mirror of
https://github.com/selfxyz/self.git
synced 2026-01-08 22:28:11 -05:00
4b09e5b96f
* Refactor NFC scanner tests to use a global variable for platform OS, allowing dynamic switching between iOS and Android during tests. This change improves test isolation and avoids hoisting issues with jest.mock. * feat: add GitHub App token generation action for self repositories - Introduced a new action to generate GitHub App tokens for accessing repositories within the selfxyz organization. - Updated multiple workflows to utilize the new action for token generation, ensuring secure access to private repositories during CI processes. - Modified Podfile and scripts to support authentication using the generated token, enhancing the cloning of private modules in CI environments. * chore: enhance CI workflows with Git authentication for CocoaPods - Updated multiple CI workflows to include a step for configuring Git authentication for CocoaPods, ensuring secure access to private repositories without embedding credentials in URLs. - Added masking for sensitive tokens in logs to enhance security during CI processes. - Modified the Podfile to avoid printing authentication details in CI logs, improving overall security practices. * chore: enhance CI workflows with optional Git authentication configuration - Added new inputs to the GitHub action for generating GitHub tokens, allowing optional configuration of a ~/.netrc entry for Git authentication. - Updated multiple CI workflows to utilize the new configuration, improving security and simplifying access to private repositories during builds. - Removed redundant Git authentication steps from workflows, streamlining the CI process while maintaining secure access to necessary resources. * chore: update Podfile for secure Git authentication in CI - Modified the Podfile to enhance security by avoiding the embedding of credentials in URLs for accessing the NFCPassportReader repository during CI processes. - Added comments to guide developers on using workflow-provided authentication methods, improving overall security practices in the project.
91 lines
3.6 KiB
Ruby
91 lines
3.6 KiB
Ruby
# Resolve react_native_pods.rb with node to allow for hoisting
|
|
require Pod::Executable.execute_command("node", ["-p",
|
|
'require.resolve(
|
|
"react-native/scripts/react_native_pods.rb",
|
|
{paths: [process.argv[1]]},
|
|
)', __dir__]).strip
|
|
|
|
def using_https_git_auth?
|
|
# Check if gh binary exists before attempting to use it
|
|
return false unless system("which gh > /dev/null 2>&1")
|
|
|
|
begin
|
|
auth_data = `gh auth status 2>&1`
|
|
auth_data.include?("Logged in to github.com account") &&
|
|
auth_data.include?("Git operations protocol: https")
|
|
rescue Errno::ENOENT, Errno::EACCES => e
|
|
puts "gh auth status failed, assuming no HTTPS auth -- will try SSH"
|
|
puts " Reason: #{e.message}"
|
|
false
|
|
end
|
|
end
|
|
|
|
platform :ios, min_ios_version_supported
|
|
prepare_react_native_project!
|
|
|
|
linkage = ENV["USE_FRAMEWORKS"]
|
|
if linkage != nil
|
|
Pod::UI.puts "Configuring Pod with #{linkage}ally linked Frameworks".green
|
|
use_frameworks! :linkage => linkage.to_sym
|
|
end
|
|
|
|
target "SelfDemoApp" do
|
|
config = use_native_modules!
|
|
|
|
use_react_native!(
|
|
:path => config[:reactNativePath],
|
|
# An absolute path to your application root.
|
|
:app_path => "#{Pod::Config.instance.installation_root}/..",
|
|
:fabric_enabled => false,
|
|
:hermes_enabled => true,
|
|
)
|
|
|
|
# Use the custom NFCPassportReader fork
|
|
is_selfxyz_repo = ENV["GITHUB_REPOSITORY"]&.start_with?("selfxyz/") || ENV["GITHUB_REPOSITORY"].nil?
|
|
|
|
nfc_repo_url = if !is_selfxyz_repo
|
|
puts "📦 Using public NFCPassportReader for external fork (#{ENV["GITHUB_REPOSITORY"]})"
|
|
"https://github.com/PLACEHOLDER/NFCPassportReader.git"
|
|
elsif ENV["GITHUB_ACTIONS"] == "true"
|
|
# CI: NEVER embed credentials in URLs. Rely on workflow-provided auth via:
|
|
# - ~/.netrc or a Git credential helper, and token masking in logs.
|
|
"https://github.com/selfxyz/NFCPassportReader.git"
|
|
elsif using_https_git_auth?
|
|
# Local development with HTTPS GitHub auth via gh - use HTTPS to private repo
|
|
"https://github.com/selfxyz/NFCPassportReader.git"
|
|
else
|
|
# Local development in selfxyz repo - use SSH to private repo
|
|
puts "📦 Using SSH for private NFCPassportReader (local selfxyz development)"
|
|
"git@github.com:selfxyz/NFCPassportReader.git"
|
|
end
|
|
|
|
# pod "NFCPassportReader", git: nfc_repo_url, commit: "04ede227cbfd377e2b4bc9b38f9a89eebdcab52f"
|
|
# pod "NFCPassportReader", :git => "git@github.com:selfxyz/NFCPassportReader.git", :commit => "9eff7c4e3a9037fdc1e03301584e0d5dcf14d76b"
|
|
|
|
post_install do |installer|
|
|
# https://github.com/facebook/react-native/blob/main/packages/react-native/scripts/react_native_pods.rb#L197-L202
|
|
react_native_post_install(
|
|
installer,
|
|
config[:reactNativePath],
|
|
:mac_catalyst_enabled => false,
|
|
# :ccache_enabled => true
|
|
)
|
|
|
|
# Add Swift module search paths for NFCPassportReader embedded in SelfSDK
|
|
# installer.pods_project.targets.each do |target|
|
|
# if target.name == 'mobile-sdk-alpha'
|
|
# target.build_configurations.each do |config|
|
|
# xcframework_path = "$(PODS_ROOT)/../../mobile-sdk-alpha/ios/Frameworks/NFCPassportReader.xcframework"
|
|
# modules_path_device = "#{xcframework_path}/ios-arm64/SelfSDK.framework/Modules"
|
|
# modules_path_sim = "#{xcframework_path}/ios-arm64_x86_64-simulator/SelfSDK.framework/Modules"
|
|
|
|
# # Add module search paths
|
|
# config.build_settings['OTHER_SWIFT_FLAGS'] ||= ['$(inherited)']
|
|
# config.build_settings['OTHER_SWIFT_FLAGS'] << "-I#{modules_path_device}"
|
|
# config.build_settings['OTHER_SWIFT_FLAGS'] << "-I#{modules_path_sim}"
|
|
# end
|
|
# end
|
|
# end
|
|
end
|
|
end
|