From cfed42f442248bcb2c545f72df910301f1a97ebe Mon Sep 17 00:00:00 2001
From: Jason Morley <hello@jbmorley.co.uk>
Date: Fri, 25 Aug 2023 18:05:28 -1000
Subject: [PATCH] ci: Update the App Store Connect API key (#185)

This change also updates build-tools to address issues with build number
generation.
---
 .github/workflows/build.yaml |  2 +-
 scripts/build-tools          |  2 +-
 scripts/build.sh             | 20 ++++++++------------
 3 files changed, 10 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 890e76a2cf..78171611a0 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -33,7 +33,7 @@ jobs:
         MACOS_DEVELOPER_INSTALLER_CERTIFICATE_BASE64: ${{ secrets.MACOS_DEVELOPER_INSTALLER_CERTIFICATE_BASE64 }}
         MACOS_DEVELOPER_INSTALLER_CERTIFICATE_PASSWORD: ${{ secrets.MACOS_DEVELOPER_INSTALLER_CERTIFICATE_PASSWORD }}
 
-        APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }}
+        APPLE_API_KEY_BASE64: ${{ secrets.APPLE_API_KEY_BASE64 }}
         APPLE_API_KEY_ISSUER_ID: ${{ secrets.APPLE_API_KEY_ISSUER_ID }}
         APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
 
diff --git a/scripts/build-tools b/scripts/build-tools
index b394b34234..c0f02d8da1 160000
--- a/scripts/build-tools
+++ b/scripts/build-tools
@@ -1 +1 @@
-Subproject commit b394b342342ca0a050ddb8b121564fb511c7dae6
+Subproject commit c0f02d8da114357ce680a632355f295327565db5
diff --git a/scripts/build.sh b/scripts/build.sh
index 920b14c70e..a499429749 100755
--- a/scripts/build.sh
+++ b/scripts/build.sh
@@ -107,15 +107,11 @@ echo "$TEMPORARY_KEYCHAIN_PASSWORD" | build-tools create-keychain "$KEYCHAIN_PAT
 
 function cleanup {
 
-    # Cleanup the temporary files and keychain.
+    # Cleanup the temporary files, keychain and keys.
     cd "$ROOT_DIRECTORY"
     build-tools delete-keychain "$KEYCHAIN_PATH"
     rm -rf "$TEMPORARY_DIRECTORY"
-
-    # Clean up any private keys.
-    if [ -f ~/.appstoreconnect/private_keys ]; then
-        rm -r ~/.appstoreconnect/private_keys
-    fi
+    rm -rf ~/.appstoreconnect/private_keys
 }
 
 trap cleanup EXIT
@@ -162,8 +158,12 @@ xcodebuild \
 APP_BASENAME="Symbolic.app"
 APP_PATH="$BUILD_DIRECTORY/$APP_BASENAME"
 PKG_PATH="$BUILD_DIRECTORY/Symbolic.pkg"
-#
-# # Validate the macOS build.
+
+# Install the private key.
+mkdir -p ~/.appstoreconnect/private_keys/
+echo -n "$APPLE_API_KEY_BASE64" | base64 --decode -o ~/".appstoreconnect/private_keys/AuthKey_${APPLE_API_KEY_ID}.p8"
+
+# Validate the macOS build.
 xcrun altool --validate-app \
     -f "${PKG_PATH}" \
     --apiKey "$APPLE_API_KEY_ID" \
@@ -180,10 +180,6 @@ popd
 
 if $RELEASE ; then
 
-    # Install the private key.
-    mkdir -p ~/.appstoreconnect/private_keys/
-    echo -n "$APPLE_API_KEY" | base64 --decode -o ~/".appstoreconnect/private_keys/AuthKey_${APPLE_API_KEY_ID}.p8"
-
     changes \
         release \
         --skip-if-empty \