feat: automate entitlements setup for development #819
Conversation
- Add setup-entitlements.sh script to automatically configure app group identifiers - Update Justfile with 'setup-entitlements' and 'setup' commands - Improve README with streamlined setup instructions - Eliminate manual search/replace requirement for new contributors Features: - Automatically reads Team ID from Local.xcconfig - Updates all .entitlements files with correct group identifiers - Creates backups before making changes - Provides clear error messages and verification - Supports the new 'just setup' one-command workflow This removes the TODO item about manual entitlements configuration and makes the development setup process much smoother for new contributors. Before: Manual search/replace across multiple files After: Single command handles everything automatically
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
scripts/setup-entitlements.sh
Outdated
| # Check if file contains the generic group identifier | ||
| if grep -q "group.chat.bitchat" "$file" && ! grep -q "group.chat.bitchat.$TEAM_ID" "$file"; then | ||
| # Update the file | ||
| sed -i.tmp "s/group\.chat\.bitchat/group.chat.bitchat.$TEAM_ID/g" "$file" | ||
| rm "$file.tmp" |
There was a problem hiding this comment.
When the script is re-run after the entitlements already contain a previous Team ID, the sed command only replaces the group.chat.bitchat prefix, producing values like group.chat.bitchat.NEW.OLD. The subsequent verification still passes because it matches the group.chat.bitchat.NEW substring, yet the entitlements are now invalid and code signing for the new team will fail. Replace the entire group.chat.bitchat.* value (or remove the old suffix first) so subsequent runs with a different Team ID produce a clean identifier.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Thanks for catching that! 👍
Fixed in 4a4556f - the script now properly replaces the entire group.chat.bitchat.* pattern, so re-running with a different Team ID will correctly update from group.chat.bitchat.OLD to group.chat.bitchat.NEW instead of creating an invalid group.chat.bitchat.OLD.NEW.
The fix handles both cases:
- Initial setup:
group.chat.bitchat→group.chat.bitchat.ABC123 - Team ID change:
group.chat.bitchat.ABC123→group.chat.bitchat.XYZ789
- Replace entire group.chat.bitchat.* pattern instead of just prefix - Prevents creating invalid identifiers like group.chat.bitchat.OLD.NEW - Properly handles both initial setup and Team ID changes - Add better status messages for each case Thanks to chatgpt-codex-connector bot for catching this issue!
|
Thanks for looking into this issue @RedThoroughbred. Looks like AI generated an over-engineered solution for a seemingly simple problem :) What do you think about moving entitlements under |
qalandarov
left a comment
qalandarov
left a comment
There was a problem hiding this comment.
What do you think about moving entitlements under Configs/Entitlements/ and then having a git-ignored folder Configs/Entitlements/Generated/ and do a one-time setup when setting up Local.xcconfig?
2 participants
Features:
This removes the TODO item about manual entitlements configuration and makes the development setup process much smoother for new contributors.
Before: Manual search/replace across multiple files
After: Single command handles everything automatically