Skip to content

Commit

Permalink
Build: Update the deploy script and config file encryption (#3195)
Browse files Browse the repository at this point in the history
* add --legacy-peer-deps flag in deploy script

* update options in circleCI config

* maybe we do need force

* add encrypt/decrypt conf to Makefile, update README instructions, re-encrypt config with up-to-date encryption method, upgrade packages in vip/package.json

* update decryption on circleCI

* punctuation

* error message if an invalid deploy target is specified
  • Loading branch information
codebykat authored May 14, 2024
1 parent 0bff9da commit 5ea6263
Show file tree
Hide file tree
Showing 6 changed files with 31 additions and 10 deletions.
2 changes: 1 addition & 1 deletion .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ references:
command: |
openssl aes-256-cbc -md md5 -d -in ./resources/certificates/win.p12.enc -out ./resources/certificates/win.p12 -k ${SECRETS_ENCRYPTION_KEY_2024}
openssl aes-256-cbc -md md5 -d -in ./resources/certificates/mac.p12.enc -out ./resources/certificates/mac.p12 -k ${SECRETS_ENCRYPTION_KEY}
openssl aes-256-cbc -md md5 -d -in ./resources/secrets/config.json.enc -out ./config.json -k ${SECRETS_ENCRYPTION_KEY}
openssl aes-256-cbc -d -in ./resources/secrets/config.json.enc -out ./config.json -pbkdf2 -k ${SECRETS_ENCRYPTION_KEY}
job_filters: &job_filters
branches:
ignore:
Expand Down
18 changes: 18 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -173,3 +173,21 @@ lint-scss:
.PHONY: lint-js
lint-js:
@npx eslint --ignore-path .gitignore "**/*.{js,jsx,ts,tsx}"


# encrypted config file
.PHONY: _pwd_prompt decrypt_conf encrypt_conf

CONF_FILE=./resources/secrets/config.json.enc

# 'private' task for echoing instructions
_pwd_prompt:
@echo "Check the secret store for Simplenote!"

# to create config
decrypt_conf: _pwd_prompt
openssl aes-256-cbc -d -in ${CONF_FILE} -out ./config-local.json -pbkdf2

# for updating config
encrypt_conf: _pwd_prompt
openssl aes-256-cbc -e -in config-local.json -out ${CONF_FILE} -pbkdf2
12 changes: 7 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,17 @@ A Simplenote [React](https://reactjs.org/) client packaged in [Electron](https:/

## Running

**Read this first!!** Local development is currently not supported if you don't have an existing account on the test server or access to the production credentials. This is because the move to an email-first signup flow has made it impossible to create accounts in the test database. We hope to be able to support an open-source development workflow again in the future.

1. Clone the repo: `git clone https://github.com/Automattic/simplenote-electron.git`
2. `cd simplenote-electron`
3. `npm install --legacy-peer-deps` (This flag is necessary because `react-monaco-editor` is pinned to a specific `monaco-editor` dependency, but `npm` [considers minor versions to be breaking changes for sub-1.0.0 apps](https://stackoverflow.com/questions/62629878/why-doesnt-npm-upgrade-install-my-0-0-1-dep-with-a-dependency-on-0-0-0))
4. `npm run dev`
5. The dev server will start on [http://localhost:4000](http://localhost:4000), and the Electron app will launch automatically.
6. For all logging from Electron to be printed to the terminal (e.g. `console.log` statements within `app.js`), you might need to set `env ELECTRON_ENABLE_LOGGING=1`.
7. Sign up for a new account within the app. Use the account for **testing purposes only** as all note data will be periodically cleared out on the server.
4. Decrypt the config file using `make decrypt_conf`.
5. `npm run dev`
6. The dev server will start on [http://localhost:4000](http://localhost:4000), and the Electron app will launch automatically.
7. For all logging from Electron to be printed to the terminal (e.g. `console.log` statements within `app.js`), you might need to set `env ELECTRON_ENABLE_LOGGING=1`.

_Note: Simplenote API features such as sharing and publishing will not work with development builds. Due to a limitation of `make` installation paths used for build cannot have spaces._
_Note: Simplenote API features such as sharing and publishing will not work with development builds. Due to a limitation of `make`, installation paths used for build cannot have spaces._

## Building

Expand Down
5 changes: 3 additions & 2 deletions bin/deploy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,13 @@ case $1 in
;;

*)
echo "Deploy environment must be one of: production, develop, staging"
exit 0
;;
esac

# Install Node Modules
npm install
npm install --legacy-peer-deps

# Temporarily move config-local so it doesn't get overwritten
mv config-local.json config-local.original.json
Expand Down Expand Up @@ -81,4 +82,4 @@ echo "Deployed Successfully!"

git checkout trunk

exit 0
exit 0
Binary file modified resources/secrets/config.json.enc
Binary file not shown.
4 changes: 2 additions & 2 deletions vip/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
"url": "git://github.com/Automattic/simplenote-electron.git"
},
"dependencies": {
"@automattic/vip-go": "0.3.3",
"express": "4.17.1"
"@automattic/vip-go": "1.1.0",
"express": "4.19.2"
}
}

0 comments on commit 5ea6263

Please sign in to comment.