- disable watchdog termination alerts from sentry as too many false f…

…lags - add prov profiles to codeQL script to allow build to run
kukai-wallet · May 27, 2024 · e4a6fca · e4a6fca
1 parent 01ef300
commit e4a6fca
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 0 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -21,6 +21,61 @@ jobs:
       - name: Get current date
         run: echo "NOW=$(date +'%Y-%m-%dT%H-%M-%S')" >> $GITHUB_ENV
 
+
+      # Env variables
+      - name: Setup Global Env
+        run: |
+          echo "BUILD_CERTIFICATE_BASE64=${{ secrets.BUILD_CERTIFICATE_BASE64 }}" >> $GITHUB_ENV
+          echo "P12_PASSWORD=${{ secrets.P12_PASSWORD }}" >> $GITHUB_ENV
+          echo "KEYCHAIN_PASSWORD=${{ secrets.KEYCHAIN_PASSWORD }}" >> $GITHUB_ENV
+
+      - name: Setup env variables for main
+        if: github.ref == 'refs/heads/main'
+        run: |
+          echo "BUILD_PROVISION_PROFILE_BASE64=${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}" >> $GITHUB_ENV
+      
+      - name: Setup env varibales for develop
+        if: github.ref == 'refs/heads/develop'
+        run: |
+          echo "BUILD_PROVISION_PROFILE_BASE64=${{ secrets.BUILD_PROVISION_PROFILE_BETA_BASE64 }}" >> $GITHUB_ENV
+      
+
+
+      # Upload Base64 copies of apple certs to github following these instructions: 
+      # Note: Use app store distribution certs
+      # https://docs.github.com/en/actions/guides/installing-an-apple-certificate-on-macos-runners-for-xcode-development
+      # 
+      # Every time we update certs / profiles or they expire, we need to update the following github actions secrets
+      # BUILD_CERTIFICATE_BASE64              = exported distribution cert from inside Xcode account settings, copied with `base64 -i <file-path> | pbcopy`
+      # P12_PASSWORD                          = whatever new password created for previous file
+      # BUILD_PROVISION_PROFILE_BASE64        = download "Kukai Mobile Prov Dist App Store" from app store connect, copied with `base64 -i <file-path> | pbcopy`
+      # BUILD_PROVISION_PROFILE_BETA_BASE64   = download "Kukai Mobile Beta Prov Dist App Store" from app store connect, copied with `base64 -i <file-path> | pbcopy`
+      #
+      - name: Install the Apple certificate and provisioning profile
+        run: |
+          # create variables
+          CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
+          PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
+          KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
+
+          # import certificate and provisioning profile from secrets
+          echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
+          echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
+
+          # create temporary keychain
+          security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+          security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
+          security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+
+          # import certificate to keychain
+          security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
+          security list-keychain -d user -s $KEYCHAIN_PATH
+
+          # apply provisioning profile
+          mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
+          cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
+
+          
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v3
         with:

diff --git a/Kukai Mobile/AppDelegate.swift b/Kukai Mobile/AppDelegate.swift
@@ -32,6 +32,7 @@ class AppDelegate: UIResponder, UIApplicationDelegate {
 			// If not running on simulator, Setup Sentry, but with Anonymous events
 			SentrySDK.start { options in
 				options.dsn = "https://[email protected]/4505443257024512"
+				options.enableWatchdogTerminationTracking = false
 				options.beforeSend = { (event) -> Event? in
 
 					// Scrub any identifiable data to keep users anonymous