-
Notifications
You must be signed in to change notification settings - Fork 4
129 lines (109 loc) · 5.49 KB
/
build-ios.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
name: Build IOS
on:
push:
jobs:
wait:
if: ${{ github.actor != 'dependabot[bot]' }}
name: Queue IOS builds
runs-on: ubuntu-latest
steps:
# We do this so we don't ever have conflicting build numbers
- uses: ahmadnassri/action-workflow-queue@v1
with:
delay: 60000
timeout: 3600000
build:
if: ${{ github.actor != 'dependabot[bot]' }}
name: Build IOS
needs: wait
runs-on: macos-14
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: List Xcode installations
run: sudo ls -1 /Applications | grep "Xcode"
#Select your required version
- name: Select Xcode 15.0
run: sudo xcode-select -s /Applications/Xcode_15.0.app/Contents/Developer
# Setup Apple certs for building
# https://docs.github.com/en/actions/deployment/deploying-xcode-applications/installing-an-apple-certificate-on-macos-runners-for-xcode-development#add-a-step-to-your-workflow
- name: Install the Apple certificate and provisioning profile
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "${{ secrets.BUILD_CERTIFICATE_BASE64 }}" | base64 --decode -o $CERTIFICATE_PATH
echo -n "${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}" | base64 --decode -o $PP_PATH
# create temporary keychain
security create-keychain -p "${{ secrets.KEYCHAIN_PASSWORD }}" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "${{ secrets.KEYCHAIN_PASSWORD }}" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "${{ secrets.P12_PASSWORD }}" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Build web app
run: |
npm install
npm run deploy-check
npm run build
- name: Get & update build number
run: |
echo "PACKAGE_NUMBER=$(jq -r '.version' package.json)" >> "$GITHUB_ENV"
echo "BUILD_NUMBER=$((${{ vars.IOS_BUILD_NUMBER }} + 1))" >> "$GITHUB_ENV"
- name: Update build number
run: |
curl -L -X PATCH -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.API_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/orgs/acc-hymns/actions/variables/IOS_BUILD_NUMBER -d '{"value":"${{ env.BUILD_NUMBER }}"}'
- name: Build app bundle
run: |
npx cap sync ios
cd ios/App
# Replace version codes
xcrun agvtool new-version -all "${{ env.BUILD_NUMBER }}"
xcrun agvtool new-marketing-version "${{ env.PACKAGE_NUMBER }}"
xcodebuild clean archive -workspace App.xcworkspace -scheme "ACC Hymns" -destination generic/platform=iOS -archivePath App.xcarchive -allowProvisioningUpdates
- name: Export IPA
run: |
cd ios/App
echo '<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>destination</key>
<string>export</string>
<key>manageAppVersionAndBuildNumber</key>
<true/>
<key>method</key>
<string>app-store</string>
<key>provisioningProfiles</key>
<dict>
<key>com.ChristopherW.acchmns</key>
<string>Publishing Profile</string>
</dict>
<key>signingCertificate</key>
<string>Apple Distribution</string>
<key>signingStyle</key>
<string>manual</string>
<key>stripSwiftSymbols</key>
<true/>
<key>teamID</key>
<string>AVS62V4S24</string>
<key>uploadSymbols</key>
<true/>
</dict>
</plist>' > archive.plist
echo -n "${{ secrets.AUTH_KEY_BASE64 }}" | base64 --decode -o AuthKey_${{ secrets.AUTH_KEY_ID }}.p8
xcodebuild -exportArchive -archivePath App.xcarchive -exportOptionsPlist archive.plist -exportPath output -allowProvisioningUpdates -authenticationKeyIssuerID ${{ secrets.AUTH_KEY_ISSUER_ID }} -authenticationKeyID ${{ secrets.AUTH_KEY_ID }} -authenticationKeyPath "$(pwd)/AuthKey_${{ secrets.AUTH_KEY_ID }}.p8"
- name: Publish IPA
run: |
xcrun altool --upload-package "ios/App/output/ACC Hymns.ipa" --type "ios" --asc-public-id ${{ secrets.ASC_PUBLIC_ID }} --apple-id ${{ secrets.APP_APPLE_ID }} --bundle-version ${{ env.BUILD_NUMBER }} --bundle-short-version-string "${{ env.PACKAGE_NUMBER }}" --bundle-id "com.ChristopherW.acchmns" -u ${{ secrets.APPLE_ID }} -p ${{ secrets.APPLE_PASS }}
- name: Upload release IPA
uses: actions/upload-artifact@v4
with:
name: app-release-ipa
path: ios/App/output/*.ipa
retention-days: 7