Add sz deploy macos command to stable.yml, beta.yml and `alpha.…

…yml` (#1034)

Requires #1029

.github/workflows/alpha.yml

@@ -274,33 +274,12 @@ jobs:
 
   deploy-alpha-macos-app:
     runs-on: macos-13
-    timeout-minutes: 120
+    timeout-minutes: 60
     steps:
       - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
+
       - name: Install Codemagic CLI Tools
         run: pip3 install codemagic-cli-tools==0.45.1
-      - name: Setup signing
-        env:
-          # The following secrets are used by the Codemagic CLI tool. It's important
-          # to use the same names as the CLI tool expects.
-          CERTIFICATE_PRIVATE_KEY: ${{ secrets.SHAREZONE_CERTIFICATE_PRIVATE_KEY }}
-          APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_KEY_IDENTIFIER }}
-          APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_ISSUER_ID }}
-          APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_PRIVATE_KEY }}
-          BUNDLE_ID: de.codingbrain.sharezone.app
-        run: |
-          app-store-connect fetch-signing-files $BUNDLE_ID \
-            --platform IOS \
-            --type MAC_APP_STORE \
-            --create
-
-          app-store-connect list-certificates \
-            --type MAC_INSTALLER_DISTRIBUTION \
-            --save
-
-          keychain initialize
-          keychain add-certificates
-          xcode-project use-profiles
 
       - name: Set Flutter version from FVM config file to environment variables
         uses: kuhnroyal/flutter-fvm-config-action@6ffa30473b346f7d7c63cf9e03e6a886f940a72b
@@ -319,75 +298,20 @@ jobs:
           flutter pub global activate fvm 2.4.1
           fvm config --cache-path '${{ runner.tool_cache }}/flutter'
 
-      - name: Activate sz_repo_cli package
-        run: fvm flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH"
-
-      # So we can just use "sz COMMAND" instead of "dart ../path/to/script.dart ..."
-      - run: echo $(realpath ./bin) >> $GITHUB_PATH
-
-      - name: Build macOS app
-        env:
-          # From https://appstoreconnect.apple.com/apps/1434868489/
-          MACOS_APP_ID: 1434868489
-          # The following secrets are used by the Codemagic CLI tool. It's important
-          # to use the same names as the CLI tool expects.
-          APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_KEY_IDENTIFIER }}
-          APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_ISSUER_ID }}
-          APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_PRIVATE_KEY }}
+      - name: Install Sharezone Repo CLI
         run: |
-          # Because TestFlight requires a build number that is higher than the
-          # latest build number, we need to get the latest build number and
-          # increment it by one.
-          #
-          # The "| head -2 | tail -1" part is to get the second line of the output
-          # of the "app-store-connect get-latest-build-number" command because the
-          # second line includes the build number.
-          LATEST_BUILD_NUMBER=$(app-store-connect get-latest-build-number $MACOS_APP_ID --platform MAC_OS | head -2 | tail -1)
-          BUMPED_BUILD_NUMBER=$(expr $LATEST_BUILD_NUMBER + 1)
-
-          # Workaround for https://github.com/flutter/flutter/issues/132725
-          sudo chown -R $USER .
-          sudo chmod -R a+rwx .
+          fvm flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH"
+          echo $(realpath ./bin) >> $GITHUB_PATH
 
-          sz build macos \
-            --stage alpha \
-            --build-number $BUMPED_BUILD_NUMBER
-
-          # Workaround for https://github.com/flutter/flutter/issues/132725
-          sudo chown -R $USER .
-          sudo chmod -R a+rwx .
-
-      - name: Publish to App Store Connect
-        working-directory: app
+      - name: Deploy macOS to TestFlight
         env:
           # The following secrets are used by the Codemagic CLI tool. It's important
           # to use the same names as the CLI tool expects.
+          CERTIFICATE_PRIVATE_KEY: ${{ secrets.SHAREZONE_CERTIFICATE_PRIVATE_KEY }}
           APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_KEY_IDENTIFIER }}
           APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_ISSUER_ID }}
           APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_PRIVATE_KEY }}
         run: |
-          # Package the app
-          #
-          # Copied from
-          # https://docs.flutter.dev/deployment/macos#create-a-build-archive-with-codemagic-cli-tools
-          APP_NAME=$(find $(pwd) -name "*.app")
-          PACKAGE_NAME=$(basename "$APP_NAME" .app).pkg
-          xcrun productbuild --component "$APP_NAME" /Applications/ unsigned.pkg                 
-
-          INSTALLER_CERT_NAME=$(keychain list-certificates \
-                    | jq '[.[]
-                      | select(.common_name
-                      | contains("Mac Developer Installer"))
-                      | .common_name][0]' \
-                    | xargs)
-
-          xcrun productsign --sign "$INSTALLER_CERT_NAME" unsigned.pkg "$PACKAGE_NAME"
-          rm -f unsigned.pkg
-
-          # Workaround for https://github.com/flutter/flutter/issues/132725
-          sudo chown -R $USER .
-          sudo chmod -R a+rwx .
-
           # Because we are publishing every commit a new alpha version, we are
           # able to use the last commit message (title and description) as release
           # note for the alpha builds. This is not the most user friendly note but
@@ -402,9 +326,6 @@ jobs:
           # longer than 4000 characters.
           SHORT_LAST_COMMIT_MESSAGE=${LAST_COMMIT_MESSAGE:0:4000}
 
-          app-store-connect publish \
-            --path $PACKAGE_NAME \
-            --beta-group=alpha \
-            --testflight \
-            --release-type=AFTER_APPROVAL \
+          sz deploy macos \
+            --stage alpha \
             --whats-new "$SHORT_LAST_COMMIT_MESSAGE"

.github/workflows/beta.yml

@@ -42,6 +42,12 @@ on:
           Android rollout percentage: The percentage of users that should receive
           the new version.
         default: "1.0"
+      macos-changelog:
+        type: string
+        description: |
+          macOS changelog: Used for the App Store release notes. If the changelog 
+          is not provided, the deployment for macOS will be skipped. Use '\n' for 
+          line breaks.
 
 # Set permissions to none.
 #
@@ -213,3 +219,55 @@ jobs:
             --stage beta \
             --whats-new "$CHANGELOG_WITH_NEW_LINES" \
             --rollout-percentage ${{ github.event.inputs.android-rollout-percentage }}
+
+  deploy-macos:
+    # We skip the deployment if no changelog is provided because we assume that
+    # nothing has changed in the macOS app and therefore no new version is needed.
+    if: github.event.inputs.macos-changelog != ''
+    runs-on: macos-13
+    timeout-minutes: 60
+    steps:
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
+
+      - name: Install Codemagic CLI Tools
+        run: pip3 install codemagic-cli-tools==0.45.1
+
+      - name: Set Flutter version from FVM config file to environment variables
+        uses: kuhnroyal/flutter-fvm-config-action@6ffa30473b346f7d7c63cf9e03e6a886f940a72b
+
+      - uses: subosito/flutter-action@48cafc24713cca54bbe03cdc3a423187d413aafa
+        with:
+          flutter-version: ${{ env.FLUTTER_VERSION }}
+          channel: ${{ env.FLUTTER_CHANNEL }}
+          # Use format expected by FVM.
+          # Else this won't be recognized as an installed version when setting
+          # '.../flutter' as the FVM Flutter version cache folder.
+          cache-path: "${{ runner.tool_cache }}/flutter/:version:"
+
+      - name: Install FVM
+        run: |
+          flutter pub global activate fvm 2.4.1
+          fvm config --cache-path '${{ runner.tool_cache }}/flutter'
+
+      - name: Install Sharezone Repo CLI
+        run: |
+          fvm flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH"
+          echo $(pwd)/bin >> $GITHUB_PATH
+
+      - name: Deploy to TestFlight
+        env:
+          # The following secrets are used by the Codemagic CLI tool. It's important
+          # to use the same names as the CLI tool expects.
+          CERTIFICATE_PRIVATE_KEY: ${{ secrets.SHAREZONE_CERTIFICATE_PRIVATE_KEY }}
+          APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_KEY_IDENTIFIER }}
+          APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_ISSUER_ID }}
+          APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_PRIVATE_KEY }}
+        run: |
+          # When passing the changelog from GitHub Actions to the CLI, the line
+          # breaks are escaped. We need to replace them with actual line breaks.
+          CHANGELOG="${{ github.event.inputs.macos-changelog }}"
+          CHANGELOG_WITH_NEW_LINES=$(echo -e "$CHANGELOG" | sed 's/\\n/\\n/g')
+
+          sz deploy macos \
+            --stage beta \
+            --whats-new "$CHANGELOG_WITH_NEW_LINES"

.github/workflows/stable.yml

@@ -42,6 +42,12 @@ on:
           Android rollout percentage: The percentage of users that should receive
           the new version.
         default: "0.2"
+      macos-changelog:
+        type: string
+        description: |
+          macOS changelog: Used for the App Store release notes. If the changelog 
+          is not provided, the deployment for macOS will be skipped. Use '\n' for 
+          line breaks.
 
 # Set permissions to none.
 #
@@ -215,3 +221,55 @@ jobs:
             --stage stable \
             --whats-new "$CHANGELOG_WITH_NEW_LINES" \
             --rollout-percentage ${{ github.event.inputs.android-rollout-percentage }}
+
+  deploy-macos:
+    # We skip the deployment if no changelog is provided because we assume that
+    # nothing has changed in the macOS app and therefore no new version is needed.
+    if: github.event.inputs.macos-changelog != ''
+    runs-on: macos-13
+    timeout-minutes: 60
+    steps:
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
+
+      - name: Install Codemagic CLI Tools
+        run: pip3 install codemagic-cli-tools==0.45.1
+
+      - name: Set Flutter version from FVM config file to environment variables
+        uses: kuhnroyal/flutter-fvm-config-action@6ffa30473b346f7d7c63cf9e03e6a886f940a72b
+
+      - uses: subosito/flutter-action@48cafc24713cca54bbe03cdc3a423187d413aafa
+        with:
+          flutter-version: ${{ env.FLUTTER_VERSION }}
+          channel: ${{ env.FLUTTER_CHANNEL }}
+          # Use format expected by FVM.
+          # Else this won't be recognized as an installed version when setting
+          # '.../flutter' as the FVM Flutter version cache folder.
+          cache-path: "${{ runner.tool_cache }}/flutter/:version:"
+
+      - name: Install FVM
+        run: |
+          flutter pub global activate fvm 2.4.1
+          fvm config --cache-path '${{ runner.tool_cache }}/flutter'
+
+      - name: Install Sharezone Repo CLI
+        run: |
+          fvm flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH"
+          echo $(pwd)/bin >> $GITHUB_PATH
+
+      - name: Deploy to TestFlight
+        env:
+          # The following secrets are used by the Codemagic CLI tool. It's important
+          # to use the same names as the CLI tool expects.
+          CERTIFICATE_PRIVATE_KEY: ${{ secrets.SHAREZONE_CERTIFICATE_PRIVATE_KEY }}
+          APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_KEY_IDENTIFIER }}
+          APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_ISSUER_ID }}
+          APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_PRIVATE_KEY }}
+        run: |
+          # When passing the changelog from GitHub Actions to the CLI, the line
+          # breaks are escaped. We need to replace them with actual line breaks.
+          CHANGELOG="${{ github.event.inputs.macos-changelog }}"
+          CHANGELOG_WITH_NEW_LINES=$(echo -e "$CHANGELOG" | sed 's/\\n/\\n/g')
+
+          sz deploy macos \
+            --stage stable \
+            --whats-new "$CHANGELOG_WITH_NEW_LINES"