Implement containerized testflight deploy and app verification

2025-06-16 05:55:20 +00:00 · 2022-09-20 23:03:57 +02:00 · 2022-09-20 23:03:57 +02:00 · 4c8eef6a9b
commit 4c8eef6a9b
parent bfaaf1671d
5 changed files with 94 additions and 68 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -110,7 +110,7 @@ deploy_beta_testflight:
  except:
    - tags
  script:
-    - bash buildbox/deploy-telegram.sh appstore
+    - PYTHONPATH="$PYTHONPATH:/darwin-containers" python3 -u build-system/Make/Make.py remote-deploy-testflight --darwinContainersHost="http://host.docker.internal:8650" --ipa="build/artifacts/Telegram.ipa" --dsyms="build/artifacts/Telegram.DSYMs.zip"
  environment:
    name: testflight_llc

@ -124,7 +124,10 @@ verifysanity_beta_testflight:
  except:
    - tags
  script:
-    - bash buildbox/verify-telegram.sh appstore cached
+    - rm -rf build/verify-input && mkdir -p build/verify-input && mv build/artifacts/Telegram.ipa build/verify-input/TelegramVerifySource.ipa
+    - PYTHONPATH="$PYTHONPATH:/darwin-containers" DARWIN_CONTAINERS_HOST="http://host.docker.internal:8650" python3 -u build-system/Make/Make.py remote-build --darwinContainersHost="$DARWIN_CONTAINERS_HOST" --cacheHost="$TELEGRAM_BAZEL_CACHE_HOST" --configurationPath="build-system/appstore-configuration.json" --codesigningInformationPath=build-system/fake-codesigning --configuration=release_arm64
+    - python3 tools/ipadiff.py build/artifacts/Telegram.ipa build/verify-input/TelegramVerifySource.ipa
+    - if [ $? -ne 0 ]; then; echo "Verification failed"; mkdir -p build/verifysanity_artifacts; cp build/artifacts/Telegram.ipa build/verifysanity_artifacts/; fi
  environment:
    name: testflight_llc
  artifacts:
@ -143,7 +146,10 @@ verify_beta_testflight:
  except:
    - tags
  script:
-    - bash buildbox/verify-telegram.sh appstore full
+    - rm -rf build/verify-input && mkdir -p build/verify-input && mv build/artifacts/Telegram.ipa build/verify-input/TelegramVerifySource.ipa
+    - PYTHONPATH="$PYTHONPATH:/darwin-containers" DARWIN_CONTAINERS_HOST="http://host.docker.internal:8650" python3 -u build-system/Make/Make.py remote-build --darwinContainersHost="$DARWIN_CONTAINERS_HOST" --configurationPath="build-system/appstore-configuration.json" --codesigningInformationPath=build-system/fake-codesigning --configuration=release_arm64
+    - python3 tools/ipadiff.py build/artifacts/Telegram.ipa build/verify-input/TelegramVerifySource.ipa
+    - if [ $? -ne 0 ]; then; echo "Verification failed"; mkdir -p build/verify_artifacts; cp build/artifacts/Telegram.ipa build/verify_artifacts/; fi
  environment:
    name: testflight_llc
  artifacts:
--- a/build-system/Make/DeployToAppStoreConnect.py
+++ b/build-system/Make/DeployToAppStoreConnect.py
@ -1,62 +0,0 @@
-import os
-import sys
-import argparse
-import json
-
-from BuildEnvironment import check_run_system
-
-def deploy_to_appstore_connect(args):
-    if not os.path.exists(args.configuration):
-        print('{} does not exist'.format(args.configuration))
-        sys.exit(1)
-    if not os.path.exists(args.ipa):
-        print('{} does not exist'.format(args.ipa))
-        sys.exit(1)
-
-    with open(args.configuration) as file:
-        configuration_dict = json.load(file)
-        required_keys = [
-            'username',
-            'app_name',
-            'api_token',
-        ]
-        for key in required_keys:
-            if key not in configuration_dict:
-                print('Configuration at {} does not contain {}'.format(args.configuration, key))
-
-        check_run_system('appcenter login --token {token}'.format(token=configuration_dict['api_token']))
-        check_run_system('appcenter distribute release --app "{username}/{app_name}" -f "{ipa_path}" -g Internal'.format(
-            username=configuration_dict['username'],
-            app_name=configuration_dict['app_name'],
-            ipa_path=args.ipa,
-
-        ))
-        if args.dsyms is not None:
-            check_run_system('appcenter crashes upload-symbols --app "{username}/{app_name}" --symbol "{dsym_path}"'.format(
-                username=configuration_dict['username'],
-                app_name=configuration_dict['app_name'],
-                dsym_path=args.dsyms
-            ))
-
-
-if __name__ == '__main__':
-    parser = argparse.ArgumentParser(prog='deploy-appstore-connect')
-
-    parser.add_argument(
-        '--configuration',
-        required=True,
-        help='Path to configuration json.'
-    )
-    parser.add_argument(
-        '--ipa',
-        required=True,
-        help='Path to IPA.'
-    )
-
-    if len(sys.argv) < 2:
-        parser.print_help()
-        sys.exit(1)
-
-    args = parser.parse_args()
-
-    deploy_to_appstore_connect(args)
--- a/build-system/Make/ImportCertificates.py
+++ b/build-system/Make/ImportCertificates.py
@ -52,7 +52,7 @@ def import_certificates(certificatesPath):
                '/usr/bin/codesign',
                '-T',
                '/usr/bin/security'
-            ], check_result=True)
+            ], check_result=False)

    run_executable_with_output('security', arguments=[
        'import',
@ -65,7 +65,7 @@ def import_certificates(certificatesPath):
        '/usr/bin/codesign',
        '-T',
        '/usr/bin/security'
-    ], check_result=True)
+    ], check_result=False)

    run_executable_with_output('security', arguments=[
        'set-key-partition-list',
--- a/build-system/Make/Make.py
+++ b/build-system/Make/Make.py
@ -891,6 +891,26 @@ if __name__ == '__main__':
        help='Bazel remote cache host address.'
    )

+    remote_upload_testflight_parser = subparsers.add_parser('remote-deploy-testflight', help='Build the app using a remote environment.')
+    remote_upload_testflight_parser.add_argument(
+        '--darwinContainersHost',
+        required=True,
+        type=str,
+        help='DarwinContainers host address.'
+    )
+    remote_upload_testflight_parser.add_argument(
+        '--ipa',
+        required=True,
+        type=str,
+        help='Path to IPA file.'
+    )
+    remote_upload_testflight_parser.add_argument(
+        '--dsyms',
+        required=True,
+        type=str,
+        help='Path to DSYMs.zip file.'
+    )
+
    if len(sys.argv) < 2:
        parser.print_help()
        sys.exit(1)
@ -901,7 +921,7 @@ if __name__ == '__main__':
        print(args)

    if args.commandName is None:
-        exit(0)
+        sys.exit(0)

    bazel_path = None
    if args.bazel is None:
@ -940,6 +960,22 @@ if __name__ == '__main__':
                configuration=args.configuration,
                build_input_data_path=remote_input_path
            )
+        elif args.commandName == 'remote-deploy-testflight':
+            env = os.environ
+            if 'APPSTORE_CONNECT_USERNAME' not in env:
+                print('APPSTORE_CONNECT_USERNAME environment variable is not set')
+                sys.exit(1)
+            if 'APPSTORE_CONNECT_PASSWORD' not in env:
+                print('APPSTORE_CONNECT_PASSWORD environment variable is not set')
+                sys.exit(1)
+
+            RemoteBuild.remote_deploy_testflight(
+                darwin_containers_host=args.darwinContainersHost,
+                ipa_path=args.ipa,
+                dsyms_path=args.dsyms,
+                username=env['APPSTORE_CONNECT_USERNAME'],
+                password=env['APPSTORE_CONNECT_PASSWORD']
+            )
        elif args.commandName == 'test':
            test(bazel=bazel_path, arguments=args)
        else:
--- a/build-system/Make/RemoteBuild.py
+++ b/build-system/Make/RemoteBuild.py
@ -139,3 +139,49 @@ def remote_build(darwin_containers_host, bazel_cache_host, configuration, build_
        else:
            print('Telegram.ipa not found')
            sys.exit(1)
+
+def remote_deploy_testflight(darwin_containers_host, ipa_path, dsyms_path, username, password):
+    macos_version = '12.5'
+
+    from darwin_containers import DarwinContainers
+
+    base_dir = os.getcwd()
+
+    configuration_path = 'versions.json'
+    xcode_version = ''
+    with open(configuration_path) as file:
+        configuration_dict = json.load(file)
+        if configuration_dict['xcode'] is None:
+            raise Exception('Missing xcode version in {}'.format(configuration_path))
+        xcode_version = configuration_dict['xcode']
+
+    print('Xcode version: {}'.format(xcode_version))
+
+    image_name = 'macos-{macos_version}-xcode-{xcode_version}'.format(macos_version=macos_version, xcode_version=xcode_version)
+
+    print('Image name: {}'.format(image_name))
+
+    darwinContainers = DarwinContainers(serverAddress=darwin_containers_host, verbose=False)
+
+    print('Opening container session...')
+    with darwinContainers.workingImageSession(name=image_name) as session:
+        print('Uploading data to container...')
+        session_scp_upload(session=session, source_path=ipa_path, destination_path='')
+        session_scp_upload(session=session, source_path=dsyms_path, destination_path='')
+
+        guest_upload_sh = '''
+            set -e
+
+            export DELIVER_ITMSTRANSPORTER_ADDITIONAL_UPLOAD_PARAMETERS="-t DAV"
+            FASTLANE_PASSWORD="{password}" xcrun altool --upload-app --type ios --file "Telegram.ipa" --username "{username}" --password "@env:FASTLANE_PASSWORD"
+        '''.format(username=username, password=password)
+
+        guest_upload_file_path = tempfile.mktemp()
+        with open(guest_upload_file_path, 'w+') as file:
+            file.write(guest_upload_sh)
+        session_scp_upload(session=session, source_path=guest_upload_file_path, destination_path='guest-upload-telegram.sh')
+        os.unlink(guest_upload_file_path)
+
+        print('Executing remote upload...')
+        session_ssh(session=session, command='bash -l guest-upload-telegram.sh')
+