diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml new file mode 100644 index 0000000..a682808 --- /dev/null +++ b/.github/workflows/build.yaml @@ -0,0 +1,112 @@ +name: Build/release + +on: + push: +# branches: +# - main +# - develop + tags: + - 'v*' + +jobs: + release: + runs-on: macos-14 + permissions: + contents: write + steps: + - name: Check out Git repository + uses: actions/checkout@v1 + + - name: Install Certificates + run: | + DEV_CERTIFICATE_PATH=$RUNNER_TEMP/dev_certificate.p12 + BUILD_CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 + KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db + + echo -n "$DEV_CERTIFICATE_BASE64" | base64 --decode -o $DEV_CERTIFICATE_PATH + echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $BUILD_CERTIFICATE_PATH + + security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + security set-keychain-settings -lut 21600 $KEYCHAIN_PATH + security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + + security import $DEV_CERTIFICATE_PATH -P "$DEV_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH + security import $BUILD_CERTIFICATE_PATH -P "$BUILD_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH + security list-keychain -d user -s $KEYCHAIN_PATH + + rm $DEV_CERTIFICATE_PATH + rm $BUILD_CERTIFICATE_PATH + env: + BUILD_CERTIFICATE_BASE64: ${{ secrets.MAC_CERTS }} + BUILD_P12_PASSWORD: ${{ secrets.MAC_CERTS_PASSWORD }} + DEV_CERTIFICATE_BASE64: ${{ secrets.MAC_DEV_CERTS }} + DEV_P12_PASSWORD: ${{ secrets.MAC_DEV_CERTS_PASSWORD }} + KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} + + - name: Prepare for app notarization + run: | + mkdir -p ~/private_keys/ + echo '${{ secrets.ASC_KEY }}' > ~/private_keys/AuthKey_${{ secrets.ASC_KEY_ID }}.p8 + + - name: configure exportOptions.plist + run: | + /usr/libexec/PlistBuddy -c "Set :teamID ${{ secrets.MAC_TEAM_ID }}" exportOptions.plist + + - name: build macOS App + run: | + export MARKETING_VERSION=${MARKETING_VERSION_V#v} + + echo "" > Ukam/Configurations/Version.xcconfig + echo "MARKETING_VERSION = $MARKETING_VERSION" >> Ukam/Configurations/Version.xcconfig + echo "CURRENT_PROJECT_VERSION = $CURRENT_PROJECT_VERSION" >> Ukam/Configurations/Version.xcconfig + cat Ukam/Configurations/Version.xcconfig + + defaults write com.apple.dt.Xcode IDESkipPackagePluginFingerprintValidatation -bool YES + + xcodebuild archive -project Ukam.xcodeproj -scheme Ukam -archivePath build/Ukam.xcarchive + xcodebuild -exportArchive -archivePath build/Ukam.xcarchive -exportPath build/ -exportOptionsPlist exportOptions.plist + + cd build/ + zip -r Ukam.zip Ukam.app + zip -r Ukam.xcarchive.zip Ukam.xcarchive + mkdir dmgBase + cp -r Ukam.app dmgBase/ + hdiutil create -volname Ukam -srcfolder dmgBase -ov -format UDZO Ukam.dmg + env: + DEVELOPER_DIR: /Applications/Xcode_15.3.app/Contents/Developer + CURRENT_PROJECT_VERSION: ${{github.run_number}} + MARKETING_VERSION_V: ${{github.ref_name}} + + - name: Notarize macOS App + run: | + xcrun notarytool submit "build/Ukam.zip" --key "$KEY_PATH" --key-id "$KEY_ID" --issuer "$ISSUER_ID" + xcrun notarytool submit "build/Ukam.dmg" --key "$KEY_PATH" --key-id "$KEY_ID" --issuer "$ISSUER_ID" --wait + xcrun stapler staple "build/Ukam.dmg" + env: + DEVELOPER_DIR: /Applications/Xcode_15.3.app/Contents/Developer + KEY_PATH: ~/private_keys/AuthKey_${{ secrets.ASC_KEY_ID }}.p8 + KEY_ID: ${{ secrets.ASC_KEY_ID }} + ISSUER_ID: ${{ secrets.ASC_ISSUER_ID }} + + - name: Create release + if: ${{ startsWith(github.ref, 'refs/tags/v') }} + run: | + gh release create --draft --generate-notes ${{ github.ref_name }} build/Ukam.zip build/Ukam.dmg + env: + GH_TOKEN: ${{ github.token }} + + - name: Clean up keychain and provisioning profile + if: ${{ always() }} + run: | + security delete-keychain $RUNNER_TEMP/app-signing.keychain-db + rm -rf ~/private_keys/ + + - name: Store artifacts + if: ${{ ! failure() }} + uses: actions/upload-artifact@v3 + with: + name: build-artifacts + path: | + build/Ukam.xcarchive.zip + build/Ukam.dmg + build/Ukam.zip diff --git a/Ukam.xcodeproj/project.pbxproj b/Ukam.xcodeproj/project.pbxproj index b63dc85..d5540f0 100644 --- a/Ukam.xcodeproj/project.pbxproj +++ b/Ukam.xcodeproj/project.pbxproj @@ -54,6 +54,9 @@ 822CDF4F27D52C1C00C6B331 /* ApplicationServices.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = ApplicationServices.framework; path = System/Library/Frameworks/ApplicationServices.framework; sourceTree = SDKROOT; }; 82302D102C669E4300B8BF8C /* en */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = en; path = en.lproj/Localizable.strings; sourceTree = ""; }; 82302D122C669EB300B8BF8C /* ja */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = ja; path = ja.lproj/Localizable.strings; sourceTree = ""; }; + 8260081F2C67497900ACD8A7 /* Ukam.Release.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = Ukam.Release.xcconfig; sourceTree = ""; }; + 826008202C67499A00ACD8A7 /* Ukam.Debug.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = Ukam.Debug.xcconfig; sourceTree = ""; }; + 826008212C674A0800ACD8A7 /* Version.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = Version.xcconfig; sourceTree = ""; }; 828688F42C6512A80059CAEE /* PermissionsManager.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PermissionsManager.swift; sourceTree = ""; }; 828688F72C65158B0059CAEE /* PermissionsView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PermissionsView.swift; sourceTree = ""; }; 828688F92C651B6E0059CAEE /* PermissionsViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PermissionsViewController.swift; sourceTree = ""; }; @@ -124,6 +127,16 @@ name = Frameworks; sourceTree = ""; }; + 826008222C674A0E00ACD8A7 /* Configurations */ = { + isa = PBXGroup; + children = ( + 8260081F2C67497900ACD8A7 /* Ukam.Release.xcconfig */, + 826008202C67499A00ACD8A7 /* Ukam.Debug.xcconfig */, + 826008212C674A0800ACD8A7 /* Version.xcconfig */, + ); + path = Configurations; + sourceTree = ""; + }; 828688F62C65154B0059CAEE /* Permissions */ = { isa = PBXGroup; children = ( @@ -183,6 +196,7 @@ 82C57F0027D46DC100395627 /* Assets.xcassets */, 82302D112C669E4300B8BF8C /* Localizable.strings */, 82C57F0227D46DC100395627 /* Main.storyboard */, + 826008222C674A0E00ACD8A7 /* Configurations */, 82C57F0527D46DC100395627 /* Info.plist */, 82C57F0627D46DC100395627 /* Ukam.entitlements */, ); @@ -498,6 +512,7 @@ }; 82C57F0A27D46DC100395627 /* Debug */ = { isa = XCBuildConfiguration; + baseConfigurationReference = 826008202C67499A00ACD8A7 /* Ukam.Debug.xcconfig */; buildSettings = { ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor; @@ -505,7 +520,6 @@ CODE_SIGN_ENTITLEMENTS = Ukam/Ukam.entitlements; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; - CURRENT_PROJECT_VERSION = 3; DEVELOPMENT_TEAM = NARTSSS6TY; ENABLE_HARDENED_RUNTIME = YES; INFOPLIST_FILE = Ukam/Info.plist; @@ -513,7 +527,6 @@ "$(inherited)", "@executable_path/../Frameworks", ); - MARKETING_VERSION = 0.1.0; OTHER_SWIFT_FLAGS = "\"-DUSE_UNDOCUMENTED_API\""; PRODUCT_BUNDLE_IDENTIFIER = net.iseteki.Ukam; PRODUCT_NAME = "$(TARGET_NAME)"; @@ -525,6 +538,7 @@ }; 82C57F0B27D46DC100395627 /* Release */ = { isa = XCBuildConfiguration; + baseConfigurationReference = 8260081F2C67497900ACD8A7 /* Ukam.Release.xcconfig */; buildSettings = { ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor; @@ -532,7 +546,6 @@ CODE_SIGN_ENTITLEMENTS = Ukam/Ukam.entitlements; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; - CURRENT_PROJECT_VERSION = 3; DEVELOPMENT_TEAM = NARTSSS6TY; ENABLE_HARDENED_RUNTIME = YES; INFOPLIST_FILE = Ukam/Info.plist; @@ -540,7 +553,6 @@ "$(inherited)", "@executable_path/../Frameworks", ); - MARKETING_VERSION = 0.1.0; OTHER_SWIFT_FLAGS = "\"-DUSE_UNDOCUMENTED_API\""; PRODUCT_BUNDLE_IDENTIFIER = net.iseteki.Ukam; PRODUCT_NAME = "$(TARGET_NAME)"; diff --git a/Ukam/Configurations/Ukam.Debug.xcconfig b/Ukam/Configurations/Ukam.Debug.xcconfig new file mode 100644 index 0000000..a8133f9 --- /dev/null +++ b/Ukam/Configurations/Ukam.Debug.xcconfig @@ -0,0 +1,10 @@ +// +// Ukam.Debug.xcconfig +// Ukam +// +// Created by Nobuhiro Ito on 2024/08/10. +// + +// Configuration settings file format documentation can be found at: +// https://help.apple.com/xcode/#/dev745c5c974 +#include "Version.xcconfig" diff --git a/Ukam/Configurations/Ukam.Release.xcconfig b/Ukam/Configurations/Ukam.Release.xcconfig new file mode 100644 index 0000000..8dde452 --- /dev/null +++ b/Ukam/Configurations/Ukam.Release.xcconfig @@ -0,0 +1,10 @@ +// +// Ukam.Release.xcconfig +// Ukam +// +// Created by Nobuhiro Ito on 2024/08/10. +// + +// Configuration settings file format documentation can be found at: +// https://help.apple.com/xcode/#/dev745c5c974 +#include "Version.xcconfig" diff --git a/Ukam/Configurations/Version.xcconfig b/Ukam/Configurations/Version.xcconfig new file mode 100644 index 0000000..2ab6e19 --- /dev/null +++ b/Ukam/Configurations/Version.xcconfig @@ -0,0 +1,2 @@ +MARKETING_VERSION = DEVELOPMENT +CURRENT_PROJECT_VERSION = 1 diff --git a/exportOptions.plist b/exportOptions.plist new file mode 100644 index 0000000..95a9efd --- /dev/null +++ b/exportOptions.plist @@ -0,0 +1,16 @@ + + + + + compileBitcode + + method + developer-id + signingCertificate + Developer ID Application + signingStyle + manual + teamID + + +