fix ci app signing

update macos icon
fixes #78

fix red icon not showing
fixes #42

tidy settings padding
fixes #79

fix badge count
fixes #80

Share credentials instead of copy on iOS
resolves #48

enable bg mode modes

.github/workflows/ci.yml

@@ -2,8 +2,33 @@ name: CI
 on: [ push, pull_request ]
 
 jobs:
+  checks:
+    name: "Lint & Test"
+    runs-on: macos-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-java@v1
+        with:
+          java-version: '12.x'
+      - uses: subosito/flutter-action@v1
+        with:
+          channel: 'dev'
+      - name: "Lint"
+        run: |
+          touch .env
+          flutter analyze
+      - name: "Test"
+        run: flutter test
+      - name: "Upload Failure Screenshots"
+        uses: actions/upload-artifact@v2
+        if: failure()
+        with:
+          name: golden-failures
+          path: test/failures
+
   version:
     name: "Get Version"
+    needs: checks
     runs-on: ubuntu-latest
     outputs:
       version: ${{ steps.version.outputs.VERSION }}
@@ -39,30 +64,6 @@ jobs:
             echo ::set-output name=VERSION::$GITHUB_RUN_ID
           fi
 
-  checks:
-    name: "Lint & Test"
-    runs-on: macos-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-java@v1
-        with:
-          java-version: '12.x'
-      - uses: subosito/flutter-action@v1
-        with:
-          channel: 'dev'
-      - name: "Lint"
-        run: |
-          touch .env
-          flutter analyze
-      - name: "Test"
-        run: flutter test
-      - name: "Upload failure Screenshots"
-        uses: actions/upload-artifact@v2
-        if: failure()
-        with:
-          name: golden-failures
-          path: test/failures
-
   #########
   # macos #
   #########
@@ -72,82 +73,88 @@ jobs:
     needs: version
     steps:
       - uses: actions/checkout@v2
+      - name: "Gen Keychain"
+        env:
+          FASTLANE_PASSWORD: ${{ secrets.FASTLANE_PASSWORD }}
+          MATCH_GIT_BASIC_AUTHORIZATION: ${{ secrets.MATCH_GIT_BASIC_AUTHORIZATION }}
+          MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
+        continue-on-error: true
+        run: |
+          echo "${{ secrets.APPLE_AUTH_KEY_P8 }}" | base64 --decode > AuthKey_MK4628AYTK.p8
+          mkdir ~/.private_keys
+          cp AuthKey_MK4628AYTK.p8 ~/.private_keys/
+          cd macos
+          gem install fastlane
+          fastlane keychain
       - uses: actions/setup-java@v1
         with:
           java-version: '12.x'
-      - name: "Setup Code signing"
-        env:
-          DEV_P12_CERT: ${{ secrets.DEV_P12_CERT }}
-          DIST_P12_CERT: ${{ secrets.DIST_P12_CERT }}
-          DEV_P12_PASS: ${{ secrets.DEV_P12_PASS }}
-          DIST_P12_PASS: ${{ secrets.DIST_P12_PASS }}
-          IOS_PROVISION: ${{ secrets.IOS_PROVISION }}
-          MAC_PROVISION: ${{ secrets.MAC_PROVISION }}
-        run: |
-          bash ~/.github/workflows/utils/set-keychain-certs.sh
       - uses: subosito/flutter-action@v1
         with:
           channel: 'dev'
-      - name: "Create App"
-        env:
-          FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD: ${{ secrets.FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD }}
-          FASTLANE_SESSION: ${{ secrets.FASTLANE_SESSION }}
-          FASTLANE_PASSWORD: ${{ secrets.FASTLANE_PASSWORD }}
+      - name: "Build"
         run: |
           flutter config --enable-macos-desktop
           flutter pub get
-
-          if [[ "${{ github.ref }}" == "refs/heads/master" ]]
+          if [[ "${{ github.ref }}" == "refs/heads/develop" ]]
           then
-            echo "${{ secrets.B64_ENV }}" | base64 --decode > .env
+          echo "${{ secrets.B64_DEV_ENV }}" | base64 --decode > .env
           else
-            echo "${{ secrets.B64_DEV_ENV }}" | base64 --decode > .env
+          echo "${{ secrets.B64_ENV }}" | base64 --decode > .env
           fi
 
-          cd macos
-
           # write version
+          cd macos
           xcrun agvtool new-marketing-version ${{ needs.version.outputs.version }}
           xcrun agvtool new-version -all ${{ needs.version.outputs.version }}
+          
+          cd ../
+          flutter build macos --release --build-name=${{ needs.version.outputs.version }}
+          /usr/bin/codesign --force --deep --options runtime --strict -s Z28DW76Y3W build/macos/Build/Products/Release/notifi.app
 
-          pod install
-
-          gem install fastlane
-          fastlane mac build
-
-      - name: "Create .dmg"
-        continue-on-error: true
+      - name: "Create & Notarize .dmg"
+        env:
+          APPLE_USERNAME: ${{ secrets.APPLE_USERNAME }}
+          APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
         run: |
           npm install --global create-dmg
-          mkdir dmg
-          create-dmg ./macos/notifi.app dmg/
+
+          mkdir dmg/
+          create-dmg build/macos/Build/Products/Release/notifi.app dmg/
+          mv dmg/* notifi.dmg
+
+          dmg_path="notifi.dmg"
+
+          /usr/bin/codesign --force --deep --strict --options runtime -s "Z28DW76Y3W" "$dmg_path"
+
+          echo "notarizing..."
+          notarize=$(xcrun altool -t osx --primary-bundle-id it.notifi.notifi --output-format json --notarize-app -f "$dmg_path" --username "$APPLE_USERNAME" --password "$APPLE_PASSWORD")
+          uuid=$(echo "$notarize" | python3 -c "import sys, json; print(json.load(sys.stdin)['notarization-upload']['RequestUUID'])")
+          echo "$uuid"
+
+          # wait for apple to notarize
+          sleep 60
+
+          while true; do
+            check=$(xcrun altool --notarization-info "$uuid" --output-format json --username "$APPLE_USERNAME" --password "$APPLE_PASSWORD")
+            echo $check
+            status=$(echo "$check" | python3 -c "import sys, json; print(json.load(sys.stdin)['notarization-info']['Status'])")
+            echo $status
+            if [ "$status" != "in progress" ]; then
+              echo "staple dmg..."
+              xcrun stapler staple -v "$dmg_path"
+              exit 0
+            fi
+            sleep 10
+          done
+          exit 1
       - name: "Store .dmg artifact"
         uses: actions/upload-artifact@v2
         with:
           name: notifi-dmg
-          path: dmg/
+          path: notifi.dmg
           if-no-files-found: error
 
-  deploy-macos:
-    name: "Deploy MacOS"
-    if: ${{ github.ref == 'refs/heads/master' || (!github.event.issue.pull_request && github.ref == 'refs/heads/develop') }}
-    runs-on: macos-latest
-    needs: [ checks, build-macos, version ]
-    steps:
-      - uses: actions/download-artifact@v2
-        id: download
-        with:
-          name: notifi-dmg
-      - name: "Deploy .dmg as GH release"
-        uses: marvinpinto/action-automatic-releases@latest
-        with:
-          repo_token: "${{ secrets.GITHUB_TOKEN }}"
-          prerelease: ${{ github.ref == 'refs/heads/develop' }}
-          automatic_release_tag: ${{ needs.version.outputs.version }}
-          title: "Release ${{ needs.version.outputs.version }}"
-          files: |
-            ${{steps.download.outputs.download-path}}
-
   #########
   #  iOS  #
   #########
@@ -161,25 +168,16 @@ jobs:
       - uses: actions/setup-java@v1
         with:
           java-version: '12.x'
-      - name: "Setup Code signing"
-        env:
-          DEV_P12_CERT: ${{ secrets.DEV_P12_CERT }}
-          DIST_P12_CERT: ${{ secrets.DIST_P12_CERT }}
-          DEV_P12_PASS: ${{ secrets.DEV_P12_PASS }}
-          DIST_P12_PASS: ${{ secrets.DIST_P12_PASS }}
-          IOS_PROVISION: ${{ secrets.IOS_PROVISION }}
-          MAC_PROVISION: ${{ secrets.MAC_PROVISION }}
-        run: |
-          bash ~/.github/workflows/utils/set-keychain-certs.sh
+
       - uses: subosito/flutter-action@v1
         with:
           channel: 'dev'
 
       - name: "Build & Deploy"
         env:
-          FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD: ${{ secrets.FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD }}
-          FASTLANE_SESSION: ${{ secrets.FASTLANE_SESSION }}
           FASTLANE_PASSWORD: ${{ secrets.FASTLANE_PASSWORD }}
+          MATCH_GIT_BASIC_AUTHORIZATION: ${{ secrets.MATCH_GIT_BASIC_AUTHORIZATION }}
+          MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
         run: |
           flutter pub get
           if [[ "${{ github.ref }}" != "refs/heads/master" ]]
@@ -189,7 +187,10 @@ jobs:
             echo "${{ secrets.B64_ENV }}" | base64 --decode > .env
           fi
 
+          echo "${{ secrets.APPLE_AUTH_KEY_P8 }}" | base64 --decode > AuthKey_MK4628AYTK.p8
+
           cd ios
+          flutter pub get
 
           # write version
           xcrun agvtool new-marketing-version ${{ needs.version.outputs.version }}
@@ -198,9 +199,31 @@ jobs:
           pod install
 
           gem install fastlane
+
           if [[ "${{ github.ref }}" == "refs/heads/master" ]]
           then
             fastlane asdeploy
           else
             fastlane tfdeploy
           fi
+
+  # Create release
+  release:
+    name: "Release"
+    if: ${{ github.ref == 'refs/heads/master' || (!github.event.issue.pull_request && github.ref == 'refs/heads/develop') }}
+    runs-on: macos-latest
+    needs: [ checks, build-macos, build-ios, version ]
+    steps:
+      - uses: actions/download-artifact@v2
+        id: download
+        with:
+          name: notifi-dmg
+      - name: "Create Release"
+        uses: marvinpinto/action-automatic-releases@latest
+        with:
+          repo_token: "${{ secrets.GITHUB_TOKEN }}"
+          prerelease: ${{ github.ref == 'refs/heads/develop' }}
+          automatic_release_tag: ${{ needs.version.outputs.version }}
+          title: "Release ${{ needs.version.outputs.version }}"
+          files: |
+            ${{steps.download.outputs.download-path}}

.github/workflows/scripts/notarize.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+npm install --global create-dmg
+
+mkdir dmg/
+create-dmg build/macos/Build/Products/Release/notifi.app dmg/
+mv dmg/* notifi.dmg
+
+dmg_path="notifi.dmg"
+
+/usr/bin/codesign --force --deep --strict --options runtime -s "Z28DW76Y3W" "$dmg_path"
+
+echo "notarizing..."
+notarize=$(xcrun altool -t osx --primary-bundle-id it.notifi.notifi --output-format json --notarize-app -f "$dmg_path" --username "$APPLE_USERNAME" --password "$APPLE_PASSWORD")
+uuid=$(echo "$notarize" | python3 -c "import sys, json; print(json.load(sys.stdin)['notarization-upload']['RequestUUID'])")
+echo "$uuid"
+
+# wait for apple to notarize
+sleep 60
+
+while true; do
+  check=$(xcrun altool --notarization-info "$uuid" --output-format json --username "$APPLE_USERNAME" --password "$APPLE_PASSWORD")
+  echo $check
+  status=$(echo "$check" | python3 -c "import sys, json; print(json.load(sys.stdin)['notarization-info']['Status'])")
+  echo $status
+  if [ "$status" != "in progress" ]; then
+    echo "staple dmg..."
+    xcrun stapler staple -v "$dmg_path"
+    exit
+  fi
+done

.gitignore

@@ -55,3 +55,5 @@ app.*.map.json
 /macos/notifi.app/
 /ios/fastlane/report.xml
 /macos/fastlane/report.xml
+AuthKey_MK4628AYTK.p8
+/.env

README.md

@@ -15,6 +15,8 @@ flutter channel master
 flutter upgrade
 ```
 
+# Run locally
+
 ## create .env with the content
 ```
 CODE_ENDPOINT=http://127.0.0.1:9081/code
@@ -41,37 +43,31 @@ flutter build macos
 flutter run -d macos
 ```
 
-## Tests
+# Tests
 
-### Lint & Test
+## Lint & Test
 
 ```bash
 bash ./pre-commit.sh
 ```
 
-### Set screenshot asserts
+## Set screenshot asserts
 
 ```
 bash ./test/set-asserts.sh
 ```
 
-## Extras
+# Extras
 
-### Add pre-commit hook
+## Add pre-commit hook
 
 ```bash
 ln -s $(pwd)/pre-commit.sh $(pwd)/.git/hooks/pre-commit
 chmod +x $(pwd)/.git/hooks/pre-commit
 ```
 
 ### fastlane
-#### provision profiles
-```
-fastlane sigh -p macos
-fastlane sigh -p ios
-```
 
-###
 
 ### Jetbrains flutter plugin:
 

ios/Podfile

@@ -1,5 +1,5 @@
 # Uncomment this line to define a global platform for your project
-platform :ios, '9.0'
+platform :ios, '10.0'
 
 # CocoaPods analytics sends network stats synchronously affecting flutter build latency.
 ENV['COCOAPODS_DISABLE_STATS'] = 'true'