Update dependencies #420

Workflow file for this run

.github/workflows/publishing.yml at e127ee2

	name: Publishing

	on:
	push:
	branches:
	- develop
	- hotfix/*
	- release/*
	tags:
	- v..*

	jobs:
	build:
	name: Build
	runs-on: macos-latest
	environment: apple-app-store
	strategy:
	matrix:
	platform:
	- iOS
	- macOS
	distribution:
	- app-store
	- standalone
	exclude:
	- platform: iOS
	distribution: standalone
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	submodules: true

	- name: Cache packages
	uses: actions/cache@v4
	with:
	path: \|
	~/Library/Caches/org.swift.swiftpm
	~/Library/Developer/Xcode/DerivedData/**/SourcePackages/checkouts
	~/Library/Developer/Xcode/DerivedData/**/SourcePackages/repositories
	key: ${{ runner.os }}-${{ matrix.platform }}-spm-${{ hashFiles('**/Package.resolved') }}
	restore-keys: \|
	${{ runner.os }}-${{ matrix.platform }}-spm-

	- name: Set up signing certificate
	env:
	CERTIFICATE_DISTRIBUTION_B64: ${{ vars.CERTIFICATE_DISTRIBUTION_B64 }}
	CERTIFICATE_DISTRIBUTION_PRIVATE_KEY_B64: ${{ secrets.CERTIFICATE_DISTRIBUTION_PRIVATE_KEY_B64 }}
	CERTIFICATE_MAC_INSTALLER_B64: ${{ vars.CERTIFICATE_MAC_INSTALLER_B64 }}
	CERTIFICATE_MAC_INSTALLER_PRIVATE_KEY_B64: ${{ secrets.CERTIFICATE_MAC_INSTALLER_PRIVATE_KEY_B64 }}
	CERTIFICATE_DEVELOPER_ID_APPLICATION_B64: ${{ vars.CERTIFICATE_DEVELOPER_ID_APPLICATION_B64 }}
	CERTIFICATE_DEVELOPER_ID_APPLICATION_PRIVATE_KEY_B64: ${{ secrets.CERTIFICATE_DEVELOPER_ID_APPLICATION_PRIVATE_KEY_B64 }}
	CERTIFICATE_DEVELOPER_ID_INSTALLER_B64: ${{ vars.CERTIFICATE_DEVELOPER_ID_INSTALLER_B64 }}
	CERTIFICATE_DEVELOPER_ID_INSTALLER_PRIVATE_KEY_B64: ${{ secrets.CERTIFICATE_DEVELOPER_ID_INSTALLER_PRIVATE_KEY_B64 }}
	run: \|
	security create-keychain -p password build.keychain
	security default-keychain -s build.keychain
	security unlock-keychain -p password build.keychain
	security set-keychain-settings build.keychain
	for CERTIFICATE in \
	$CERTIFICATE_DISTRIBUTION_B64 \
	$CERTIFICATE_MAC_INSTALLER_B64 \
	$CERTIFICATE_DEVELOPER_ID_APPLICATION_B64 \
	$CERTIFICATE_DEVELOPER_ID_INSTALLER_B64; \
	do
	echo $CERTIFICATE \| base64 --decode > /tmp/certificate.cer
	security import /tmp/certificate.cer -k build.keychain -P '' -T /usr/bin/codesign -T /usr/bin/productsign
	done
	for KEY in \
	$CERTIFICATE_DISTRIBUTION_PRIVATE_KEY_B64 \
	$CERTIFICATE_MAC_INSTALLER_PRIVATE_KEY_B64 \
	$CERTIFICATE_DEVELOPER_ID_APPLICATION_PRIVATE_KEY_B64 \
	$CERTIFICATE_DEVELOPER_ID_INSTALLER_PRIVATE_KEY_B64; \
	do
	echo $KEY \| base64 --decode > /tmp/key.p12
	security import /tmp/key.p12 -k build.keychain -P '' -T /usr/bin/codesign -T /usr/bin/productsign
	done
	security set-key-partition-list -S apple-tool:,apple: -s -k password build.keychain

	- name: Set up App Store Connect authentication
	env:
	APP_STORE_CONNECT_PRIVATE_KEY_B64: ${{ secrets.APP_STORE_CONNECT_PRIVATE_KEY_B64 }}
	run: echo $APP_STORE_CONNECT_PRIVATE_KEY_B64 \| base64 --decode > /tmp/connect-key.p8

	- name: Select Xcode version
	run: sudo xcode-select -s /Applications/Xcode_$(cat .xcode-version).app/Contents/Developer

	- name: Prepare files
	if: ${{ matrix.distribution == 'app-store' }}
	env:
	DEVELOPMENT_TEAM: ${{ vars.TEAM_ID }}
	CODE_SIGN_IDENTITY: Apple Distribution
	PROVISIONING_PROFILE_SPECIFIER: ${{ matrix.platform == 'macOS' && vars.PROVISIONING_PROFILE_NAME_MACOS \|\| vars.PROVISIONING_PROFILE_NAME }}
	SENTRY_DSN: ${{ matrix.platform == 'iOS' && secrets.SENTRY_DSN_IOS \|\| secrets.SENTRY_DSN_MACOS }}
	SENTRY_ORG: ${{ vars.SENTRY_ORG }}
	SENTRY_PROJECT: ${{ matrix.platform == 'iOS' && vars.SENTRY_PROJECT_IOS \|\| vars.SENTRY_PROJECT_MACOS }}
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	run: make

	- name: Prepare files
	if: ${{ matrix.distribution == 'standalone' }}
	env:
	DEVELOPMENT_TEAM: ${{ vars.TEAM_ID }}
	CODE_SIGN_IDENTITY: Developer ID Application
	PROVISIONING_PROFILE_SPECIFIER: ${{ vars.PROVISIONING_PROFILE_NAME_MACOS_STANDALONE }}
	run: make

	- name: Trust OpenAPI plugin
	run: bash .github/workflows/trust-openapi-plugin.sh

	- name: Set up Sentry
	if: ${{ matrix.distribution == 'app-store' }}
	run: curl -sL https://sentry.io/get-cli/ \| sh

	- name: Build app
	run: \|
	xcodebuild archive \
	-allowProvisioningUpdates \
	-authenticationKeyPath /tmp/connect-key.p8 \
	-authenticationKeyID ${{ vars.APP_STORE_CONNECT_KEY_ID }} \
	-authenticationKeyIssuerID ${{ vars.APP_STORE_CONNECT_ISSUER_ID }} \
	-scheme Fyreplace \
	-destination generic/platform=${{ matrix.platform }} \
	-archivePath archive.xcarchive

	- name: Export to IPA
	if: ${{ matrix.platform == 'iOS' }}
	run: \|
	/usr/libexec/PlistBuddy -c "Add :method string" ExportOptions.plist
	/usr/libexec/PlistBuddy -c "Set :method app-store-connect" ExportOptions.plist
	/usr/libexec/PlistBuddy -c "Add :teamId string" ExportOptions.plist
	/usr/libexec/PlistBuddy -c "Set :teamId ${{ vars.TEAM_ID }}" ExportOptions.plist
	/usr/libexec/PlistBuddy -c "Add :provisioningProfiles dict" ExportOptions.plist
	/usr/libexec/PlistBuddy -c "Add :provisioningProfiles:${{ vars.APP_ID }} string ${{ vars.PROVISIONING_PROFILE_NAME }}" ExportOptions.plist
	xcodebuild export \
	-allowProvisioningUpdates \
	-authenticationKeyPath /tmp/connect-key.p8 \
	-authenticationKeyID ${{ vars.APP_STORE_CONNECT_KEY_ID }} \
	-authenticationKeyIssuerID ${{ vars.APP_STORE_CONNECT_ISSUER_ID }} \
	-archivePath archive.xcarchive \
	-exportArchive \
	-exportOptionsPlist ExportOptions.plist \
	-exportPath Export

	- name: Export to PKG
	if: ${{ matrix.platform == 'macOS' }}
	env:
	SIGNING_CERTIFICATE: ${{ matrix.distribution == 'app-store' && '3rd Party Mac Developer Installer' \|\| 'Developer ID Installer' }}
	run: \|
	mkdir Export
	productbuild \
	--component archive.xcarchive/Products/Applications/Fyreplace.app \
	/Applications \
	Export/Fyreplace.unsigned.pkg
	productsign \
	--sign "$SIGNING_CERTIFICATE" \
	Export/Fyreplace.unsigned.pkg \
	Export/Fyreplace.pkg

	- name: Upload IPA
	uses: actions/upload-artifact@v4
	if: ${{ matrix.platform == 'iOS' }}
	with:
	name: Fyreplace.ipa
	path: Export/Fyreplace.ipa
	if-no-files-found: error

	- name: Upload PKG
	uses: actions/upload-artifact@v4
	if: ${{ matrix.platform == 'macOS' }}
	with:
	name: ${{ matrix.distribution == 'standalone' && 'Fyreplace.standalone.pkg' \|\| 'Fyreplace.pkg' }}
	path: Export/Fyreplace.pkg
	if-no-files-found: error

	test:
	name: Test
	runs-on: macos-latest
	environment: apple-app-store
	strategy:
	matrix:
	platform:
	- iOS
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	submodules: true

	- name: Cache packages
	uses: actions/cache@v4
	with:
	path: \|
	~/Library/Caches/org.swift.swiftpm
	~/Library/Developer/Xcode/DerivedData/**/SourcePackages/checkouts
	~/Library/Developer/Xcode/DerivedData/**/SourcePackages/repositories
	key: ${{ runner.os }}-${{ matrix.platform }}-spm-${{ hashFiles('**/Package.resolved') }}
	restore-keys: \|
	${{ runner.os }}-${{ matrix.platform }}-spm-

	- name: Select Xcode version
	run: sudo xcode-select -s /Applications/Xcode_$(cat .xcode-version).app/Contents/Developer

	- name: Prepare files
	run: make

	- name: Trust OpenAPI plugin
	run: bash .github/workflows/trust-openapi-plugin.sh

	- name: Run tests
	run: \|
	xcodebuild test \
	CODE_SIGNING_ALLOWED=no \
	-scheme Fyreplace \
	-destination platform="${{ matrix.platform }} Simulator,OS=$(cat .ios-test-version),name=$(cat .ios-test-model)" \
	-only-testing FyreplaceTests

	publish:
	name: Publish
	needs:
	- build
	- test
	runs-on: macos-latest
	environment: apple-app-store
	strategy:
	matrix:
	platform:
	- ios
	- osx
	distribution:
	- app-store
	- standalone
	exclude:
	- platform: ios
	distribution: standalone
	steps:
	- name: Download IPA
	uses: actions/download-artifact@v4
	if: ${{ matrix.platform == 'ios' }}
	with:
	name: Fyreplace.ipa
	path: /tmp

	- name: Download PKG
	uses: actions/download-artifact@v4
	if: ${{ matrix.platform == 'osx' }}
	with:
	name: ${{ matrix.distribution == 'standalone' && 'Fyreplace.standalone.pkg' \|\| 'Fyreplace.pkg' }}
	path: /tmp

	- name: Set up App Store Connect authentication
	env:
	APP_STORE_CONNECT_PRIVATE_KEY_B64: ${{ secrets.APP_STORE_CONNECT_PRIVATE_KEY_B64 }}
	run: \|
	mkdir ~/private_keys
	echo $APP_STORE_CONNECT_PRIVATE_KEY_B64 \| base64 --decode > ~/private_keys/AuthKey_${{ vars.APP_STORE_CONNECT_KEY_ID }}.p8

	- name: Upload to App Store Connect
	if: ${{ matrix.distribution == 'app-store' }}
	run: \|
	for OPERATION in '--validate-app' '--upload-app'
	do
	xcrun altool \
	$OPERATION \
	--type ${{ matrix.platform }} \
	--file /tmp/Fyreplace.* \
	--apiKey ${{ vars.APP_STORE_CONNECT_KEY_ID }} \
	--apiIssuer ${{ vars.APP_STORE_CONNECT_ISSUER_ID }}
	done

	- name: Notorize PKG
	if: ${{ matrix.distribution == 'standalone' }}
	run: \|
	xcrun notarytool \
	submit \
	--wait \
	--key ~/private_keys/AuthKey_${{ vars.APP_STORE_CONNECT_KEY_ID }}.p8 \
	--key-id ${{ vars.APP_STORE_CONNECT_KEY_ID }} \
	--issuer ${{ vars.APP_STORE_CONNECT_ISSUER_ID }} \
	/tmp/Fyreplace.pkg
	xcrun stapler staple /tmp/Fyreplace.pkg

	- name: Upload PKG
	uses: actions/upload-artifact@v4
	if: ${{ matrix.distribution == 'standalone' }}
	with:
	name: Fyreplace.standalone.pkg
	path: /tmp/Fyreplace.pkg
	overwrite: true
	if-no-files-found: error

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependencies #420

Workflow file

Update dependencies #420

Jobs

Run details

Workflow file for this run