From 3b28674c60bac25442e0dcee38c5a9e26bce0f81 Mon Sep 17 00:00:00 2001
From: Jonathan <33353899+allcloud-jonathan@users.noreply.github.com>
Date: Fri, 30 Jul 2021 11:38:38 +0200
Subject: [PATCH] darwin arm builds (#118)

fix build system to support Apple Silicon signed binaries
---
 .github/workflow/upload_assets.yml  | 26 --------------
 .github/workflows/upload_assets.yml |  2 +-
 .gitignore                          |  1 +
 Makefile                            | 33 ++++++++++++-----
 gon.json => gon-amd64.json          |  0
 gon-arm64.json                      | 15 ++++++++
 make_brew_release.sh                | 55 ++++++-----------------------
 7 files changed, 52 insertions(+), 80 deletions(-)
 delete mode 100644 .github/workflow/upload_assets.yml
 rename gon.json => gon-amd64.json (100%)
 create mode 100644 gon-arm64.json
 mode change 100644 => 100755 make_brew_release.sh

diff --git a/.github/workflow/upload_assets.yml b/.github/workflow/upload_assets.yml
deleted file mode 100644
index 9efbc02..0000000
--- a/.github/workflow/upload_assets.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-on:
-  release:
-    types: [created]
-
-name: Upload release assets after release is created
-jobs:
-  build:
-    name: build binaries
-    runs-on: ubuntu-latest
-    steps:
-      - name: Install Go
-        uses: actions/setup-go@v2
-        with:
-          go-version: 1.15.x
-      - name: Checkout code
-        uses: actions/checkout@v2
-      - name: build
-        run: |
-          echo "GO111MODULE=on" >> $GITHUB_ENV
-          make zip
-      - name: Upload release assets
-        uses: skx/github-action-publish-binaries@master
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          args: './assets/*'
diff --git a/.github/workflows/upload_assets.yml b/.github/workflows/upload_assets.yml
index 9efbc02..efe1371 100644
--- a/.github/workflows/upload_assets.yml
+++ b/.github/workflows/upload_assets.yml
@@ -17,7 +17,7 @@ jobs:
       - name: build
         run: |
           echo "GO111MODULE=on" >> $GITHUB_ENV
-          make zip
+          make zip-only-unsigned
       - name: Upload release assets
         uses: skx/github-action-publish-binaries@master
         env:
diff --git a/.gitignore b/.gitignore
index d7269f3..28ca4a0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,4 @@ brewbot
 *.tar.gz
 steps_output.txt
 .vscode/
+bottle_output.txt
diff --git a/Makefile b/Makefile
index 496cb5d..f07fc17 100644
--- a/Makefile
+++ b/Makefile
@@ -18,6 +18,10 @@ test:
 darwin-amd64:
 	GOOS=darwin GOARCH=amd64 $(GOBUILD) -ldflags "-X main.version=$(VERSION)" -o $(BUILDPATH)/$(BINARY_NAME)-darwin-amd64 -v
 
+.PHONY: darwin-arm64
+darwin-arm64:
+	GOOS=darwin GOARCH=arm64 $(GOBUILD) -ldflags "-X main.version=$(VERSION)" -o $(BUILDPATH)/$(BINARY_NAME)-darwin-arm64 -v
+
 .PHONY: linux-386
 linux-386:
 	GOOS=linux GOARCH=386 $(GOBUILD) -ldflags "-X main.version=$(VERSION)" -o $(BUILDPATH)/$(BINARY_NAME)-linux-386 -v
@@ -34,15 +38,27 @@ windows-386:
 windows-amd64:
 	GOOS=windows GOARCH=amd64 $(GOBUILD) -ldflags "-X main.version=$(VERSION)" -o $(BUILDPATH)/$(BINARY_NAME)-windows-amd64.exe -v
 
+.PHONY: native
+native:
+	$(GOBUILD) -ldflags "-X main.version=$(VERSION)" -o $(BUILDPATH)/$(BINARY_NAME) -v
+
 .PHONY: all
-all: darwin-amd64 linux-386 linux-amd64 windows-386 windows-amd64
+all: darwin-amd64 darwin-arm64 linux-386 linux-amd64 windows-386 windows-amd64
 
 .PHONY: sign
-sign: darwin-amd64
+sign: darwin-amd64 darwin-arm64
 	# sign
-	gon -log-level=info ./gon.json
+	gon -log-level=info ./gon-arm64.json
+	gon -log-level=info ./gon-amd64.json
+
+.PHONY: zip-only-unsigned
+zip-only-unsigned: all
+	mkdir -p $(ASSETPATH)
+	cd $(BUILDPATH) && \
+	for i in `ls -1 $(BINARY_NAME)* | grep -v '.zip' | grep -v darwin`; do zip ../$(ASSETPATH)/$$i.zip $$i; done
+	cd $(ASSETPATH) && \
+	sha256sum *zip > SHASUMS256.txt
 
-.PHONY: zip
 zip: all sign
 	mkdir -p $(ASSETPATH)
 	cd $(BUILDPATH) && \
@@ -50,12 +66,13 @@ zip: all sign
 	cd $(ASSETPATH) && \
 	sha256sum *zip > SHASUMS256.txt
 
-.PHONY: unsigned-darwin-amd64-zip
-unsigned-darwin-amd64-zip: darwin-amd64
-	# used by brew if signing isn't setup
+.PHONY: unsigned-darwin-zip
+unsigned-darwin-zip: darwin-amd64 darwin-arm64
+	# use if signing isn't setup
 	mkdir -p $(ASSETPATH)
 	cd $(BUILDPATH) && \
-	zip ../$(ASSETPATH)/clisso-darwin-amd64.zip clisso-darwin-amd64
+	zip ../$(ASSETPATH)/clisso-darwin-amd64.zip clisso-darwin-amd64 && \
+	zip ../$(ASSETPATH)/clisso-darwin-arm64.zip clisso-darwin-arm64
 
 .PHONY: brew
 brew:
diff --git a/gon.json b/gon-amd64.json
similarity index 100%
rename from gon.json
rename to gon-amd64.json
diff --git a/gon-arm64.json b/gon-arm64.json
new file mode 100644
index 0000000..79653ba
--- /dev/null
+++ b/gon-arm64.json
@@ -0,0 +1,15 @@
+{
+    "source": [
+        "./build/clisso-darwin-arm64"
+    ],
+    "bundle_id": "io.allcloud.clisso",
+    "apple_id": {
+        "password": "@keychain:AC_PASSWORD"
+    },
+    "sign": {
+        "application_identity": "5791D17F2B7A187DD559F87F7631BD8F934B4204"
+    },
+    "zip": {
+        "output_path": "./assets/clisso-darwin-arm64.zip"
+    }
+}
\ No newline at end of file
diff --git a/make_brew_release.sh b/make_brew_release.sh
old mode 100644
new mode 100755
index 7c1805d..f3d990c
--- a/make_brew_release.sh
+++ b/make_brew_release.sh
@@ -30,6 +30,14 @@ function cleanup() {
 
 trap cleanup EXIT
 
+# download source and calc sha256
+SHA256=$(wget "https://github.com/allcloud-io/${BINARY_NAME}/archive/${VERSION}.tar.gz" -O source.tar.gz -o /dev/null && sha256sum source.tar.gz | awk '{ print $1 }' && rm -f source.tar.gz)
+
+# create signed zip files
+make sign
+SHA256_ZIP_DARWIN_AMD64=$(sha256sum "assets/${BINARY_NAME}-darwin-amd64.zip" | awk '{ print $1 }' )
+SHA256_ZIP_DARWIN_ARM64=$(sha256sum "assets/${BINARY_NAME}-darwin-arm64.zip" | awk '{ print $1 }' )
+
 # add tap in case it's missing
 brew tap allcloud-io/tools
 TAP_DIR=$(brew --repo allcloud-io/tools)
@@ -44,64 +52,21 @@ git pull
 
 # set the correct version
 sed "s:%VERSION%:${VERSION}:" "${BINARY_NAME}.rb.template" | sed "s:%BOTTLE%::" > "${BINARY_NAME}.rb"
-# and calc sha256
-SHA256=$(brew fetch "${BINARY_NAME}" --build-from-source 2>/dev/null | grep SHA256 | cut -d" " -f2 || true)
-
-if [[ $AC_USERNAME ]]; then
-  BUILD_TARGET=sign
-else
-  sed -i.bak '/mitchellh\/gon\/gon/d' "${BINARY_NAME}.rb.template"
-  BUILD_TARGET=unsigned-darwin-amd64-zip
-fi
 
 # replace version and sha256 placeholder in template
 sed "s:%VERSION%:${VERSION}:" "${BINARY_NAME}.rb.template" | \
 sed "s:%SOURCE_SHA%:${SHA256}:" | \
-sed "s:%AC_USERNAME%:$AC_USERNAME:" | \
-sed "s:%BUILD_TARGET%:$BUILD_TARGET:" > "${BINARY_NAME}.rb.bottle"
-
-# generate parts to be assembled later
-grep -B100 '%BOTTLE%' "${BINARY_NAME}.rb.bottle" | grep -v '%BOTTLE%' > "${BINARY_NAME}.rb.bottle.head"
-grep -A100 '%BOTTLE%' "${BINARY_NAME}.rb.bottle" | grep -v '%BOTTLE%' > "${BINARY_NAME}.rb.bottle.tail"
-
-# skip the bottle placeholder for now
-cat "${BINARY_NAME}.rb.bottle.head" "${BINARY_NAME}.rb.bottle.tail" > "${BINARY_NAME}.rb"
+sed "s:%BUILD_DARWIN_AMD64_SHA%:${SHA256_ZIP_DARWIN_AMD64}:" | \
+sed "s:%BUILD_DARWIN_ARM64_SHA%:${SHA256_ZIP_DARWIN_ARM64}:" > "${BINARY_NAME}.rb"
 
 # change back to original workdir
 cd "$SOURCE_DIR" || exit 1
 # build the bottle
 brew test-bot "allcloud-io/tools/${BINARY_NAME}"
 
-# create a tempfile
-TEMPFILE=$(mktemp)
-
-for json in *bottle.json; do
-  # extract the mac version the bottle was build for
-  MAC_VERSION=$(echo "$json" | cut -d. -f4);
-  # extract the sha256 of the bottle
-  SHA=$(jq ".\"allcloud-io/tools/${BINARY_NAME}\".bottle.tags.$MAC_VERSION.sha256" < "$json")
-  # get the local file name
-  LOCAL=$(jq -r ".\"allcloud-io/tools/${BINARY_NAME}\".bottle.tags.$MAC_VERSION.local_filename" < "$json")
-  # get the remote filename
-  REMOTE=$(jq -r ".\"allcloud-io/tools/${BINARY_NAME}\".bottle.tags.$MAC_VERSION.filename" < "$json")
-  # rename to the correct name
-  mv "$LOCAL" "$REMOTE"
-  # append to tempfile
-  echo "    sha256 $SHA => :$MAC_VERSION" >> "${TEMPFILE}"
-  rm "$json"
-done
-
-cd "$TAP_DIR" || exit 1
-
-# add all the bottles
-cat "${BINARY_NAME}.rb.bottle.head" "${TEMPFILE}" "${BINARY_NAME}.rb.bottle.tail" > "${BINARY_NAME}.rb"
-
 # commit to git and push to origin
 BRANCHNAME=auto/${BINARY_NAME}-${VERSION}
 git checkout -b "$BRANCHNAME" || git checkout "$BRANCHNAME"
-sed -i.bak '/ENV\["AC_USERNAME"\]/d' "${BINARY_NAME}.rb"
-sed -i.bak '/mitchellh\/gon\/gon/d' "${BINARY_NAME}.rb"
-sed -i.bak 's:"sign":"unsigned-darwin-amd64-zip":' "${BINARY_NAME}.rb"
 git add "${BINARY_NAME}.rb"
 git commit -m "Automatic commit of bottle build for version $VERSION of $BINARY_NAME."
 git push origin "$BRANCHNAME"