Several fixes to signing api.
* Docs cleanup.
* Fix to include the path to the signing tool.
* Removal of functionality that is not required.
Change-Id: Ic3f22d211fa050d56f1cdf72d41df36227c733d1
Reviewed-on: https://flutter-review.googlesource.com/c/recipes/+/41581
Reviewed-by: Ricardo Amador <ricardoamador@google.com>
Commit-Queue: Godofredo Contreras <godofredoc@google.com>
diff --git a/recipe_modules/signing/api.py b/recipe_modules/signing/api.py
index 71cfc09..0f30a5b 100644
--- a/recipe_modules/signing/api.py
+++ b/recipe_modules/signing/api.py
@@ -40,6 +40,7 @@
@property
def codesign_binary(self):
+ """Property pointing to the signing tool location."""
self._ensure()
return self._codesign_binary_path
@@ -82,15 +83,16 @@
'CODESIGN_APP_STORE_ID': 'codesign_app_store_id.encrypted'
}
self.m.kms.decrypt_secrets(env, secrets_dict)
+ env['CODESIGN_PATH'] = self.codesign_binary
+
def _keychain_setup(self, env, env_prefixes):
"""KeychainSetup adds flutter .p12 to a temporary keychain named 'build'.
Args:
- codesign_path (str): path of codesign cipd package.
- p12_filepath (str) : path of the .p12 file that has flutter credentials.
- p12_password_raw (str) : the password to decode the .p12 flutter file.
+ env (dict): environment variables.
+ env_prefixes (dict) : environment paths.
"""
with self.m.step.nest('Setup keychain'):
# Delete build.keychain if exists.
@@ -166,7 +168,6 @@
"""Concurrently creates jobs to codesign each binary.
Args:
- codesign_path (str): path of codesign cipd package.
env (dict): environment variables.
env_prefixes (dict) : environment paths.
"""
@@ -194,21 +195,15 @@
"""Runs code sign standalone app.
Args:
+ env (dict): environment variables.
+ env_prefixes (dict) : environment paths.
source_path (Path): path of the artifact to sign.
- app_specific_password_filepath (str) : path of app specific password, one of
- the code sign credentials.
- appstore_id_filepath (str) : path of apple store id, one of the codesign
- credentials.
- team_id_filepath (str) : path of flutter team id used for codesign, one of the
- codesign credentials.
- codesign_string_path (str): the absolute path of the codesign standalone app
- cipd package. This is to differentiate codesign cipd from mac system codesign.
"""
app_specific_password_filepath = env['CODESIGN_APP_SPECIFIC_PASSWORD']
appstore_id_filepath = env['CODESIGN_APP_STORE_ID']
team_id_filepath = env['CODESIGN_TEAM_ID']
path, base_name = self.m.path.split(source_path)
- unsigned_path = self.m.path.join(path, base_name)
+ unsigned_path = self.m.path.join(path, 'unsigned_%s' % base_name)
self.m.file.move(
'Move %s' % str(source_path),
source_path,
diff --git a/recipe_modules/signing/examples/code_sign.expected/mac_require_signing.json b/recipe_modules/signing/examples/code_sign.expected/mac_require_signing.json
index e07bd77..a8b9aac 100644
--- a/recipe_modules/signing/examples/code_sign.expected/mac_require_signing.json
+++ b/recipe_modules/signing/examples/code_sign.expected/mac_require_signing.json
@@ -425,6 +425,7 @@
"env": {
"CODESIGN_APP_SPECIFIC_PASSWORD": "[CLEANUP]/CODESIGN_APP_SPECIFIC_PASSWORD",
"CODESIGN_APP_STORE_ID": "[CLEANUP]/CODESIGN_APP_STORE_ID",
+ "CODESIGN_PATH": "[CLEANUP]/tmp_tmp_1/codesign",
"CODESIGN_TEAM_ID": "[CLEANUP]/CODESIGN_TEAM_ID",
"FLUTTER_P12": "[CLEANUP]/FLUTTER_P12",
"FLUTTER_P12_PASSWORD": "[CLEANUP]/FLUTTER_P12_PASSWORD",
@@ -471,14 +472,14 @@
"/path/to/tmp/json",
"move",
"file1.zip",
- "file1.zip"
+ "unsigned_file1.zip"
],
"infra_step": true,
"name": "Move file1.zip"
},
{
"cmd": [],
- "name": "Codesign file1.zip"
+ "name": "Codesign unsigned_file1.zip"
},
{
"cmd": [
@@ -488,7 +489,7 @@
"",
"build.keychain"
],
- "name": "Codesign file1.zip.unlock build keychain",
+ "name": "Codesign unsigned_file1.zip.unlock build keychain",
"~followup_annotations": [
"@@@STEP_NEST_LEVEL@1@@@"
]
@@ -506,19 +507,20 @@
"--codesign-team-id-file-path",
"[CLEANUP]/CODESIGN_TEAM_ID",
"--input-zip-file-path",
- "file1.zip",
+ "unsigned_file1.zip",
"--output-zip-file-path",
"file1.zip"
],
"env": {
"CODESIGN_APP_SPECIFIC_PASSWORD": "[CLEANUP]/CODESIGN_APP_SPECIFIC_PASSWORD",
"CODESIGN_APP_STORE_ID": "[CLEANUP]/CODESIGN_APP_STORE_ID",
+ "CODESIGN_PATH": "[CLEANUP]/tmp_tmp_1/codesign",
"CODESIGN_TEAM_ID": "[CLEANUP]/CODESIGN_TEAM_ID",
"FLUTTER_P12": "[CLEANUP]/FLUTTER_P12",
"FLUTTER_P12_PASSWORD": "[CLEANUP]/FLUTTER_P12_PASSWORD",
"P12_SUFFIX_FILEPATH": "[CLEANUP]/flutter.p12"
},
- "name": "Codesign file1.zip.codesign Apple engine binaries",
+ "name": "Codesign unsigned_file1.zip.codesign Apple engine binaries",
"~followup_annotations": [
"@@@STEP_NEST_LEVEL@1@@@"
]
diff --git a/recipe_modules/signing/examples/code_sign.expected/no_signing_identity.json b/recipe_modules/signing/examples/code_sign.expected/no_signing_identity.json
index 186f496..9ae929d 100644
--- a/recipe_modules/signing/examples/code_sign.expected/no_signing_identity.json
+++ b/recipe_modules/signing/examples/code_sign.expected/no_signing_identity.json
@@ -428,6 +428,7 @@
"env": {
"CODESIGN_APP_SPECIFIC_PASSWORD": "[CLEANUP]/CODESIGN_APP_SPECIFIC_PASSWORD",
"CODESIGN_APP_STORE_ID": "[CLEANUP]/CODESIGN_APP_STORE_ID",
+ "CODESIGN_PATH": "[CLEANUP]/tmp_tmp_1/codesign",
"CODESIGN_TEAM_ID": "[CLEANUP]/CODESIGN_TEAM_ID",
"FLUTTER_P12": "[CLEANUP]/FLUTTER_P12",
"FLUTTER_P12_PASSWORD": "[CLEANUP]/FLUTTER_P12_PASSWORD",
diff --git a/recipe_modules/signing/test_api.py b/recipe_modules/signing/test_api.py
index ac1fedb..b0a21d4 100644
--- a/recipe_modules/signing/test_api.py
+++ b/recipe_modules/signing/test_api.py
@@ -6,9 +6,10 @@
class RecipeTestingTestApi(recipe_test_api.RecipeTestApi):
- def flutter_signing_identity(self):
+ def flutter_signing_identity(self, step_name=None):
+ step_name = step_name or 'Setup keychain.show-identities'
return self.step_data(
- 'Setup keychain.show-identities',
+ step_name,
stdout=self.m.raw_io.output_text(
'1) ABCD "Developer ID Application: FLUTTER.IO LLC (ABCD)"'
)