This repository has been archived by the owner on Mar 15, 2023. It is now read-only.
forked from KyberNetwork/KyberSwap-iOS
-
Notifications
You must be signed in to change notification settings - Fork 4
207 lines (173 loc) · 8.17 KB
/
testflight.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
name: Testflight
on:
push:
branches:
- 'release-*'
- feat/tf-workflow-1
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
env:
LANG: en_US.UTF-8
# # base64 service account credentials
# GCS_SA_CREDENTIAL: ${{ secrets.GCS_SA_CREDENTIAL }}
# GCS_PROJECT_ID: ${{ secrets.GCS_PROJECT_ID }}
# GCS_BUCKET: ${{ secrets.GCS_BUCKET }}
jobs:
build-ios-and-upload-testflight:
runs-on: macos-12
env:
TMP_KEYCHAIN_NAME: "fastlane_tmp_keychain"
# cetificate environment
DISTRIBUTE_CERT_PATH: /Users/runner/privates/certificates/devops_testflight.p12
DISTRIBUTE_CERT_PASSWORD: ${{ secrets.DISTRIBUTE_CERT_PASSWORD }}
DEVELOPMENT_CERT_PATH: /Users/runner/privates/certificates/devops_development.p12
DEVELOPMENT_CERT_PASSWORD: ${{ secrets.DEVELOPMENT_CERT_PASSWORD }}
# xcode project environment
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
APPLE_BUNDLE_ID: ${{ secrets.APPLE_BUNDLE_ID }}
APPLE_CODE_SIGNING_ID: ${{ secrets.APPLE_TESTFIGHT_SIGNING_ID }}
# profiles
DEV_PROFILE: ${{ secrets.DEV_PROFILE }}
KRYSTAL_DEV_PROFILE: ${{ secrets.KRYSTAL_DEV_PROFILE }}
AD_HOC_PROFILE: ${{ secrets.AD_HOC_PROFILE }}
EXT_AD_HOC_PROFILE: ${{ secrets.EXT_AD_HOC_PROFILE }}
KRYSTAL_PROD_PROFILE: ${{ secrets.KRYSTAL_PROD_PROFILE }}
KRYSTAL_PROD_EXT_PROFILE: ${{ secrets.KRYSTAL_PROD_EXT_PROFILE }}
# profile paths
DEV_PROFILE_PATH: "/Users/runner/privates/profiles/${{ secrets.DEV_PROFILE }}.mobileprovision"
KRYSTAL_DEV_PROFILE_PATH: "/Users/runner/privates/profiles/${{ secrets.KRYSTAL_DEV_PROFILE }}.mobileprovision"
AD_HOC_PROFILE_PATH: "/Users/runner/privates/profiles/${{ secrets.AD_HOC_PROFILE }}.mobileprovision"
EXT_AD_HOC_PROFILE_PATH: "/Users/runner/privates/profiles/${{ secrets.EXT_AD_HOC_PROFILE }}.mobileprovision"
KRYSTAL_PROD_PROFILE_PATH: "/Users/runner/privates/profiles/${{ secrets.KRYSTAL_PROD_PROFILE }}.mobileprovision"
KRYSTAL_PROD_EXT_PROFILE_PATH: "/Users/runner/privates/profiles/${{ secrets.KRYSTAL_PROD_EXT_PROFILE }}.mobileprovision"
# sentry environments
SENTRY_TOKEN: ${{ secrets.SENTRY_TOKEN }}
ORG_SLUG: ${{ secrets.ORG_SLUG }}
PROJECT_SLUG: ${{ secrets.PROJECT_SLUG }}
SENTRY_URL: ${{ secrets.SENTRY_URL }}
# default actor
GH_ACTOR: Krystal-CICD
# testflight
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }}
APPLE_ISSUER_ID: ${{ secrets.APPLE_ISSUER_ID }}
APPLE_KEY_CONTENT: ${{ secrets.APPLE_KEY_CONTENT }}
# GCP
PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
IOS_PASSPHRASE: ${{ secrets.IOS_PASSPHRASE }}
steps:
- name: Checkout
uses: actions/checkout@v2
with:
submodules: recursive
token: '${{ secrets.KRYSTAL_BOT_GH_PAT }}'
- name: Get configuration items
run: |
echo $SSH_PRIVATE_KEY | base64 --decode > private.key
chmod 600 private.key
rm -rf $HOME/krystal-mobile-enviroment
GIT_SSH_COMMAND='ssh -i private.key -o IdentitiesOnly=yes -o StrictHostKeyChecking=no' git clone [email protected]:KYRDTeam/krystal-mobile-enviroment.git $HOME/krystal-mobile-enviroment
ls -al $HOME/krystal-mobile-enviroment/
CONFIG_PATH=$HOME/krystal-mobile-enviroment/ios/
ls -al $CONFIG_PATH
echo "Using gpg to decrypt the sensitive files now"
gpg --quiet --batch --yes --decrypt --passphrase=$IOS_PASSPHRASE $CONFIG_PATH/certificates/devops_development.p12.gpg > $CONFIG_PATH/certificates/devops_development.p12
gpg --quiet --batch --yes --decrypt --passphrase=$IOS_PASSPHRASE $CONFIG_PATH/certificates/devops_testflight.p12.gpg > $CONFIG_PATH/certificates/devops_testflight.p12
gpg --quiet --batch --yes --decrypt --passphrase=$IOS_PASSPHRASE $CONFIG_PATH/certificates/distribution.p12.gpg > $CONFIG_PATH/certificates/distribution.p12
gpg --quiet --batch --yes --decrypt --passphrase=$IOS_PASSPHRASE $CONFIG_PATH/profiles/devops_ios_distribution.mobileprovision.gpg > $CONFIG_PATH/profiles/devops_ios_distribution.mobileprovision
gpg --quiet --batch --yes --decrypt --passphrase=$IOS_PASSPHRASE $CONFIG_PATH/profiles/devops_ios_ext_distribution.mobileprovision.gpg > $CONFIG_PATH/profiles/devops_ios_ext_distribution.mobileprovision
ls -al $CONFIG_PATH
mkdir -p /Users/runner/privates
cp -va $CONFIG_PATH/* /Users/runner/privates
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.6
bundler-cache: true
- name: Install Pod check
run: |
gem install activesupport -v 6.1.7.2
gem install cocoapods-check
- name: Setup Sentry CLI
shell: bash
run: curl -sL https://sentry.io/get-cli/ | bash
# - name: Setup Auth
# uses: 'google-github-actions/auth@v0'
# with:
# credentials_json: '${{ secrets.GCS_SA_CREDENTIAL }}'
# - name: Set up Cloud SDK
# uses: google-github-actions/setup-gcloud@v0
- name: Setup cache
uses: actions/cache@v2
with:
path: Pods
key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }}
restore-keys: |
${{ runner.os }}-pods-
- name: Setup environments
shell: bash
env:
ENV: prod
run: |
cp /Users/runner/privates/environments/KNSecret.swift ./KyberNetwork/KyberNetwork/Configurations/Environments
cp /Users/runner/privates/environments/$ENV/KNEnvironment.swift ./KyberNetwork/KyberNetwork/Configurations/Environments/Sources
- name: Pods install
run: pod check || pod install
- name: Build and Upload to Testflight
uses: maierj/[email protected]
env:
ITMSTRANSPORTER_FORCE_ITMS_PACKAGE_UPLOAD: true
with:
lane: pre_release
bundle-install-path: "vendor/bundle"
- name: Prepare bump build number
run: |
git config user.name "$GH_ACTOR"
git config user.email "[email protected]"
- name: Bump Build number
uses: maierj/[email protected]
with:
lane: ci_bump_build_number
bundle-install-path: "vendor/bundle"
- name: Push commit
shell: bash
run: |
git push --repo="https://$GH_ACTOR:[email protected]/${GITHUB_REPOSITORY}.git"
# This step will automatically run if any of the previous steps fail.
# DO NOT CHANGE IT
- name: Send notifications to a specify Telegram group
if: failure()
env:
TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_TOKEN }}
TELEGRAM_GROUP_ID: ${{ secrets.TELEGRAM_GROUP_ID }}
RUN_ID: ${{ github.run_id }}
shell: bash
run: .github/failure
notify-testflight:
needs:
- build-ios-and-upload-testflight
runs-on: ubuntu-latest
steps:
- name: Slack Notification on Success
uses: rtCamp/action-slack-notify@v2
env:
SLACK_CHANNEL: release-krystal-ios-testflight
SLACK_COLOR: ${{ job.status }}
SLACK_ICON: https://github.com/rtCamp.png?size=48
SLACK_MESSAGE: ':rocket: Krystal-iOS | A new release has been built on TestFlight'
SLACK_TITLE: ':rocket: Krystal-iOS | A new release has been built on TestFlight'
SLACK_USERNAME: deployment-notifier
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_TF_IOS }}
- name: Slack Notification on Failure
uses: rtCamp/action-slack-notify@v2
if: failure()
env:
SLACK_CHANNEL: release-krystal-ios-testflight
SLACK_COLOR: 'fc5a03'
SLACK_ICON: https://github.com/rtCamp.png?size=48
SLACK_MESSAGE: ':rocket: Krystal-iOS | A new release failed to build on TestFlight'
SLACK_TITLE: ':rocket: Krystal-iOS | A new release failed to build on TestFlight'
SLACK_USERNAME: deployment-notifier
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_TF_IOS }}