Step 390 apple auth update (#69)

Added support for API key (App Store Connect API), from Bitrise Developer Connection and Step inputs.
For Apple ID, now also passing the username/password/app-specific password in addition to the session (FASTLANE_SESSION) as they seem to be required by Fastlane.

Any authentication-related environment that is already set will be overridden, to prevent this set *Bitrise Apple Developer Connection* (`connection`) input to `off` and leave authentication-related inputs empty. This includes DELIVER_USERNAME, DELIVER_PASSWORD, FASTLANE_SESSION, FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD, DELIVER_API_KEY_PATH and PRECHECK_INCLUDE_IN_APP_PURCHASES.

.gitignore

@@ -1,3 +1,5 @@
 .bitrise*
 _tmp
 .idea
+steps-fastlane
+.DS_Store

bitrise.yml

@@ -1,47 +1,67 @@
-format_version: 7
+format_version: "11"
 default_step_lib_source: https://github.com/bitrise-io/bitrise-steplib.git
 
 workflows:
-  # ----------------------------------------------------------------
-  # --- workflow to test this step
   ci:
+    before_run:
+    - audit-this-step
+    - go-tests
+    after_run:
+    - test
+
+  go-tests:
+    steps:
+    - go-list: {}
+    - golint: {}
+    - errcheck: {}
+    - go-test: {}
+
+  test:
+    before_run:
+    - auth-all
+    - cache
+
+  auth-all:
+    before_run:
+      - auth-test-api-key-connection
+      - auth-test-apple-id-connection
+      - auth-test-apple-id-connection-globally-set-app-specific-password
+      - auth-test-api-key-input
+
+  cache:  
     envs:
     - SAMPLE_APP_URL: "https://github.com/bitrise-io/sample-apps-flutter-veggieseasons.git"
     - BRANCH: master
-    before-run:
-    - audit-this-step
     steps:
-    - go-list:
-    - golint:
-    - errcheck:
-    - go-test:
     - script:
         inputs:
         - content: rm -rf ./_tmp
     - change-workdir:
         title: Switch working dir to test/_tmp dir
-        run_if: true
+        run_if: "true"
         inputs:
         - path: ./_tmp
         - is_create_path: true
-    - script:
+    - git::https://github.com/bitrise-steplib/bitrise-step-simple-git-clone:
         inputs:
-        - content: |-
-            set -ex
-            git clone $SAMPLE_APP_URL -b $BRANCH .
+        - repository_url: $SAMPLE_APP_URL
+        - branch: $BRANCH
+        - clone_into_dir: "."
     - path::./:
-        title: Test if Fastlane receives session-based Apple Developer connection
+        title: Smoke test to check if Fastlane receives session-based Apple Developer connection
         inputs:
         - lane: test_fastlane_session
         - work_dir: ./
         - verbose_log: "yes"
-    - certificate-and-profile-installer:
+        - connection: apple_id
+    - certificate-and-profile-installer: {}
     - path::./:
         title: Test building a Flutter project
         inputs:
         - lane: build
         - work_dir: ./
         - verbose_log: "yes"
+        - connection: "off"
     - script:
         inputs:
         - content: |-
@@ -56,51 +76,103 @@ workflows:
                 exit 1
             fi
 
-  fastlane-session-test:
+  auth-test-apple-id-connection:
+    before_run:
+    - _auth_prepare
+    steps:
+    - path::./:
+        inputs:
+        - lane: release
+        - work_dir: ./
+        - verbose_log: "yes"
+        - connection: apple_id
+        - app_password: $FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD
+
+  auth-test-apple-id-connection-globally-set-app-specific-password:
+    before_run:
+    - _auth_prepare
+    steps:
+    - path::./:
+        inputs:
+        - lane: release
+        - work_dir: ./
+        - verbose_log: "yes"
+        - connection: apple_id
+        - app_password: ""
+
+  auth-test-api-key-connection:
+    before_run:
+    - _auth_prepare
+    steps:
+    - path::./:
+        inputs:
+        - lane: release
+        - work_dir: ./
+        - verbose_log: "yes"
+        - connection: api_key
+
+  auth-test-api-key-input:
+    before_run:
+    - _auth_prepare
+    steps:
+    - path::./:
+        inputs:
+        - lane: release
+        - work_dir: ./
+        - verbose_log: "yes"
+        - connection: "off"
+        - api_issuer: $AUTH_API_ISSUER
+        - api_key_path: $BITRISEIO_AUTH_API_KEY_PATH_URL
+
+  _auth_prepare:
     envs:
     - SAMPLE_APP_URL: "https://github.com/bitrise-samples/sample-apps-fastlane-test.git"
-    - BITRISE_PROJECT_PATH: ./sample-apps-fastlane-test.xcodeproj
-    - BITRISE_SCHEME: sample-apps-fastlane-test
+    - BRANCH: master
+    - INFO_PLIST_PATH: ./sample-apps-fastlane-test/Info.plist
     steps:
+    - script:
+        title: Clean saved Fastlane session cookie
+        inputs:
+        - content: rm -rf ~/.fastlane
     - script:
         inputs:
         - content: rm -rf ./_tmp
     - change-workdir:
         title: Switch working dir to test/_tmp dir
-        run_if: true
+        run_if: "true"
         inputs:
         - path: ./_tmp
         - is_create_path: true
-    - script:
-        inputs:
-        - content: git clone $SAMPLE_APP_URL .
-    - [email protected]:
+    - git::https://github.com/bitrise-steplib/bitrise-step-simple-git-clone:
         inputs:
-        - generate_profiles: 'yes'
-        - distribution_type: app-store
-    - path::./:
-        inputs:
-        - lane: release
-        - work_dir: ./
-        - verbose_log: "yes"
-
-  # ----------------------------------------------------------------
-  # --- Utility workflows
-  vendor-update:
-    title: Vendor update
-    description: |
-      Used for updating the vendored dependencies
-    steps:
+        - repository_url: $SAMPLE_APP_URL
+        - branch: $BRANCH
+        - clone_into_dir: "."
+    - certificate-and-profile-installer: {}
     - script:
-        title: Vendor update
         inputs:
         - content: |-
-            #!/bin/bash
-            set -ex
-            go mod vendor
+            #!/usr/bin/env bash
+            CURRENT_BUILD_NUMBER=${BITRISE_BUILD_NUMBER}
+            BITRISE_BUILD_NUMBER=$((($(gdate +%Y%m%d%H%M%S)-20000000000000)*10000))
+            if [[ -z "${BITRISE_BUILD_NUMBER}" ]]; then
+              echo "error: failed to calculated build number"
+              exit 1
+            fi
+            if [[ -n "${CURRENT_BUILD_NUMBER}" ]]; then
+              BITRISE_BUILD_NUMBER=$((${BITRISE_BUILD_NUMBER}+${CURRENT_BUILD_NUMBER}))
+            fi
+
+            envman add --key BITRISE_BUILD_NUMBER --value "${BITRISE_BUILD_NUMBER}"
+    - set-xcode-build-number:
+        title: Set Build Number
+        run_if: "true"
+        inputs:
+        - build_version: $BITRISE_BUILD_NUMBER
+        - plist_path: $INFO_PLIST_PATH
+        - build_version_offset: $BITRISE_BUILD_VERSION_OFFSET
+
 
-  # ----------------------------------------------------------------
-  # --- workflows to Share this step into a Step Library
   audit-this-step:
     title: Audit the step
     steps:

credentials.go

@@ -0,0 +1,68 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+
+	"github.com/bitrise-io/go-utils/pathutil"
+	"github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver/appleauth"
+)
+
+// fastlaneAPIKey is used to serialize App Store Connect API Key into JSON for fastlane
+// see: https://docs.fastlane.tools/app-store-connect-api/#using-fastlane-api-key-json-file
+type fastlaneAPIKey struct {
+	KeyID      string `json:"key_id"`
+	IssuerID   string `json:"issuer_id"`
+	PrivateKey string `json:"key"`
+}
+
+// FastlaneAuthParams converts Apple credentials to Fastlane env vars and arguments
+func FastlaneAuthParams(authConfig appleauth.Credentials) (map[string]string, error) {
+	envs := make(map[string]string)
+	if authConfig.AppleID != nil {
+		// Set as environment variables
+		if authConfig.AppleID.Username != "" {
+			envs["FASTLANE_USER"] = authConfig.AppleID.Username
+			envs["DELIVER_USERNAME"] = authConfig.AppleID.Username
+		}
+		if authConfig.AppleID.Password != "" {
+			envs["FASTLANE_PASSWORD"] = authConfig.AppleID.Password
+			envs["DELIVER_PASSWORD"] = authConfig.AppleID.Password
+		}
+		if authConfig.AppleID.Session != "" {
+			envs["FASTLANE_SESSION"] = authConfig.AppleID.Session
+		}
+		if authConfig.AppleID.AppSpecificPassword != "" {
+			envs["FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD"] = authConfig.AppleID.AppSpecificPassword
+		}
+	}
+
+	if authConfig.APIKey != nil {
+		fastlaneAPIKeyParams, err := json.Marshal(fastlaneAPIKey{
+			IssuerID:   authConfig.APIKey.IssuerID,
+			KeyID:      authConfig.APIKey.KeyID,
+			PrivateKey: authConfig.APIKey.PrivateKey,
+		})
+		if err != nil {
+			return envs, fmt.Errorf("failed to marshal Fastane API Key configuration: %v", err)
+		}
+
+		tmpDir, err := pathutil.NormalizedOSTempDirPath("apiKey")
+		if err != nil {
+			return envs, err
+		}
+		fastlaneAuthFile := filepath.Join(tmpDir, "api_key.json")
+		if err := ioutil.WriteFile(fastlaneAuthFile, fastlaneAPIKeyParams, os.ModePerm); err != nil {
+			return envs, err
+		}
+
+		envs["DELIVER_API_KEY_PATH"] = fastlaneAuthFile
+		// deliver: "Precheck cannot check In-app purchases with the App Store Connect API Key (yet). Exclude In-app purchases from precheck"
+		envs["PRECHECK_INCLUDE_IN_APP_PURCHASES"] = "false"
+	}
+
+	return envs, nil
+}

go.mod

@@ -7,11 +7,11 @@ require (
 	github.com/bitrise-io/bitrise v0.0.0-20190829132137-518e23eca82d // indirect
 	github.com/bitrise-io/bitrise-init v0.0.0-20190813135927-7ff42ba329cb
 	github.com/bitrise-io/envman v0.0.0-20190813133714-27a300a1ed43 // indirect
-	github.com/bitrise-io/go-steputils v0.0.0-20190806143347-f540824d77df
+	github.com/bitrise-io/go-steputils v0.0.0-20201016102104-03ae3a6ded35
 	github.com/bitrise-io/go-utils v0.0.0-20201211082830-859032e9adf0
 	github.com/bitrise-io/stepman v0.0.0-20190813144014-10564a4888a6 // indirect
 	github.com/bitrise-steplib/bitrise-step-android-unit-test v0.0.0-20190902203028-ff8e682d8645
-	github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210111151319-1426de4b985f
+	github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210202154324-7c20293c7cf0
 	github.com/google/go-cmp v0.5.4 // indirect
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51
 	github.com/kr/pretty v0.1.0 // indirect

go.sum

@@ -6,16 +6,16 @@ github.com/bitrise-io/bitrise-init v0.0.0-20190813135927-7ff42ba329cb h1:e1cLjVT
 github.com/bitrise-io/bitrise-init v0.0.0-20190813135927-7ff42ba329cb/go.mod h1:6tVeJwc47w4nYwexFkYLRwQ2gUnfL568ySfMTLBsONo=
 github.com/bitrise-io/envman v0.0.0-20190813133714-27a300a1ed43 h1:BRhP0pS7NPK4iFKlQszhbHoAwD6m88GFys2w+bgwiN8=
 github.com/bitrise-io/envman v0.0.0-20190813133714-27a300a1ed43/go.mod h1:m8pTp1o3Sw9uzDxb1WRm5IBRnMau2iOvPMSnRCAhQNI=
-github.com/bitrise-io/go-steputils v0.0.0-20190806143347-f540824d77df h1:UaDw6nAsI2jlGjNqhdMUbk0xhJJ+iQZ1buEXHRKrtU8=
-github.com/bitrise-io/go-steputils v0.0.0-20190806143347-f540824d77df/go.mod h1:GXgBV3Frd3qcnsg+NryQTyx1CHjZHr/2w7Bx4WAcB4o=
+github.com/bitrise-io/go-steputils v0.0.0-20201016102104-03ae3a6ded35 h1:iKtx/RxSrA9xcjZ17W3yu3jMzwowNB6nxLF/1BwVYQ8=
+github.com/bitrise-io/go-steputils v0.0.0-20201016102104-03ae3a6ded35/go.mod h1:GXgBV3Frd3qcnsg+NryQTyx1CHjZHr/2w7Bx4WAcB4o=
 github.com/bitrise-io/go-utils v0.0.0-20201211082830-859032e9adf0 h1:HR5o2gHKo0rAMfKogclAg4KOnEX8XniC7A3JFuEAXjY=
 github.com/bitrise-io/go-utils v0.0.0-20201211082830-859032e9adf0/go.mod h1:tTEsKvbz1LbzuN/KpVFHXnLtcAPdEgIdM41s0lL407s=
 github.com/bitrise-io/stepman v0.0.0-20190813144014-10564a4888a6 h1:/GnB2kEaO/6KSMfGpmntvohfacADpWFcf8iCPLsZqh4=
 github.com/bitrise-io/stepman v0.0.0-20190813144014-10564a4888a6/go.mod h1:hGCjd8leP411yt5QkQi+VBNWGxIZ4H02LNIVeKBeMUk=
 github.com/bitrise-steplib/bitrise-step-android-unit-test v0.0.0-20190902203028-ff8e682d8645 h1:9molXzIAxnKStwV78lt7MSgUQwxIWl4+r9/oYTQA7no=
 github.com/bitrise-steplib/bitrise-step-android-unit-test v0.0.0-20190902203028-ff8e682d8645/go.mod h1:0yqqJw+MqwsfHKq4pL90IoSYskLF91oDCyyZYnIehWA=
-github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210111151319-1426de4b985f h1:50OrOc2xqKRXBsC3lfryzm75/QHhltDR2HAIWtHjvJk=
-github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210111151319-1426de4b985f/go.mod h1:mm5WIhfyTnf89pNO+4ylSsUAbEh8JGSpV3F7V0XWB4U=
+github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210202154324-7c20293c7cf0 h1:DKE9KQEbdO4iGpDQF1uiaYtgFOyu/lH1srg3ufAMURI=
+github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210202154324-7c20293c7cf0/go.mod h1:mG5kKjSyK3sZNp7e5QpFBAtxJRWeA+4PSMh3ZfwggNs=
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
@@ -37,6 +37,8 @@ github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIH
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
@@ -62,3 +64,5 @@ gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=