Enterprise api key support (#62)

* Update go-xcode

* Add api_key_enterprise_account step input

README.md

@@ -86,6 +86,7 @@ You can also run this step directly with [Bitrise CLI](https://github.com/bitris
 | `api_key_path` | Local path or remote URL to the private key (p8 file) for App Store Connect API. This overrides the Bitrise-managed API connection, only set this input if you want to control the API connection on a step-level. Most of the time it's easier to set up the connection on the App Settings page on Bitrise. The input value can be a file path (eg. `$TMPDIR/private_key.p8`) or an HTTPS URL. This input only takes effect if the other two connection override inputs are set too (`api_key_id`, `api_key_issuer_id`). |  |  |
 | `api_key_id` | Private key ID used for App Store Connect authentication. This overrides the Bitrise-managed API connection, only set this input if you want to control the API connection on a step-level. Most of the time it's easier to set up the connection on the App Settings page on Bitrise. This input only takes effect if the other two connection override inputs are set too (`api_key_path`, `api_key_issuer_id`). |  |  |
 | `api_key_issuer_id` | Private key issuer ID used for App Store Connect authentication. This overrides the Bitrise-managed API connection, only set this input if you want to control the API connection on a step-level. Most of the time it's easier to set up the connection on the App Settings page on Bitrise. This input only takes effect if the other two connection override inputs are set too (`api_key_path`, `api_key_id`). |  |  |
+| `api_key_enterprise_account` | Indicates if the account is an enterprise type. This overrides the Bitrise-managed API connection, only set this input if you know you have an enterprise account. | required | `no` |
 | `verbose_log` | If this input is set, the Step will print additional logs for debugging. | required | `no` |
 </details>
 

go.mod

@@ -15,7 +15,7 @@ require (
 	github.com/bitrise-io/go-plist v0.0.0-20210301100253-4b1a112ccd10 // indirect
 	github.com/bitrise-io/go-steputils/v2 v2.0.0-alpha.18
 	github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.23
-	github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.48
+	github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.50
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa // indirect
 	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect

go.sum

@@ -13,8 +13,8 @@ github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.23 h1:Dfh4nyZPuEtilBisidejqxBrkx9
 github.com/bitrise-io/go-utils/v2 v2.0.0-alpha.23/go.mod h1:3XUplo0dOWc3DqT2XA2SeHToDSg7+j1y1HTHibT2H68=
 github.com/bitrise-io/go-xcode v1.1.1 h1:Krfa8iYZZWdLBuH7AXbufFZwL+Pys7etqvd8+Ehdwt8=
 github.com/bitrise-io/go-xcode v1.1.1/go.mod h1:9OwsvrhZ4A2JxHVoEY7CPcABAKA+OE7FQqFfBfvbFuY=
-github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.48 h1:nsd41UsIGZrPy94tlFxoDCfH2I19A9buPOA/cLgucjA=
-github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.48/go.mod h1:KpxSPrRLgY0fscSajOyO/5h7MhapsqnSJr17oXEaPsg=
+github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.50 h1:vh3miMo4lZb5fz8D1Tca0AerRv2hO3gZS4R5nEeSXKg=
+github.com/bitrise-io/go-xcode/v2 v2.0.0-alpha.50/go.mod h1:KpxSPrRLgY0fscSajOyO/5h7MhapsqnSJr17oXEaPsg=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=

step.yml

@@ -332,7 +332,6 @@ inputs:
       on a step-level. Most of the time it's easier to set up the connection on the App Settings page on Bitrise.
       The input value can be a file path (eg. `$TMPDIR/private_key.p8`) or an HTTPS URL.
       This input only takes effect if the other two connection override inputs are set too (`api_key_id`, `api_key_issuer_id`).
-    is_required: false
 
 - api_key_id:
   opts:
@@ -344,7 +343,6 @@ inputs:
       This overrides the Bitrise-managed API connection, only set this input if you want to control the API connection
       on a step-level. Most of the time it's easier to set up the connection on the App Settings page on Bitrise.
       This input only takes effect if the other two connection override inputs are set too (`api_key_path`, `api_key_issuer_id`).
-    is_required: false
 
 - api_key_issuer_id:
   opts:
@@ -356,7 +354,19 @@ inputs:
       This overrides the Bitrise-managed API connection, only set this input if you want to control the API connection
       on a step-level. Most of the time it's easier to set up the connection on the App Settings page on Bitrise.
       This input only takes effect if the other two connection override inputs are set too (`api_key_path`, `api_key_id`).
-    is_required: false
+
+- api_key_enterprise_account: "no"
+  opts:
+    category: App Store Connect connection override
+    title: App Store Connect API enterprise account
+    summary: Indicates if the account is an enterprise type. This overrides the Bitrise-managed API connection.
+    description: |-
+      Indicates if the account is an enterprise type.
+      This overrides the Bitrise-managed API connection, only set this input if you know you have an enterprise account.
+    value_options:
+    - "yes"
+    - "no"
+    is_required: true
 
 # Debugging
 

step/codesign.go

@@ -7,8 +7,8 @@ import (
 	"github.com/bitrise-io/go-steputils/v2/stepconf"
 	"github.com/bitrise-io/go-utils/retry"
 	"github.com/bitrise-io/go-utils/v2/command"
+	"github.com/bitrise-io/go-utils/v2/fileutil"
 	"github.com/bitrise-io/go-utils/v2/log"
-	"github.com/bitrise-io/go-xcode/devportalservice"
 	"github.com/bitrise-io/go-xcode/v2/autocodesign"
 	"github.com/bitrise-io/go-xcode/v2/autocodesign/certdownloader"
 	"github.com/bitrise-io/go-xcode/v2/autocodesign/codesignasset"
@@ -17,6 +17,7 @@ import (
 	"github.com/bitrise-io/go-xcode/v2/autocodesign/profiledownloader"
 	"github.com/bitrise-io/go-xcode/v2/autocodesign/projectmanager"
 	"github.com/bitrise-io/go-xcode/v2/codesign"
+	"github.com/bitrise-io/go-xcode/v2/devportalservice"
 )
 
 type CodesignManagerOpts struct {
@@ -38,9 +39,10 @@ type CodesignManagerOpts struct {
 	APIKeyPath                stepconf.Secret
 	APIKeyID                  string
 	APIKeyIssuerID            string
+	APIKeyEnterpriseAccount   bool
 }
 
-func createCodesignManager(managerOpts CodesignManagerOpts, xcodeMajorVersion int64, logger log.Logger, cmdFactory command.Factory) (codesign.Manager, error) {
+func createCodesignManager(managerOpts CodesignManagerOpts, xcodeMajorVersion int64, logger log.Logger, cmdFactory command.Factory, fileManager fileutil.FileManager) (codesign.Manager, error) {
 	var authType codesign.AuthType
 	switch managerOpts.CodeSigningAuthSource {
 	case codeSignSourceAppleID:
@@ -66,7 +68,7 @@ func createCodesignManager(managerOpts CodesignManagerOpts, xcodeMajorVersion in
 		return codesign.Manager{}, fmt.Errorf("issue with input: %w", err)
 	}
 
-	devPortalClientFactory := devportalclient.NewFactory(logger)
+	devPortalClientFactory := devportalclient.NewFactory(logger, fileManager)
 
 	var serviceConnection *devportalservice.AppleDeveloperConnection
 	if managerOpts.BuildURL != "" && managerOpts.BuildAPIToken != "" {
@@ -76,9 +78,10 @@ func createCodesignManager(managerOpts CodesignManagerOpts, xcodeMajorVersion in
 	}
 
 	overrideInputs := codesign.ConnectionOverrideInputs{
-		APIKeyPath:     managerOpts.APIKeyPath,
-		APIKeyID:       managerOpts.APIKeyID,
-		APIKeyIssuerID: managerOpts.APIKeyIssuerID,
+		APIKeyPath:              managerOpts.APIKeyPath,
+		APIKeyID:                managerOpts.APIKeyID,
+		APIKeyIssuerID:          managerOpts.APIKeyIssuerID,
+		APIKeyEnterpriseAccount: managerOpts.APIKeyEnterpriseAccount,
 	}
 
 	appleAuthCredentials, err := codesign.SelectConnectionCredentials(authType, serviceConnection, overrideInputs, logger)

step/step.go

@@ -74,9 +74,10 @@ type Input struct {
 	// Caching
 	CacheLevel string `env:"cache_level,opt[none,swift_packages]"`
 	// App Store Connect connection override
-	APIKeyPath     stepconf.Secret `env:"api_key_path"`
-	APIKeyID       string          `env:"api_key_id"`
-	APIKeyIssuerID string          `env:"api_key_issuer_id"`
+	APIKeyPath              stepconf.Secret `env:"api_key_path"`
+	APIKeyID                string          `env:"api_key_id"`
+	APIKeyIssuerID          string          `env:"api_key_issuer_id"`
+	APIKeyEnterpriseAccount bool            `env:"api_key_enterprise_account,opt[yes,no]"`
 	// Debugging
 	VerboseLog bool `env:"verbose_log,opt[yes,no]"`
 }
@@ -179,6 +180,7 @@ func (b XcodebuildBuilder) ProcessConfig() (Config, error) {
 	var codesignManager *codesign.Manager
 	if input.CodeSigningAuthSource != codeSignSourceOff {
 		factory := v2command.NewFactory(env.NewRepository())
+		fileManager := fileutil.NewFileManager()
 
 		codesignMgr, err := createCodesignManager(CodesignManagerOpts{
 			ProjectPath:               absProjectPath,
@@ -199,7 +201,8 @@ func (b XcodebuildBuilder) ProcessConfig() (Config, error) {
 			APIKeyPath:                input.APIKeyPath,
 			APIKeyID:                  input.APIKeyID,
 			APIKeyIssuerID:            input.APIKeyIssuerID,
-		}, xcodebuildVersion.MajorVersion, b.logger, factory)
+			APIKeyEnterpriseAccount:   input.APIKeyEnterpriseAccount,
+		}, xcodebuildVersion.MajorVersion, b.logger, factory, fileManager)
 		if err != nil {
 			return Config{}, err
 		}