Skip to content

Merge branch 'feature/bug_fixes' into develop #235

Merge branch 'feature/bug_fixes' into develop

Merge branch 'feature/bug_fixes' into develop #235

name: Build & Deploy
on:
push:
branches:
- main
- develop
jobs:
deploy:
name: Deploying to Testflight
runs-on: macos-13
steps:
- name: Select Xcode version
run: sudo xcode-select -s '/Applications/Xcode_15.0.1.app/Contents/Developer'
- name: Checkout repository
uses: actions/[email protected]
# Env variables
- name: Setup Global Env
run: |
echo "BUILD_CERTIFICATE_BASE64=${{ secrets.BUILD_CERTIFICATE_BASE64 }}" >> $GITHUB_ENV
echo "P12_PASSWORD=${{ secrets.P12_PASSWORD }}" >> $GITHUB_ENV
echo "KEYCHAIN_PASSWORD=${{ secrets.KEYCHAIN_PASSWORD }}" >> $GITHUB_ENV
- name: Setup env variables for main
if: github.ref == 'refs/heads/main'
run: |
echo "BUILD_PROVISION_PROFILE_BASE64=${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}" >> $GITHUB_ENV
- name: Setup env varibales for develop
if: github.ref == 'refs/heads/develop'
run: |
echo "BUILD_PROVISION_PROFILE_BASE64=${{ secrets.BUILD_PROVISION_PROFILE_BETA_BASE64 }}" >> $GITHUB_ENV
# Upload Base64 copies of apple certs to github following these instructions:
# Note: Use app store distribution certs
# https://docs.github.com/en/actions/guides/installing-an-apple-certificate-on-macos-runners-for-xcode-development
#
# Every time we update certs / profiles or they expire, we need to update the following github actions secrets
# BUILD_CERTIFICATE_BASE64 = exported distribution cert from inside Xcode account settings, copied with `base64 -i <file-path> | pbcopy`
# P12_PASSWORD = whatever new password created for previous file
# BUILD_PROVISION_PROFILE_BASE64 = download "Kukai Mobile Prov Dist App Store" from app store connect, copied with `base64 -i <file-path> | pbcopy`
# BUILD_PROVISION_PROFILE_BETA_BASE64 = download "Kukai Mobile Beta Prov Dist App Store" from app store connect, copied with `base64 -i <file-path> | pbcopy`
#
- name: Install the Apple certificate and provisioning profile
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
# Auto increment build number on Dev builds only to avoid mismatch between TestFlight setups
- name: Auto update build number
if: github.ref == 'refs/heads/develop'
run: agvtool next-version -all
# Setup CodeQL before building
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: "swift"
# Build and archive for main or develop
- name: Build and Archive
if: github.ref == 'refs/heads/main'
run: xcodebuild -scheme "Kukai Mobile Release" -sdk iphoneos -configuration Release -archivePath $PWD/build/Kukai-mobile.xcarchive clean archive
- name: Build and Archive
if: github.ref == 'refs/heads/develop'
run: xcodebuild -scheme "Kukai Mobile Beta" -sdk iphoneos -configuration Beta -archivePath $PWD/build/Kukai-mobile.xcarchive clean archive
#Analyse code after build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:swift"
# Export .ipa for main or develop
- name: Export .ipa
if: github.ref == 'refs/heads/main'
run: xcodebuild -archivePath $PWD/build/Kukai-mobile.xcarchive -exportOptionsPlist "Kukai Mobile/ExportOptions.plist" -exportPath $PWD/build -allowProvisioningUpdates -exportArchive
- name: Export .ipa
if: github.ref == 'refs/heads/develop'
run: xcodebuild -archivePath $PWD/build/Kukai-mobile.xcarchive -exportOptionsPlist "Kukai Mobile/ExportOptions-Beta.plist" -exportPath $PWD/build -allowProvisioningUpdates -exportArchive
- name: Install Sentry CLI
if: ${{ success() }}
run: brew install getsentry/tools/sentry-cli
- name: Upload dSYM
if: ${{ success() }}
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
run: |
export PATH=/usr/local/bin:$PATH
export SENTRY_ORG=kukai
export SENTRY_PROJECT=kukai-ios
export CUSTOM_DSYM_PATH="$PWD/build/Kukai-mobile.xcarchive/dSYMs/Kukai Mobile.app.dSYM"
export CUSTOM_DSYM_PATH_FRAMEWORK="$PWD/build/Kukai-mobile.xcarchive/dSYMs/Sodium.framework.dSYM"
echo "CUSTOM_DSYM_PATH: $CUSTOM_DSYM_PATH"
echo "CUSTOM_DSYM_PATH_FRAMEWORK: $CUSTOM_DSYM_PATH_FRAMEWORK"
ERROR=$(sentry-cli upload-dif "$CUSTOM_DSYM_PATH" 2>&1 >/dev/null)
ERROR=$(sentry-cli upload-dif "$CUSTOM_DSYM_PATH_FRAMEWORK" 2>&1 >/dev/null)
if [ ! $? -eq 0 ]; then
echo "warning: sentry-cli - $ERROR"
fi
- name: Commit new version number
if: ${{ success() }}
run: |
git add .
git commit -m "bump version"
git push origin HEAD
- name: Upload to TestFlight
if: ${{ success() }}
env:
APPLEID_USERNAME: ${{ secrets.APPLEID_USERNAME }}
APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }}
run: xcrun altool --upload-app -t ios -f "build/Kukai Mobile.ipa" -u "$APPLEID_USERNAME" -p "$APPLEID_PASSWORD" --verbose