Manual deploy to Firebase #354
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Manual deploy to Firebase | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| appVersion: | |
| description: 'App version' | |
| required: true | |
| userGroup: | |
| description: 'Firebase user group' | |
| default: 'external-users' | |
| required: true | |
| config: | |
| description: 'Configuration Dev/Staging' | |
| default: Staging | |
| required: true | |
| type: choice | |
| options: | |
| - Staging | |
| - Dev | |
| # release: | |
| # types: [published] | |
| jobs: | |
| build: | |
| name: Archive, export and upload to Firebase | |
| runs-on: macos-13 | |
| steps: | |
| - uses: maxim-lobanov/setup-xcode@v1 | |
| with: | |
| xcode-version: 15.2 | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| - name: Cache Cocoapods | |
| id: cache-cocoapods | |
| uses: actions/cache@v2 | |
| with: | |
| path: Pods | |
| key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pods- | |
| - name: Install Cocoapods | |
| run: pod install --repo-update | |
| - name: Set env BUILD_PROVISION_PROFILE_BASE64 | |
| run: | | |
| if [[ ${{ github.event.inputs.config }} == 'Staging' ]]; then | |
| echo "BUILD_PROVISION_PROFILE_BASE64=${{ secrets.STAGING_PROVISIONING_PROFILE_BASE64 }}" >> "$GITHUB_ENV" | |
| else | |
| echo "BUILD_PROVISION_PROFILE_BASE64=${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}" >> "$GITHUB_ENV" | |
| echo "PUSH_NOTIFICATIONS_EXT_PROFILE_BASE64=${{ secrets.PUSH_NOTIFICATIONS_EXT_PROFILE_BASE64 }}" >> "$GITHUB_ENV" | |
| fi | |
| # Source https://docs.github.com/en/actions/deployment/installing-an-apple-certificate-on-macos-runners-for-xcode-development#add-a-step-to-your-workflow | |
| - name: Install the Apple certificate and provisioning profile | |
| env: | |
| BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
| P12_PASSWORD: "" | |
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| run: | | |
| # create variables | |
| CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
| PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision | |
| PUSH_NOTIFICATIONS_PP_PATH=$RUNNER_TEMP/push_notifications_build_pp.mobileprovision | |
| KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
| # import certificate and provisioning profile from secrets | |
| echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH | |
| echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH | |
| echo -n "$PUSH_NOTIFICATIONS_EXT_PROFILE_BASE64" | base64 --decode -o $PUSH_NOTIFICATIONS_PP_PATH | |
| # create temporary keychain | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| # import certificate to keychain | |
| security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
| security list-keychain -d user -s $KEYCHAIN_PATH | |
| # apply provisioning profile | |
| mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles | |
| cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
| cp $PUSH_NOTIFICATIONS_PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
| - name: Bump version | |
| uses: damienaicheh/update-ios-version-info-plist-action@v1.0.0 | |
| with: | |
| info-plist-path: './novawallet/Info.plist' | |
| bundle-short-version-string: ${{ github.event.inputs.appVersion }} | |
| bundle-version: ${{github.run_number}} | |
| print-file: true | |
| - name: Push Notifications Setup | |
| env: | |
| GOOGLE_SERVICE_INFO: ${{ secrets.GOOGLE_SERVICE_FILE_CONTENT }} | |
| run: | | |
| GOOGLE_SERVICE_PATH=./novawallet/GoogleService-Info-Dev.plist | |
| echo "$GOOGLE_SERVICE_INFO" > $GOOGLE_SERVICE_PATH | |
| - name: Archive | |
| env: | |
| MERCURYO_PRODUCTION_SECRET: ${{ secrets.MERCURYO_PRODUCTION_SECRET }} | |
| MERCURYO_TEST_SECRET: ${{ secrets.MERCURYO_TEST_SECRET }} | |
| MOONBEAM_HISTORY_API_KEY: ${{ secrets.MOONBEAM_HISTORY_API_KEY }} | |
| MOONRIVER_HISTORY_API_KEY: ${{ secrets.MOONRIVER_HISTORY_API_KEY }} | |
| ETHERSCAN_HISTORY_API_KEY: ${{ secrets.ETHERSCAN_HISTORY_API_KEY }} | |
| ACALA_AUTH_TOKEN: ${{ secrets.ACALA_AUTH_TOKEN }} | |
| ACALA_TEST_AUTH_TOKEN: ${{ secrets.ACALA_TEST_AUTH_TOKEN }} | |
| MOONBEAM_API_KEY: ${{ secrets.MOONBEAM_API_KEY }} | |
| MOONBEAM_TEST_API_KEY: ${{ secrets.MOONBEAM_TEST_API_KEY }} | |
| WC_PROJECT_ID: ${{ secrets.WC_PROJECT_ID }} | |
| POLKASSEMBLY_SUMMARY_API_KEY: ${{ secrets.POLKASSEMBLY_SUMMARY_API_KEY }} | |
| run: xcodebuild archive -archivePath ./AdHoc.xcarchive -scheme novawallet -workspace novawallet.xcworkspace -configuration ${{ github.event.inputs.config }} | |
| - name: Export Staging archive | |
| if: ${{ github.event.inputs.config == 'Staging' }} | |
| run: xcodebuild -exportArchive -archivePath ./AdHoc.xcarchive -exportPath ./export -exportOptionsPlist ./novawallet/exportOptionsStaging.plist | |
| - name: Export Dev archive | |
| if: ${{ github.event.inputs.config == 'Dev' }} | |
| run: xcodebuild -exportArchive -archivePath ./AdHoc.xcarchive -exportPath ./export -exportOptionsPlist ./novawallet/exportOptionsAdHoc.plist | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: novawallet.ipa | |
| path: export | |
| # wzieba/Firebase-Distribution-Github-Action@v1 doesn't work on macos machine, so we need to upload artifacts on macos, then download them on linux :(( | |
| distribute-ios: | |
| needs: build | |
| name: Distribute archive to Firebase | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: novawallet.ipa | |
| path: export | |
| - name: Upload artifact to Firebase with Dev Id | |
| if: ${{ github.event.inputs.config == 'Dev' }} | |
| uses: wzieba/Firebase-Distribution-Github-Action@v1.7.0 | |
| with: | |
| appId: ${{ secrets.FIREBASE_APP_ID }} | |
| serviceCredentialsFileContent: ${{ secrets.CREDENTIAL_FILE_CONTENT }} | |
| groups: ${{ github.event.inputs.userGroup }} | |
| file: export/novawallet.ipa | |
| releaseNotes: ${{ github.event.head_commit.message }} | |
| - name: Upload artifact to Firebase with Staging Id | |
| if: ${{ github.event.inputs.config == 'Staging' }} | |
| uses: wzieba/Firebase-Distribution-Github-Action@v1.7.0 | |
| with: | |
| appId: ${{ secrets.FIREBASE_STAGING_APP_ID }} | |
| serviceCredentialsFileContent: ${{ secrets.CREDENTIAL_FILE_CONTENT }} | |
| groups: ${{ github.event.inputs.userGroup }} | |
| file: export/novawallet.ipa | |
| releaseNotes: ${{ github.event.head_commit.message }} |