Rework pg_service.conf handling to support SSL keys authentication #10156
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: ๐ iOS | |
on: | |
push: | |
branches: | |
- master | |
- release-** | |
pull_request: | |
release: | |
types: ['published'] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
env: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
jobs: | |
build: | |
name: build (ios) | |
runs-on: macos-14 | |
env: | |
DEPLOYMENT_TARGET: '14.0' | |
BUILD_TYPE: 'Release' | |
TRIPLET: 'arm64-ios' | |
steps: | |
- name: ๐ฃ Checkout | |
uses: actions/checkout@v4 | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
with: | |
submodules: recursive | |
- name: Reclaim disk space | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
run: | | |
rm -rf /Applications/Xcode_14* | |
rm -rf /Applications/Xcode_16* | |
rm -rf /Users/runner/Library/Android/sdk | |
- name: ๐พ Prepare variables | |
id: vars | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
run: | | |
./scripts/ci/env_gh.sh | |
- name: โ๏ธ Setup SSH | |
uses: webfactory/ssh-agent@v0.9.0 | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
with: | |
ssh-private-key: ${{ secrets.SSH_KEY_DEPLOYMENT_CERTIFICATES }} | |
- name: ๐ Setup ruby | |
uses: ruby/setup-ruby@v1 | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
with: | |
ruby-version: '3.2' # Not needed with a .ruby-version file | |
bundler-cache: true # runs 'bundle install' and caches installed gems automatically | |
- name: ๐ Setup code signing | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
env: | |
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} | |
run: | | |
bundle exec fastlane ios setup_signing type:${{ env.IOS_SIGN_TYPE }} app_identifier:${{ env.IOS_APP_IDENTIFIER }} # --verbose | |
- name: ๐น Prepare ios build env | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
run: | | |
# Workaround GitHub Actions Python issues | |
brew unlink python && brew link --overwrite python | |
brew install automake bison flex gnu-sed s3cmd gettext autoconf-archive nasm libtool | |
echo $(brew --prefix bison)/bin >> $GITHUB_PATH | |
echo $(brew --prefix flex)/bin >> $GITHUB_PATH | |
echo $(brew --prefix s3cmd)/bin >> $GITHUB_PATH | |
echo $(brew --prefix gettext)/bin >> $GITHUB_PATH | |
echo $(brew --prefix autoconf-archive)/bin >> $GITHUB_PATH | |
echo $(brew --prefix libtool)/bin >> $GITHUB_PATH | |
- name: ๐ฉ Install CMake and Ninja | |
uses: lukka/get-cmake@latest | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
with: | |
cmakeVersion: 3.29.0 | |
- name: ๐ Setup Python | |
uses: actions/setup-python@v5 | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
with: | |
python-version: '3.11' | |
- name: ๐ญ Setup XCode | |
uses: maxim-lobanov/setup-xcode@v1.6.0 | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
with: | |
xcode-version: latest-stable | |
- name: ๐ฎ ccache | |
uses: hendrikmuhs/ccache-action@v1 | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
with: | |
key: ccache-ios | |
max-size: 200M | |
- name: ๐ฑ Install dependencies and generate project files | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
run: | | |
source ./scripts/version_number.sh | |
source ./scripts/ci/generate-version-details.sh | |
cmake -S "${{ github.workspace }}" \ | |
-B "/Users/runner/builddir" \ | |
-G "Xcode" \ | |
-D CMAKE_BUILD_TYPE=${{ env.BUILD_TYPE }} \ | |
-D VCPKG_TARGET_TRIPLET="${{ env.TRIPLET }}" \ | |
-D VCPKG_HOST_TRIPLET="arm64-osx" \ | |
-D WITH_VCPKG=ON \ | |
-D WITH_SPIX=OFF \ | |
-D WITH_BLUETOOTH=OFF \ | |
-D WITH_SERIALPORT=OFF \ | |
-D APP_VERSION="${APP_VERSION}" \ | |
-D APK_VERSION_CODE="${APK_VERSION_CODE}" \ | |
-D APP_VERSION_STR="${APP_VERSION_STR}" \ | |
-D APP_PACKAGE_NAME="${APP_PACKAGE_NAME}" \ | |
-D APP_NAME="${APP_NAME}" \ | |
-D NUGET_USERNAME=opengisch \ | |
-D NUGET_TOKEN=${{ secrets.GITHUB_TOKEN }} \ | |
-D SENTRY_DSN=${{ secrets.SENTRY_DSN }} \ | |
-D SENTRY_ENV="${APP_ENV}" \ | |
-D ENABLE_BITCODE=OFF \ | |
-D ENABLE_ARC=ON \ | |
-D QT_IOS_TEAM_ID="${{ secrets.IOS_TEAM_ID }}" \ | |
-D QT_IOS_CODE_SIGN_IDENTITY="${{ env.IOS_CODE_SIGN_IDENTITY }}" \ | |
-D QT_IOS_PROVISIONING_PROFILE_SPECIFIER="${{ env.IOS_PROVISIONING_PROFILE_SPECIFIER }}" \ | |
-D QT_IOS_EXPORT_METHOD="${{ env.IOS_EXPORT_METHOD }}" \ | |
-D IOS_APP_IDENTIFIER="${{ env.IOS_APP_IDENTIFIER }}" \ | |
-D CMAKE_SYSTEM_NAME=iOS \ | |
-D CMAKE_SYSTEM_PROCESSOR=aarch64 \ | |
-D CMAKE_OSX_DEPLOYMENT_TARGET=${{ env.DEPLOYMENT_TARGET }} \ | |
-D ENABLE_TESTS=OFF \ | |
-D CMAKE_CXX_VISIBILITY_PRESET=hidden \ | |
-D WITH_CCACHE=ON | |
- name: ๐ Upload Dep Build Logs | |
uses: actions/upload-artifact@v4 | |
if: failure() | |
with: | |
name: build-logs-${{ env.TRIPLET }} | |
path: | | |
/Users/runner/builddir/**/*.log | |
- name: ๐ฆ Package | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
run: | | |
cmake --build /Users/runner/builddir --target bundle --config Release | |
- name: ๐บ Deploy | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
env: | |
S3_BUCKET: qfieldapks | |
S3_REGION: ch-dk-2 | |
S3_ACCESS_KEY: ${{ secrets.S3_ACCESS_KEY}} | |
S3_SECRET_ACCESS_KEY: ${{ secrets.S3_SECRET_ACCESS_KEY}} | |
run: | | |
bundle exec fastlane ios upload_s3 ipa:/Users/runner/builddir/qfieldIpa/QField.ipa | |
- name: ๐ค Upload qfield Ipa | |
uses: actions/upload-artifact@v4 | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
with: | |
name: qfield-${{ env.TRIPLET }}-${{ env.DEPLOYMENT_TARGET }}.ipa | |
path: /Users/runner/builddir/qfieldIpa/QField.ipa | |
- name: ๐ Release to TestFlight | |
if: ${{ env.CI_TAG }} | |
env: | |
issuer_id: ${{ secrets.IOS_APPSTORE_ISSUER_ID }} | |
api_key_id: ${{ secrets.IOS_APPSTORE_KEY_ID }} | |
api_private_key: ${{ secrets.IOS_APPSTORE_PRIVATE_KEY }} | |
run: | | |
bundle exec fastlane ios upload_testflight ipa:/Users/runner/builddir/qfieldIpa/QField.ipa | |
- name: ๐ฎ Upload debug symbols | |
if: ${{ env.SENTRY_AUTH_TOKEN != '' }} | |
# if: release or labeled PR | |
env: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
SENTRY_ORG_SLUG: opengisch | |
SENTRY_PROJECT_SLUG: qfield | |
run: | | |
bundle exec fastlane run sentry_debug_files_upload path:/Users/runner/builddir |