-
Notifications
You must be signed in to change notification settings - Fork 108
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Secrets Mechanism #68
Conversation
/// WooCommerce API Credentials. Generated on %{timestamp} | ||
/// | ||
struct ApiCredentials { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Trailing Whitespace Violation: Lines should not have trailing whitespace. (trailing_whitespace)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know nothing about shell scripts D: but the tests all check out! It fails to build when the secrets file does not exist. It builds when secrets exist. It fails to build when a field has been omitted. (Command /bin/sh failed with exit code 1
)
On purpose 😄. The idea is for this to break... if there's a missing secret, so that we notice and don't ship with missing keys. Thanks Thuy!!! |
Description:
This PR implements a (hopefully cute) mechanism which will allow us to locally store all of the App "Secrets" (API Keys and so on), and prevent exposing them to GH.
This mechanism mirrors what we've got for WPiOS, with a slight difference: we're performing a replacement OP over placeholders (while WPiOS actually generates the ApiCredentials file, entirely in Swift).
Details:
~/.woo_app_credentials.json
)Credentials/ApiCredentials.swift
. This file is not part of any target, and never gets built directly.replace_credentials.rb
/tmp/WooCommerce.build/ApiCredentials.swift
Testing:
~/.woo_app_credentials.json
. Verify you get a build error~/.woo_app_credentials.json
. Verify everything turns green!Aaron, what do you think?. I've got the same process in
bash
, but i've learnt usingeval
is a really bad idea. Ruby feels swifty!cc @mindgraffiti @astralbodies