From 8a00ceb6f9fb195386ca924b24e2fe5a914c31ea Mon Sep 17 00:00:00 2001
From: bjornoleh <bjorn.haugsgjerd@gmail.com>
Date: Thu, 9 Jan 2025 19:56:47 +0100
Subject: [PATCH] Set error when no valid certs and ENABLE_NUKE_CERTS is not
 'true'.

Remove warnings about other apps from Fastfile, as these are displayed as annotations from check_certs.yml
---
 .github/workflows/check_certs.yml | 13 +++++++++----
 fastlane/Fastfile                 |  6 ------
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/check_certs.yml b/.github/workflows/check_certs.yml
index 4a70dd714..dd16c0273 100644
--- a/.github/workflows/check_certs.yml
+++ b/.github/workflows/check_certs.yml
@@ -50,9 +50,15 @@ jobs:
             echo "new_certificate_needed=false" >> $GITHUB_OUTPUT
           fi
           
-          # Check if ENABLE_NUKE_CERTS is not set to true
+          # Check if ENABLE_NUKE_CERTS is not set to true when certs are valid
+          if [ "$CERT_STATUS" != "true" ] && [ "$ENABLE_NUKE_CERTS" != "true" ]; then
+            echo "::notice::🔔 Automated renewal of certificates is disabled because the repository variable ENABLE_NUKE_CERTS is not set to 'true'."
+          fi
+
+          # Check if ENABLE_NUKE_CERTS is not set to true when certs are not valid
           if [ "$CERT_STATUS" = "true" ] && [ "$ENABLE_NUKE_CERTS" != "true" ]; then
-            echo "::notice::🔔 Nuke certificates was skipped because the repository variable ENABLE_NUKE_CERTS is not set to 'true'."
+            echo "::error::❌ No valid distribution certificate found. Automated renewal of certificates was skipped because the repository variable ENABLE_NUKE_CERTS is not set to 'true'."
+            exit 1
           fi
 
           # Check if vars.FORCE_NUKE_CERTS is not set to true
@@ -111,6 +117,5 @@ jobs:
       - name: Annotate Summary
         run: |
           echo "::warning::⚠️⚠️⚠️   Certificates have been recreated successfully."
-          echo "::warning::⚠️⚠️⚠️   If you have other apps being distributed by GitHub Actions / Fastlane / TestFlight,"
-          echo "::warning::⚠️⚠️⚠️   please run the '3. Create Certificates' workflow for each of these apps to allow these apps to be built."
+          echo "::warning::⚠️⚠️⚠️   If you have other apps being distributed by GitHub Actions / Fastlane / TestFlight, please run the '3. Create Certificates' workflow for each of these apps to allow these apps to be built."
           echo "::warning::✅✅✅   But don't worry about your existing TestFlight builds, they will keep working!"
\ No newline at end of file
diff --git a/fastlane/Fastfile b/fastlane/Fastfile
index 2c2d13e6f..71a03be82 100644
--- a/fastlane/Fastfile
+++ b/fastlane/Fastfile
@@ -332,12 +332,6 @@ platform :ios do
     # Handle output for triggering workflow
     if new_certificate_needed
       puts "❌ Certificate is expired or no certificates found. Creating flag file to trigger renewal or creation of certificate."
-      puts ""
-      puts "⚠️⚠️⚠️   All Distribution certificates and TestFlight profiles are being revoked."
-      puts "⚠️⚠️⚠️   If you have other apps being distributed by GitHub Actions / Fastlane / TestFlight,"
-      puts "⚠️⚠️⚠️   please run the '3. Create Certificates' workflow for each of these apps to allow these apps to be built."
-      puts ""
-      puts "✅✅✅   But don't worry about your existing TestFlight builds, they will keep working!"
     else
       puts "✅ Distribution certificate is present and valid. No action required."
     end