Chore: Rotate CI secrets (#4797)

This commit is contained in:
Diego Mello 2023-01-18 19:15:22 -03:00
parent 9bc6991a7b
commit 5891366c5f
2 changed files with 25 additions and 21 deletions

View File

@ -118,26 +118,26 @@ commands:
if [[ $CIRCLE_JOB == "android-build-official" ]]; then if [[ $CIRCLE_JOB == "android-build-official" ]]; then
echo -e "APPLICATION_ID=chat.rocket.android" >> ./gradle.properties echo -e "APPLICATION_ID=chat.rocket.android" >> ./gradle.properties
echo -e "BugsnagAPIKey=$BUGSNAG_KEY_OFFICIAL" >> ./gradle.properties echo -e "BugsnagAPIKey=$BUGSNAG_KEY_OFFICIAL" >> ./gradle.properties
echo $CHAT_ROCKET_ANDROID_STORE_FILE_BASE64_JKS | base64 --decode > ./app/$KEYSTORE_OFFICIAL echo $KEYSTORE_OFFICIAL_BASE64 | base64 --decode > ./app/$KEYSTORE_OFFICIAL
echo -e "KEYSTORE=$KEYSTORE_OFFICIAL" >> ./gradle.properties echo -e "KEYSTORE=$KEYSTORE_OFFICIAL" >> ./gradle.properties
echo -e "KEYSTORE_PASSWORD=$CHAT_ROCKET_ANDROID_STORE_PASSWORD" >> ./gradle.properties echo -e "KEYSTORE_PASSWORD=$KEYSTORE_OFFICIAL_PASSWORD" >> ./gradle.properties
echo -e "KEY_ALIAS=$CHAT_ROCKET_ANDROID_KEY_ALIAS" >> ./gradle.properties echo -e "KEY_ALIAS=$KEYSTORE_OFFICIAL_ALIAS" >> ./gradle.properties
echo -e "KEY_PASSWORD=$CHAT_ROCKET_ANDROID_KEY_PASSWORD" >> ./gradle.properties echo -e "KEY_PASSWORD=$KEYSTORE_OFFICIAL_PASSWORD" >> ./gradle.properties
else else
echo -e "APPLICATION_ID=chat.rocket.reactnative" >> ./gradle.properties echo -e "APPLICATION_ID=chat.rocket.reactnative" >> ./gradle.properties
echo -e "BugsnagAPIKey=$BUGSNAG_KEY" >> ./gradle.properties echo -e "BugsnagAPIKey=$BUGSNAG_KEY" >> ./gradle.properties
echo $KEYSTORE_BASE64 | base64 --decode > ./app/$KEYSTORE echo $KEYSTORE_EXPERIMENTAL_BASE64 | base64 --decode > ./app/$KEYSTORE_EXPERIMENTAL
echo -e "KEYSTORE=$KEYSTORE" >> ./gradle.properties echo -e "KEYSTORE=$KEYSTORE_EXPERIMENTAL" >> ./gradle.properties
echo -e "KEYSTORE_PASSWORD=$KEYSTORE_PASSWORD" >> ./gradle.properties echo -e "KEYSTORE_PASSWORD=$KEYSTORE_EXPERIMENTAL_PASSWORD" >> ./gradle.properties
echo -e "KEY_ALIAS=$KEY_ALIAS" >> ./gradle.properties echo -e "KEY_ALIAS=$KEYSTORE_EXPERIMENTAL_ALIAS" >> ./gradle.properties
echo -e "KEY_PASSWORD=$KEYSTORE_PASSWORD" >> ./gradle.properties echo -e "KEY_PASSWORD=$KEYSTORE_EXPERIMENTAL_PASSWORD" >> ./gradle.properties
fi fi
working_directory: android working_directory: android
- run: - run:
name: Set Google Services name: Set Google Services
command: | command: |
if [[ $KEYSTORE ]]; then if [[ $GOOGLE_SERVICES_ANDROID ]]; then
echo $GOOGLE_SERVICES_ANDROID | base64 --decode > google-services.json echo $GOOGLE_SERVICES_ANDROID | base64 --decode > google-services.json
fi fi
working_directory: android/app working_directory: android/app
@ -151,7 +151,7 @@ commands:
if [[ $CIRCLE_JOB == "android-build-experimental" || "android-automatic-build-experimental" ]]; then if [[ $CIRCLE_JOB == "android-build-experimental" || "android-automatic-build-experimental" ]]; then
./gradlew bundleExperimentalPlayRelease ./gradlew bundleExperimentalPlayRelease
fi fi
if [[ ! $KEYSTORE ]]; then if [[ ! $GOOGLE_SERVICES_ANDROID ]]; then
./gradlew assembleExperimentalPlayDebug ./gradlew assembleExperimentalPlayDebug
fi fi
working_directory: android working_directory: android
@ -200,8 +200,12 @@ commands:
- run: - run:
name: Set Google Services name: Set Google Services
command: | command: |
if [[ $KEYSTORE ]]; then if [[ $APP_STORE_CONNECT_API_KEY_BASE64 ]]; then
echo $GOOGLE_SERVICES_IOS | base64 --decode > GoogleService-Info.plist if [[ $CIRCLE_JOB == "ios-build-official" ]]; then
echo $GOOGLE_SERVICES_IOS | base64 --decode > GoogleService-Info.plist
else
echo $GOOGLE_SERVICES_IOS_EXPERIMENTAL | base64 --decode > GoogleService-Info.plist
fi
fi fi
working_directory: ios working_directory: ios
- run: - run:
@ -223,12 +227,12 @@ commands:
/usr/libexec/PlistBuddy -c "Set IS_OFFICIAL NO" ./NotificationService/Info.plist /usr/libexec/PlistBuddy -c "Set IS_OFFICIAL NO" ./NotificationService/Info.plist
fi fi
if [[ $APP_STORE_CONNECT_API_BASE64 ]]; then if [[ $APP_STORE_CONNECT_API_KEY_BASE64 ]]; then
echo $APP_STORE_CONNECT_API_BASE64 | base64 --decode > ./fastlane/app_store_connect_api_key.p8 echo $APP_STORE_CONNECT_API_KEY_BASE64 | base64 --decode > ./fastlane/app_store_connect_api_key.p8
if [[ $CIRCLE_JOB == "ios-build-official" ]]; then if [[ $CIRCLE_JOB == "ios-build-official" ]]; then
bundle exec fastlane ios build_official bundle exec fastlane ios build_official
else else
if [[ $KEYSTORE ]]; then if [[ $APP_STORE_CONNECT_API_KEY_BASE64 ]]; then
bundle exec fastlane ios build_experimental bundle exec fastlane ios build_experimental
else else
bundle exec fastlane ios build_fork bundle exec fastlane ios build_fork
@ -318,7 +322,7 @@ commands:
- run: - run:
name: Fastlane Tesflight Upload name: Fastlane Tesflight Upload
command: | command: |
echo $APP_STORE_CONNECT_API_BASE64 | base64 --decode > ./fastlane/app_store_connect_api_key.p8 echo $APP_STORE_CONNECT_API_KEY_BASE64 | base64 --decode > ./fastlane/app_store_connect_api_key.p8
bundle exec fastlane ios beta official:<< parameters.official >> bundle exec fastlane ios beta official:<< parameters.official >>
working_directory: ios working_directory: ios
- save_cache: *save-gems-cache - save_cache: *save-gems-cache

View File

@ -28,8 +28,8 @@ platform :ios do
desc "Submit a new Beta Build to Apple TestFlight" desc "Submit a new Beta Build to Apple TestFlight"
lane :beta do |options| lane :beta do |options|
api_key = app_store_connect_api_key( api_key = app_store_connect_api_key(
key_id: "F296L2294Y", key_id: ENV["APP_STORE_CONNECT_API_KEY_ID"],
issuer_id: "69a6de8e-75cf-47e3-e053-5b8c7c11a4d1", issuer_id: ENV["APP_STORE_CONNECT_API_KEY_ISSUER_ID"],
key_filepath: 'fastlane/app_store_connect_api_key.p8', key_filepath: 'fastlane/app_store_connect_api_key.p8',
in_house: false in_house: false
) )
@ -49,8 +49,8 @@ platform :ios do
desc "Build Experimental app" desc "Build Experimental app"
lane :build_experimental do lane :build_experimental do
api_key = app_store_connect_api_key( api_key = app_store_connect_api_key(
key_id: "F296L2294Y", key_id: ENV["APP_STORE_CONNECT_API_KEY_ID"],
issuer_id: "69a6de8e-75cf-47e3-e053-5b8c7c11a4d1", issuer_id: ENV["APP_STORE_CONNECT_API_KEY_ISSUER_ID"],
key_filepath: 'fastlane/app_store_connect_api_key.p8', key_filepath: 'fastlane/app_store_connect_api_key.p8',
in_house: false in_house: false
) )