fix: secret

Signed-off-by: Vitor Mattos <[email protected]>
LibreSign · Jul 8, 2024 · 24c7fa8 · 24c7fa8
1 parent 4c3049c
commit 24c7fa8
Show file tree

Hide file tree

Showing 3 changed files with 140 additions and 139 deletions.
diff --git a/.github/workflows/appstore-build-publish.yml b/.github/workflows/appstore-build-publish.yml
@@ -20,10 +20,10 @@ jobs:
     # if: ${{ github.repository_owner == 'nextcloud-releases' }}
 
     steps:
-      - name: Check actor permission
-        uses: skjnldsv/check-actor-permission@69e92a3c4711150929bca9fcf34448c5bf5526e7 # v3.0
-        with:
-          require: write
+      # - name: Check actor permission
+      #   uses: skjnldsv/check-actor-permission@69e92a3c4711150929bca9fcf34448c5bf5526e7 # v3.0
+      #   with:
+      #     require: write
 
       - name: Set app env
         run: |
@@ -36,106 +36,106 @@ jobs:
         with:
           path: ${{ env.APP_NAME }}
 
-      - name: Get appinfo data
-        id: appinfo
-        uses: skjnldsv/xpath-action@7e6a7c379d0e9abc8acaef43df403ab4fc4f770c # master
-        with:
-          filename: ${{ env.APP_NAME }}/appinfo/info.xml
-          expression: "//info//dependencies//nextcloud/@min-version"
-
-      - name: Read package.json node and npm engines version
-        uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
-        id: versions
-        # Continue if no package.json
-        continue-on-error: true
-        with:
-          path: ${{ env.APP_NAME }}
-          fallbackNode: '^20'
-          fallbackNpm: '^10'
-
-      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
-        # Skip if no package.json
-        if: ${{ steps.versions.outputs.nodeVersion }}
-        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3
-        with:
-          node-version: ${{ steps.versions.outputs.nodeVersion }}
-
-      - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
-        # Skip if no package.json
-        if: ${{ steps.versions.outputs.npmVersion }}
-        run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
-
-      - name: Get php version
-        id: php-versions
-        uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1
-        with:
-          filename: ${{ env.APP_NAME }}/appinfo/info.xml
-
-      - name: Set up php ${{ steps.php-versions.outputs.php-min }}
-        uses: shivammathur/setup-php@fc14643b0a99ee9db10a3c025a33d76544fa3761 # v2
-        with:
-          php-version: ${{ steps.php-versions.outputs.php-min }}
-          # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
-          extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
-          coverage: none
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Check composer.json
-        id: check_composer
-        uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
-        with:
-          files: "${{ env.APP_NAME }}/composer.json"
-
-      - name: Install composer dependencies
-        if: steps.check_composer.outputs.files_exists == 'true'
-        run: |
-          cd ${{ env.APP_NAME }}
-          composer install --no-dev
-
-      - name: Build ${{ env.APP_NAME }}
-        # Skip if no package.json
-        if: ${{ steps.versions.outputs.nodeVersion }}
-        env:
-          CYPRESS_INSTALL_BINARY: 0
-        run: |
-          cd ${{ env.APP_NAME }}
-          npm ci
-          npm run build --if-present
-
-      - name: Check Krankerl config
-        id: krankerl
-        uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
-        with:
-          files: ${{ env.APP_NAME }}/krankerl.toml
-
-      - name: Install Krankerl
-        if: steps.krankerl.outputs.files_exists == 'true'
-        run: |
-          wget https://github.com/ChristophWurst/krankerl/releases/download/v0.14.0/krankerl_0.14.0_amd64.deb
-          sudo dpkg -i krankerl_0.14.0_amd64.deb
-
-      - name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with krankerl
-        if: steps.krankerl.outputs.files_exists == 'true'
-        run: |
-          cd ${{ env.APP_NAME }}
-          krankerl package
-
-      - name: Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}
-        continue-on-error: true
-        id: server-checkout
-        run: |
-          NCVERSION='${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}'
-          wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip
-          unzip latest-$NCVERSION.zip
-
-      - name: Checkout server master fallback
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-        if: ${{ steps.server-checkout.outcome != 'success' }}
-        with:
-          submodules: true
-          repository: nextcloud/server
-          path: nextcloud
+      # - name: Get appinfo data
+      #   id: appinfo
+      #   uses: skjnldsv/xpath-action@7e6a7c379d0e9abc8acaef43df403ab4fc4f770c # master
+      #   with:
+      #     filename: ${{ env.APP_NAME }}/appinfo/info.xml
+      #     expression: "//info//dependencies//nextcloud/@min-version"
+
+      # - name: Read package.json node and npm engines version
+      #   uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
+      #   id: versions
+      #   # Continue if no package.json
+      #   continue-on-error: true
+      #   with:
+      #     path: ${{ env.APP_NAME }}
+      #     fallbackNode: '^20'
+      #     fallbackNpm: '^10'
+
+      # - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
+      #   # Skip if no package.json
+      #   if: ${{ steps.versions.outputs.nodeVersion }}
+      #   uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3
+      #   with:
+      #     node-version: ${{ steps.versions.outputs.nodeVersion }}
+
+      # - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
+      #   # Skip if no package.json
+      #   if: ${{ steps.versions.outputs.npmVersion }}
+      #   run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
+
+      # - name: Get php version
+      #   id: php-versions
+      #   uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1
+      #   with:
+      #     filename: ${{ env.APP_NAME }}/appinfo/info.xml
+
+      # - name: Set up php ${{ steps.php-versions.outputs.php-min }}
+      #   uses: shivammathur/setup-php@fc14643b0a99ee9db10a3c025a33d76544fa3761 # v2
+      #   with:
+      #     php-version: ${{ steps.php-versions.outputs.php-min }}
+      #     # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
+      #     extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+      #     coverage: none
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      # - name: Check composer.json
+      #   id: check_composer
+      #   uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+      #   with:
+      #     files: "${{ env.APP_NAME }}/composer.json"
+
+      # - name: Install composer dependencies
+      #   if: steps.check_composer.outputs.files_exists == 'true'
+      #   run: |
+      #     cd ${{ env.APP_NAME }}
+      #     composer install --no-dev
+
+      # - name: Build ${{ env.APP_NAME }}
+      #   # Skip if no package.json
+      #   if: ${{ steps.versions.outputs.nodeVersion }}
+      #   env:
+      #     CYPRESS_INSTALL_BINARY: 0
+      #   run: |
+      #     cd ${{ env.APP_NAME }}
+      #     npm ci
+      #     npm run build --if-present
+
+      # - name: Check Krankerl config
+      #   id: krankerl
+      #   uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+      #   with:
+      #     files: ${{ env.APP_NAME }}/krankerl.toml
+
+      # - name: Install Krankerl
+      #   if: steps.krankerl.outputs.files_exists == 'true'
+      #   run: |
+      #     wget https://github.com/ChristophWurst/krankerl/releases/download/v0.14.0/krankerl_0.14.0_amd64.deb
+      #     sudo dpkg -i krankerl_0.14.0_amd64.deb
+
+      # - name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with krankerl
+      #   if: steps.krankerl.outputs.files_exists == 'true'
+      #   run: |
+      #     cd ${{ env.APP_NAME }}
+      #     krankerl package
+
+      # - name: Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}
+      #   continue-on-error: true
+      #   id: server-checkout
+      #   run: |
+      #     NCVERSION='${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}'
+      #     wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip
+      #     unzip latest-$NCVERSION.zip
+
+      # - name: Checkout server master fallback
+      #   uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      #   if: ${{ steps.server-checkout.outcome != 'success' }}
+      #   with:
+      #     submodules: true
+      #     repository: nextcloud/server
+      #     path: nextcloud
 
       - name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with makefile
         if: steps.krankerl.outputs.files_exists != 'true'
@@ -144,37 +144,38 @@ jobs:
           # Setting up keys
           mkdir -p build/tools/certificates/
           echo '${{ secrets.APP_PRIVATE_KEY }}' > build/tools/certificates/${{ env.APP_NAME }}.key
-          make appstore
-
-      - name: Sign app
-        run: |
-          # Extracting release
-          cd ${{ env.APP_NAME }}/build/artifacts
-          tar -xvf ${{ env.APP_NAME }}.tar.gz
-          cd ../../../
-          # Setting up keys
-          echo '${{ secrets.APP_PRIVATE_KEY }}' > ${{ env.APP_NAME }}.key
-          wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt"
-          # Signing
-          php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}
-          # Rebuilding archive
-          cd ${{ env.APP_NAME }}/build/artifacts
-          tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }}
-
-      - name: Attach tarball to github release
-        uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2
-        id: attach_to_release
-        with:
-          repo_token: ${{ secrets.GITHUB_TOKEN }}
-          file: ${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz
-          asset_name: ${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz
-          tag: ${{ github.ref }}
-          overwrite: true
-
-      - name: Upload app to Nextcloud appstore
-        uses: nextcloud-releases/nextcloud-appstore-push-action@a011fe619bcf6e77ddebc96f9908e1af4071b9c1 # v1
-        with:
-          app_name: ${{ env.APP_NAME }}
-          appstore_token: ${{ secrets.APPSTORE_TOKEN }}
-          download_url: ${{ steps.attach_to_release.outputs.browser_download_url }}
-          app_private_key: ${{ secrets.APP_PRIVATE_KEY }}
+          ls -la build/tools/certificates/
+      #   make appstore
+
+      # - name: Sign app
+      #   run: |
+      #     # Extracting release
+      #     cd ${{ env.APP_NAME }}/build/artifacts
+      #     tar -xvf ${{ env.APP_NAME }}.tar.gz
+      #     cd ../../../
+      #     # Setting up keys
+      #     echo '${{ secrets.APP_PRIVATE_KEY }}' > ${{ env.APP_NAME }}.key
+      #     wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt"
+      #     # Signing
+      #     php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}
+      #     # Rebuilding archive
+      #     cd ${{ env.APP_NAME }}/build/artifacts
+      #     tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }}
+
+      # - name: Attach tarball to github release
+      #   uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2
+      #   id: attach_to_release
+      #   with:
+      #     repo_token: ${{ secrets.GITHUB_TOKEN }}
+      #     file: ${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz
+      #     asset_name: ${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz
+      #     tag: ${{ github.ref }}
+      #     overwrite: true
+
+      # - name: Upload app to Nextcloud appstore
+      #   uses: nextcloud-releases/nextcloud-appstore-push-action@a011fe619bcf6e77ddebc96f9908e1af4071b9c1 # v1
+      #   with:
+      #     app_name: ${{ env.APP_NAME }}
+      #     appstore_token: ${{ secrets.APPSTORE_TOKEN }}
+      #     download_url: ${{ steps.attach_to_release.outputs.browser_download_url }}
+      #     app_private_key: ${{ secrets.APP_PRIVATE_KEY }}
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,7 @@
 .idea
 .vscode
 .env
+.secrets
 *.iml
 /vendor/
 /vendor-bin/**/vendor/

diff --git a/Makefile b/Makefile
@@ -125,7 +125,6 @@ appstore:
 			--admin-pass admin; \
 		$(occ) --version; \
 		$(occ) app:enable --force libresign; \
-		printf '%s\n' "$$APP_PRIVATE_KEY" > $(cert_dir)/$(app_name).key ; \
 		echo "🏁 Setup finished"; \
 	fi