From a08eebe2e331e783ba11bf3ec111b964749e7436 Mon Sep 17 00:00:00 2001 From: staszekscp Date: Tue, 29 Nov 2022 14:33:56 +0100 Subject: [PATCH 1/9] fix wrong profile detection and distinguish directories in s3 for desktop --- .github/workflows/testBuild.yml | 34 +------------------------------- config/electronBuilder.config.js | 10 ++++++++++ fastlane/Fastfile | 6 ++++++ 3 files changed, 17 insertions(+), 33 deletions(-) diff --git a/.github/workflows/testBuild.yml b/.github/workflows/testBuild.yml index c6ac7cd7e9645..8b6b2e549d945 100644 --- a/.github/workflows/testBuild.yml +++ b/.github/workflows/testBuild.yml @@ -140,39 +140,7 @@ jobs: APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - - # web: - # name: Build and deploy Web - # needs: validateActor - # if: ${{ fromJSON(needs.validateActor.outputs.IS_TEAM_MEMBER) }} - # runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 - # with: - # fetch-depth: 0 - # ref: ${{ github.event.pull_request.head.sha }} - - # - uses: Expensify/App/.github/actions/composite/setupNode@main - - # - name: Configure AWS Credentials - # # Version: 1.5.5 - # uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b - # with: - # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - # aws-region: us-east-1 - - # - name: Build web for staging - # run: npm run build-staging - - # - name: Build docs - # run: npm run storybook-build - # continue-on-error: true - - # - name: Deploy to S3 for internal testing - # run: aws s3 cp --recursive --acl public-read "$GITHUB_WORKSPACE"/dist s3://ad-hoc-expensify-cash/web/"$PULL_REQUEST_NUMBER" - # env: - # PULL_REQUEST_NUMBER: ${{ github.event.number }} + PULL_REQUEST_NUMBER: ${{ github.event.number }} postGithubComment: runs-on: ubuntu-latest diff --git a/config/electronBuilder.config.js b/config/electronBuilder.config.js index 6ffd9e3b2a8ed..5abc015145371 100644 --- a/config/electronBuilder.config.js +++ b/config/electronBuilder.config.js @@ -1,6 +1,7 @@ const {version} = require('../package.json'); const isPublishing = process.argv.includes('--publish'); +const pullRequestNumber = process.env.PULL_REQUEST_NUMBER; const s3Bucket = { production: 'expensify-cash', @@ -8,6 +9,14 @@ const s3Bucket = { internal: 'ad-hoc-expensify-cash', }; +const s3Path = { + production: '/', + staging: '/', + internal: process.env.PULL_REQUEST_NUMBER + ? `/desktop/${pullRequestNumber}/` + : '/', +}; + const macIcon = { production: './desktop/icon.png', staging: './desktop/icon-stg.png', @@ -50,6 +59,7 @@ module.exports = { ? s3Bucket[process.env.ELECTRON_ENV] : 'ad-hoc-expensify-cash', channel: 'latest', + path: isCorrectElectronEnv ? s3Path[process.env.ELECTRON_ENV] : '/', }, ], afterSign: isPublishing ? './desktop/notarize.js' : undefined, diff --git a/fastlane/Fastfile b/fastlane/Fastfile index 141f59ab81495..1bcf1933bcfcb 100644 --- a/fastlane/Fastfile +++ b/fastlane/Fastfile @@ -142,8 +142,14 @@ platform :ios do build_app( workspace: "./ios/NewExpensify.xcworkspace", + skip_profile_detection: true, scheme: "NewExpensify", + export_method: "ad-hoc", export_options: { + method: "ad-hoc", + provisioningProfiles: { + "com.chat.expensify.chat" => "chat_expensify_adhoc", + } manageAppVersionAndBuildNumber: false } ) From d51f9349ec095b07311482822e86d8f7518cbf96 Mon Sep 17 00:00:00 2001 From: staszekscp Date: Tue, 29 Nov 2022 19:07:34 +0100 Subject: [PATCH 2/9] add configure-aws-credentials to jobs --- .github/workflows/testBuild.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/.github/workflows/testBuild.yml b/.github/workflows/testBuild.yml index 8b6b2e549d945..7f17aec7c0d0f 100644 --- a/.github/workflows/testBuild.yml +++ b/.github/workflows/testBuild.yml @@ -49,6 +49,14 @@ jobs: env: LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + - name: Configure AWS Credentials + # Version: 1.5.5 + uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + - name: Run Fastlane beta test id: runFastlaneBetaTest run: bundle exec fastlane android build_internal @@ -99,6 +107,14 @@ jobs: env: LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} + - name: Configure AWS Credentials + # Version: 1.5.5 + uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + - name: Run Fastlane run: bundle exec fastlane ios build_internal env: @@ -131,6 +147,14 @@ jobs: env: DEVELOPER_ID_SECRET_PASSPHRASE: ${{ secrets.DEVELOPER_ID_SECRET_PASSPHRASE }} + - name: Configure AWS Credentials + # Version: 1.5.5 + uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + - name: Build desktop app for testing run: npm run desktop-build-internal -- --publish always env: From d8841f05813f3f7d82cd7ad4c41fe92a5bb2d560 Mon Sep 17 00:00:00 2001 From: staszekscp Date: Wed, 30 Nov 2022 09:55:03 +0100 Subject: [PATCH 3/9] extract configure-aws-credentials action to composite --- .../configureAwsCredentials.yml | 21 ++++++++++++++++ .github/workflows/platformDeploy.yml | 8 +++---- .github/workflows/testBuild.yml | 24 +++++++------------ 3 files changed, 33 insertions(+), 20 deletions(-) create mode 100644 .github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml diff --git a/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml b/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml new file mode 100644 index 0000000000000..d1d9460ab7567 --- /dev/null +++ b/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml @@ -0,0 +1,21 @@ +name: 'Configure AWS Credentials' +description: 'Configures AWS credentials for the workflow' + +inputs: + AWS_ACCESS_KEY_ID: + description: 'Access Key to AWS' + required: true + AWS_SECRET_ACCESS_KEY: + description: 'Secret Access Key to AWS' + required: true + +runs: + using: composite + steps: + - name: Configure AWS Credentials + # Version: 1.5.5 + uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b + with: + aws-access-key-id: ${{ inputs.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ inputs.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 diff --git a/.github/workflows/platformDeploy.yml b/.github/workflows/platformDeploy.yml index 5b61a294ca5b2..a2ed81064b46f 100644 --- a/.github/workflows/platformDeploy.yml +++ b/.github/workflows/platformDeploy.yml @@ -245,12 +245,10 @@ jobs: run: pip3 install cloudflare - name: Configure AWS Credentials - # Version: 1.5.5 - uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b + uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - name: Build web for production if: ${{ fromJSON(env.SHOULD_DEPLOY_PRODUCTION) }} diff --git a/.github/workflows/testBuild.yml b/.github/workflows/testBuild.yml index 7f17aec7c0d0f..54a76bf2fb4f4 100644 --- a/.github/workflows/testBuild.yml +++ b/.github/workflows/testBuild.yml @@ -50,12 +50,10 @@ jobs: LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} - name: Configure AWS Credentials - # Version: 1.5.5 - uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b + uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - name: Run Fastlane beta test id: runFastlaneBetaTest @@ -108,12 +106,10 @@ jobs: LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} - name: Configure AWS Credentials - # Version: 1.5.5 - uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b + uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - name: Run Fastlane run: bundle exec fastlane ios build_internal @@ -148,12 +144,10 @@ jobs: DEVELOPER_ID_SECRET_PASSPHRASE: ${{ secrets.DEVELOPER_ID_SECRET_PASSPHRASE }} - name: Configure AWS Credentials - # Version: 1.5.5 - uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b + uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - name: Build desktop app for testing run: npm run desktop-build-internal -- --publish always From 0eebd80200a04ea074bab000e587ce47a7e6b847 Mon Sep 17 00:00:00 2001 From: staszekscp Date: Wed, 30 Nov 2022 12:56:39 +0100 Subject: [PATCH 4/9] add specific branch target --- .github/workflows/testBuild.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/testBuild.yml b/.github/workflows/testBuild.yml index 54a76bf2fb4f4..c057855e7a897 100644 --- a/.github/workflows/testBuild.yml +++ b/.github/workflows/testBuild.yml @@ -4,6 +4,7 @@ on: workflow_dispatch: pull_request_target: types: [opened, synchronize] + branches: ['**/ci-test/**'] env: DEVELOPER_DIR: /Applications/Xcode_14.0.1.app/Contents/Developer From c9332f51d10f74ad18e18449f9e7b22efc501a7b Mon Sep 17 00:00:00 2001 From: staszekscp Date: Wed, 30 Nov 2022 14:14:14 +0100 Subject: [PATCH 5/9] fix indentation --- .../configureAwsCredentials.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml b/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml index d1d9460ab7567..b242bb30b9f02 100644 --- a/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml +++ b/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml @@ -14,8 +14,8 @@ runs: steps: - name: Configure AWS Credentials # Version: 1.5.5 - uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b - with: - aws-access-key-id: ${{ inputs.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ inputs.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 + uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b + with: + aws-access-key-id: ${{ inputs.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ inputs.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 From 4f0d046c599f5b39a9e714fc9561c2e89d0d60d3 Mon Sep 17 00:00:00 2001 From: staszekscp Date: Wed, 30 Nov 2022 14:47:11 +0100 Subject: [PATCH 6/9] change branches wildcard name --- .../configureAwsCredentials/configureAwsCredentials.yml | 2 +- .github/workflows/testBuild.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml b/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml index b242bb30b9f02..aec147b8cc775 100644 --- a/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml +++ b/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml @@ -13,7 +13,7 @@ runs: using: composite steps: - name: Configure AWS Credentials - # Version: 1.5.5 + # Version: 1.5.5 uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b with: aws-access-key-id: ${{ inputs.AWS_ACCESS_KEY_ID }} diff --git a/.github/workflows/testBuild.yml b/.github/workflows/testBuild.yml index c057855e7a897..d04eee3ddead5 100644 --- a/.github/workflows/testBuild.yml +++ b/.github/workflows/testBuild.yml @@ -4,7 +4,7 @@ on: workflow_dispatch: pull_request_target: types: [opened, synchronize] - branches: ['**/ci-test/**'] + branches: ['*ci-test/**'] env: DEVELOPER_DIR: /Applications/Xcode_14.0.1.app/Contents/Developer From b55f23302eceef02a0044ad0d61d0a49b5ed7c12 Mon Sep 17 00:00:00 2001 From: staszekscp Date: Wed, 30 Nov 2022 15:41:54 +0100 Subject: [PATCH 7/9] fix fastfile error --- fastlane/Fastfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fastlane/Fastfile b/fastlane/Fastfile index 1bcf1933bcfcb..959810eee87c4 100644 --- a/fastlane/Fastfile +++ b/fastlane/Fastfile @@ -149,7 +149,7 @@ platform :ios do method: "ad-hoc", provisioningProfiles: { "com.chat.expensify.chat" => "chat_expensify_adhoc", - } + }, manageAppVersionAndBuildNumber: false } ) From 0e9a16eec91a200525a592fba5d272d661f409f2 Mon Sep 17 00:00:00 2001 From: staszekscp Date: Wed, 30 Nov 2022 16:11:32 +0100 Subject: [PATCH 8/9] add qr codes to comment --- .github/workflows/testBuild.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/testBuild.yml b/.github/workflows/testBuild.yml index d04eee3ddead5..55771b7c21388 100644 --- a/.github/workflows/testBuild.yml +++ b/.github/workflows/testBuild.yml @@ -193,6 +193,8 @@ jobs: "Use the links below to test this build in android and iOS. Happy testing! | android :robot: | iOS :apple: | | ------------- | ------------- | - | ${{fromJson(steps.set_var.outputs.android_paths).html_path}} | ${{fromJson(steps.set_var.outputs.ios_paths).html_path}} |" + | ${{fromJson(steps.set_var.outputs.android_paths).html_path}} | ${{fromJson(steps.set_var.outputs.ios_paths).html_path}} | + | ------------- | ------------- | + | ![Android](https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${{fromJson(steps.set_var.outputs.android_paths).html_path}}) | ![iOS](https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${{fromJson(steps.set_var.outputs.ios_paths).html_path}}) |" env: GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} From 47892bf3f7966a23397c785b52afb4460543fb15 Mon Sep 17 00:00:00 2001 From: staszekscp Date: Thu, 1 Dec 2022 08:03:35 +0100 Subject: [PATCH 9/9] improve comment and make electron builder fail with wrong ELECTRON_ENV --- .github/workflows/testBuild.yml | 13 ++++++------- config/electronBuilder.config.js | 14 +++----------- 2 files changed, 9 insertions(+), 18 deletions(-) diff --git a/.github/workflows/testBuild.yml b/.github/workflows/testBuild.yml index 55771b7c21388..839df9e758b4b 100644 --- a/.github/workflows/testBuild.yml +++ b/.github/workflows/testBuild.yml @@ -164,7 +164,7 @@ jobs: postGithubComment: runs-on: ubuntu-latest name: Post a GitHub comment with app download links for testing - needs: [android, ios] + needs: [android, ios, desktop] steps: - name: Checkout uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 @@ -190,11 +190,10 @@ jobs: - name: Publish links to apps for download run: | gh pr comment --body \ - "Use the links below to test this build in android and iOS. Happy testing! - | android :robot: | iOS :apple: | - | ------------- | ------------- | - | ${{fromJson(steps.set_var.outputs.android_paths).html_path}} | ${{fromJson(steps.set_var.outputs.ios_paths).html_path}} | - | ------------- | ------------- | - | ![Android](https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${{fromJson(steps.set_var.outputs.android_paths).html_path}}) | ![iOS](https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${{fromJson(steps.set_var.outputs.ios_paths).html_path}}) |" + ":test_tube::test_tube: Use the links below to test this build in android and iOS. Happy testing! :test_tube::test_tube: + | android :robot: | iOS :apple: | desktop :computer: | + | ------------- | ------------- | ------------- | + | ${{fromJson(steps.set_var.outputs.android_paths).html_path}} | ${{fromJson(steps.set_var.outputs.ios_paths).html_path}} | https://ad-hoc-expensify-cash.us-east-1.amazonaws.com/desktop/${{github.event.number}}/NewExpensify.dmg + | ![Android](https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${{fromJson(steps.set_var.outputs.android_paths).html_path}}) | ![iOS](https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${{fromJson(steps.set_var.outputs.ios_paths).html_path}}) | ![desktop](https://ad-hoc-expensify-cash.us-east-1.amazonaws.com/desktop/${{github.event.number}}/NewExpensify.dmg)" env: GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} diff --git a/config/electronBuilder.config.js b/config/electronBuilder.config.js index 5abc015145371..db642e00008e1 100644 --- a/config/electronBuilder.config.js +++ b/config/electronBuilder.config.js @@ -23,10 +23,6 @@ const macIcon = { internal: './desktop/icon-stg.png', }; -const isCorrectElectronEnv = ['production', 'staging', 'internal'].includes( - process.env.ELECTRON_ENV, -); - /** * The configuration for the production and staging Electron builds. * It can be used to create local builds of the same, by omitting the `--publish` flag @@ -39,9 +35,7 @@ module.exports = { }, mac: { category: 'public.app-category.finance', - icon: isCorrectElectronEnv - ? macIcon[process.env.ELECTRON_ENV] - : './desktop/icon-stg.png', + icon: macIcon[process.env.ELECTRON_ENV], hardenedRuntime: true, entitlements: 'desktop/entitlements.mac.plist', entitlementsInherit: 'desktop/entitlements.mac.plist', @@ -55,11 +49,9 @@ module.exports = { publish: [ { provider: 's3', - bucket: isCorrectElectronEnv - ? s3Bucket[process.env.ELECTRON_ENV] - : 'ad-hoc-expensify-cash', + bucket: s3Bucket[process.env.ELECTRON_ENV], channel: 'latest', - path: isCorrectElectronEnv ? s3Path[process.env.ELECTRON_ENV] : '/', + path: s3Path[process.env.ELECTRON_ENV], }, ], afterSign: isPublishing ? './desktop/notarize.js' : undefined,