mirror of
https://github.com/flutter/flutter
synced 2024-09-29 04:54:17 +00:00
iOS,macOS: Do not copy unsigned_binaries.txt to build outputs (#154684)
There are three categories of binaries produced as part of the framework artifacts: * Those that use APIs that require entitlements and must be code-signed; e.g. gen_snapshot * Those that do not use APIs that require entitlements and must be code-signed; e.g. Flutter.framework dylib. * Those that do not need to be code-signed; e.g. Flutter.dSYM symbols. We are adding the third category in https://github.com/flutter/engine/pull/54977. The Cocoon code signing aspect of this was handled in https://github.com/flutter/cocoon/pull/3890. This ensures these files don't get copied into the build output should they appear in the artifact cache. Issue: https://github.com/flutter/flutter/issues/154571
This commit is contained in:
parent
6dc88205de
commit
4d17998755
|
@ -87,7 +87,12 @@ abstract class UnpackMacOS extends Target {
|
|||
await _thinFramework(environment, frameworkBinaryPath);
|
||||
}
|
||||
|
||||
static const List<String> _copyDenylist = <String>['entitlements.txt', 'without_entitlements.txt'];
|
||||
/// Files that should not be copied to build output directory if found during framework copy step.
|
||||
static const List<String> _copyDenylist = <String>[
|
||||
'entitlements.txt',
|
||||
'without_entitlements.txt',
|
||||
'unsigned_binaries.txt',
|
||||
];
|
||||
|
||||
void _removeDenylistedFiles(Directory directory) {
|
||||
for (final FileSystemEntity entity in directory.listSync(recursive: true)) {
|
||||
|
|
|
@ -1034,7 +1034,11 @@ class ArtifactUpdater {
|
|||
final List<File> downloadedFiles = <File>[];
|
||||
|
||||
/// These filenames, should they exist after extracting an archive, should be deleted.
|
||||
static const Set<String> _denylistedBasenames = <String>{'entitlements.txt', 'without_entitlements.txt'};
|
||||
static const Set<String> _denylistedBasenames = <String>{
|
||||
'entitlements.txt',
|
||||
'without_entitlements.txt',
|
||||
'unsigned_binaries.txt',
|
||||
};
|
||||
void _removeDenylistedFiles(Directory directory) {
|
||||
for (final FileSystemEntity entity in directory.listSync(recursive: true)) {
|
||||
if (entity is! File) {
|
||||
|
|
|
@ -83,6 +83,7 @@ void main() {
|
|||
File? desiredArtifact;
|
||||
File? entitlementsFile;
|
||||
File? nestedWithoutEntitlementsFile;
|
||||
File? unsignedBinariesFile;
|
||||
operatingSystemUtils.unzipCallbacks[localZipPath] = (Directory outputDirectory) {
|
||||
desiredArtifact = outputDirectory.childFile('artifact.bin')..createSync();
|
||||
entitlementsFile = outputDirectory.childFile('entitlements.txt')..createSync();
|
||||
|
@ -90,6 +91,7 @@ void main() {
|
|||
.childDirectory('dir')
|
||||
.childFile('without_entitlements.txt')
|
||||
..createSync(recursive: true);
|
||||
unsignedBinariesFile = outputDirectory.childFile('unsigned_binaries.txt')..createSync();
|
||||
};
|
||||
final ArtifactUpdater artifactUpdater = ArtifactUpdater(
|
||||
fileSystem: fileSystem,
|
||||
|
@ -114,6 +116,7 @@ void main() {
|
|||
expect(desiredArtifact, exists);
|
||||
expect(entitlementsFile, isNot(exists));
|
||||
expect(nestedWithoutEntitlementsFile, isNot(exists));
|
||||
expect(unsignedBinariesFile, isNot(exists));
|
||||
expect(staleEntitlementsFile, isNot(exists));
|
||||
});
|
||||
|
||||
|
|
|
@ -173,10 +173,11 @@ void main() {
|
|||
ProcessManager: () => processManager,
|
||||
});
|
||||
|
||||
testUsingContext('deletes entitlements.txt and without_entitlements.txt files after copying', () async {
|
||||
testUsingContext('deletes entitlements.txt, without_entitlements.txt, unsigned_binaries.txt files after copying', () async {
|
||||
binary.createSync(recursive: true);
|
||||
final File entitlements = environment.outputDir.childFile('entitlements.txt');
|
||||
final File withoutEntitlements = environment.outputDir.childFile('without_entitlements.txt');
|
||||
final File unsignedBinaries = environment.outputDir.childFile('unsigned_binaries.txt');
|
||||
final File nestedEntitlements = environment
|
||||
.outputDir
|
||||
.childDirectory('first_level')
|
||||
|
@ -201,6 +202,7 @@ void main() {
|
|||
onRun: (_) {
|
||||
entitlements.writeAsStringSync('foo');
|
||||
withoutEntitlements.writeAsStringSync('bar');
|
||||
unsignedBinaries.writeAsStringSync('baz');
|
||||
nestedEntitlements.writeAsStringSync('somefile.bin');
|
||||
},
|
||||
),
|
||||
|
@ -211,6 +213,7 @@ void main() {
|
|||
await const DebugUnpackMacOS().build(environment);
|
||||
expect(entitlements.existsSync(), isFalse);
|
||||
expect(withoutEntitlements.existsSync(), isFalse);
|
||||
expect(unsignedBinaries.existsSync(), isFalse);
|
||||
expect(nestedEntitlements.existsSync(), isFalse);
|
||||
|
||||
expect(processManager, hasNoRemainingExpectations);
|
||||
|
|
Loading…
Reference in a new issue