From d748a89b47c8c864f51ccdd0dc60c86676e72268 Mon Sep 17 00:00:00 2001 From: mahee96 <47920326+mahee96@users.noreply.github.com> Date: Wed, 25 Feb 2026 01:45:23 +0530 Subject: [PATCH] ci - do not encrypt build logs if password unavailable (forks CI friendly) --- .github/workflows/alpha.yml | 12 ++++++------ .github/workflows/nightly.yml | 12 ++++++------ .github/workflows/pr.yml | 4 ++-- .github/workflows/stable.yml | 4 ++-- scripts/ci/workflow.py | 22 ++++++++++++---------- 5 files changed, 28 insertions(+), 26 deletions(-) diff --git a/.github/workflows/alpha.yml b/.github/workflows/alpha.yml index e37f6480..3f2b9616 100644 --- a/.github/workflows/alpha.yml +++ b/.github/workflows/alpha.yml @@ -143,24 +143,24 @@ jobs: # -------------------------------------------------- - uses: actions/upload-artifact@v4 with: - name: encrypted-build-logs-${{ env.MARKETING_VERSION }}.zip - path: encrypted-build-logs.zip + name: build-logs-${{ env.MARKETING_VERSION }}.zip + path: build-logs.zip - uses: actions/upload-artifact@v4 if: > vars.ENABLE_TESTS == '1' && vars.ENABLE_TESTS_BUILD == '1' with: - name: encrypted-tests-build-logs-${{ env.SHORT_COMMIT }}.zip - path: encrypted-tests-build-logs.zip + name: tests-build-logs-${{ env.SHORT_COMMIT }}.zip + path: tests-build-logs.zip - uses: actions/upload-artifact@v4 if: > vars.ENABLE_TESTS == '1' && vars.ENABLE_TESTS_RUN == '1' with: - name: encrypted-tests-run-logs-${{ env.SHORT_COMMIT }}.zip - path: encrypted-tests-run-logs.zip + name: tests-run-logs-${{ env.SHORT_COMMIT }}.zip + path: tests-run-logs.zip - uses: actions/upload-artifact@v4 with: diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index a0feabc4..390c33c8 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -177,8 +177,8 @@ jobs: - uses: actions/upload-artifact@v4 if: steps.build_gate.outputs.should_skip != 'true' with: - name: encrypted-build-logs-${{ env.MARKETING_VERSION }}.zip - path: encrypted-build-logs.zip + name: build-logs-${{ env.MARKETING_VERSION }}.zip + path: build-logs.zip - uses: actions/upload-artifact@v4 if: > @@ -186,8 +186,8 @@ jobs: vars.ENABLE_TESTS == '1' && vars.ENABLE_TESTS_BUILD == '1' with: - name: encrypted-tests-build-logs-${{ env.SHORT_COMMIT }}.zip - path: encrypted-tests-build-logs.zip + name: tests-build-logs-${{ env.SHORT_COMMIT }}.zip + path: tests-build-logs.zip - uses: actions/upload-artifact@v4 if: > @@ -195,8 +195,8 @@ jobs: vars.ENABLE_TESTS == '1' && vars.ENABLE_TESTS_RUN == '1' with: - name: encrypted-tests-run-logs-${{ env.SHORT_COMMIT }}.zip - path: encrypted-tests-run-logs.zip + name: tests-run-logs-${{ env.SHORT_COMMIT }}.zip + path: tests-run-logs.zip - uses: actions/upload-artifact@v4 if: steps.build_gate.outputs.should_skip != 'true' diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 931084a1..75c69097 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -76,8 +76,8 @@ jobs: - uses: actions/upload-artifact@v4 with: - name: encrypted-build-logs-${{ env.MARKETING_VERSION }}.zip - path: encrypted-build-logs.zip + name: build-logs-${{ env.MARKETING_VERSION }}.zip + path: build-logs.zip - uses: actions/upload-artifact@v4 with: diff --git a/.github/workflows/stable.yml b/.github/workflows/stable.yml index 978d03a2..dc2de2ad 100644 --- a/.github/workflows/stable.yml +++ b/.github/workflows/stable.yml @@ -90,8 +90,8 @@ jobs: - uses: actions/upload-artifact@v4 with: - name: encrypted-build-logs-${{ env.MARKETING_VERSION }}.zip - path: encrypted-build-logs.zip + name: build-logs-${{ env.MARKETING_VERSION }}.zip + path: build-logs.zip - uses: actions/upload-artifact@v4 with: diff --git a/scripts/ci/workflow.py b/scripts/ci/workflow.py index 43191f14..d45e3ec1 100644 --- a/scripts/ci/workflow.py +++ b/scripts/ci/workflow.py @@ -7,6 +7,7 @@ from pathlib import Path import time import json import re +from posix import getcwd # REPO ROOT relative to script dir ROOT = Path(__file__).resolve().parents[2] @@ -214,13 +215,14 @@ def tests_run(model): # ---------------------------------------------------------- def encrypt_logs(name): - default_pwd = "12345" - pwd = getenv("BUILD_LOG_ZIP_PASSWORD", default_pwd) + pwd = getenv("BUILD_LOG_ZIP_PASSWORD") - if pwd == default_pwd: - print("Warning: BUILD_LOG_ZIP_PASSWORD not set, using fallback password", file=sys.stderr) - - run(f'cd build/logs && zip -e -P "{pwd}" ../../{name}.zip *') + # skip encryption entirely if no password provided + if not pwd or not pwd.strip(): + print("BUILD_LOG_ZIP_PASSWORD not set — skipping encryption", file=sys.stderr) + return + cwd = getcwd() + run(f'cd {cwd}/build/logs && zip -e -P "{pwd}" {cwd}/{name}.zip *') # ---------------------------------------------------------- # RELEASE NOTES @@ -409,7 +411,7 @@ def upload_release(release_name, release_tag, commit_sha, repo, upstream_tag_rec run( f'gh release upload "{release_tag}" ' - f'SideStore.ipa SideStore.dSYMs.zip encrypted-build-logs.zip ' + f'SideStore.ipa SideStore.dSYMs.zip build-logs.zip ' f'--clobber' ) @@ -483,9 +485,9 @@ COMMANDS = { # ---------------------------------------------------------- # LOG ENCRYPTION # ---------------------------------------------------------- - "encrypt-build" : (lambda: encrypt_logs("encrypted-build-logs"), 0, ""), - "encrypt-tests-build" : (lambda: encrypt_logs("encrypted-tests-build-logs"), 0, ""), - "encrypt-tests-run" : (lambda: encrypt_logs("encrypted-tests-run-logs"), 0, ""), + "encrypt-build" : (lambda: encrypt_logs("build-logs"), 0, ""), + "encrypt-tests-build" : (lambda: encrypt_logs("tests-build-logs"), 0, ""), + "encrypt-tests-run" : (lambda: encrypt_logs("tests-run-logs"), 0, ""), # ---------------------------------------------------------- # RELEASE / DEPLOY