Skip to content

Commit 2ec88e9

Browse files
ThomasK33ThomasK33
committed
refactored build to run via make
Change-Id: I2ad5b8cb60480e4c9f76c6499e2b6dff5819f98e Signed-off-by: Thomas Kosiewski <tk@coder.com>
1 parent 3e07954 commit 2ec88e9

File tree

9 files changed

+9704
-97
lines changed

9 files changed

+9704
-97
lines changed

.env

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
# Build a release locally using: op run --env-file="./.env" -- make release
2+
APPLE_CERT="op://Apple/Apple DeveloperID PKCS12 base64/notesPlain"
3+
CERT_PASSWORD="op://Apple/DeveloperID p12 password/password"
4+
5+
APPLE_ID="op://Apple/3apcadvvcojjbpxnd7m5fgh5wm/username"
6+
APPLE_ID_PASSWORD="op://Apple/3apcadvvcojjbpxnd7m5fgh5wm/password"
7+
8+
APP_PROF="op://Apple/Provisioning Profiles/profiles/application_base64"
9+
EXT_PROF="op://Apple/Provisioning Profiles/profiles/extension_base64"

.github/workflows/release.yml

Lines changed: 2 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,6 @@ jobs:
1313
permissions:
1414
# To upload assets to the release
1515
contents: write
16-
env:
17-
KEYCHAIN_PATH: /tmp/app-signing.keychain-db
1816
steps:
1917
- name: Checkout
2018
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -30,41 +28,15 @@ jobs:
3028
- name: Setup Nix
3129
uses: ./.github/actions/nix-devshell
3230

33-
# FIXME(ThomasK33): Only used for testing, shall be removed later
34-
- name: Setup tmate session
35-
uses: mxschmitt/action-tmate@v3
36-
with:
37-
limit-access-to-actor: true
31+
- name: Build
3832
env:
3933
APPLE_CERT: ${{ secrets.APPLE_DEVELOPER_ID_PKCS12_B64 }}
40-
CERT_PASSWORD: ${{ secrets.APPLE_DEVELOPER_ID_PKCS12_PASSWORD }}
4134
APPLE_ID: ${{ secrets.APPLE_NOTARYTOOL_USERNAME }}
4235
APPLE_ID_PASSWORD: ${{ secrets.APPLE_NOTARYTOOL_PASSWORD }}
4336
APP_PROF: ${{ secrets.CODER_DESKTOP_APP_PROVISIONPROFILE_B64 }}
44-
EXT_PROF: ${{ secrets.CODER_DESKTOP_EXTENSION_PROVISIONPROFILE_B64 }}
45-
46-
- name: Install Cert & Retrieve Provisioning Profiles
47-
env:
48-
APPLE_CERT: ${{ secrets.APPLE_DEVELOPER_ID_PKCS12_B64 }}
4937
CERT_PASSWORD: ${{ secrets.APPLE_DEVELOPER_ID_PKCS12_PASSWORD }}
50-
run: |
51-
set -euox pipefail
52-
security create-keychain -p "" "$KEYCHAIN_PATH"
53-
security set-keychain-settings -lut 21600 "$KEYCHAIN_PATH"
54-
security unlock-keychain -p "" "$KEYCHAIN_PATH"
55-
security import <(echo -n "$APPLE_CERT" | base64 -d) -P "$CERT_PASSWORD" -A -t cert -f pkcs12 -k "$KEYCHAIN_PATH"
56-
security list-keychain -d user -s "$KEYCHAIN_PATH"
57-
58-
- name: Build
59-
env:
60-
APPLE_ID: ${{ secrets.APPLE_NOTARYTOOL_USERNAME }}
61-
APPLE_ID_PASSWORD: ${{ secrets.APPLE_NOTARYTOOL_PASSWORD }}
62-
APP_PROF: ${{ secrets.CODER_DESKTOP_APP_PROVISIONPROFILE_B64 }}
6338
EXT_PROF: ${{ secrets.CODER_DESKTOP_EXTENSION_PROVISIONPROFILE_B64 }}
64-
run: ./scripts/build.sh \
65-
--app-prof-path <(echo -n "$APP_PROF" | base64 -d) \
66-
--ext-prof-path <(echo -n "$EXT_PROF" | base64 -d) \
67-
--keychain-path "$KEYCHAIN_PATH"
39+
run: make release
6840

6941
- name: Upload Build Artifacts
7042
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0

.gitignore

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -295,3 +295,10 @@ xcuserdata
295295
buildServer.json
296296

297297
# End of https://www.toptal.com/developers/gitignore/api/xcode,jetbrains,macos,direnv,swift,swiftpm,objective-c
298+
299+
*.entitlements
300+
301+
app/
302+
303+
# Make marker file
304+
app-signing.keychain-db

Coder Desktop/Coder Desktop/Coder_Desktop.entitlements

Lines changed: 0 additions & 16 deletions
This file was deleted.

Coder Desktop/VPN/VPN.entitlements

Lines changed: 0 additions & 22 deletions
This file was deleted.

Makefile

Lines changed: 39 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -28,13 +28,28 @@ $(XCPROJECT): $(PROJECT)/project.yml
2828
$(PROJECT)/VPNLib/vpn.pb.swift: $(PROJECT)/VPNLib/vpn.proto
2929
protoc --swift_opt=Visibility=public --swift_out=. 'Coder Desktop/VPNLib/vpn.proto'
3030

31-
.PHONY: $(APP_SIGNING_KEYCHAIN)
3231
$(APP_SIGNING_KEYCHAIN):
3332
security create-keychain -p "" "$(APP_SIGNING_KEYCHAIN)"
3433
security set-keychain-settings -lut 21600 "$(APP_SIGNING_KEYCHAIN)"
3534
security unlock-keychain -p "" "$(APP_SIGNING_KEYCHAIN)"
36-
security import <(echo -n "${APPLE_CERT}" | base64 -d) -P "${CERT_PASSWORD}" -A -t cert -f pkcs12 -k "$(APP_SIGNING_KEYCHAIN)"
35+
@tempfile=$$(mktemp); \
36+
echo "$$APPLE_CERT" | base64 -d > $$tempfile; \
37+
security import $$tempfile -P '$(CERT_PASSWORD)' -A -t cert -f pkcs12 -k "$(APP_SIGNING_KEYCHAIN)"; \
38+
rm $$tempfile
3739
security list-keychain -d user -s "$(APP_SIGNING_KEYCHAIN)"
40+
touch $(APP_SIGNING_KEYCHAIN)
41+
42+
.PHONY: release
43+
release: $(APP_SIGNING_KEYCHAIN) ## Create a release build of Coder Desktop
44+
@APP_PROF_PATH="$$(mktemp)"; \
45+
EXT_PROF_PATH="$$(mktemp)"; \
46+
echo -n "$$APP_PROF" | base64 -d > "$$APP_PROF_PATH"; \
47+
echo -n "$$EXT_PROF" | base64 -d > "$$EXT_PROF_PATH"; \
48+
./scripts/build.sh \
49+
--app-prof-path "$$APP_PROF_PATH" \
50+
--ext-prof-path "$$EXT_PROF_PATH" \
51+
--keychain "$(APP_SIGNING_KEYCHAIN)"; \
52+
rm "$$APP_PROF_PATH" "$$EXT_PROF_PATH"
3853

3954
.PHONY: fmt
4055
fmt: ## Run Swift file formatter
@@ -67,10 +82,28 @@ lint/actions: ## Lint GitHub Actions
6782
zizmor .
6883

6984
.PHONY: clean
70-
clean: ## Clean Xcode project
71-
xcodebuild clean \
72-
-project $(XCPROJECT)
73-
rm -rf $(XCPROJECT)
85+
clean: clean/project clean/keychain clean/build ## Clean project and artifacts
86+
87+
.PHONY: clean/project
88+
clean/project:
89+
@if [ -d $(XCPROJECT) ]; then \
90+
echo "Cleaning project: '$(XCPROJECT)'"; \
91+
xcodebuild clean -project $(XCPROJECT); \
92+
rm -rf $(XCPROJECT); \
93+
fi
94+
find . -name "*.entitlements" -type f -delete
95+
96+
.PHONY: clean/keychain
97+
clean/keychain:
98+
@if [ -e "$(APP_SIGNING_KEYCHAIN)" ]; then \
99+
echo "Cleaning keychain: '$(APP_SIGNING_KEYCHAIN)'"; \
100+
security delete-keychain "$(APP_SIGNING_KEYCHAIN)"; \
101+
rm -f "$(APP_SIGNING_KEYCHAIN)"; \
102+
fi
103+
104+
.PHONY: clean/build
105+
clean/build:
106+
rm -rf build/ app/
74107

75108
.PHONY: proto
76109
proto: $(PROJECT)/VPNLib/vpn.pb.swift ## Generate Swift files from protobufs

flake.nix

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,30 @@
2525
};
2626

2727
formatter = pkgs.nixfmt-rfc-style;
28+
29+
create-dmg = pkgs.buildNpmPackage rec {
30+
pname = "create-dmg";
31+
version = "7.0.0";
32+
33+
src = pkgs.fetchFromGitHub {
34+
owner = "sindresorhus";
35+
repo = pname;
36+
rev = "v${version}";
37+
hash = "sha256-+GxKfhVDmtgEh9NOAzGexgfj1qAb0raC8AmrrnJ2vNA=";
38+
};
39+
40+
npmDepsHash = "sha256-48r9v0sTlHbyH4RjynClfC/QsFAlgMTtXCbleuMSM80=";
41+
42+
# create-dmg author does not want to include a lockfile in their releases,
43+
# thus we need to vendor it in ourselves.
44+
postPatch = ''
45+
cp ${./nix/create-dmg/package-lock.json} package-lock.json
46+
'';
47+
48+
# Plain JS, so nothing to build
49+
dontNpmBuild = true;
50+
dontNpmPrune = true;
51+
};
2852
in
2953
{
3054
inherit formatter;

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy