # exactly one developer team. If input + config both empty, derive it
-    # via GET-only ASC endpoints (cert OU, then profile plist).
+    team = _pick(inp["TEAM_ID"])
     if not team[0]:
         derived_val, derived_src = derive_team_if_empty(team[0], team[1], creds)
         if derived_val:
-            log(
-                f"derived team_id={derived_val} from ASC key "
-                f"{creds['key_id']}"
-            )
+            log(f"derived team_id={derived_val} from ASC key {creds['key_id']}")
             team = (derived_val, derived_src)
-    if inp["APP_STORE_APPLE_ID"]:
-        apple = (inp["APP_STORE_APPLE_ID"], "input")
-    elif apple_cfg not in (None, ""):
-        apple = (str(apple_cfg), apple_src)
-    elif bundle[0]:
-        os.environ["ASC_KEY_ID"] = creds["key_id"]
-        os.environ["ASC_ISSUER_ID"] = creds["issuer_id"]
-        os.environ["ASC_KEY_PATH"] = creds["key_path"]
-        apple = (lookup_app_id_via_api(bundle[0], scripts_dir), "api-lookup")
-    else:
-        apple = ("", "empty")
+    apple = _resolve_apple_id(inp, bundle, creds, scripts_dir)
     return {"bundle_id": bundle, "team_id": team, "app_store_apple_id": apple}
-def resolve_testflight(cfg: dict, inp: dict) -> dict:
-    """Resolve whats_new / locale from testflight.* or legacy aliases."""
-    whats_cfg, whats_src = pick_with_source(
-        cfg, ("testflight", "whats_new"), ("ios", "native", "whats_new"),
-    )
-    locale_cfg, locale_src = pick_with_source(
-        cfg, ("testflight", "locale"), ("ios", "native", "locale"),
-    )
-    if locale_cfg in (None, ""):
-        alt = dig(cfg, "app_store", "locale")
-        if alt not in (None, ""):
-            locale_cfg, locale_src = alt, "config(legacy)"
+def resolve_testflight(inp: dict) -> dict:
+    """Resolve whats_new / locale from inputs, with built-in defaults."""
     return {
-        "whats_new": resolve(
-            inp["WHATS_NEW"], whats_cfg, cfg_source=whats_src, default=DEFAULT_WHATS_NEW,
-        ),
-        "locale": resolve(inp["LOCALE"], locale_cfg, cfg_source=locale_src, default="en-US"),
+        "whats_new": _pick(inp["WHATS_NEW"], default=DEFAULT_WHATS_NEW),
+        "locale": _pick(inp["LOCALE"], default="en-US"),
     }
-def resolve_tests(cfg: dict, inp: dict) -> dict:
-    """Resolve run_tests / test_command / test_destination from ci.* or legacy."""
-    run_flat = dig(cfg, "ci", "run_tests")
-    run_legacy = dig(cfg, "ios", "native", "run_tests")
-    if run_legacy is None:
-        run_legacy = dig(cfg, "ios", "native", "tests", "run")
-    run_cfg, run_src = (run_flat, "config") if run_flat is not None else (run_legacy, "config(legacy)")
-    cmd_flat = dig(cfg, "ci", "test_command")
-    cmd_legacy = dig(cfg, "ios", "native", "test_command") or dig(cfg, "ios", "native", "tests", "command")
-    cmd_cfg, cmd_src = (
-        (cmd_flat, "config") if cmd_flat not in (None, "") else (cmd_legacy, "config(legacy)")
-    )
-    dest_flat = dig(cfg, "ci", "test_destination")
-    dest_legacy = (
-        dig(cfg, "ios", "native", "test_destination")
-        or dig(cfg, "ios", "native", "tests", "destination")
-    )
-    dest_cfg, dest_src = (
-        (dest_flat, "config") if dest_flat not in (None, "") else (dest_legacy, "config(legacy)")
-    )
+def resolve_tests(inp: dict) -> dict:
+    """Resolve run_tests / test_command / test_destination from inputs."""
     return {
-        "run_tests": resolve(
-            inp["RUN_TESTS"], as_str_bool(run_cfg), cfg_source=run_src, default="false",
-        ),
-        "test_command": resolve(inp["TEST_COMMAND"], cmd_cfg, cfg_source=cmd_src),
-        "test_destination": resolve(inp["TEST_DESTINATION"], dest_cfg, cfg_source=dest_src),
+        "run_tests": _pick(inp["RUN_TESTS"], default="false"),
+        "test_command": _pick(inp["TEST_COMMAND"]),
+        "test_destination": _pick(inp["TEST_DESTINATION"]),
     }
-def resolve_ios(cfg: dict, inp: dict) -> dict:
-    """Resolve ios.uses_non_exempt_encryption (flat) with legacy fallback."""
-    val_flat = dig(cfg, "ios", "uses_non_exempt_encryption")
-    # Flat lookup can accidentally return the legacy 'native' sub-dict; ignore.
-    if isinstance(val_flat, dict):
-        val_flat = None
-    val_legacy = dig(cfg, "ios", "native", "uses_non_exempt_encryption")
-    if val_flat is not None:
-        raw, src = val_flat, "config"
-    elif val_legacy is not None:
-        raw, src = val_legacy, "config(legacy)"
-    else:
-        raw, src = None, "config"
-    return {
-        "uses_non_exempt": resolve(
-            inp["USES_NON_EXEMPT"], as_str_bool(raw), cfg_source=src, default="false",
-        )
-    }
+def resolve_ios(inp: dict) -> dict:
+    """Resolve ios.uses_non_exempt_encryption from inputs."""
+    return {"uses_non_exempt": _pick(inp["USES_NON_EXEMPT"], default="false")}
 def collect_inputs() -> dict:
@@ -336,19 +243,17 @@ def main() -> None:
         fail("GITHUB_ENV not set; this script must run inside a GitHub Actions step")
     env_file = Path(env_file_path)
-    cfg = load_config(workspace, os.environ.get("CONFIG_PATH", "ci.config.yaml"))
     inputs = collect_inputs()
-    creds = emit_credentials(env_file, cfg, workspace)
-    xc = resolve_xcode(cfg, workspace, inputs)
+    creds = emit_credentials(env_file, workspace)
+    xc = resolve_xcode(workspace, inputs)
     xc_values = {k: v[0] for k, v in xc.items()}
     app = resolve_app(
-        cfg, inputs, creds, scripts_dir,
+        inputs, creds, scripts_dir,
         workspace=workspace, xcode=xc_values,
     )
-    tf = resolve_testflight(cfg, inputs)
-    ios = resolve_ios(cfg, inputs)
-    tests = resolve_tests(cfg, inputs)
+    tf = resolve_testflight(inputs)
+    ios = resolve_ios(inputs)
+    tests = resolve_tests(inputs)
     derived = [
         ("CFG_PROJECT", xc["project"]),
@@ -373,9 +278,7 @@ def main() -> None:
     # Persist whatsNew to a file under $RUNNER_TEMP so downstream steps can
     # read raw multi-line content without any GitHub Actions ${{ }} YAML
-    # interpolation mangling embedded newlines. CFG_WHATS_NEW still carries
-    # the same content for backward compatibility; the file is the source
-    # of truth.
+    # interpolation mangling embedded newlines.
     whats_new_value = tf["whats_new"][0]
     runner_temp = os.environ.get("RUNNER_TEMP") or str(workspace)
     whats_new_path = Path(runner_temp) / "whats_new.txt"

package/templates/ios-native-ci.config.yaml.template DELETED Viewed

@@ -1,43 +0,0 @@
-# iOS TestFlight CI configuration — OPTIONAL
-#
-# This file is entirely OPTIONAL. Omit it to let CI auto-detect everything
-# from your Xcode project:
-#
-#   - xcode.project      -> glob *.xcodeproj / *.xcworkspace at repo root
-#   - xcode.scheme       -> pick the single application-type scheme
-#   - app.bundle_id      -> PRODUCT_BUNDLE_IDENTIFIER from xcodebuild
-#   - app.team_id        -> derived from your ASC API key
-#   - app.app_store_apple_id -> looked up via ASC API by bundle_id
-#
-# Set any subset of values below to override auto-detection. All fields are
-# optional; only add what you need to disambiguate or pin.
-#
-# Consumed by daemux/daemux-plugins/.github/actions/ios-native-testflight.
-# Required regardless: creds/AuthKey_<KEY_ID>_Issuer_<ISSUER_UUID>.p8
-app:
-  bundle_id: "com.example.myapp"         # optional — auto-detected from xcodebuild
-  team_id: "ABCDE12345"                  # optional — auto-derived from ASC API key
-  app_store_apple_id: ""                 # optional — auto-discovered via ASC API
-xcode:
-  project: ""                            # optional — auto-detected (*.xcodeproj at root)
-  workspace: ""                          # optional — wins over project when set
-  scheme: "MyApp"                        # optional — auto-picks application-type scheme
-  configuration: "Release"               # default: Release
-  profile_name: ""                       # default: "<scheme> CI"
-ios:
-  uses_non_exempt_encryption: false      # false | true | "" to skip write
-testflight:
-  whats_new: |
-    - Improved performance
-    - Bug fixes
-    - Enhanced security
-  locale: "en-US"
-ci:
-  run_tests: false
-  test_command: ""                       # optional
-  test_destination: "platform=iOS Simulator,name=iPhone 15"