From 7714a8d034ad418bcfcf421e12f45f121c356948 Mon Sep 17 00:00:00 2001 From: Jenn Magder Date: Fri, 16 Sep 2022 11:02:12 -0700 Subject: [PATCH] Do not codesign transitive dependency iOS pod resource bundles (#111714) --- dev/devicelab/bin/tasks/module_test_ios.dart | 45 ++++++++++++++------ packages/flutter_tools/bin/podhelper.rb | 10 +++++ 2 files changed, 41 insertions(+), 14 deletions(-) diff --git a/dev/devicelab/bin/tasks/module_test_ios.dart b/dev/devicelab/bin/tasks/module_test_ios.dart index dd3d8c51d5..82d4f81437 100644 --- a/dev/devicelab/bin/tasks/module_test_ios.dart +++ b/dev/devicelab/bin/tasks/module_test_ios.dart @@ -18,6 +18,15 @@ import 'package:path/path.dart' as path; /// adding Flutter to an existing iOS app. Future main() async { await task(() async { + // Update pod repo. + await eval( + 'pod', + ['repo', 'update'], + environment: { + 'LANG': 'en_US.UTF-8', + }, + ); + // this variable cannot be `late`, as we reference it in the `finally` block // which may execute before this field has been initialized String? simulatorDeviceId; @@ -157,11 +166,12 @@ Future main() async { String content = await pubspec.readAsString(); content = content.replaceFirst( '\ndependencies:\n', - // One framework, one Dart-only, and one that does not support iOS. + // One framework, one Dart-only, one that does not support iOS, and one with a resource bundle. ''' dependencies: url_launcher: 6.0.20 android_alarm_manager: 0.4.5+11 + google_sign_in_ios: 5.5.0 $dartPluginName: path: ../$dartPluginName ''', @@ -201,6 +211,8 @@ dependencies: } checkFileExists(path.join(ephemeralIOSHostApp.path, 'Frameworks', 'url_launcher_ios.framework', 'url_launcher_ios')); + // Resources should be embedded. + checkDirectoryExists(path.join(ephemeralIOSHostApp.path, 'Frameworks', 'GoogleSignIn.framework', 'GoogleSignIn.bundle')); checkFileExists(path.join(ephemeralIOSHostApp.path, 'Frameworks', 'Flutter.framework', 'Flutter')); // Android-only, no embedded framework. @@ -297,7 +309,7 @@ end 'CODE_SIGNING_REQUIRED=NO', 'CODE_SIGN_IDENTITY=-', 'EXPANDED_CODE_SIGN_IDENTITY=-', - 'CONFIGURATION_BUILD_DIR=${objectiveCBuildDirectory.path}', + 'BUILD_DIR=${objectiveCBuildDirectory.path}', 'COMPILER_INDEX_STORE_ENABLE=NO', ], environment: { @@ -306,27 +318,33 @@ end ); }); - final bool existingAppBuilt = exists(File(path.join( + final String hostAppDirectory = path.join( objectiveCBuildDirectory.path, + 'Debug-iphoneos', 'Host.app', + ); + + final bool existingAppBuilt = exists(File(path.join( + hostAppDirectory, 'Host', ))); if (!existingAppBuilt) { return TaskResult.failure('Failed to build existing Objective-C app .app'); } - checkFileExists(path.join( - objectiveCBuildDirectory.path, - 'Host.app', + final String hostFrameworksDirectory = path.join( + hostAppDirectory, 'Frameworks', + ); + + checkFileExists(path.join( + hostFrameworksDirectory, 'Flutter.framework', 'Flutter', )); checkFileExists(path.join( - objectiveCBuildDirectory.path, - 'Host.app', - 'Frameworks', + hostFrameworksDirectory, 'App.framework', 'flutter_assets', 'isolate_snapshot_data', @@ -335,9 +353,7 @@ end section('Check the NOTICE file is correct'); final String licenseFilePath = path.join( - objectiveCBuildDirectory.path, - 'Host.app', - 'Frameworks', + hostFrameworksDirectory, 'App.framework', 'flutter_assets', 'NOTICES.Z', @@ -524,7 +540,7 @@ end 'CODE_SIGNING_REQUIRED=NO', 'CODE_SIGN_IDENTITY=-', 'EXPANDED_CODE_SIGN_IDENTITY=-', - 'CONFIGURATION_BUILD_DIR=${objectiveCBuildDirectory.path}', + 'BUILD_DIR=${objectiveCBuildDirectory.path}', 'COMPILER_INDEX_STORE_ENABLE=NO', ], canFail: true, @@ -570,7 +586,7 @@ end 'CODE_SIGNING_REQUIRED=NO', 'CODE_SIGN_IDENTITY=-', 'EXPANDED_CODE_SIGN_IDENTITY=-', - 'CONFIGURATION_BUILD_DIR=${swiftBuildDirectory.path}', + 'BUILD_DIR=${swiftBuildDirectory.path}', 'COMPILER_INDEX_STORE_ENABLE=NO', ], environment: { @@ -581,6 +597,7 @@ end final bool existingSwiftAppBuilt = exists(File(path.join( swiftBuildDirectory.path, + 'Debug-iphoneos', 'Host.app', 'Host', ))); diff --git a/packages/flutter_tools/bin/podhelper.rb b/packages/flutter_tools/bin/podhelper.rb index 91d67df4b2..1bd5112a75 100644 --- a/packages/flutter_tools/bin/podhelper.rb +++ b/packages/flutter_tools/bin/podhelper.rb @@ -45,6 +45,8 @@ def flutter_additional_ios_build_settings(target) end release_framework_dir = File.expand_path(File.join(artifacts_dir, 'ios-release', 'Flutter.xcframework'), __FILE__) + # Bundles are com.apple.product-type.bundle, frameworks are com.apple.product-type.framework. + target_is_resource_bundle = target.respond_to?(:product_type) && target.product_type == 'com.apple.product-type.bundle' target.build_configurations.each do |build_configuration| # Build both x86_64 and arm64 simulator archs for all dependencies. If a single plugin does not support arm64 simulators, @@ -52,6 +54,14 @@ def flutter_additional_ios_build_settings(target) # Therefore all pods must have a x86_64 slice available, or linking a x86_64 app will fail. build_configuration.build_settings['ONLY_ACTIVE_ARCH'] = 'NO' if build_configuration.type == :debug + # Workaround https://github.com/CocoaPods/CocoaPods/issues/11402, do not sign resource bundles. + if target_is_resource_bundle + build_configuration.build_settings['CODE_SIGNING_ALLOWED'] = 'NO' + build_configuration.build_settings['CODE_SIGNING_REQUIRED'] = 'NO' + build_configuration.build_settings['CODE_SIGNING_IDENTITY'] = '-' + build_configuration.build_settings['EXPANDED_CODE_SIGN_IDENTITY'] = '-' + end + # Skip other updates if it's not a Flutter plugin (transitive dependency). next unless target.dependencies.any? { |dependency| dependency.name == 'Flutter' }