From 00127fd2382eb29d11105ebf4cb9144b3143bfdb Mon Sep 17 00:00:00 2001
From: Balazs Perlaki-Horvath <ba.perlaki@gmail.com>
Date: Sun, 4 Feb 2024 22:29:10 +0100
Subject: [PATCH] Simplify CI steps, remove unused xcbuild param

---
 .github/actions/xcbuild/action.yml |  2 --
 .github/workflows/cd.yml           | 10 ++++---
 .github/workflows/ci.yml           | 47 +++++++++---------------------
 3 files changed, 20 insertions(+), 39 deletions(-)

diff --git a/.github/actions/xcbuild/action.yml b/.github/actions/xcbuild/action.yml
index 56b29d21..12eb633a 100644
--- a/.github/actions/xcbuild/action.yml
+++ b/.github/actions/xcbuild/action.yml
@@ -8,8 +8,6 @@ inputs:
     required: true
   xc-destination:
     required: true
-  upload-to:
-    required: true
   APPLE_DEVELOPMENT_SIGNING_CERTIFICATE:
     required: true
   APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD:
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index a0deb220..d45527de 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -12,7 +12,7 @@ env:
   KEYCHAIN_PASSWORD: mysecretpassword
   KEYCHAIN_PROFILE: build-profile
   SSH_KEY: /tmp/id_rsa
-  APPLE_STORE_AUTH_KEY_PATH: /tmp/authkey.p8
+  
 
 jobs:
   build_and_deploy:
@@ -32,12 +32,15 @@ jobs:
         #     uploadto: app-store
     runs-on: macos-13
     env:
-      APPLE_AUTH_PARAMS: "-authenticationKeyPath ${{ env.APPLE_STORE_AUTH_KEY_PATH }} -authenticationKeyID ${{ secrets.APPLE_STORE_AUTH_KEY_ID }} -authenticationKeyIssuerID ${{ secrets.APPLE_STORE_AUTH_KEY_ISSUER_ID }}"
+      APPLE_STORE_AUTH_KEY_PATH: /tmp/authkey.p8
+      APPLE_AUTH_PARAMS: "-authenticationKeyPath /tmp/authkey.p8 -authenticationKeyID ${{ secrets.APPLE_STORE_AUTH_KEY_ID }} -authenticationKeyIssuerID ${{ secrets.APPLE_STORE_AUTH_KEY_ISSUER_ID }}"
       # conditionally updated later:
       EXPORT_METHOD: "app-store"
       EXTRA_XCODEBUILD: ""
       UPLOAD_TO: ""
-      VERSION: "" 
+      VERSION: ""
+      SIGNING_CERTIFICATE: ""
+      SIGNING_CERTIFICATE_P12_PASSWORD: ""
       
     steps:
     - name: Checkout code
@@ -116,7 +119,6 @@ jobs:
       with:
         action: archive
         xc-destination: generic/platform=${{ matrix.platform }}
-        upload-to: ${{ env.UPLOAD_TO }}
         version: ${{ env.VERSION }}
         APPLE_DEVELOPMENT_SIGNING_CERTIFICATE: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_CERTIFICATE }}
         APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index e548fef5..6abe5f74 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -7,9 +7,6 @@ on:
     branches:
       - main
 
-env:
-  APPLE_STORE_AUTH_KEY_PATH: /tmp/authkey.p8
-
 jobs:
   authorize:
     # sets environment based on origin of PR: internal (non-existent) for own-repo or external (requires reviewer to run) for external repos
@@ -20,54 +17,38 @@ jobs:
   build:
     needs: authorize
     runs-on: macos-13
+    env:
+      EXTRA_XCODEBUILD: ""
+      APPLE_STORE_AUTH_KEY_PATH: /tmp/authkey.p8
+      APPLE_AUTH_PARAMS: "-authenticationKeyPath /tmp/authkey.p8 -authenticationKeyID ${{ secrets.APPLE_STORE_AUTH_KEY_ID }} -authenticationKeyIssuerID ${{ secrets.APPLE_STORE_AUTH_KEY_ISSUER_ID }}"
     strategy:
       fail-fast: false
       matrix:
-        destination:
-          - platform: macOS
-          - platform: iOS
-            xcode_extra: -sdk iphoneos
+        platform: [macOS, iOS]
+
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # /!\ important: this checks out code from the HEAD of the PR instead of the main branch (for pull_request_target)
           ref: ${{ github.event.pull_request.head.sha || github.ref }}
 
       - name: Add Apple Store Key
-        if: ${{ matrix.destination.platform == 'iOS' }}
-        env:
-          APPLE_STORE_AUTH_KEY_PATH: ${{ env.APPLE_STORE_AUTH_KEY_PATH }}
-          APPLE_STORE_AUTH_KEY: ${{ secrets.APPLE_STORE_AUTH_KEY }}
-        shell: bash
-        run: echo "${APPLE_STORE_AUTH_KEY}" | base64 --decode -o $APPLE_STORE_AUTH_KEY_PATH
+        if: matrix.platform == 'iOS'
+        run: echo "${{ secrets.APPLE_STORE_AUTH_KEY }}" | base64 --decode -o ${{ env.APPLE_STORE_AUTH_KEY_PATH}}
 
-      - name: Extend EXTRA_XCODEBUILD
-        if: ${{ matrix.destination.platform == 'iOS' }}
+      - name: Set EXTRA_XCODEBUILD
+        if: matrix.platform == 'iOS'
         env:
-          EXTRA_XCODEBUILD: ${{ matrix.destination.xcode_extra }}
-          APPLE_STORE_AUTH_KEY_PATH: ${{ env.APPLE_STORE_AUTH_KEY_PATH }}
-          APPLE_STORE_AUTH_KEY_ID: ${{ secrets.APPLE_STORE_AUTH_KEY_ID }}
-          APPLE_STORE_AUTH_KEY_ISSUER_ID: ${{ secrets.APPLE_STORE_AUTH_KEY_ISSUER_ID }}
-        shell: python
-        run: |
-          import os
-          extra_xcode = os.getenv("EXTRA_XCODEBUILD", "")
-          extra_xcode += f" -authenticationKeyPath {os.getenv('APPLE_STORE_AUTH_KEY_PATH')}"
-          extra_xcode += f" -authenticationKeyID {os.getenv('APPLE_STORE_AUTH_KEY_ID')}"
-          extra_xcode += f" -authenticationKeyIssuerID {os.getenv('APPLE_STORE_AUTH_KEY_ISSUER_ID')}"
-
-          with open(os.getenv("GITHUB_ENV"), "a") as fh:
-            fh.write(f"EXTRA_XCODEBUILD={extra_xcode}\n")
+          EXTRA_XCODEBUILD: "-sdk iphoneos ${{ env.APPLE_AUTH_PARAMS }}"
+        run: echo
 
       - name: Build
         uses: ./.github/actions/xcbuild
         with:
           action: build
-          xc-destination: generic/platform=${{ matrix.destination.platform }}
-          upload-to: dev
+          xc-destination: generic/platform=${{ matrix.platform }}
           version: CI
           APPLE_DEVELOPMENT_SIGNING_CERTIFICATE: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_CERTIFICATE }}
           APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD }}
           EXTRA_XCODEBUILD: ${{ env.EXTRA_XCODEBUILD }}
-