-
Notifications
You must be signed in to change notification settings - Fork 4
122 lines (104 loc) · 5.26 KB
/
build-ios.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
name: Build IOS
on:
push:
jobs:
wait:
if: ${{ github.actor != 'dependabot[bot]' }}
name: Queue IOS builds
runs-on: ubuntu-latest
steps:
# We do this so we don't ever have conflicting build numbers
- uses: ahmadnassri/action-workflow-queue@v1
with:
delay: 60000
timeout: 3600000
build:
if: ${{ github.actor != 'dependabot[bot]' }}
name: Build IOS
needs: wait
runs-on: macos-latest
steps:
- name: Checkout source
uses: actions/checkout@v3
# Setup Apple certs for building
# https://docs.github.com/en/actions/deployment/deploying-xcode-applications/installing-an-apple-certificate-on-macos-runners-for-xcode-development#add-a-step-to-your-workflow
- name: Install the Apple certificate and provisioning profile
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "${{ secrets.BUILD_CERTIFICATE_BASE64 }}" | base64 --decode -o $CERTIFICATE_PATH
echo -n "${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}" | base64 --decode -o $PP_PATH
# create temporary keychain
security create-keychain -p "${{ secrets.KEYCHAIN_PASSWORD }}" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "${{ secrets.KEYCHAIN_PASSWORD }}" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "${{ secrets.P12_PASSWORD }}" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Build web app
run: |
npm install
npm run deploy-check
npm run build
- name: Get & update build number
run: |
echo "PACKAGE_NUMBER=$(jq -r '.version' package.json)" >> "$GITHUB_ENV"
echo "BUILD_NUMBER=$((${{ vars.IOS_BUILD_NUMBER }} + 1))" >> "$GITHUB_ENV"
- name: Update build number
run: |
curl -L -X PATCH -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.API_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/orgs/acc-hymns/actions/variables/IOS_BUILD_NUMBER -d '{"value":"${{ env.BUILD_NUMBER }}"}'
- name: Build app bundle
run: |
npx cap sync ios
cd ios/App
# Replace version codes
xcrun agvtool new-version -all "${{ env.BUILD_NUMBER }}"
xcrun agvtool new-marketing-version "${{ env.PACKAGE_NUMBER }}"
xcodebuild clean archive -workspace App.xcworkspace -scheme "ACC Hymns" -destination generic/platform=iOS -archivePath App.xcarchive -allowProvisioningUpdates
- name: Export IPA
run: |
cd ios/App
echo '<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>destination</key>
<string>export</string>
<key>manageAppVersionAndBuildNumber</key>
<true/>
<key>method</key>
<string>app-store</string>
<key>provisioningProfiles</key>
<dict>
<key>com.ChristopherW.acchmns</key>
<string>Publishing Profile</string>
</dict>
<key>signingCertificate</key>
<string>Apple Distribution</string>
<key>signingStyle</key>
<string>manual</string>
<key>stripSwiftSymbols</key>
<true/>
<key>teamID</key>
<string>AVS62V4S24</string>
<key>uploadSymbols</key>
<true/>
</dict>
</plist>' > archive.plist
echo -n "${{ secrets.AUTH_KEY_BASE64 }}" | base64 --decode -o AuthKey_${{ secrets.AUTH_KEY_ID }}.p8
xcodebuild -exportArchive -archivePath App.xcarchive -exportOptionsPlist archive.plist -exportPath output -allowProvisioningUpdates -authenticationKeyIssuerID ${{ secrets.AUTH_KEY_ISSUER_ID }} -authenticationKeyID ${{ secrets.AUTH_KEY_ID }} -authenticationKeyPath "$(pwd)/AuthKey_${{ secrets.AUTH_KEY_ID }}.p8"
- name: Publish IPA
run: |
xcrun altool --upload-package "ios/App/output/ACC Hymns.ipa" --type "ios" --asc-public-id ${{ secrets.ASC_PUBLIC_ID }} --apple-id ${{ secrets.APP_APPLE_ID }} --bundle-version ${{ env.BUILD_NUMBER }} --bundle-short-version-string "${{ env.PACKAGE_NUMBER }}" --bundle-id "com.ChristopherW.acchmns" -u ${{ secrets.APPLE_ID }} -p ${{ secrets.APPLE_PASS }}
- name: Upload release IPA
uses: actions/upload-artifact@v3
with:
name: app-release-ipa
path: ios/App/output/*.ipa
retention-days: 7