Skip to content

Commit

Permalink
Distribute standalone macOS installer
Browse files Browse the repository at this point in the history
  • Loading branch information
@LaurentTreguier
LaurentTreguier committed Jun 21, 2024
1 parent c81e304 commit 92659d3
Show file tree
Hide file tree
Showing 3 changed files with 65 additions and 25 deletions.
86 changes: 63 additions & 23 deletions .github/workflows/publishing.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,12 @@ jobs:
platform:
- iOS
- macOS
distribution:
- app-store
- standalone
exclude:
- platform: iOS
distribution: standalone
steps:
- name: Checkout code
uses: actions/checkout@v4
Expand All @@ -37,25 +43,33 @@ jobs:
- name: Set up signing certificate
env:
CERTIFICATE_DISTRIBUTION_B64: ${{ secrets.CERTIFICATE_DISTRIBUTION_B64 }}
CERTIFICATE_DISTRIBUTION_B64: ${{ vars.CERTIFICATE_DISTRIBUTION_B64 }}
CERTIFICATE_DISTRIBUTION_PRIVATE_KEY_B64: ${{ secrets.CERTIFICATE_DISTRIBUTION_PRIVATE_KEY_B64 }}
CERTIFICATE_MAC_INSTALLER_B64: ${{ secrets.CERTIFICATE_MAC_INSTALLER_B64 }}
CERTIFICATE_MAC_INSTALLER_B64: ${{ vars.CERTIFICATE_MAC_INSTALLER_B64 }}
CERTIFICATE_MAC_INSTALLER_PRIVATE_KEY_B64: ${{ secrets.CERTIFICATE_MAC_INSTALLER_PRIVATE_KEY_B64 }}
CERTIFICATE_DEVELOPER_ID_APPLICATION_B64: ${{ vars.CERTIFICATE_DEVELOPER_ID_APPLICATION_B64 }}
CERTIFICATE_DEVELOPER_ID_APPLICATION_PRIVATE_KEY_B64: ${{ secrets.CERTIFICATE_DEVELOPER_ID_APPLICATION_PRIVATE_KEY_B64 }}
CERTIFICATE_DEVELOPER_ID_INSTALLER_B64: ${{ vars.CERTIFICATE_DEVELOPER_ID_INSTALLER_B64 }}
CERTIFICATE_DEVELOPER_ID_INSTALLER_PRIVATE_KEY_B64: ${{ secrets.CERTIFICATE_DEVELOPER_ID_INSTALLER_PRIVATE_KEY_B64 }}
run: |
security create-keychain -p password build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p password build.keychain
security set-keychain-settings build.keychain
for CERTIFICATE in \
$CERTIFICATE_DISTRIBUTION_B64 \
$CERTIFICATE_MAC_INSTALLER_B64; \
$CERTIFICATE_MAC_INSTALLER_B64 \
$CERTIFICATE_DEVELOPER_ID_APPLICATION_B64 \
$CERTIFICATE_DEVELOPER_ID_INSTALLER_B64; \
do
echo $CERTIFICATE | base64 --decode > /tmp/certificate.cer
security import /tmp/certificate.cer -k build.keychain -P '' -T /usr/bin/codesign -T /usr/bin/productsign
done
for KEY in \
$CERTIFICATE_DISTRIBUTION_PRIVATE_KEY_B64 \
$CERTIFICATE_MAC_INSTALLER_PRIVATE_KEY_B64; \
$CERTIFICATE_MAC_INSTALLER_PRIVATE_KEY_B64 \
$CERTIFICATE_DEVELOPER_ID_APPLICATION_PRIVATE_KEY_B64 \
$CERTIFICATE_DEVELOPER_ID_INSTALLER_PRIVATE_KEY_B64; \
do
echo $KEY | base64 --decode > /tmp/key.p12
security import /tmp/key.p12 -k build.keychain -P '' -T /usr/bin/codesign -T /usr/bin/productsign
Expand All @@ -71,30 +85,39 @@ jobs:
run: sudo xcode-select -s /Applications/Xcode_$(cat .xcode-version).app/Contents/Developer

- name: Prepare files
if: ${{ matrix.platform == 'iOS' }}
if: ${{ matrix.distribution == 'app-store' }}
env:
SENTRY_DSN: ${{ secrets.SENTRY_DSN_IOS }}
SENTRY_DSN: ${{ matrix.platform == 'iOS' && secrets.SENTRY_DSN_IOS || secrets.SENTRY_DSN_MACOS }}
SENTRY_ORG: ${{ vars.SENTRY_ORG }}
SENTRY_PROJECT: ${{ vars.SENTRY_PROJECT_IOS }}
SENTRY_PROJECT: ${{ matrix.platform == 'iOS' && vars.SENTRY_PROJECT_IOS || vars.SENTRY_PROJECT_MACOS }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
run: make

- name: Prepare files
if: ${{ matrix.platform == 'macOS' }}
env:
SENTRY_DSN: ${{ secrets.SENTRY_DSN_MACOS }}
SENTRY_ORG: ${{ vars.SENTRY_ORG }}
SENTRY_PROJECT: ${{ vars.SENTRY_PROJECT_MACOS }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
if: ${{ matrix.distribution == 'standalone' }}
run: make

- name: Set up Sentry
if: ${{ matrix.distribution == 'app-store' }}
run: curl -sL https://sentry.io/get-cli/ | sh

- name: Build app
env:
CODE_SIGN_IDENTITY: Apple Distribution
PROVISIONING_PROFILE_SPECIFIER: Fyreplace
run: |
if [ '${{ matrix.distribution }}' = 'standalone' ]
then
CODE_SIGN_IDENTITY="Developer ID Application"
PROVISIONING_PROFILE_SPECIFIER=Fyreplace.macOS.standalone
elif [ '${{ matrix.platform }}' = 'macOS' ]
then
PROVISIONING_PROFILE_SPECIFIER=Fyreplace.macOS
fi
xcodebuild archive \
DEVELOPMENT_TEAM=${{ vars.TEAM_ID }} \
CODE_SIGN_IDENTITY="$CODE_SIGN_IDENTITY" \
PROVISIONING_PROFILE_SPECIFIER="$PROVISIONING_PROFILE_SPECIFIER" \
-allowProvisioningUpdates \
-authenticationKeyPath /tmp/connect-key.p8 \
-authenticationKeyID ${{ vars.APP_STORE_CONNECT_KEY_ID }} \
Expand All @@ -120,35 +143,52 @@ jobs:
-archivePath archive.xcarchive \
-exportArchive \
-exportOptionsPlist ExportOptions.plist \
-exportPath export
-exportPath Export
- name: Export to PKG
if: ${{ matrix.platform == 'macOS' }}
env:
SIGNING_CERTIFICATE: ${{ matrix.distribution == 'app-store' && '3rd Party Mac Developer Installer' || 'Developer ID Installer' }}
run: |
mkdir export
mkdir Export
productbuild \
--component archive.xcarchive/Products/Applications/Fyreplace.app \
/Applications \
export/Fyreplace.unsigned
Export/Fyreplace.unsigned.pkg
productsign \
--sign ${{ vars.TEAM_ID }} \
export/Fyreplace.unsigned \
export/Fyreplace.pkg
--sign "$SIGNING_CERTIFICATE" \
Export/Fyreplace.unsigned.pkg \
Export/Fyreplace.pkg
- name: Notorize PKG
if: ${{ matrix.distribution == 'standalone' }}
env:
APP_STORE_CONNECT_PRIVATE_KEY_B64: ${{ secrets.APP_STORE_CONNECT_PRIVATE_KEY_B64 }}
run: |
echo $APP_STORE_CONNECT_PRIVATE_KEY_B64 | base64 --decode > /tmp/connect-key.p8
xcrun notarytool \
submit \
--wait \
--key /tmp/connect-key.p8 \
--key-id ${{ vars.APP_STORE_CONNECT_KEY_ID }} \
--issuer ${{ vars.APP_STORE_CONNECT_ISSUER_ID }} \
Export/Fyreplace.pkg
xcrun stapler staple Export/Fyreplace.pkg
- name: Upload IPA
uses: actions/upload-artifact@v4
if: ${{ matrix.platform == 'iOS' }}
with:
name: Fyreplace.ipa
path: export/*.ipa
path: Export/*.ipa
if-no-files-found: error

- name: Upload PKG
uses: actions/upload-artifact@v4
if: ${{ matrix.platform == 'macOS' }}
with:
name: Fyreplace.pkg
path: export/*.pkg
name: ${{ matrix.distribution == 'standalone' && 'Fyreplace.standalone.pkg' || 'Fyreplace.pkg' }}
path: Export/*.pkg
if-no-files-found: error

publish:
Expand Down Expand Up @@ -185,7 +225,7 @@ jobs:
- name: Upload to App Store Connect
run: |
for OPERATION in "--validate-app" "--upload-app"; \
for OPERATION in '--validate-app' '--upload-app'
do
xcrun altool \
$OPERATION \
Expand Down
2 changes: 1 addition & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
.DS_Store
xcuserdata
ExportOptions.plist
export
Export
*.xcarchive
2 changes: 1 addition & 1 deletion Fyreplace.xcodeproj/project.pbxproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -411,7 +411,7 @@
);
runOnlyForDeploymentPostprocessing = 0;
shellPath = /bin/sh;
shellScript = "if [ \"$CONFIGURATION\" = \"Debug\" ]\nthen\n exit 0\nfi\n\nif which sentry-cli >/dev/null\nthen\n ERROR=$(sentry-cli debug-files upload \\\n --org $SENTRY_ORG \\\n --project $SENTRY_PROJECT \\\n --auth-token $SENTRY_AUTH_TOKEN \\\n --include-sources \"$DWARF_DSYM_FOLDER_PATH\" \\\n --force-foreground 2>&1 >/dev/null)\n\n if [ ! $? -eq 0 ]\n then\n echo \"error: sentry-cli - $ERROR\"\n exit 1\n fi\nelse\n echo \"error: sentry-cli not installed\"\n exit 1\nfi\n";
shellScript = "if [ \"$CONFIGURATION\" = \"Debug\" ]\nthen\n exit 0\nfi\n\nif which sentry-cli >/dev/null\nthen\n ERROR=$(sentry-cli debug-files upload \\\n --org $SENTRY_ORG \\\n --project $SENTRY_PROJECT \\\n --auth-token $SENTRY_AUTH_TOKEN \\\n --include-sources \"$DWARF_DSYM_FOLDER_PATH\" \\\n --force-foreground 2>&1 >/dev/null)\n\n if [ ! $? -eq 0 ]\n then\n echo \"error: sentry-cli - $ERROR\"\n exit 1\n fi\nfi\n";
};
/* End PBXShellScriptBuildPhase section */

Expand Down

0 comments on commit 92659d3

Please sign in to comment.