Skip to content

Commit

Permalink
github: updated App Store upload instructions
Browse files Browse the repository at this point in the history
  • Loading branch information
osy committed Feb 27, 2024
1 parent 646ab86 commit 199fc21
Showing 1 changed file with 99 additions and 7 deletions.
106 changes: 99 additions & 7 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -300,11 +300,22 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Xcode
shell: bash
run: |
[[ "$(xcode-select -p)" == "${{ env.BUILD_XCODE_PATH }}"* ]] || sudo xcode-select -s "${{ env.BUILD_XCODE_PATH }}"
- name: Import signing certificate into keychain
uses: apple-actions/import-codesign-certs@v1
with:
p12-file-base64: ${{ secrets.SIGNING_CERTIFICATE_P12_DATA }}
p12-password: ${{ secrets.SIGNING_CERTIFICATE_PASSWORD }}
- name: Import App Store Connect API Key
run: |
mkdir -p ~/.appstoreconnect/private_keys
echo $AUTHKEY_API_KEY | base64 --decode -o "~/.appstoreconnect/private_keys/AuthKey_$API_KEY.p8"
env:
AUTHKEY_API_KEY: ${{ secrets.CONNECT_KEY }}
API_KEY: ${{ vars.CONNECT_KEY_ID }}
- name: Install Provisioning Profiles
run: |
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
Expand Down Expand Up @@ -336,10 +347,13 @@ jobs:
HELPER_PROFILE_UUID: ${{ vars.HELPER_PROFILE_UUID }}
LAUNCHER_PROFILE_UUID: ${{ vars.LAUNCHER_PROFILE_UUID }}
- name: Notarize app
run: npx notarize-cli --file "UTM.dmg" --bundle-id "com.utmapp.UTM"
run: |
xcrun notarytool submit --issuer "$ISSUER_UUID" --key-id "$API_KEY" --key "~/.appstoreconnect/private_keys/AuthKey_$API_KEY.p8" --team-id "$SIGNING_TEAM_ID" --wait "UTM.dmg"
xcrun stapler staple "UTM.dmg"
env:
NOTARIZE_USERNAME: ${{ secrets.SIGNING_USERNAME }}
NOTARIZE_PASSWORD: ${{ secrets.SIGNING_PASSWORD }}
SIGNING_TEAM_ID: ${{ vars.SIGNING_TEAM_ID }}
ISSUER_UUID: ${{ vars.CONNECT_ISSUER_ID }}
API_KEY: ${{ vars.CONNECT_KEY_ID }}
- name: Upload Artifact
if: github.event_name != 'release'
uses: actions/upload-artifact@v3
Expand All @@ -364,11 +378,22 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Xcode
shell: bash
run: |
[[ "$(xcode-select -p)" == "${{ env.BUILD_XCODE_PATH }}"* ]] || sudo xcode-select -s "${{ env.BUILD_XCODE_PATH }}"
- name: Import signing certificate into keychain
uses: apple-actions/import-codesign-certs@v1
with:
p12-file-base64: ${{ secrets.SIGNING_CERTIFICATE_P12_DATA }}
p12-password: ${{ secrets.SIGNING_CERTIFICATE_PASSWORD }}
- name: Import App Store Connect API Key
run: |
mkdir -p ~/.appstoreconnect/private_keys
echo $AUTHKEY_API_KEY | base64 --decode -o "~/.appstoreconnect/private_keys/AuthKey_$API_KEY.p8"
env:
AUTHKEY_API_KEY: ${{ secrets.CONNECT_KEY }}
API_KEY: ${{ vars.CONNECT_KEY_ID }}
- name: Install Provisioning Profiles
run: |
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
Expand Down Expand Up @@ -396,15 +421,82 @@ jobs:
HELPER_PROFILE_UUID: ${{ vars.APP_STORE_HELPER_PROFILE_UUID }}
LAUNCHER_PROFILE_UUID: ${{ vars.APP_STORE_LAUNCHER_PROFILE_UUID }}
- name: Upload Artifact
if: github.event_name != 'release'
uses: actions/upload-artifact@v3
with:
name: UTM-pkg
path: UTM.pkg
- name: Upload app to App Store Connect
if: github.event_name == 'release'
run: |
xcrun altool --upload-app -t macos -f "UTM.pkg" -u "$SUBMIT_USERNAME" -p "$SUBMIT_PASSWORD"
xcrun altool --upload-app -t macos -f "UTM.pkg" --apiKey "$API_KEY" --apiIssuer "$ISSUER_UUID"
env:
ISSUER_UUID: ${{ vars.CONNECT_ISSUER_ID }}
API_KEY: ${{ vars.CONNECT_KEY_ID }}
submit-ios:
name: Submit (iOS)
runs-on: ${{ fromJSON(needs.configuration.outputs.github-runner) }}
needs: [configuration, build-utm]
strategy:
matrix:
configuration: [
{platform: "ios-tci", scheme: "iOS-SE", mode: "ipa-se-signed", name: "UTM-SE-signed.ipa", path: "UTM SE.ipa", type: "ios"},
{platform: "visionos-tci", scheme: "iOS-SE", mode: "ipa-se-signed", name: "UTM-SE-visionOS-signed.ipa", path: "UTM SE.ipa", type: "visionos"},
{platform: "ios-tci", scheme: "iOS-Remote", mode: "ipa-remote-signed", name: "UTM-Remote-signed.ipa", path: "UTM Remote.ipa", type: "ios"},
{platform: "visionos-tci", scheme: "iOS-Remote", mode: "ipa-remote-signed", name: "UTM-Remote-visionOS-signed.ipa", path: "UTM Remote.ipa", type: "visionos"},
]
if: github.event_name == 'release' || github.event.inputs.test_release == 'true'
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Xcode
shell: bash
run: |
[[ "$(xcode-select -p)" == "${{ env.BUILD_XCODE_PATH }}"* ]] || sudo xcode-select -s "${{ env.BUILD_XCODE_PATH }}"
- name: Import signing certificate into keychain
uses: apple-actions/import-codesign-certs@v1
with:
p12-file-base64: ${{ secrets.SIGNING_CERTIFICATE_P12_DATA }}
p12-password: ${{ secrets.SIGNING_CERTIFICATE_PASSWORD }}
- name: Import App Store Connect API Key
run: |
mkdir -p ~/.appstoreconnect/private_keys
echo $AUTHKEY_API_KEY | base64 --decode -o "~/.appstoreconnect/private_keys/AuthKey_$API_KEY.p8"
env:
AUTHKEY_API_KEY: ${{ secrets.CONNECT_KEY }}
API_KEY: ${{ vars.CONNECT_KEY_ID }}
- name: Install Provisioning Profiles
run: |
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
echo $IOS_REMOTE_PROFILE_DATA | base64 --decode -o ~/Library/MobileDevice/Provisioning\ Profiles/$IOS_REMOTE_PROFILE_UUID.provisionprofile
echo $IOS_SE_PROFILE_DATA | base64 --decode -o ~/Library/MobileDevice/Provisioning\ Profiles/$IOS_SE_PROFILE_UUID.provisionprofile
echo $LAUNCHER_PROFILE_DATA | base64 --decode -o ~/Library/MobileDevice/Provisioning\ Profiles/$LAUNCHER_PROFILE_UUID.provisionprofile
env:
IOS_REMOTE_PROFILE_DATA: ${{ vars.IOS_REMOTE_PROFILE_DATA }}
IOS_REMOTE_PROFILE_UUID: ${{ vars.IOS_REMOTE_PROFILE_UUID }}
IOS_SE_PROFILE_DATA: ${{ vars.IOS_SE_PROFILE_DATA }}
IOS_SE_PROFILE_UUID: ${{ vars.IOS_SE_PROFILE_UUID }}
- name: Download Artifact
uses: actions/download-artifact@v3
with:
name: UTM-${{ matrix.configuration.scheme }}-${{ matrix.configuration.platform }}-arm64
- name: Sign IPA
run: |
tar -xf UTM.xcarchive.tgz
./scripts/package.sh ipa UTM.xcarchive . "$SIGNING_TEAM_ID" "$PROFILE_UUID"
env:
SIGNING_TEAM_ID: ${{ vars.SIGNING_TEAM_ID }}
PROFILE_UUID: ${{ matrix.configuration.scheme == 'iOS-Remote' && vars.IOS_REMOTE_PROFILE_UUID || vars.IOS_SE_PROFILE_UUID }}
- name: Upload Artifact
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.configuration.name }}
path: ${{ matrix.configuration.path }}
- name: Upload app to App Store Connect
if: github.event_name == 'release'
run: |
xcrun altool --upload-app -t "$TYPE" -f "$FILE" --apiKey "$API_KEY" --apiIssuer "$ISSUER_UUID"
env:
SUBMIT_USERNAME: ${{ secrets.SIGNING_USERNAME }}
SUBMIT_PASSWORD: ${{ secrets.SIGNING_PASSWORD }}
FILE: ${{ matrix.configuration.path }}
TYPE: ${{ matrix.configuration.type }}
ISSUER_UUID: ${{ vars.CONNECT_ISSUER_ID }}
API_KEY: ${{ vars.CONNECT_KEY_ID }}

0 comments on commit 199fc21

Please sign in to comment.