iOS Prod Release #22
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: iOS Prod Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| versionName: | |
| description: 'User-facing release version name' | |
| required: true | |
| default: "1.0.0" | |
| versionCode: | |
| description: 'versionCode or build number' | |
| required: true | |
| default: '1' | |
| jobs: | |
| build: | |
| runs-on: macos-latest | |
| env: | |
| TERM: dumb | |
| SENTRY_DSN: ${{ secrets.SENTRY_DSN }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Setup JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 17 | |
| distribution: zulu | |
| cache: 'gradle' | |
| - name: Install private API key P8 | |
| env: | |
| PRIVATE_API_KEY_BASE64: ${{ secrets.APP_STORE_API_PRIVATE_KEY }} | |
| API_KEY: ${{ secrets.APP_STORE_KEY_ID }} | |
| run: | | |
| mkdir -p ~/private_keys | |
| echo -n "$PRIVATE_API_KEY_BASE64" | base64 --decode --output ~/private_keys/AuthKey_$API_KEY.p8 | |
| - name: Install the Apple certificate and provisioning profile | |
| env: | |
| BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
| P12_PASSWORD: ${{ secrets.P12_PASSWORD }} | |
| BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }} | |
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| run: | | |
| CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
| PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision | |
| KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
| echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH | |
| echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
| security list-keychain -d user -s $KEYCHAIN_PATH | |
| mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles | |
| cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
| - name: Update Archive Version | |
| run: | | |
| /usr/libexec/Plistbuddy -c "Set CFBundleVersion ${{ github.event.inputs.versionCode }}" "iosApp/iosApp/Info.plist" | |
| /usr/libexec/Plistbuddy -c "Set CFBundleShortVersionString ${{ github.event.inputs.versionName }}" "iosApp/iosApp/Info.plist" | |
| - name: Pod Install | |
| run: | | |
| ./gradlew --no-daemon podInstall; | |
| - name: Build Archive | |
| run: | | |
| xcodebuild -workspace ./iosApp/iosApp.xcworkspace \ | |
| -scheme iosApp \ | |
| -archivePath $RUNNER_TEMP/twine.xcarchive \ | |
| -sdk iphoneos \ | |
| -configuration Release \ | |
| -destination generic/platform=iOS \ | |
| DEVELOPMENT_TEAM=6XCS8KZXDA \ | |
| PROVISIONING_PROFILE=7f5f6c4a-2500-4db9-8eb9-43592dbf7cf9 \ | |
| clean archive | |
| CODE_SIGN_IDENTITY="iPhone Distribution: Sasi Kanth (6XCS8KZXDA)" | |
| - name: Export ipa | |
| env: | |
| EXPORT_OPTIONS_PLIST: ${{ secrets.EXPORT_OPTIONS_PLIST }} | |
| run: | | |
| EXPORT_OPTS_PATH=$RUNNER_TEMP/ExportOptions.plist | |
| echo -n "$EXPORT_OPTIONS_PLIST" | base64 --decode -o $EXPORT_OPTS_PATH | |
| xcodebuild -exportArchive -archivePath $RUNNER_TEMP/twine.xcarchive -exportOptionsPlist $EXPORT_OPTS_PATH -exportPath $RUNNER_TEMP/build | |
| - name: Upload debug symbols to Sentry | |
| run: | | |
| brew install getsentry/tools/sentry-cli; | |
| sentry-cli debug-files upload --auth-token ${{ secrets.SENTRY_AUTH_TOKEN }} \ | |
| --include-sources \ | |
| --org ${{ secrets.SENTRY_ORG }} \ | |
| --project ${{ secrets.SENTRY_PROJECT }} \ | |
| $RUNNER_TEMP/twine.xcarchive/dSYMs | |
| - name: Clean up keychain and provisioning profile | |
| if: ${{ always() }} | |
| run: | | |
| security delete-keychain $RUNNER_TEMP/app-signing.keychain-db | |
| rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision | |
| - name: Upload app to TestFlight | |
| env: | |
| API_KEY: ${{ secrets.APP_STORE_KEY_ID }} | |
| API_ISSUER: ${{ secrets.APP_STORE_ISSUER_ID }} | |
| APP_PATH: ${{ runner.temp }}/build/twine.ipa | |
| run: | | |
| xcrun altool --upload-app --type ios -f $APP_PATH --apiKey $API_KEY --apiIssuer $API_ISSUER | |
| - name: Upload application | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: app | |
| path: ${{ runner.temp }}/build/twine.ipa |