flutter
Codesigning standalone
example usage: dart run bin/main.dart --commit=<commit number> --production=false --filepath=darwin-x64/FlutterMacOS.framework.zip#ios/artifacts.zip#dart-sdk-darwin-arm64.zip
TODO: add tests to detect exception messages.
06/10: finalized tests and added documentations. made a first split to https://github.com/flutter/cocoon/pull/1899 for easier review.
06/09: Complex, nested, mixed file system structures tests. Can test an intricate combination of folder, zip, and binary file types. Rewrote and overrode code sign logic and classes. cleanup and re-factor is needed.
06/08: Changes include the initializations of test variables and test classes, the simulation of code sign workflow through fakeCommand and fakeProcesses, and the test of basic recursive folder structures through overriding classes with alternative logics. Some of the helper functions I added are long and not obvious to understand, I will document them later in the standalone design doc (apart from the main one).
06/06: There is a lot to talk about. So I wrote go/code-signing-standalone to document the changes. I also inherited the cool designs from https://github.com/flutter/flutter/pull/101732, but didn't talk about them in the doc. In the doc I mainly focused on the changes.
06/03: Code sign functionality is now complete (can still be optimized). Based on file types, we can now identify unsigned binary files and undocumented binary files as we recursively traverse the file directory. We detect symlink files and symlink folders along the way, and ignore them when necessary. Added protection flag to address https://github.com/flutter/flutter/issues/105041, so we only upload back to GCS when absolutely necessary. Restored multi-upload and multi-notarize logic.
05/17: after several rounds of debugging, I eventually was able to get the current app recursively examine every file in a directory. And based on file type of zip file/binary file/remote zip (using mime and ls), pick out binaries to code sign. This is the first major step to remove dependency of a hard coded archive structure.
It is currently unfinished and not fully cleaned up(so there are unoptimized code all over the place). Future work will be to add in and parse a txt file of entitlements, which is extracted form downloaded zip.
current working version: can run dart run bin/main.dart --commit=fce741dd83cf29624bdbed4c663a9a022fb1f559 --filepath=ios/artifacts.zip#darwin-x64/FlutterMacOS.framework.zip. which takes in an engine hash, and a list of file paths to be code signed.
