-
Notifications
You must be signed in to change notification settings - Fork 44
227 lines (191 loc) · 7.83 KB
/
start_build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
name: Build and Deploy to Beta Channels
on:
workflow_dispatch:
jobs:
clean:
runs-on: ubuntu-latest
steps:
- name: Clean environment (just for your comprehension but it do nothing)
run: |
rm -rf node_modules
rm -rf ios/build
rm -rf ~/Library/Developer/Xcode/DerivedData
rm -rf android/app/build/
rm -rf $HOME/.gradle/caches/
build_ios:
needs: clean
runs-on: macos-latest
steps:
- uses: actions/checkout@v3
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '18'
- name: Install dependencies
run: npm ci
- name: Install Cocoapods
run: sudo gem install cocoapods
- name: Install Pods and update Hermes Engine
run: |
cd ios
rm -rf Pods Podfile.lock
pod install
pod update hermes-engine --no-repo-update
- name: Install Apple Certificate
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.IOS_DISTRIBUTION_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.IOS_DISTRIBUTION_CERTIFICATE_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# Checking environment variables
if [ -z "$BUILD_CERTIFICATE_BASE64" ]; then
echo "ERROR: BUILD_CERTIFICATE_BASE64 is empty"
exit 1
fi
if [ -z "$P12_PASSWORD" ]; then
echo "ERROR: P12_PASSWORD is empty"
exit 1
fi
if [ -z "$KEYCHAIN_PASSWORD" ]; then
echo "ERROR: KEYCHAIN_PASSWORD is empty"
exit 1
fi
# Create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain
# Import certificate from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode > $CERTIFICATE_PATH
# Create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# Add keychain to search list
security list-keychains -d user -s $KEYCHAIN_PATH $(security list-keychains -d user | sed s/\"//g)
# Import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
# Allow codesign to access the keychain
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# Clean up
rm $CERTIFICATE_PATH
- name: Install Provisioning Profile
env:
PROVISIONING_PROFILE_BASE64: ${{ secrets.IOS_PROVISIONING_PROFILE_BASE64 }}
run: |
# Decode the provisioning profile
echo -n "$PROVISIONING_PROFILE_BASE64" | base64 --decode > $RUNNER_TEMP/profile.mobileprovision
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $RUNNER_TEMP/profile.mobileprovision ~/Library/MobileDevice/Provisioning\ Profiles/
- name: Build iOS app
env:
KEYCHAIN_PATH: $RUNNER_TEMP/app-signing.keychain
run: |
cd ios
xcodebuild -workspace Papillon.xcworkspace \
-scheme Papillon \
-configuration Release \
-archivePath build/Papillon.xcarchive \
-allowProvisioningUpdates \
-destination generic/platform=iOS \
IPHONEOS_DEPLOYMENT_TARGET=13.4 \
CODE_SIGN_STYLE=Manual \
PROVISIONING_PROFILE_SPECIFIER="Papillon" \
CODE_SIGN_IDENTITY="iPhone Distribution" \
OTHER_CODE_SIGN_FLAGS="--keychain $KEYCHAIN_PATH" \
clean archive
xcodebuild -exportArchive -archivePath build/Papillon.xcarchive -exportOptionsPlist ExportOptions.plist -exportPath ./build
if [ -f "./build/Papillon.ipa" ]; then
echo "IPA file generated successfully"
else
echo "Error: IPA file not found"
exit 1
fi
- name: Upload IPA
uses: actions/upload-artifact@v3
with:
name: ios-app
path: ios/build/Papillon.ipa
if-no-files-found: error
build_android:
needs: clean
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '18'
- name: Install dependencies
run: npm ci
- name: Setup Java
uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: '17'
- name: Build Android app
env:
KEYSTORE_BASE64: ${{ secrets.ANDROID_KEYSTORE_BASE64 }}
KEYSTORE_PASSWORD: ${{ secrets.ANDROID_KEYSTORE_PASSWORD }}
KEY_ALIAS: ${{ secrets.ANDROID_KEY_ALIAS }}
run: |
# Decode keystore
echo $KEYSTORE_BASE64 | base64 --decode > android/app/release.keystore
# Build APK and AAB
cd android
./gradlew assembleRelease
./gradlew bundleRelease
- name: Upload APK
uses: actions/upload-artifact@v3
with:
name: android-apk
path: android/app/build/outputs/apk/release/app-release.apk
- name: Upload AAB
uses: actions/upload-artifact@v3
with:
name: android-aab
path: android/app/build/outputs/bundle/release/app-release.aab
deploy_to_beta_channels:
needs: [build_ios, build_android]
runs-on: macos-latest
steps:
- uses: actions/checkout@v3
- name: Download iOS artifact
uses: actions/download-artifact@v3
with:
name: ios-app
path: ios-app
- name: Download Android AAB artifact
uses: actions/download-artifact@v3
with:
name: android-aab
path: android-aab
- name: Prepare artifacts
run: |
mv ios-app/Papillon.ipa ./Papillon.ipa
mv android-aab/app-release.aab ./Papillon.aab
- name: Upload to TestFlight
env:
APP_STORE_CONNECT_API_KEY_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ID }}
APP_STORE_CONNECT_API_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_API_ISSUER_ID }}
APP_STORE_CONNECT_API_KEY_CONTENT: ${{ secrets.APP_STORE_CONNECT_API_KEY_CONTENT }}
run: |
echo "$APP_STORE_CONNECT_API_KEY_CONTENT" | base64 --decode > appstore_connect_api_key.p8
xcrun notarytool submit Papillon.ipa --key appstore_connect_api_key.p8 \
--key-id "$APP_STORE_CONNECT_API_KEY_ID" \
--issuer "$APP_STORE_CONNECT_API_ISSUER_ID" \
--wait
echo "iOS build uploaded to TestFlight for beta testing"
- name: Upload Android Release to Play Store Beta
uses: r0adkll/[email protected]
with:
serviceAccountJsonPlainText: ${{ secrets.PLAY_STORE_JSON_KEY }}
packageName: xyz.getpapillon.app
releaseFiles: Papillon.aab
track: beta
status: completed
changesNotSentForReview: false
- name: Notify successful beta deployment
run: |
echo "Both iOS and Android builds have been successfully uploaded to their respective beta channels (TestFlight and Play Store Beta)."
echo "To release to production:"
echo "- For iOS: Go to App Store Connect, test the build in TestFlight, then submit for App Store review when ready (Vince will do this)."
echo "- For Android: Go to the Google Play Console, test the build in the beta track, then promote to production when ready (Vince will do this)."