generated from JetBrains/compose-multiplatform-template
-
-
Notifications
You must be signed in to change notification settings - Fork 76
120 lines (102 loc) · 4.56 KB
/
ios_prod_release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
name: iOS Prod Release
on:
workflow_dispatch:
inputs:
tramline-input:
description: "Tramline input"
required: false
jobs:
build:
runs-on: macos-latest
env:
TERM: dumb
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
steps:
- name: Configure Tramline
id: tramline
uses: tramlinehq/deploy-action@v0.1.5
with:
input: ${{ github.event.inputs.tramline-input }}
- name: Setup JDK 20
uses: actions/setup-java@v4
with:
java-version: 20
distribution: zulu
cache: 'gradle'
- name: Install private API key P8
env:
PRIVATE_API_KEY_BASE64: ${{ secrets.APP_STORE_API_PRIVATE_KEY }}
API_KEY: ${{ secrets.APP_STORE_KEY_ID }}
run: |
mkdir -p ~/private_keys
echo -n "$PRIVATE_API_KEY_BASE64" | base64 --decode --output ~/private_keys/AuthKey_$API_KEY.p8
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Update Archive Version
run: |
/usr/libexec/Plistbuddy -c "Set CFBundleVersion ${{ steps.tramline.outputs.version_code }}" "iosApp/iosApp/Info.plist"
/usr/libexec/Plistbuddy -c "Set CFBundleShortVersionString ${{ steps.tramline.outputs.version_name }}" "iosApp/iosApp/Info.plist"
- name: Pod Install
run: |
./gradlew --no-daemon podInstall;
- name: Build Archive
run: |
xcodebuild -workspace ./iosApp/iosApp.xcworkspace \
-scheme iosApp \
-archivePath $RUNNER_TEMP/twine.xcarchive \
-sdk iphoneos \
-configuration Release \
-destination generic/platform=iOS \
DEVELOPMENT_TEAM=6XCS8KZXDA \
PROVISIONING_PROFILE=${{ secrets.PROVISION_PROFILE_ID }} \
clean archive
CODE_SIGN_IDENTITY="iPhone Distribution: Sasi Kanth (6XCS8KZXDA)"
- name: Export ipa
env:
EXPORT_OPTIONS_PLIST: ${{ secrets.EXPORT_OPTIONS_PLIST }}
run: |
EXPORT_OPTS_PATH=$RUNNER_TEMP/ExportOptions.plist
echo -n "$EXPORT_OPTIONS_PLIST" | base64 --decode -o $EXPORT_OPTS_PATH
xcodebuild -exportArchive -archivePath $RUNNER_TEMP/twine.xcarchive -exportOptionsPlist $EXPORT_OPTS_PATH -exportPath $RUNNER_TEMP/build
- name: Upload debug symbols to Sentry
run: |
curl -sL https://sentry.io/get-cli/ | SENTRY_CLI_VERSION=2.21.2 bash;
sentry-cli debug-files upload --auth-token ${{ secrets.SENTRY_AUTH_TOKEN }} \
--include-sources \
--org ${{ secrets.SENTRY_ORG }} \
--project ${{ secrets.SENTRY_PROJECT }} \
$RUNNER_TEMP/twine.xcarchive/dSYMs
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision
- name: Upload app to TestFlight
env:
API_KEY: ${{ secrets.APP_STORE_KEY_ID }}
API_ISSUER: ${{ secrets.APP_STORE_ISSUER_ID }}
APP_PATH: ${{ runner.temp }}/build/twine.ipa
run: |
xcrun altool --upload-app --type ios -f $APP_PATH --apiKey $API_KEY --apiIssuer $API_ISSUER
- name: Upload application
uses: actions/upload-artifact@v4
with:
name: app
path: ${{ runner.temp }}/build/twine.ipa