Merge pull request #13129 from staszekscp/ci/further-workflow-fixes

Expensify · Dec 1, 2022 · 5fe2645 · 5fe2645
2 parents e565b12 + 47892bf
commit 5fe2645
Show file tree

Hide file tree

Showing 5 changed files with 68 additions and 53 deletions.
diff --git a/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml b/.github/actions/composite/configureAwsCredentials/configureAwsCredentials.yml
@@ -0,0 +1,21 @@
+name: 'Configure AWS Credentials'
+description: 'Configures AWS credentials for the workflow'
+
+inputs:
+  AWS_ACCESS_KEY_ID:
+    description: 'Access Key to AWS'
+    required: true
+  AWS_SECRET_ACCESS_KEY:
+    description: 'Secret Access Key to AWS'
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - name: Configure AWS Credentials
+      # Version: 1.5.5
+      uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b
+      with:
+        aws-access-key-id: ${{ inputs.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ inputs.AWS_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
diff --git a/.github/workflows/platformDeploy.yml b/.github/workflows/platformDeploy.yml
@@ -245,12 +245,10 @@ jobs:
         run: pip3 install cloudflare
 
       - name: Configure AWS Credentials
-        # Version: 1.5.5
-        uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b
+        uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: us-east-1
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
 
       - name: Build web for production
         if: ${{ fromJSON(env.SHOULD_DEPLOY_PRODUCTION) }}

diff --git a/.github/workflows/testBuild.yml b/.github/workflows/testBuild.yml
@@ -4,6 +4,7 @@ on:
   workflow_dispatch:
   pull_request_target:
     types: [opened, synchronize]
+    branches: ['*ci-test/**']
 
 env:
   DEVELOPER_DIR: /Applications/Xcode_14.0.1.app/Contents/Developer
@@ -49,6 +50,12 @@ jobs:
         env:
           LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
 
+      - name: Configure AWS Credentials
+        uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main
+        with:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
       - name: Run Fastlane beta test
         id: runFastlaneBetaTest
         run: bundle exec fastlane android build_internal
@@ -99,6 +106,12 @@ jobs:
         env:
           LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }}
 
+      - name: Configure AWS Credentials
+        uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main
+        with:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
       - name: Run Fastlane
         run: bundle exec fastlane ios build_internal
         env:
@@ -131,6 +144,12 @@ jobs:
         env:
           DEVELOPER_ID_SECRET_PASSPHRASE: ${{ secrets.DEVELOPER_ID_SECRET_PASSPHRASE }}
 
+      - name: Configure AWS Credentials
+        uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main
+        with:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+
       - name: Build desktop app for testing
         run: npm run desktop-build-internal -- --publish always
         env:
@@ -140,44 +159,12 @@ jobs:
           APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-
-  # web:
-  #   name: Build and deploy Web
-  #   needs: validateActor
-  #   if: ${{ fromJSON(needs.validateActor.outputs.IS_TEAM_MEMBER) }}
-  #   runs-on: ubuntu-latest
-  #   steps:
-  #     - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
-  #       with:
-  #         fetch-depth: 0
-  #         ref: ${{ github.event.pull_request.head.sha }}
-
-  #     - uses: Expensify/App/.github/actions/composite/setupNode@main
-
-  #     - name: Configure AWS Credentials
-  #       # Version: 1.5.5
-  #       uses: aws-actions/configure-aws-credentials@e97d7fbc8e0e5af69631c13daa0f4b5a8d88165b
-  #       with:
-  #         aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-  #         aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-  #         aws-region: us-east-1
-
-  #     - name: Build web for staging
-  #       run: npm run build-staging
-
-  #     - name: Build docs
-  #       run: npm run storybook-build
-  #       continue-on-error: true
-
-  #     - name: Deploy to S3 for internal testing
-  #       run: aws s3 cp --recursive --acl public-read "$GITHUB_WORKSPACE"/dist s3://ad-hoc-expensify-cash/web/"$PULL_REQUEST_NUMBER"
-  #       env:
-  #         PULL_REQUEST_NUMBER: ${{ github.event.number }}
+          PULL_REQUEST_NUMBER: ${{ github.event.number }}
 
   postGithubComment:
     runs-on: ubuntu-latest
     name: Post a GitHub comment with app download links for testing
-    needs: [android, ios]
+    needs: [android, ios, desktop]
     steps:
       - name: Checkout
         uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
@@ -203,9 +190,10 @@ jobs:
       - name: Publish links to apps for download
         run: |
           gh pr comment --body \
-          "Use the links below to test this build in android and iOS. Happy testing!
-          | android :robot:  | iOS :apple: | 
-          | ------------- | ------------- |
-          | ${{fromJson(steps.set_var.outputs.android_paths).html_path}}  | ${{fromJson(steps.set_var.outputs.ios_paths).html_path}}  |"
+          ":test_tube::test_tube: Use the links below to test this build in android and iOS. Happy testing! :test_tube::test_tube:
+          | android :robot:  | iOS :apple: | desktop :computer: |
+          | ------------- | ------------- | ------------- | 
+          | ${{fromJson(steps.set_var.outputs.android_paths).html_path}}  | ${{fromJson(steps.set_var.outputs.ios_paths).html_path}}  | https://ad-hoc-expensify-cash.us-east-1.amazonaws.com/desktop/${{github.event.number}}/NewExpensify.dmg
+          | ![Android](https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${{fromJson(steps.set_var.outputs.android_paths).html_path}}) | ![iOS](https://api.qrserver.com/v1/create-qr-code/?size=200x200&data=${{fromJson(steps.set_var.outputs.ios_paths).html_path}}) | ![desktop](https://ad-hoc-expensify-cash.us-east-1.amazonaws.com/desktop/${{github.event.number}}/NewExpensify.dmg)"
         env:
           GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
diff --git a/config/electronBuilder.config.js b/config/electronBuilder.config.js
@@ -1,23 +1,28 @@
 const {version} = require('../package.json');
 
 const isPublishing = process.argv.includes('--publish');
+const pullRequestNumber = process.env.PULL_REQUEST_NUMBER;
 
 const s3Bucket = {
     production: 'expensify-cash',
     staging: 'staging-expensify-cash',
     internal: 'ad-hoc-expensify-cash',
 };
 
+const s3Path = {
+    production: '/',
+    staging: '/',
+    internal: process.env.PULL_REQUEST_NUMBER
+        ? `/desktop/${pullRequestNumber}/`
+        : '/',
+};
+
 const macIcon = {
     production: './desktop/icon.png',
     staging: './desktop/icon-stg.png',
     internal: './desktop/icon-stg.png',
 };
 
-const isCorrectElectronEnv = ['production', 'staging', 'internal'].includes(
-    process.env.ELECTRON_ENV,
-);
-
 /**
  * The configuration for the production and staging Electron builds.
  * It can be used to create local builds of the same, by omitting the `--publish` flag
@@ -30,9 +35,7 @@ module.exports = {
     },
     mac: {
         category: 'public.app-category.finance',
-        icon: isCorrectElectronEnv
-            ? macIcon[process.env.ELECTRON_ENV]
-            : './desktop/icon-stg.png',
+        icon: macIcon[process.env.ELECTRON_ENV],
         hardenedRuntime: true,
         entitlements: 'desktop/entitlements.mac.plist',
         entitlementsInherit: 'desktop/entitlements.mac.plist',
@@ -46,10 +49,9 @@ module.exports = {
     publish: [
         {
             provider: 's3',
-            bucket: isCorrectElectronEnv
-                ? s3Bucket[process.env.ELECTRON_ENV]
-                : 'ad-hoc-expensify-cash',
+            bucket: s3Bucket[process.env.ELECTRON_ENV],
             channel: 'latest',
+            path: s3Path[process.env.ELECTRON_ENV],
         },
     ],
     afterSign: isPublishing ? './desktop/notarize.js' : undefined,

diff --git a/fastlane/Fastfile b/fastlane/Fastfile
@@ -142,8 +142,14 @@ platform :ios do
 
     build_app(
         workspace: "./ios/NewExpensify.xcworkspace",
+        skip_profile_detection: true,
         scheme: "NewExpensify",
+        export_method: "ad-hoc",
         export_options: {
+            method: "ad-hoc",
+            provisioningProfiles: {
+              "com.chat.expensify.chat" => "chat_expensify_adhoc",
+            },
             manageAppVersionAndBuildNumber: false
         }
     )