Initial commit

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @conradev

.github/actions/archive/action.yml

@@ -0,0 +1,43 @@
+name: Archive
+inputs:
+  scheme:
+    description: Scheme
+    required: true
+  destination:
+    description: Destination
+    required: true
+  app-store-key:
+    description: App Store key in PEM PKCS#8 format
+    required: true
+  app-store-key-id:
+    description: App Store key ID
+    required: true
+  app-store-key-issuer-id:
+    description: App Store key issuer ID
+    required: true
+  archive-path:
+    description: Xcode archive path
+    required: true
+runs:
+  using: composite
+  steps:
+  - shell: bash
+    working-directory: Apple
+    run: |
+      echo "${{ inputs.app-store-key }}" > AuthKey_${{ inputs.app-store-key-id }}.p8
+
+      xcodebuild archive \
+        -allowProvisioningUpdates \
+        -allowProvisioningDeviceRegistration \
+        -authenticationKeyID ${{ inputs.app-store-key-id }} \
+        -authenticationKeyIssuerID ${{ inputs.app-store-key-issuer-id }} \
+        -authenticationKeyPath "${PWD}/AuthKey_${{ inputs.app-store-key-id }}.p8" \
+        -onlyUsePackageVersionsFromResolvedFile \
+        -scheme '${{ inputs.scheme }}' \
+        -destination '${{ inputs.destination }}' \
+        -archivePath '${{ inputs.archive-path }}' \
+        -resultBundlePath BuildResults.xcresult
+
+      ./Tools/xcresulttool-github BuildResults.xcresult
+      
+      rm -rf AuthKey_${{ inputs.app-store-key-id }}.p8

.github/actions/build-for-testing/action.yml

@@ -0,0 +1,37 @@
+name: Build For Testing
+inputs:
+  scheme:
+    description: Scheme
+    required: true
+  destination:
+    description: Destination
+    required: true
+  app-store-key:
+    description: App Store key in PEM PKCS#8 format
+    required: true
+  app-store-key-id:
+    description: App Store key ID
+    required: true
+  app-store-key-issuer-id:
+    description: App Store key issuer ID
+    required: true
+runs:
+  using: composite
+  steps:
+  - shell: bash
+    working-directory: Apple
+    run: |
+      echo "${{ inputs.app-store-key }}" > AuthKey_${{ inputs.app-store-key-id }}.p8
+
+      xcodebuild clean build-for-testing \
+        -allowProvisioningUpdates \
+        -allowProvisioningDeviceRegistration \
+        -authenticationKeyID ${{ inputs.app-store-key-id }} \
+        -authenticationKeyIssuerID ${{ inputs.app-store-key-issuer-id }} \
+        -authenticationKeyPath "${PWD}/AuthKey_${{ inputs.app-store-key-id }}.p8" \
+        -onlyUsePackageVersionsFromResolvedFile \
+        -scheme '${{ inputs.scheme }}' \
+        -destination '${{ inputs.destination }}' \
+        -resultBundlePath BuildResults.xcresult
+      
+      rm -rf AuthKey_${{ inputs.app-store-key-id }}.p8

.github/actions/export/action.yml

@@ -0,0 +1,47 @@
+name: Notarize
+inputs:
+  app-store-key:
+    description: App Store key in PEM PKCS#8 format
+    required: true
+  app-store-key-id:
+    description: App Store key ID
+    required: true
+  app-store-key-issuer-id:
+    description: App Store key issuer ID
+    required: true
+  archive-path:
+    description: Xcode archive path
+    required: true
+  destination:
+    description: The Xcode export destination. This can either be "export" or "upload"
+    required: true
+  method:
+    description: The Xcode export method. This can be one of app-store, validation, ad-hoc, package, enterprise, development, developer-id, or mac-application.
+    required: true
+  export-path:
+    description: The path to export the archive to
+    required: true
+runs:
+  using: composite
+  steps:
+  - id: notarize
+    shell: bash
+    working-directory: Apple
+    run: |
+      echo "${{ inputs.app-store-key }}" > AuthKey_${{ inputs.app-store-key-id }}.p8
+
+      echo '{"destination":"${{ inputs.destination }}","method":"${{ inputs.method }}"}' \
+        | plutil -convert xml1 -o ExportOptions.plist -
+
+      xcodebuild \
+        -exportArchive \
+        -allowProvisioningUpdates \
+        -allowProvisioningDeviceRegistration \
+        -authenticationKeyID ${{ inputs.app-store-key-id }} \
+        -authenticationKeyIssuerID ${{ inputs.app-store-key-issuer-id }} \
+        -authenticationKeyPath "${PWD}/AuthKey_${{ inputs.app-store-key-id }}.p8" \
+        -archivePath '${{ inputs.archive-path }}' \
+        -exportPath '${{ inputs.export-path }}' \
+        -exportOptionsPlist ExportOptions.plist
+
+      rm -rf AuthKey_${{ inputs.app-store-key-id }}.p8 ExportOptions.plist

.github/actions/import-cert/action.yml

@@ -0,0 +1,26 @@
+name: Import Certificate
+inputs:
+  certificate:
+    description: 'The certificate in p12 format, encoded as base64'
+    required: true
+  password:
+    description: 'The certificate password'
+    required: true
+runs:
+  using: composite
+  steps:
+  - shell: bash
+    run: |
+      echo -n "${{ inputs.certificate }}" | base64 -d > Developer.p12
+      security create-keychain -p password Developer.keychain
+      security set-keychain-settings -lut 21600 Developer.keychain
+      security unlock-keychain -p password Developer.keychain
+      security import Developer.p12 \
+        -k Developer.keychain \
+        -f pkcs12 \
+        -A \
+        -T /usr/bin/codesign \
+        -T /usr/bin/security \
+        -P ${{ inputs.password }}
+      security set-key-partition-list -S apple-tool:,apple: -k password Developer.keychain
+      security list-keychains -d user -s login.keychain Developer.keychain

.github/actions/test-without-building/action.yml

@@ -0,0 +1,37 @@
+name: Test Without Building
+inputs:
+  scheme:
+    description: Scheme
+    required: true
+  destination:
+    description: Destination
+    required: true
+  test-plan:
+    description: Test Plan
+    required: false
+  artifact-prefix:
+    description: The prefix for the filename of the uploaded xcresults file
+    required: true
+  check-name:
+    description: The check name
+    required: true
+runs:
+  using: composite
+  steps:
+  - shell: bash
+    id: vars
+    run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+  - shell: bash
+    working-directory: Apple
+    run: |
+      xcodebuild test-without-building \
+      -scheme '${{ inputs.scheme }}' \
+      -destination '${{ inputs.destination }}' \
+      ${{ inputs.test-plan && '-testPlan ' }}${{ inputs.test-plan }} \
+      -resultBundlePath "${{ inputs.artifact-prefix }}-${{ steps.vars.outputs.sha_short }}.xcresult"
+  - uses: kishikawakatsumi/xcresulttool@v1
+    if: always()
+    with:
+      path: Apple/${{ inputs.artifact-prefix }}-${{ steps.vars.outputs.sha_short }}.xcresult
+      title: ${{ inputs.check-name }}
+      show-passed-tests: false

.github/workflows/build-apple.yml

@@ -0,0 +1,70 @@
+name: Apple Build
+on:
+  push:
+    branches:  
+    - main
+  pull_request:
+    branches:
+    - "*"
+jobs:
+  build:
+    name: Build App (${{ matrix.platform }})
+    runs-on: macos-12
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - scheme: App (iOS)
+          destination: generic/platform=iOS
+          platform: iOS
+          sdk-name: iphoneos
+        - scheme: App (iOS)
+          destination: platform=iOS Simulator,OS=16.2,name=iPhone 14 Pro
+          platform: iOS Simulator
+          sdk-name: iphonesimulator
+        - scheme: App (macOS)
+          destination: platform=macOS
+          platform: macOS
+          sdk-name: macos
+    env:
+      DEVELOPER_DIR: /Applications/Xcode_14.2.app/Contents/Developer
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+      with:
+        ssh-key: ${{ secrets.DEPLOY_KEY }}
+        submodules: recursive
+    - name: Import Certificate
+      uses: ./.github/actions/import-cert
+      with:
+        certificate: ${{ secrets.DEVELOPER_CERT }}
+        password: ${{ secrets.DEVELOPER_CERT_PASSWORD }}
+    - name: Build
+      id: build
+      uses: ./.github/actions/build-for-testing
+      with:
+        scheme: ${{ matrix.scheme }}
+        destination: ${{ matrix.destination }}
+        app-store-key: ${{ secrets.APPSTORE_KEY }}
+        app-store-key-id: ${{ secrets.APPSTORE_KEY_ID }}
+        app-store-key-issuer-id: ${{ secrets.APPSTORE_KEY_ISSUER_ID }}
+    - name: Xcode Unit Test
+      if: ${{ matrix.xcode-unit-test != '' }}
+      continue-on-error: true
+      uses: ./.github/actions/test-without-building
+      with:
+        scheme: ${{ matrix.scheme }}
+        destination: ${{ matrix.destination }}
+        test-plan: ${{ matrix.xcode-unit-test }}
+        artifact-prefix: unit-tests-${{ matrix.sdk-name }}
+        check-name: Xcode Unit Tests (${{ matrix.platform }})
+    - name: Xcode UI Test
+      if: ${{ matrix.xcode-ui-test != '' }}
+      continue-on-error: true
+      uses: ./.github/actions/test-without-building
+      with:
+        scheme: ${{ matrix.scheme }}
+        destination: ${{ matrix.destination }}
+        test-plan: ${{ matrix.xcode-ui-test }}
+        artifact-prefix: ui-tests-${{ matrix.sdk-name }}
+        check-name: Xcode UI Tests (${{ matrix.platform }})

.github/workflows/build-rust.yml

@@ -0,0 +1,55 @@
+name: Rust Build
+on:
+  push:
+    branches:  
+    - main
+  pull_request:
+    branches:
+    - "*"
+jobs:
+  build:
+    name: Build Crate (${{ matrix.platform }})
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - os: ubuntu-latest
+          platform: Linux
+          targets:
+          - x86_64-unknown-linux-gnu
+          - aarch64-unknown-linux-gnu
+        - os: macos-12
+          platform: macOS
+          targets:
+          - x86_64-apple-darwin
+          - aarch64-apple-darwin
+          - aarch64-apple-ios
+          - aarch64-apple-ios-sim
+          - x86_64-apple-ios
+        - os: windows-2022
+          platform: Windows
+          targets:
+          - x86_64-pc-windows-msvc
+          - aarch64-pc-windows-msvc
+    runs-on: ${{ matrix.os }}
+    env:
+      DEVELOPER_DIR: /Applications/Xcode_14.2.app/Contents/Developer
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+      with:
+        ssh-key: ${{ secrets.DEPLOY_KEY }}
+        submodules: recursive
+    - name: Install Rust
+      uses: dtolnay/rust-toolchain@master
+      with:
+        toolchain: stable
+        components: rustfmt
+        targets: ${{ join(matrix.targets, ', ') }}
+    - name: Build
+      shell: bash
+      run: cargo build --verbose --workspace --all-features 
+    - uses: actions-rs/cargo@v1
+      with:
+        command: build
+        args: --workspace --all-features --target ${{ join(matrix.targets, ' --target ') }}

.github/workflows/lint-git.yml

@@ -0,0 +1,20 @@
+name: Git Lint
+on:
+  pull_request:
+    branches:
+    - "*"
+jobs:
+  lint:
+    name: Git Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          fetch-depth: 0
+      - name: Install Gitlint
+        shell: bash
+        run: python -m pip install gitlint
+      - name: Run Gitlint
+        shell: bash
+        run: gitlint --commits "${{ github.event.pull_request.base.sha }}..HEAD"

.github/workflows/lint-swift.yml

@@ -0,0 +1,21 @@
+name: Swift Lint
+on:
+  push:
+    branches:
+    - main
+  pull_request:
+    branches:
+    - "*"
+jobs:
+  lint:
+    name: Swift Lint
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/realm/swiftlint:latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+      with:
+        ssh-key: ${{ secrets.DEPLOY_KEY }}
+    - name: Lint
+      run: swiftlint lint --reporter github-actions-logging

.github/workflows/release-apple.yml

@@ -0,0 +1,65 @@
+name: Build Apple Release
+on:
+  release:
+    types:
+    - created
+jobs:
+  build:
+    name: Build ${{ matrix.configuration['platform'] }} Release
+    runs-on: macos-12
+    strategy:
+      fail-fast: false
+      matrix:
+        configuration:
+        - scheme: App (iOS)
+          destination: generic/platform=iOS
+          platform: iOS
+          method: ad-hoc
+          artifact-file: Apple/Release/Burrow.ipa
+        - scheme: App (macOS)
+          destination: generic/platform=macOS
+          platform: macOS
+          method: mac-application
+          artifact-file: Burrow.app.txz
+    env:
+      DEVELOPER_DIR: /Applications/Xcode_14.2.app/Contents/Developer
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+      with:
+        ssh-key: ${{ secrets.DEPLOY_KEY }}
+        submodules: recursive
+    - name: Import Certificate
+      uses: ./.github/actions/import-cert
+      with:
+        certificate: ${{ secrets.DEVELOPER_CERT }}
+        password: ${{ secrets.DEVELOPER_CERT_PASSWORD }}
+    - name: Archive
+      uses: ./.github/actions/archive
+      with:
+        scheme: ${{ matrix.configuration['scheme'] }}
+        destination: ${{ matrix.configuration['destination'] }}
+        app-store-key: ${{ secrets.APPSTORE_KEY }}
+        app-store-key-id: ${{ secrets.APPSTORE_KEY_ID }}
+        app-store-key-issuer-id: ${{ secrets.APPSTORE_KEY_ISSUER_ID }}
+        archive-path: Burrow.xcarchive
+    - name: Export Locally
+      uses: ./.github/actions/export
+      with:
+        method: ${{ matrix.configuration['method'] }}
+        destination: export
+        app-store-key: ${{ secrets.APPSTORE_KEY }}
+        app-store-key-id: ${{ secrets.APPSTORE_KEY_ID }}
+        app-store-key-issuer-id: ${{ secrets.APPSTORE_KEY_ISSUER_ID }}
+        archive-path: Burrow.xcarchive
+        export-path: Release
+    - name: Compress
+      if: ${{ matrix.configuration['platform'] == 'macOS' }}
+      shell: bash
+      run: tar --options xz:compression-level=9 -C Apple/Release -cJf Burrow.app.txz ./
+    - name: Attach Artifact
+      uses: SierraSoftworks/gh-releases@v1.0.6
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        overwrite: 'false'
+        files: ${{ matrix.configuration['artifact-file'] }}