Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: settings UI #38

Merged
merged 17 commits into from
Apr 3, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 60 additions & 13 deletions .github/actions/build-action/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,27 @@ inputs:
release_tag:
description: 'The tag name of the release'
required: false
apple_build_certificate_base64:
description: 'The base64-encoded Apple build certificate'
required: false
apple_build_certificate_password:
description: 'The password for the Apple build certificate'
required: false
apple_provisioning_profile_base64:
description: 'The base64-encoded Apple provisioning profile'
required: false
apple_macos_keychain_password:
description: 'The password for the macOS keychain'
required: false
apple_asc_api_key_key_base64:
description: 'The base64-encoded Apple ASC API key'
required: false
apple_asc_api_key_id:
description: 'The ID of the Apple ASC API key'
required: false
apple_asc_api_key_issuer_uuid:
description: 'The UUID of the Apple ASC API key issuer'
required: false

runs:
using: 'composite'
Expand All @@ -14,16 +35,27 @@ runs:

- name: Determine target filename
run: |
echo "TARGET_NAME=Selfie-${{ runner.os }}-$(uname -m).zip" >> $GITHUB_ENV
echo "TARGET_NAME=Selfie-${{ runner.os }}-$(uname -m)" >> $GITHUB_ENV
shell: bash

- name: Set runner architecture
run: |
ARCH=$(uname -m)
if [ "$ARCH" == "x86_64" ]; then
echo "RUNNER_ARCH=x64" >> $GITHUB_ENV
else
echo "RUNNER_ARCH=$ARCH" >> $GITHUB_ENV
fi
shell: bash

- name: Install the Apple certificate and provisioning profile
if: runner.os == 'macOS'
env:
APPLE_BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }}
APPLE_BUILD_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_BUILD_CERTIFICATE_PASSWORD }}
APPLE_PROVISIONING_PROFILE_BASE64: ${{ secrets.APPLE_PROVISIONING_PROFILE_BASE64 }}
APPLE_MACOS_KEYCHAIN_PASSWORD: ${{ secrets.APPLE_MACOS_KEYCHAIN_PASSWORD }}
APPLE_BUILD_CERTIFICATE_BASE64: ${{ inputs.apple_build_certificate_base64 }}
APPLE_BUILD_CERTIFICATE_PASSWORD: ${{ inputs.apple_build_certificate_password }}
APPLE_PROVISIONING_PROFILE_BASE64: ${{ inputs.apple_provisioning_profile_base64 }}
APPLE_MACOS_KEYCHAIN_PASSWORD: ${{ inputs.apple_macos_keychain_password }}
APPLE_ASC_API_KEY_KEY_BASE64: ${{ inputs.apple_asc_api_key_key_base64 }}
run: |
CERTIFICATE_PATH=$RUNNER_TEMP/apple_certificate.p12
PROVISIONING_PROFILE_PATH=$RUNNER_TEMP/apple_provisioning_profile.provisionprofile
Expand Down Expand Up @@ -52,23 +84,36 @@ runs:
echo "$HOME/.local/bin" >> $GITHUB_PATH
shell: bash

# Handle Poetry caching manually, based on the following workaround, until caches are keyed by architecture.
# https://github.com/actions/setup-python/issues/826#issuecomment-2021999109
- name: Set up Python
uses: actions/setup-python@v5
id: setup-python
with:
python-version: '3.11'
cache: poetry
cache-dependency-path: poetry.lock
architecture: ${{ env.RUNNER_ARCH }}

- name: Install dependencies with Poetry
run: poetry install --no-dev
run: |
poetry install --no-dev
echo "POETRY_CACHE_DIR=$(poetry config cache-dir)" >> $GITHUB_ENV
shell: bash

- name: Cache Poetry dependencies
uses: actions/cache@v4
with:
path: ${{ env.POETRY_CACHE_DIR }}
key: ${{ runner.os }}-poetry-${{ steps.setup-python.outputs.python-version }}-${{ env.RUNNER_ARCH }}-${{ hashFiles('**/poetry.lock') }}
restore-keys: |
${{ runner.os }}-poetry-${{ steps.setup-python.outputs.python-version }}-${{ env.RUNNER_ARCH }}

- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'yarn'
cache-dependency-path: selfie-ui/yarn.lock
architecture: ${{ env.RUNNER_ARCH }}

- name: Cache Next.js build artifacts
uses: actions/cache@v4
Expand Down Expand Up @@ -98,16 +143,18 @@ runs:
- name: Build macOS App
if: runner.os == 'macOS'
env:
APPLE_ASC_API_KEY_KEY_BASE64: ${{ secrets.APPLE_ASC_API_KEY_KEY_BASE64 }}
APPLE_ASC_API_KEY_KEY_BASE64: ${{ inputs.apple_asc_api_key_key_base64 }}
APPLE_ASC_API_KEY_ID: ${{ inputs.apple_asc_api_key_id }}
APPLE_ASC_API_KEY_ISSUER_UUID: ${{ inputs.apple_asc_api_key_issuer_uuid }}
run: |
sh scripts/package-macos-app.sh

ditto -c -k --keepParent "${{ github.workspace }}/dist/Selfie.app" "${{ env.TARGET_NAME }}.zip"

API_KEY_PATH=$RUNNER_TEMP/AuthKey_${{secrets.APPLE_ASC_API_KEY_ID}}.p8
API_KEY_PATH=$RUNNER_TEMP/AuthKey_$APPLE_ASC_API_KEY_ID.p8
echo -n "$APPLE_ASC_API_KEY_KEY_BASE64" | base64 --decode > $API_KEY_PATH

NOTARIZATION_OUTPUT=$(xcrun notarytool submit "${{ env.TARGET_NAME }}.zip" --issuer ${{ secrets.APPLE_ASC_API_KEY_ISSUER_UUID }} --key-id ${{ secrets.APPLE_ASC_API_KEY_ID }} --key $API_KEY_PATH --wait 2>&1)
NOTARIZATION_OUTPUT=$(xcrun notarytool submit "${{ env.TARGET_NAME }}.zip" --issuer $APPLE_ASC_API_KEY_ISSUER_UUID --key-id $APPLE_ASC_API_KEY_ID --key $API_KEY_PATH --wait 2>&1)

REQUEST_UUID=$(echo "${NOTARIZATION_OUTPUT}" | grep 'id:' | awk '{print $NF}')
NOTARIZATION_STATUS=$(echo "${NOTARIZATION_OUTPUT}" | grep 'status:' | tail -n 1 | awk '{print $NF}')
Expand All @@ -123,7 +170,7 @@ runs:
if [[ "$NOTARIZATION_STATUS" == "Invalid" ]]; then
echo "Notarization failed with status: ${NOTARIZATION_STATUS}"
echo "Fetching notarization log for RequestUUID: ${REQUEST_UUID}..."
xcrun notarytool log ${REQUEST_UUID} --key $API_KEY_PATH --key-id ${{ secrets.APPLE_ASC_API_KEY_ID }} --issuer ${{ secrets.APPLE_ASC_API_KEY_ISSUER_UUID }}
xcrun notarytool log ${REQUEST_UUID} --key $API_KEY_PATH --key-id $APPLE_ASC_API_KEY_ID --issuer $APPLE_ASC_API_KEY_ISSUER_UUID
exit 1
elif [[ "$NOTARIZATION_STATUS" != "Accepted" ]]; then
echo "Notarization failed with an unexpected status: ${NOTARIZATION_STATUS}"
Expand All @@ -141,7 +188,7 @@ runs:

- name: Build Non-macOS App
if: runner.os != 'macOS'
run: zip -r Selfie-${{ runner.os }}.zip dist/selfie
run: zip -r "${{ env.TARGET_NAME }}.zip" dist/selfie
shell: bash

- name: Upload Artifact
Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,8 @@ jobs:
node-version: [20]

steps:
- uses: actions/checkout@v4
- name: Checkout code
uses: actions/checkout@v4

- name: Install Poetry
run: |
Expand Down
11 changes: 11 additions & 0 deletions .github/workflows/package.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,16 @@ jobs:
os: [macos-latest, macos-latest-xlarge]

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Build package
uses: ./.github/actions/build-action
with:
apple_build_certificate_base64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }}
apple_build_certificate_password: ${{ secrets.APPLE_BUILD_CERTIFICATE_PASSWORD }}
apple_provisioning_profile_base64: ${{ secrets.APPLE_PROVISIONING_PROFILE_BASE64 }}
apple_macos_keychain_password: ${{ secrets.APPLE_MACOS_KEYCHAIN_PASSWORD }}
apple_asc_api_key_key_base64: ${{ secrets.APPLE_ASC_API_KEY_KEY_BASE64 }}
apple_asc_api_key_id: ${{ secrets.APPLE_ASC_API_KEY_ID }}
apple_asc_api_key_issuer_uuid: ${{ secrets.APPLE_ASC_API_KEY_ISSUER_UUID }}
7 changes: 7 additions & 0 deletions .github/workflows/release-please.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,3 +42,10 @@ jobs:
uses: ./.github/actions/build-action
with:
release_tag: ${{ needs.release-please.outputs.tag_name }}
apple_build_certificate_base64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }}
apple_build_certificate_password: ${{ secrets.APPLE_BUILD_CERTIFICATE_PASSWORD }}
apple_provisioning_profile_base64: ${{ secrets.APPLE_PROVISIONING_PROFILE_BASE64 }}
apple_macos_keychain_password: ${{ secrets.APPLE_MACOS_KEYCHAIN_PASSWORD }}
apple_asc_api_key_key_base64: ${{ secrets.APPLE_ASC_API_KEY_KEY_BASE64 }}
apple_asc_api_key_id: ${{ secrets.APPLE_ASC_API_KEY_ID }}
apple_asc_api_key_issuer_uuid: ${{ secrets.APPLE_ASC_API_KEY_ISSUER_UUID }}
5 changes: 1 addition & 4 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,6 @@ dist/

.idea/

data/*
!data/.gitkeep

selfie/web/

*.env
*.env
Loading