-
Notifications
You must be signed in to change notification settings - Fork 9
101 lines (90 loc) · 3.29 KB
/
cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
name: CD
on:
workflow_dispatch:
inputs:
flavour:
type: choice
description: App flavour
options:
- pre-alpha
- alpha
- beta
- release
push:
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.event_name }}
cancel-in-progress: true
jobs:
testFlightDeploy:
permissions:
id-token: write
contents: read
name: "Test Flight Deploy"
if: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'push' && !(contains(github.event.head_commit.message, '[skip cd]') || contains(github.event.head_commit.message, '[cd skip]')) }}
runs-on: macos-13
steps:
- uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b
- name: Configure AWS credentials to fetch secrets
uses: aws-actions/configure-aws-credentials@97271860067ec931c45b8d104fbf0d15954ab85c # branch v1-node16
with:
role-to-assume: ${{ secrets.GH_WALLET_SECRET_ACCESS }}
aws-region: "eu-west-2"
role-session-name: 'babylon-wallet-ios-${{ github.run_id }}-${{ github.run_attempt }}'
- name: Fetch AWS secrets
uses: aws-actions/aws-secretsmanager-get-secrets@287592d14d9c9c48199db83dc182ae12af3df18e # v1.0.1
with:
secret-ids: |
WALLET, ${{ secrets.AWS_SECRET_NAME_WALLET }}
parse-json-secrets: true
- name: Fetch AWS secrets
uses: aws-actions/aws-secretsmanager-get-secrets@287592d14d9c9c48199db83dc182ae12af3df18e # v1.0.1
with:
secret-ids: |
SWIFT_SSH, ${{ secrets.AWS_SECRET_NAME_WALLET_SWIFT_SSH }}
parse-json-secrets: true
- name: Fetch AWS secrets
uses: aws-actions/aws-secretsmanager-get-secrets@287592d14d9c9c48199db83dc182ae12af3df18e # v1.0.1
with:
secret-ids: |
FASTLANE_MATCH_REPO_SSH_KEY, ${{ secrets.AWS_SECRET_NAME_WALLET_FASTLANE_SSH }}
parse-json-secrets: true
- uses: webfactory/[email protected]
with:
ssh-private-key: |
${{ env.SWIFT_SSH }}
${{ env.FASTLANE_MATCH_REPO_SSH_KEY }}
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
with:
token: ${{ env.WALLET_RADIX_BOT_PAT }}
- uses: ruby/setup-ruby@v1
with:
ruby-version: 3.1.2
bundler-cache: true
- uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: "14.3.1"
- uses: webfactory/[email protected]
with:
ssh-private-key: |
${{ env.SWIFT_SSH }}
${{ env.FASTLANE_MATCH_REPO_SSH_KEY }}
- name: Config local env
run: |
git config user.name $GIT_USER
git config user.email $GIT_USER
echo "${{ env.WALLET_FASTLANE_SECRETS_BASE64 }}" | base64 --decode > fastlane/.env.secret
brew install xcbeautify
env:
GIT_USER: ${{ env.WALLET_RADIX_BOT_USERNAME }}
- name: "Deploy"
run: |
FLAVOUR=alpha
if [[ ${{ github.event_name == 'workflow_dispatch' }} == true ]]
then
FLAVOUR=${{ github.event.inputs.flavour }}
fi
bundle exec fastlane ios deploy --env ios.$FLAVOUR
env:
GIT_TOKEN: ${{ env.WALLET_RADIX_BOT_PAT }}