Merge branch 'feature/pre_beta' into develop #295
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build & Deploy | |
on: | |
push: | |
branches: | |
- main | |
- develop | |
jobs: | |
deploy: | |
name: Deploying to Testflight | |
runs-on: macos-13 | |
steps: | |
- name: Select Xcode version | |
run: sudo xcode-select -s '/Applications/Xcode_15.0.1.app/Contents/Developer' | |
- name: Checkout repository | |
uses: actions/[email protected] | |
# Env variables | |
- name: Setup Global Env | |
run: | | |
echo "BUILD_CERTIFICATE_BASE64=${{ secrets.BUILD_CERTIFICATE_BASE64 }}" >> $GITHUB_ENV | |
echo "P12_PASSWORD=${{ secrets.P12_PASSWORD }}" >> $GITHUB_ENV | |
echo "KEYCHAIN_PASSWORD=${{ secrets.KEYCHAIN_PASSWORD }}" >> $GITHUB_ENV | |
- name: Setup env variables for main | |
if: github.ref == 'refs/heads/main' | |
run: | | |
echo "BUILD_PROVISION_PROFILE_BASE64=${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}" >> $GITHUB_ENV | |
- name: Setup env varibales for develop | |
if: github.ref == 'refs/heads/develop' | |
run: | | |
echo "BUILD_PROVISION_PROFILE_BASE64=${{ secrets.BUILD_PROVISION_PROFILE_BETA_BASE64 }}" >> $GITHUB_ENV | |
# Upload Base64 copies of apple certs to github following these instructions: | |
# Note: Use app store distribution certs | |
# https://docs.github.com/en/actions/guides/installing-an-apple-certificate-on-macos-runners-for-xcode-development | |
# | |
# Every time we update certs / profiles or they expire, we need to update the following github actions secrets | |
# BUILD_CERTIFICATE_BASE64 = exported distribution cert from inside Xcode account settings, copied with `base64 -i <file-path> | pbcopy` | |
# P12_PASSWORD = whatever new password created for previous file | |
# BUILD_PROVISION_PROFILE_BASE64 = download "Kukai Mobile Prov Dist App Store" from app store connect, copied with `base64 -i <file-path> | pbcopy` | |
# BUILD_PROVISION_PROFILE_BETA_BASE64 = download "Kukai Mobile Beta Prov Dist App Store" from app store connect, copied with `base64 -i <file-path> | pbcopy` | |
# | |
- name: Install the Apple certificate and provisioning profile | |
run: | | |
# create variables | |
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision | |
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
# import certificate and provisioning profile from secrets | |
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH | |
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH | |
# create temporary keychain | |
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
# import certificate to keychain | |
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
security list-keychain -d user -s $KEYCHAIN_PATH | |
# apply provisioning profile | |
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles | |
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
# Auto increment build number on Dev builds only to avoid mismatch between TestFlight setups | |
- name: Auto update build number | |
if: github.ref == 'refs/heads/develop' | |
run: agvtool next-version -all | |
# Setup CodeQL before building | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v2 | |
with: | |
languages: "swift" | |
# Build and archive for main or develop | |
- name: Build and Archive | |
if: github.ref == 'refs/heads/main' | |
run: xcodebuild -scheme "Kukai Mobile Release" -sdk iphoneos -configuration Release -archivePath $PWD/build/Kukai-mobile.xcarchive clean archive | |
- name: Build and Archive | |
if: github.ref == 'refs/heads/develop' | |
run: xcodebuild -scheme "Kukai Mobile Beta" -sdk iphoneos -configuration Beta -archivePath $PWD/build/Kukai-mobile.xcarchive clean archive | |
#Analyse code after build | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v2 | |
with: | |
category: "/language:swift" | |
# Export .ipa for main or develop | |
- name: Export .ipa | |
if: github.ref == 'refs/heads/main' | |
run: xcodebuild -archivePath $PWD/build/Kukai-mobile.xcarchive -exportOptionsPlist "Kukai Mobile/ExportOptions.plist" -exportPath $PWD/build -allowProvisioningUpdates -exportArchive | |
- name: Export .ipa | |
if: github.ref == 'refs/heads/develop' | |
run: xcodebuild -archivePath $PWD/build/Kukai-mobile.xcarchive -exportOptionsPlist "Kukai Mobile/ExportOptions-Beta.plist" -exportPath $PWD/build -allowProvisioningUpdates -exportArchive | |
- name: Install Sentry CLI | |
if: ${{ success() }} | |
run: brew install getsentry/tools/sentry-cli | |
- name: Upload dSYM | |
if: ${{ success() }} | |
env: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
run: | | |
export PATH=/usr/local/bin:$PATH | |
export SENTRY_ORG=kukai | |
export SENTRY_PROJECT=kukai-ios | |
export CUSTOM_DSYM_PATH="$PWD/build/Kukai-mobile.xcarchive/dSYMs/Kukai Mobile.app.dSYM" | |
export CUSTOM_DSYM_PATH_FRAMEWORK="$PWD/build/Kukai-mobile.xcarchive/dSYMs/Sodium.framework.dSYM" | |
echo "CUSTOM_DSYM_PATH: $CUSTOM_DSYM_PATH" | |
echo "CUSTOM_DSYM_PATH_FRAMEWORK: $CUSTOM_DSYM_PATH_FRAMEWORK" | |
ERROR=$(sentry-cli upload-dif "$CUSTOM_DSYM_PATH" 2>&1 >/dev/null) | |
ERROR=$(sentry-cli upload-dif "$CUSTOM_DSYM_PATH_FRAMEWORK" 2>&1 >/dev/null) | |
if [ ! $? -eq 0 ]; then | |
echo "warning: sentry-cli - $ERROR" | |
fi | |
- name: Commit new version number | |
if: ${{ success() }} | |
run: | | |
git add . | |
git commit -m "bump version" | |
git push origin HEAD | |
- name: Upload to TestFlight | |
if: ${{ success() }} | |
env: | |
APPLEID_USERNAME: ${{ secrets.APPLEID_USERNAME }} | |
APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }} | |
run: xcrun altool --upload-app -t ios -f "build/Kukai Mobile.ipa" -u "$APPLEID_USERNAME" -p "$APPLEID_PASSWORD" --verbose |