[fix] ios GitHub CI #3085
Comments
|
➤ Sam commented: James Chien, I noticed that when I re-run the job I got different error as you can see
have different error logs. I will work on this task now and will share updates if there are any. |
|
➤ Sam commented: James Chien, I imported existing .p12 ( https://drive.google.com/file/d/16j6xShXrIDFoHI3yIln_nrMNTe-Yrz8l/view?usp=sharing ) file and it's expired as well. Here are the steps we can try
James Chien, I sent newly generated .p12 file to you via Signal. You can run on unix base64 -i <file_name>.p12 to get base64 of .p12 that you will need in step 3. |
|
➤ James Chien commented: Sam On github there are CERTIFICIATE_P12 and CERTIFICATE_P12_PASSWORD, so we also need to update the password |
|
➤ Sam commented: James Chien, I kept the same password as mentioned in docs. So CERTIFICATE_P12_PASSWORD is same as before. |
|
➤ James Chien commented: SamCERTIFICIATE_P12on github updated |
|
➤ Sam commented: James Chien, I set password according to the doc ( https://docs.google.com/document/d/1h0ChQhZ5VIMquPyyeL0SeoEkrJYWgg7H3FSOT0RfhNo/edit#heading=h.418b9bas6zun ) but GitHub actions throwing ( https://github.com/numbersprotocol/capture-lite/actions/runs/6719467659/job/18439078130 )verification failed during PKCS12 import (wrong password?) I set password according to Manual iOS Release ( https://docs.google.com/document/d/1h0ChQhZ5VIMquPyyeL0SeoEkrJYWgg7H3FSOT0RfhNo/edit#heading=h.418b9bas6zun ) > Getting the certificate [Step 4]. Can you please help me to check if CERTIFICATE_P12_PASSWORD is same as **** (sent on Signal) |
|
➤ James Chien commented: Sam There's no way to view the secret on GitHub, so I've updated the password to make sure it is the same as the password you sent. |
|
➤ Sam commented: James Chien, thank you for updating CERTIFICATE_P12_PASSWORD good thing is verification failed during PKCS12 import (wrong password?) is fixed ✅ Bad thing now there is another issue ( https://github.com/numbersprotocol/capture-lite/actions/runs/6719467659/job/18469761579?pr=3077 )"Povide a properly configured and signed bearer token, and make sure that it has not expired. Learn more about Generating Tokens for API Requests https://developer.apple.com/go/?id=api-generating-tokens ( https://developer.apple.com/go/?id=api-generating-tokens )" I suggest to force merge #3077 ( #3077 ) and kick off Play/AppStore release. Android will release PlayStore version without issues. TestFligh will fail so I will manually release it from my local machine. This way we unblock Kenny Hung so he can test PlayStore/TestFlight version of the app. And while he will be testing we can work on [fix] ios GitHub CI ( https://app.asana.com/0/0/1205880910641438 ) |
|
➤ James Chien commented: Sam I've force merged the pull request |
|
➤ Sam commented: Kenny Hung as explained in task description: This issue does not effect on how QA receives app builds. However doing it automatically via GitHub actions have the following benefits
Therefore we need to re-schedule this task. |
|
➤ Sherry Chung commented: SamJames Chien (cc Kenny Hung ) The due date should not be arranged in this sprint. We already had the kick-off discussed. Only if the task is needed then we'll put this into current sprint. Otherwise, tasks without raised and discussed during kick-off will be put to future sprint. For this task, since it's no related to a critical issue / urgent FR, I think this will be put to next patch sprint. I'll remove the due date. Also, please help to provide me below information for the estimation
|
|
➤ Sam commented: Sherry Chung agree we can move to future sprint.
|
|
➤ Sam commented: James Chien, can you please update GitHub secret for secrets.CERTIFICATES_P12 in build-ios-prod ( https://github.com/numbersprotocol/capture-lite/blob/master/.github/workflows/pre-release.yml#L204 ). I will send you p12-file-base64 in signal. Once updated I want to re-run this action ( https://github.com/numbersprotocol/capture-lite/actions/runs/8016197147/job/21897694086 ) and see if fixed. |
|
➤ James Chien commented: Sam I've changed the certificates p12. Does the CERTIFICATES_P12_PASSWORD field requires changing as well? |
|
➤ Sam commented: James Chien, no need to change CERTIFICATES_P12_PASSWORD . |
|
➤ Sam commented: James Chien, previous p12-file-base64 didn't worked. I tried again and generate new p12-file-base64 (sent you in signal). Can you please replace it again with new p12-file-base64. And I will try re-run actions again and see if it works. |
|
➤ James Chien commented: Sam I've changed the certificate p12 to the new value |
|
➤ Kenny Hung commented: Sam (cc James ChienOlgaScott Yan) Need your help to check if the CI/CD is finished, are the environment variables in the production side/qa site right? If yes, please help to run one time, then QA could confirm the CI/CD is fixed. |
|
➤ James Chien commented: IIRC, the action that fails in the GH actions is runnable in local environment and it might save some time if testing locally. |
|
➤ Sam commented: By the way Act ( https://github.com/nektos/act ) is good tool to run GitHub actions locally. There is good blog post ( https://engineering.linecorp.com/zh-hant/blog/github-actions-with-act ) from LINE Devs about it. Might be a good tool to add to numbersprotocol dev stack. |
|
➤ Olga commented: Sherry Chung I am able to view distribution ( https://appstoreconnect.apple.com/apps/1536388009/distribution ), but I cannot access the certificates ( https://developer.apple.com/account/resources/certificates/list ) and profiles ( https://developer.apple.com/account/resources/profiles/list ) mentioned in the document ( https://docs.google.com/document/d/1h0ChQhZ5VIMquPyyeL0SeoEkrJYWgg7H3FSOT0RfhNo/edit#heading=h.418b9bas6zun )Sam provided. Could you please update my permissions accordingly? |
|
➤ Sherry Chung commented: Olga permission updated. You can check again |
|
➤ Olga commented: James Chien, I've updated the certificate ( https://developer.apple.com/account/resources/certificates/list ) and profile ( https://developer.apple.com/account/resources/profiles/list ) in Apple Developer, downloaded profile, and placed it in the GitHub environment CERTIFICIATE_P12. I attempted to rerun the failed job in Sam's PR ( #3230 ), and it succeeded. The CI/CD pipeline is now error-free. I'll dm you the new certificate shortly. Could you please review the PR for the app at #3085 ( #3085 )? I'll merge it once it's approved. |
|
➤ Sam commented: Kenny Hung as Olga mentioned ( https://app.asana.com/0/0/1205880910641438/1206782479112203/f ) now it's fixed you can see that its passed ( #3230 ). By the way Olga what was the issue? Is it because you choose Apple distribution? I think it would be good for future devs https://docs.google.com/document/d/1h0ChQhZ5VIMquPyyeL0SeoEkrJYWgg7H3FSOT0RfhNo/edit#heading=h.418b9bas6zun ( https://docs.google.com/document/d/1h0ChQhZ5VIMquPyyeL0SeoEkrJYWgg7H3FSOT0RfhNo/edit#heading=h.418b9bas6zun ) |
|
➤ Olga commented: Sam Here are the steps I've taken:
|
|
➤ Kenny Hung commented: SamOlga (cc James ChienScott YanSherry Chung) Thanks! Just want to confirm, now the CI/CD is normal, and it could generate them as below?
|
|
➤ Olga commented: Kenny Hung, based on my understanding from our discussion this afternoon during the huddle, the fix is intended for production. Currently, we need to manually deploy for QA. (Sam will prepare the document outlining the deployment steps for the QA version). #1 Yes, once the new version is ready, we can deploy it and ensure everything is working correctly. For now, we are verifying that the CI/CD build is successful. #2 The CI/CD pipeline uses the production environment. However, we need confirmation from Sam. |
|
➤ Sam commented: Kenny Hung (cc: Olga)
|
|
➤ Sam commented: Kenny Hung (cc: Sherry Chung, Olga, James Chien). ✓ [fix] ios GitHub CI ( https://app.asana.com/0/1201016280880500/1205880910641438/f ) is working as you can see ( https://github.com/numbersprotocol/capture-lite/actions/runs/8199948444 ) iOS/Android builds are automatically
I will create release reminder now. |
Previously when
0.XX.Xtag is pushed to GitHub it automagically (using GitHub actions)Currently due to expired Provisioning Profiles, Certificates developer manually have to
This issue does not effect on how QA receives app builds. However doing it automatically via GitHub actions have the following benefits
┆Issue is synchronized with this Asana task by Unito
┆Created By: Sam
The text was updated successfully, but these errors were encountered: