From 5f9e60e254104003ca62e01bb9521df46c841f81 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Malo=20L=C3=A9on?= <malo.leon@wyatt-studio.fr>
Date: Fri, 9 Jun 2023 16:37:06 +0200
Subject: [PATCH] feat: remove artifacts (#15), check for match password (close
 #13), and check json key (close #11)

---
 .../ios_cd/actions/build_and_deploy_action.rb | 35 ++++++++++++++++---
 .../plugin/ios_cd/helper/ios_cd_helper.rb     |  8 +++--
 2 files changed, 35 insertions(+), 8 deletions(-)

diff --git a/plugins/fastlane-plugin-ios_cd/lib/fastlane/plugin/ios_cd/actions/build_and_deploy_action.rb b/plugins/fastlane-plugin-ios_cd/lib/fastlane/plugin/ios_cd/actions/build_and_deploy_action.rb
index 5ed1345..1b4ca22 100644
--- a/plugins/fastlane-plugin-ios_cd/lib/fastlane/plugin/ios_cd/actions/build_and_deploy_action.rb
+++ b/plugins/fastlane-plugin-ios_cd/lib/fastlane/plugin/ios_cd/actions/build_and_deploy_action.rb
@@ -5,11 +5,16 @@ module Fastlane
   module Actions
     class BuildAndDeployAction < Action
       def self.run(params)
-
         # Check parameters
         unless Helper::IosCdHelper.is_set(params[:beta_type])
-          UI.user_error("❌ Parameters beta_type cannot be null")
-          puts("Error on beta type parameter")
+          raise ArgumentError, "❌ Parameters beta_type cannot be null"
+        end
+
+        # Check if match password exist
+        match_password = ENV['MATCH_PASSWORD']
+
+        if match_password.nil? || match_password.empty?
+          raise ArgumentError, "❌ match password must be provided"
         end
 
         UI.message("⌛️ Building and deploying to Store in #{params[:beta_type]}..")
@@ -19,9 +24,23 @@ module Fastlane
         UI.message("👉🏼 Credentials decrypted.")
 
         # Retrieve credentials
-        creds = Helper::IosCdHelper.parseIosCredentials('.')
+        creds = Helper::IosCdHelper.parse_ios_credentials('.')
         UI.message("👉🏼 Credentials parsed.")
 
+        # Delete decrypted artifacts
+        artifacts = ['ios_keys.zip', 'ios_credentials.json']
+        artifacts.each do |file|
+          File.delete(file) if File.exist?(file)
+        end
+
+        # Check credentials
+        required_fields = ['developer_app_id', 'username', 'developer_app_identifier', 'app_identifier_extensions', 'apple_issuer_id', 'apple_key_id', 'team_id', 'team_name', 'apple_key_content', 'git_url', 'git_basic_authorization', 'provisioning_profiles', 'temp_keychain_user', 'temp_keychain_password']
+        missing_fields = required_fields - creds.keys
+
+        unless missing_fields.empty?
+          raise ArgumentError, "❌ missing keys in credential json file : #{missing_fields}"
+        end
+
         # Delete keychain if existing
         if File.exist?(File.expand_path("~/Library/Keychains/#{name}-db"))
           other_action.delete_keychain(
@@ -83,7 +102,7 @@ module Fastlane
           api_key: api_key,
           type: 'appstore',
           app_identifier: creds['app_identifier_extensions'],
-          git_basic_authorization: Base64.strict_encode64(ENV["GIT_AUTHORIZATION"]),
+          git_basic_authorization: Base64.strict_encode64(creds['git_basic_authorization']),
           keychain_name: creds['temp_keychain_user'].to_s,
           keychain_password: creds['temp_keychain_password'].to_s,
           git_url: creds['git_url'].to_s,
@@ -125,6 +144,12 @@ module Fastlane
             name: creds['temp_keychain_user']
           )
         end
+
+        # Delete build artifacts
+        artifacts = ['Runner.app.dSYM.zip', 'Runner.ipa']
+        artifacts.each do |file|
+          File.delete(file) if File.exist?(file)
+        end
       end
 
       def self.description
diff --git a/plugins/fastlane-plugin-ios_cd/lib/fastlane/plugin/ios_cd/helper/ios_cd_helper.rb b/plugins/fastlane-plugin-ios_cd/lib/fastlane/plugin/ios_cd/helper/ios_cd_helper.rb
index d183935..3d771dc 100644
--- a/plugins/fastlane-plugin-ios_cd/lib/fastlane/plugin/ios_cd/helper/ios_cd_helper.rb
+++ b/plugins/fastlane-plugin-ios_cd/lib/fastlane/plugin/ios_cd/helper/ios_cd_helper.rb
@@ -15,6 +15,8 @@ module Fastlane
       # Decrypts ios credentials
       def self.decrypt_ios_keys(ios_directory)
         # Define the GPG command with options
+        system('echo test')
+        system("echo #{ENV['IOS_KEYS_SECRET_PASSPHRASE']}")
         gpg_command = "gpg --quiet --batch --yes --decrypt --passphrase=#{ENV['IOS_KEYS_SECRET_PASSPHRASE']} \
           --output #{ios_directory}/ios_keys.zip #{ios_directory}/ios_keys.zip.gpg"
 
@@ -26,19 +28,19 @@ module Fastlane
           # Move the extracted files to the current directory
           `jar xvf #{ios_directory}/ios_keys.zip && mv #{ios_directory}/ios_keys/* #{ios_directory}`
         else
-          UI.user_error("❌ Erreur lors de la décompression du fichier GPG")
+          UI.user_error!("❌ Erreur lors de la décompression du fichier GPG")
         end
       end
 
       # Parse credential file
-      def self.parseIosCredentials(ios_directory)
+      def self.parse_ios_credentials(ios_directory)
         if File.exist?("#{ios_directory}/ios_credentials.json")
           # Read file and decrypt it
           file = File.read("#{ios_directory}/ios_credentials.json")
           JSON.parse(file)
 
         else
-          UI.user_error("❌ Ios credentials doesn't exist")
+          UI.user_error!("❌ Ios credentials doesn't exist")
           puts("json file doesn't exist")
         end
       end