-
Notifications
You must be signed in to change notification settings - Fork 18
142 lines (116 loc) · 5.14 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: Deploy to Cocoapods
on:
push:
tags: '[0-9]+.[0-9]+.[0-9]+*'
jobs:
# test is copied pasted from test.yml - do in a clean way in the future
# BEGIN COPY PASTE FROM TEST.YML
test:
runs-on: macos-latest
strategy:
fail-fast: false
matrix:
platform: [ios, mac, tvos]
steps:
- uses: actions/checkout@v4
- name: Install dependencies
run: sh scripts/install.sh
- name: Run test
run: fastlane ${{ matrix.platform }} tests
pod-lint:
runs-on: macos-latest
steps:
- uses: actions/checkout@v4
- name: Install dependencies
run: sh scripts/install.sh
- name: Run pod lib lint
run: pod lib lint --verbose --allow-warnings --sources='https://cdn.cocoapods.org/'
# END COPY PASTE FROM TEST.YML
deploy-cocoapods:
runs-on: macos-latest
needs: [pod-lint, test]
steps:
- uses: actions/checkout@v4
- name: Install dependencies
run: sh scripts/install.sh
- name: Deploy to Cocoapods
run: sh scripts/deploy.sh
env:
COCOAPODS_TRUNK_TOKEN: ${{ secrets.COCOAPODS_TRUNK_TOKEN }}
sign-and-build-frameworks:
runs-on: macos-latest
needs: [pod-lint, test]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install pods
run: pod install
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
MAC_BUILD_CERTIFICATE_BASE64: ${{ secrets.MAC_BUILD_CERTIFICATE_BASE64 }}
MAC_BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.MAC_BUILD_PROVISION_PROFILE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
MAC_CERTIFICATE_PATH=$RUNNER_TEMP/mac_build_certificate.p12
MAC_PP_PATH=$RUNNER_TEMP/mac_build_pp.provisionprofile
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import iOS certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
# import macOS certificate and provisioning profile from secrets
echo -n "$MAC_BUILD_CERTIFICATE_BASE64" | base64 --decode -o $MAC_CERTIFICATE_PATH
echo -n "$MAC_BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $MAC_PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import iOS certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# import macOS certificate to keychain
security import $MAC_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profiles
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
cp $MAC_PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Build frameworks
run: sh scripts/xcframeworkgen.sh
env:
BACKTRACE_VERSION: ${{ github.ref_name }}
- name: Codesign frameworks
env:
DISTRIBUTION_IDENTITY: ${{ secrets.DISTRIBUTION_IDENTITY }}
run: |
codesign --force --timestamp --sign "$DISTRIBUTION_IDENTITY" frameworks/Backtrace.xcframework
codesign --force --timestamp --sign "$DISTRIBUTION_IDENTITY" frameworks/PLCrashReporter/CrashReporter.xcframework
- name: Tar files to preserve file permissions
run: tar -cvzf Archive_XCFrameworks_${{ github.ref_name }}.tar.gz frameworks/
- uses: actions/upload-artifact@v4
with:
name: Archive_XCFrameworks_${{ github.ref_name }}
path: Archive_XCFrameworks_${{ github.ref_name }}.tar.gz
upload-xcframeworks:
runs-on: ubuntu-latest
needs: sign-and-build-frameworks
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
id: download
with:
path: artifacts/
- uses: xresloader/upload-to-github-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
file: ${{ steps.download.outputs.download-path }}
draft: true
verbose: env.ACTIONS_STEP_DEBUG