github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: Prevent having to manually update provisioning profile UUIDs (#9074)

Browse Source 
When updating the provisioning profiles (i.e. when changing anything the
Apple Developer Portal), we needed to manually update these build
scripts to point to the new UUIDs.

This can be made simpler to automatically pull it out of the profiles in
CI.
This commit is contained in:
Jamil
2025-05-11 15:54:14 -07:00
committed by GitHub
parent 07fa91f713
commit 091b52ef07
5 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/build/ios-appstore.sh
View File

@@ -7,8 +7,8 @@ set -euo pipefail
source "./scripts/build/lib.sh"
# Define needed variables
app_profile_id=8da59aa3-e8da-4a8c-9902-2d540324d92c
ne_profile_id=0fccb78a-97c0-41b9-8c54-9c995280ea8e
app_profile_id=$(extract_uuid "$IOS_APP_PROVISIONING_PROFILE")
ne_profile_id=$(extract_uuid "$IOS_NE_PROVISIONING_PROFILE")
temp_dir="${TEMP_DIR:-$(mktemp -d)}"
archive_path="$temp_dir/Firezone.xcarchive"
export_options_plist_path="$temp_dir/ExportOptions.plist"

6
scripts/build/lib.sh
View File

@@ -56,6 +56,12 @@ function setup_runner() {
"$keychain_path"
}
function extract_uuid() {
local b64_profile="$1"
echo "$b64_profile" | base64 --decode | security cms -D | plutil -extract UUID raw -o - -
}
function base64_decode() {
local input_stdin="$1"
local output_path="$2"

4
scripts/build/macos-appstore.sh
View File

@@ -7,8 +7,8 @@ set -euo pipefail
source "./scripts/build/lib.sh"
# Define needed variables
app_profile_id=2bf20e38-81ea-40d0-91e5-330cf58f52d9
ne_profile_id=2c683d1a-4479-451c-9ee6-ae7d4aca5c93
app_profile_id=$(extract_uuid "$MACOS_APP_PROVISIONING_PROFILE")
ne_profile_id=$(extract_uuid "$MACOS_NE_PROVISIONING_PROFILE")
temp_dir="${TEMP_DIR:-$(mktemp -d)}"
package_path="$temp_dir/Firezone.pkg"
git_sha=${GITHUB_SHA:-$(git rev-parse HEAD)}

4
scripts/build/macos-standalone.sh
View File

@@ -7,8 +7,8 @@ set -euo pipefail
source "./scripts/build/lib.sh"
# Define needed variables
app_profile_id=c5d97f71-de80-4dfc-80f8-d0a4393ff082
ne_profile_id=153db941-2136-4d6c-96ef-52f748521e78
app_profile_id=$(extract_uuid "$STANDALONE_MACOS_APP_PROVISIONING_PROFILE")
ne_profile_id=$(extract_uuid "$STANDALONE_MACOS_NE_PROVISIONING_PROFILE")
notarize=${NOTARIZE:-"false"}
temp_dir="${TEMP_DIR:-$(mktemp -d)}"
dmg_dir="$temp_dir/dmg"

6
swift/apple/README.md
View File

@@ -272,12 +272,6 @@ APPLE_MACOS_NE_PROVISIONING_PROFILE
base64 < profile.mobileprovision
```
1. Now, you need to update the build scripts to use these. Edit
`scripts/build/*-appstore.sh` and update the provisioning profile UUIDs. The
UUID can be found by grepping for them in the provisioning profile files
themselves, or just opening them in a text editor and looking halfway down
the file. They should be the only UUIDs in the file.
## Generating new signing certificates and provisioning profiles for standalone distribution
The process is much the same as above for the macOS standalone client, with one