Convert Feedly and Mercury to use the new Secrets system.

Frameworks/Account/Account.xcodeproj/project.pbxproj

@@ -775,9 +775,7 @@
 			isa = PBXNativeTarget;
 			buildConfigurationList = 8489350A1F62485000CEBD24 /* Build configuration list for PBXNativeTarget "Account" */;
 			buildPhases = (
-				9E964EBB2375512300A7AF2E /* Run Script: Update OAuthAuthorizationClient+Feedly.swift */,
 				848934F11F62484F00CEBD24 /* Sources */,
-				9E964EBC2375517100A7AF2E /* Run Script: Reset OAuthAuthorizationClient+Feedly.swift */,
 				848934F21F62484F00CEBD24 /* Frameworks */,
 				848934F31F62484F00CEBD24 /* Headers */,
 				848934F41F62484F00CEBD24 /* Resources */,
@@ -950,42 +948,6 @@
 			shellPath = /bin/sh;
 			shellScript = "xcrun -sdk macosx swiftc -target x86_64-macosx10.11  ../../buildscripts/VerifyNoBuildSettings.swift -o $CONFIGURATION_TEMP_DIR/VerifyNoBS\n$CONFIGURATION_TEMP_DIR/VerifyNoBS ${PROJECT_NAME}.xcodeproj/project.pbxproj\n";
 		};
-		9E964EBB2375512300A7AF2E /* Run Script: Update OAuthAuthorizationClient+Feedly.swift */ = {
-			isa = PBXShellScriptBuildPhase;
-			buildActionMask = 2147483647;
-			files = (
-			);
-			inputFileListPaths = (
-			);
-			inputPaths = (
-			);
-			name = "Run Script: Update OAuthAuthorizationClient+Feedly.swift";
-			outputFileListPaths = (
-			);
-			outputPaths = (
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-			shellPath = /bin/sh;
-			shellScript = "FAILED=false\n\nif [ -z \"${FEEDLY_CLIENT_ID}\" ]; then\necho \"Missing Feedly Client ID\"\nFAILED=true\nfi\n\nif [ -z \"${FEEDLY_CLIENT_SECRET}\" ]; then\necho \"Missing Feedly Client Secret\"\nFAILED=true\nfi\n\nFEEDLY_CLIENT_SOURCE=\"${SRCROOT}/Feedly/OAuthAuthorizationClient+Feedly.swift\"\n\nif [ \"$FAILED\" = true ]; then\necho \"Missing Feedly client ID or secret. ${FEEDLY_CLIENT_SOURCE} not changed.\"\nexit 0\nfi\n\n# echo \"Substituting variables in: ${FEEDLY_CLIENT_SOURCE}\"\n\nif [ -e \"${FEEDLY_CLIENT_SOURCE}\" ]\nthen\n    sed -i .tmp \"s|{FEEDLY_CLIENT_ID}|${FEEDLY_CLIENT_ID}|g; s|{FEEDLY_CLIENT_SECRET}|${FEEDLY_CLIENT_SECRET}|g\" $FEEDLY_CLIENT_SOURCE\n    # echo \"`git diff ${FEEDLY_CLIENT_SOURCE}`\"\n    rm -f \"${FEEDLY_CLIENT_SOURCE}.tmp\"\nelse\n    echo \"File does not exist at ${FEEDLY_CLIENT_SOURCE}. Has it been moved or renamed?\"\n    exit -1\nfi\n\necho \"All env values found!\"\n";
-		};
-		9E964EBC2375517100A7AF2E /* Run Script: Reset OAuthAuthorizationClient+Feedly.swift */ = {
-			isa = PBXShellScriptBuildPhase;
-			buildActionMask = 2147483647;
-			files = (
-			);
-			inputFileListPaths = (
-			);
-			inputPaths = (
-			);
-			name = "Run Script: Reset OAuthAuthorizationClient+Feedly.swift";
-			outputFileListPaths = (
-			);
-			outputPaths = (
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-			shellPath = /bin/sh;
-			shellScript = "git checkout \"${SRCROOT}/Feedly/OAuthAuthorizationClient+Feedly.swift\"\n";
-		};
 /* End PBXShellScriptBuildPhase section */
 
 /* Begin PBXSourcesBuildPhase section */

Frameworks/Account/Feedly/OAuthAuthorizationClient+Feedly.swift

@@ -14,10 +14,10 @@ extension OAuthAuthorizationClient {
 		/// Models private NetNewsWire client secrets.
 		/// These placeholders are substitued at build time using a Run Script phase with build settings.
 		/// https://developer.feedly.com/v3/auth/#authenticating-a-user-and-obtaining-an-auth-code
-		return OAuthAuthorizationClient(id: "{FEEDLY_CLIENT_ID}",
+		return OAuthAuthorizationClient(id: Secrets.feedlyClientId,
 										redirectUri: "netnewswire://auth/feedly",
 										state: nil,
-										secret: "{FEEDLY_CLIENT_SECRET}")
+										secret: Secrets.feedlyClientSecret)
 	}
 	
 	static var feedlySandboxClient: OAuthAuthorizationClient {

NetNewsWire.xcodeproj/project.pbxproj

@@ -2891,9 +2891,7 @@
 			buildConfigurationList = 849C647A1ED37A5D003D8FC0 /* Build configuration list for PBXNativeTarget "NetNewsWire" */;
 			buildPhases = (
 				3B3A341B238D3FB200314204 /* Run Script: Update Secrets */,
-				51D6803823330CFF0097A009 /* Run Script: Update ArticleExtractorConfig.swift */,
 				849C645C1ED37A5D003D8FC0 /* Sources */,
-				517D2D82233A53D600FF3E35 /* Run Script: Reset ArticleExtractorConfig.swift */,
 				849C645D1ED37A5D003D8FC0 /* Frameworks */,
 				849C645E1ED37A5D003D8FC0 /* Resources */,
 				84C987A52000AC9E0066B150 /* Run Script: Automated build numbers */,
@@ -3582,42 +3580,6 @@
 			shellPath = /bin/sh;
 			shellScript = "git checkout \"${SRCROOT}/Shared/Article Extractor/ArticleExtractorConfig.swift\"\n";
 		};
-		517D2D82233A53D600FF3E35 /* Run Script: Reset ArticleExtractorConfig.swift */ = {
-			isa = PBXShellScriptBuildPhase;
-			buildActionMask = 2147483647;
-			files = (
-			);
-			inputFileListPaths = (
-			);
-			inputPaths = (
-			);
-			name = "Run Script: Reset ArticleExtractorConfig.swift";
-			outputFileListPaths = (
-			);
-			outputPaths = (
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-			shellPath = /bin/sh;
-			shellScript = "git checkout \"${SRCROOT}/Shared/Article Extractor/ArticleExtractorConfig.swift\"\n";
-		};
-		51D6803823330CFF0097A009 /* Run Script: Update ArticleExtractorConfig.swift */ = {
-			isa = PBXShellScriptBuildPhase;
-			buildActionMask = 2147483647;
-			files = (
-			);
-			inputFileListPaths = (
-			);
-			inputPaths = (
-			);
-			name = "Run Script: Update ArticleExtractorConfig.swift";
-			outputFileListPaths = (
-			);
-			outputPaths = (
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-			shellPath = /bin/sh;
-			shellScript = "FAILED=false\n\nif [ -z \"${MERCURY_CLIENT_ID}\" ]; then\nFAILED=true\nfi\n\nif [ -z \"${MERCURY_CLIENT_SECRET}\" ]; then\nFAILED=true\nfi\n\nif [ \"$FAILED\" = true ]; then\necho \"Missing Feedbin Mercury credetials.  ArticleExtractorConfig.swift not changed.\"\nexit 0\nfi\n\nsed -i .tmp \"s|{MERCURYID}|${MERCURY_CLIENT_ID}|g; s|{MERCURYSECRET}|${MERCURY_CLIENT_SECRET}|g\" \"${SRCROOT}/Shared/Article Extractor/ArticleExtractorConfig.swift\"\n\nrm -f \"${SRCROOT}/Shared/Article Extractor/ArticleExtractorConfig.swift.tmp\"\n\necho \"All env values found!\"\n\n";
-		};
 		65ED3FB5235DEF6C0081F399 /* Run Script: Update ArticleExtractorConfig.swift */ = {
 			isa = PBXShellScriptBuildPhase;
 			buildActionMask = 2147483647;

Shared/Article Extractor/ArticleExtractor.swift

@@ -7,6 +7,7 @@
 //
 
 import Foundation
+import Account
 
 public enum ArticleExtractorState {
     case ready
@@ -35,9 +36,9 @@ class ArticleExtractor {
     public init?(_ articleLink: String) {
 		self.articleLink = articleLink
 		
-		let clientURL = ArticleExtractorConfig.clientURL
+		let clientURL = "https://extract.feedbin.com/parser"
-		let username = ArticleExtractorConfig.clientId
+		let username = Secrets.mercuryClientId
-		let signiture = articleLink.hmacUsingSHA1(key: ArticleExtractorConfig.clientSecret)
+		let signiture = articleLink.hmacUsingSHA1(key: Secrets.mercuryClientSecret)
 		
 		if let base64URL = articleLink.data(using: .utf8)?.base64EncodedString() {
 			let fullURL = "\(clientURL)/\(username)/\(signiture)?base64_url=\(base64URL)"

Shared/Secrets.swift.gyb

@@ -2,7 +2,7 @@
 %{
 import os
 
-secrets = ['FEED_WRANGLER_KEY']
+secrets = ['FEED_WRANGLER_KEY', 'MERCURY_CLIENT_ID', 'MERCURY_CLIENT_SECRET', 'FEEDLY_CLIENT_ID', 'FEEDLY_CLIENT_SECRET']
 
 def chunks(seq, size):
   return (seq[i:(i + size)] for i in range(0, len(seq), size))
@@ -17,10 +17,10 @@ def snake_to_camel(snake_str):
 
 salt = [ord(byte) for byte in os.urandom(64)]
 }%
-enum Secrets {
+public enum Secrets {
   % for secret in secrets:
 
-  static var ${snake_to_camel(secret)}: String {
+  public static var ${snake_to_camel(secret)}: String {
      let encoded: [UInt8] = [
       % for chunk in chunks(encode(os.environ.get(secret) or "", salt), 8):
           ${"".join(["0x%02x, " % byte for byte in chunk])}
@@ -50,4 +50,4 @@ private extension Secrets {
     }, as: UTF8.self)
   }
 
-}
+}