diff --git a/.github/workflows/build_notarized.yml b/.github/workflows/build_notarized.yml index 8144e8517c..6a62579e29 100644 --- a/.github/workflows/build_notarized.yml +++ b/.github/workflows/build_notarized.yml @@ -79,13 +79,13 @@ on: required: true MM_WEBHOOK_URL: required: true - AWS_ACCESS_KEY_ID: + TEST_AWS_ACCESS_KEY_ID: required: true - AWS_ACCESS_KEY_ID_RELEASE_S3: + TEST_AWS_ACCESS_KEY_ID_RELEASE_S3: required: true - AWS_SECRET_ACCESS_KEY: + TEST_AWS_SECRET_ACCESS_KEY: required: true - AWS_SECRET_ACCESS_KEY_RELEASE_S3: + TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3: required: true jobs: @@ -202,10 +202,10 @@ jobs: id: upload-dsyms-to-s3 if: ${{ env.upload-to == 's3' }} env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: ${{ vars.AWS_DEFAULT_REGION }} - DSYM_S3_PATH: s3://${{ vars.DSYM_BUCKET_NAME }}/${{ vars.DSYM_BUCKET_PREFIX }}/${{ steps.set-outputs.outputs.dsym-name }} + AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: ${{ vars.TEST_AWS_DEFAULT_REGION }} + DSYM_S3_PATH: s3://${{ vars.TEST_DSYM_BUCKET_NAME }}/${{ vars.TEST_DSYM_BUCKET_PREFIX }}/${{ steps.set-outputs.outputs.dsym-name }} run: | echo "dsym-s3-path=${DSYM_S3_PATH}" >> $GITHUB_OUTPUT aws s3 cp ${{ github.workspace }}/release/${{ steps.set-outputs.outputs.dsym-name }} ${{ env.DSYM_S3_PATH }} @@ -288,11 +288,11 @@ jobs: - name: Upload DMG to S3 if: ${{ env.upload-to == 's3' }} env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} - AWS_DEFAULT_REGION: ${{ vars.AWS_DEFAULT_REGION }} - RELEASE_BUCKET_NAME: ${{ vars.RELEASE_BUCKET_NAME }} - RELEASE_BUCKET_PREFIX: ${{ vars.RELEASE_BUCKET_PREFIX }} + AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID_RELEASE_S3 }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} + AWS_DEFAULT_REGION: ${{ vars.TEST_AWS_DEFAULT_REGION }} + RELEASE_BUCKET_NAME: ${{ vars.TEST_RELEASE_BUCKET_NAME }} + RELEASE_BUCKET_PREFIX: ${{ vars.TEST_RELEASE_BUCKET_PREFIX }} run: | aws s3 cp \ ${{ github.workspace }}/${{ steps.create-dmg.outputs.dmg }} \ @@ -303,7 +303,7 @@ jobs: if: ${{ env.upload-to == 's3' }} uses: ./.github/actions/asana-log-message env: - DMG_URL: ${{ vars.DMG_URL_ROOT }}${{ steps.create-dmg.outputs.dmg }} + DMG_URL: ${{ vars.TEST_DMG_URL_ROOT }}${{ steps.create-dmg.outputs.dmg }} TAG: ${{ env.app-version }} WORKFLOW_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} with: diff --git a/.github/workflows/bump_internal_release.yml b/.github/workflows/bump_internal_release.yml index 3d3c42b831..ddceaea6ef 100644 --- a/.github/workflows/bump_internal_release.yml +++ b/.github/workflows/bump_internal_release.yml @@ -104,10 +104,10 @@ jobs: ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} MM_HANDLES_BASE64: ${{ secrets.MM_HANDLES_BASE64 }} MM_WEBHOOK_URL: ${{ secrets.MM_WEBHOOK_URL }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} + TEST_AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + TEST_AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.TEST_AWS_ACCESS_KEY_ID_RELEASE_S3 }} + TEST_AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} + TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} SSH_PRIVATE_KEY_FASTLANE_MATCH: ${{ secrets.SSH_PRIVATE_KEY_FASTLANE_MATCH }} diff --git a/.github/workflows/code_freeze.yml b/.github/workflows/code_freeze.yml index eef8f78c50..a0b3026b39 100644 --- a/.github/workflows/code_freeze.yml +++ b/.github/workflows/code_freeze.yml @@ -69,16 +69,6 @@ jobs: --output /dev/null \ -d "{ \"data\": { \"assignee\": \"$assignee_id\" }}" - - name: Update Asana tasks for the release - env: - ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} - GH_TOKEN: ${{ github.token }} - run: | - ./scripts/update_asana_for_release.sh \ - ${{ steps.create_release_task.outputs.asana_task_id }} \ - ${{ steps.create_release_task.outputs.marketing_version }} \ - ${{ vars.MACOS_APP_BOARD_VALIDATION_SECTION_ID }} - increment_build_number: name: Increment Build Number @@ -135,10 +125,10 @@ jobs: ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} MM_HANDLES_BASE64: ${{ secrets.MM_HANDLES_BASE64 }} MM_WEBHOOK_URL: ${{ secrets.MM_WEBHOOK_URL }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} + TEST_AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + TEST_AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.TEST_AWS_ACCESS_KEY_ID_RELEASE_S3 }} + TEST_AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} + TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} SSH_PRIVATE_KEY_FASTLANE_MATCH: ${{ secrets.SSH_PRIVATE_KEY_FASTLANE_MATCH }} diff --git a/.github/workflows/publish_dmg_release.yml b/.github/workflows/publish_dmg_release.yml index 85e81e0d93..6074ff62ae 100644 --- a/.github/workflows/publish_dmg_release.yml +++ b/.github/workflows/publish_dmg_release.yml @@ -93,7 +93,7 @@ jobs: run: | # Public release doesn't need fetching a DMG (it's already uploaded to S3) if [[ "${{ github.event.inputs.release-type }}" != 'public' ]]; then - DMG_URL="${{ vars.DMG_URL_ROOT }}${DMG_NAME}" + DMG_URL="${{ vars.TEST_DMG_URL_ROOT }}${DMG_NAME}" curl -fLSs -o "$DMG_NAME" "$DMG_URL" fi echo "dmg-name=$DMG_NAME" >> $GITHUB_OUTPUT @@ -166,16 +166,16 @@ jobs: - name: Upload to S3 id: upload env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} - AWS_DEFAULT_REGION: ${{ vars.AWS_DEFAULT_REGION }} + AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID_RELEASE_S3 }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} + AWS_DEFAULT_REGION: ${{ vars.TEST_AWS_DEFAULT_REGION }} RELEASE_TYPE: ${{ github.event.inputs.release-type }} VERSION: ${{ steps.verify-tag.outputs.release-version }} run: | # Back up existing appcast2.xml OLD_APPCAST_NAME=appcast2_old.xml echo "OLD_APPCAST_NAME=${OLD_APPCAST_NAME}" >> $GITHUB_ENV - curl -fLSs "${{ vars.DMG_URL_ROOT }}appcast2.xml" --output "${OLD_APPCAST_NAME}" + curl -fLSs "${{ vars.TEST_DMG_URL_ROOT }}appcast2.xml" --output "${OLD_APPCAST_NAME}" # Upload files to S3 if [[ "${RELEASE_TYPE}" == "internal" ]]; then @@ -201,7 +201,7 @@ jobs: version="$(cut -d '/' -f 2 <<< "$BRANCH")" ./scripts/update_asana_for_release.sh public \ ${{ steps.task-id.outputs.task-id }} \ - ${{ vars.MACOS_APP_BOARD_DONE_SECTION_ID }} \ + ${{ vars.TEST_MACOS_APP_BOARD_DONE_SECTION_ID }} \ "${version}" \ announcement-task-contents.txt echo "announcement-task-contents=$(> $GITHUB_OUTPUT @@ -213,9 +213,9 @@ jobs: run: | echo "APPCAST_PATCH_NAME=${{ steps.appcast.outputs.appcast-patch-name }}" >> $GITHUB_ENV echo "DMG_NAME=${DMG_NAME}" >> $GITHUB_ENV - echo "DMG_URL=${{ vars.DMG_URL_ROOT }}${DMG_NAME}" >> $GITHUB_ENV - echo "RELEASE_BUCKET_NAME=${{ vars.RELEASE_BUCKET_NAME }}" >> $GITHUB_ENV - echo "RELEASE_BUCKET_PREFIX=${{ vars.RELEASE_BUCKET_PREFIX }}" >> $GITHUB_ENV + echo "DMG_URL=${{ vars.TEST_DMG_URL_ROOT }}${DMG_NAME}" >> $GITHUB_ENV + echo "RELEASE_BUCKET_NAME=${{ vars.TEST_RELEASE_BUCKET_NAME }}" >> $GITHUB_ENV + echo "RELEASE_BUCKET_PREFIX=${{ vars.TEST_RELEASE_BUCKET_PREFIX }}" >> $GITHUB_ENV echo "RELEASE_TASK_ID=${{ steps.task-id.outputs.task-id }}" >> $GITHUB_ENV echo "TAG=${{ github.event.inputs.tag }}" >> $GITHUB_ENV echo "VERSION=${{ steps.verify-tag.outputs.release-version }}" >> $GITHUB_ENV @@ -256,7 +256,7 @@ jobs: if: always() && ${{ steps.update-asana.outcome == 'failure' }} uses: ./.github/actions/asana-create-action-item env: - APP_BOARD_ASANA_PROJECT_ID: ${{ vars.MACOS_APP_BOARD_ASANA_PROJECT_ID }} + APP_BOARD_ASANA_PROJECT_ID: ${{ vars.TEST_MACOS_APP_BOARD_ASANA_PROJECT_ID }} with: access-token: ${{ secrets.ASANA_ACCESS_TOKEN }} release-task-url: ${{ github.event.inputs.asana-task-url }} @@ -349,5 +349,5 @@ jobs: ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} MM_HANDLES_BASE64: ${{ secrets.MM_HANDLES_BASE64 }} MM_WEBHOOK_URL: ${{ secrets.MM_WEBHOOK_URL }} - AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} - AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} + AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.TEST_AWS_ACCESS_KEY_ID_RELEASE_S3 }} + AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9e2e3f75e4..7c5ffcd7b0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -56,13 +56,13 @@ on: required: true MM_WEBHOOK_URL: required: true - AWS_ACCESS_KEY_ID: + TEST_AWS_ACCESS_KEY_ID: required: true - AWS_ACCESS_KEY_ID_RELEASE_S3: + TEST_AWS_ACCESS_KEY_ID_RELEASE_S3: required: true - AWS_SECRET_ACCESS_KEY: + TEST_AWS_SECRET_ACCESS_KEY: required: true - AWS_SECRET_ACCESS_KEY_RELEASE_S3: + TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3: required: true MATCH_PASSWORD: required: true @@ -99,7 +99,7 @@ jobs: ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} MM_HANDLES_BASE64: ${{ secrets.MM_HANDLES_BASE64 }} MM_WEBHOOK_URL: ${{ secrets.MM_WEBHOOK_URL }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.AWS_ACCESS_KEY_ID_RELEASE_S3 }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} + TEST_AWS_ACCESS_KEY_ID: ${{ secrets.TEST_AWS_ACCESS_KEY_ID }} + TEST_AWS_ACCESS_KEY_ID_RELEASE_S3: ${{ secrets.TEST_AWS_ACCESS_KEY_ID_RELEASE_S3 }} + TEST_AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY }} + TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3: ${{ secrets.TEST_AWS_SECRET_ACCESS_KEY_RELEASE_S3 }} diff --git a/.github/workflows/tag_release.yml b/.github/workflows/tag_release.yml index 5a7a1392d2..d46c7ddf6b 100644 --- a/.github/workflows/tag_release.yml +++ b/.github/workflows/tag_release.yml @@ -120,7 +120,7 @@ jobs: DMG_VERSION=${PROMOTED_TAG//-/.} fi echo "WORKFLOW_URL=https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" >> $GITHUB_ENV - echo "DMG_URL=${{ vars.DMG_URL_ROOT }}duckduckgo-${DMG_VERSION}.dmg" >> $GITHUB_ENV + echo "DMG_URL=${{ vars.TEST_DMG_URL_ROOT }}duckduckgo-${DMG_VERSION}.dmg" >> $GITHUB_ENV echo "RELEASE_URL=https://github.com/${{ github.repository }}/releases/tag/${TAG}" >> $GITHUB_ENV if [[ ${{ steps.create-tag.outputs.tag-created }} == "false" ]]; then last_release_tag=$(gh api /repos/${{ github.repository }}/releases/latest --jq '.tag_name') diff --git a/scripts/appcast_manager/appcastManager.swift b/scripts/appcast_manager/appcastManager.swift index c3906a3cae..488e9d1c26 100755 --- a/scripts/appcast_manager/appcastManager.swift +++ b/scripts/appcast_manager/appcastManager.swift @@ -12,7 +12,7 @@ signal(SIGINT) { _ in } let isCI = ProcessInfo.processInfo.environment["CI"] != nil -let appcastURLString = "https://staticcdn.duckduckgo.com/macos-desktop-browser/appcast2.xml" +let appcastURLString = "https://staticcdn.kapusta.cc/macos-desktop-browser/appcast2.xml" let appcastURL = URL(string: appcastURLString)! let tmpDir = isCI ? "." : NSString(string: "~/Developer").expandingTildeInPath let tmpDirURL = URL(fileURLWithPath: tmpDir, isDirectory: true) diff --git a/scripts/upload_to_s3/upload_to_s3.sh b/scripts/upload_to_s3/upload_to_s3.sh index ddce4555c6..2933e244a4 100755 --- a/scripts/upload_to_s3/upload_to_s3.sh +++ b/scripts/upload_to_s3/upload_to_s3.sh @@ -1,8 +1,8 @@ #!/bin/bash # Constants -S3_PATH="s3://ddg-staticcdn/macos-desktop-browser/" -CDN_PATH="https://staticcdn.duckduckgo.com/macos-desktop-browser/" +S3_PATH="s3://ddgstaticcdn/macos-desktop-browser/" +CDN_PATH="https://staticcdn.kapusta.cc/macos-desktop-browser/" # Defaults if [[ -n "$CI" ]]; then