[INSPECT-302] MAINT** Update SDK from 16.2 -> 17+ #30
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
pull_request: | |
branches: ["master"] | |
jobs: | |
build-ios: | |
name: Build and sign ios | |
runs-on: macos-13 | |
env: | |
PROJECT: ${{ 'invasivesbc-mussels.iOS.xcworkspace' }} | |
SCHEME: ${{ 'invasivesbc-mussels.iOS' }} | |
DATA_DIR: ${{ 'xcbuild' }} | |
ARCHIVE_NAME: ${{ 'invasivesbc-mussels.iOS.xcarchive' }} | |
EXPORT_DIR: ${{ 'export' }} | |
IPA_NAME: ${{ 'invasivesbc-mussels.iOS.ipa' }} | |
APP_BUILD_VERSION: "2.7" | |
steps: | |
- name: Increase build | |
env: | |
GITHUB_RUN_NUMBER: ${{ github.run_number }} | |
run: | | |
echo "GITHUB_RUN_NUMBER_WITH_OFFSET=$(($GITHUB_RUN_NUMBER+383))" >> $GITHUB_ENV | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Display XCode Path for debug | |
run: | | |
xcode-select -p | |
- name: Cache Pods | |
uses: actions/cache@v3 | |
with: | |
path: ios/Pods | |
key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }} | |
restore-keys: | | |
${{ runner.os }}-pods- | |
- name: CocoaPod Install | |
run: pod install | |
# from https://docs.github.com/en/enterprise-cloud@latest/actions/deployment/deploying-xcode-applications/installing-an-apple-certificate-on-macos-runners-for-xcode-development | |
- name: Install the Apple certificate and provisioning profile | |
env: | |
# The first two keys are from the bcgov organization secrets | |
BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_APP_STORE_BUILD_CERTIFICATE_BASE64 }} | |
P12_PASSWORD: ${{ secrets.APPLE_APP_STORE_BUILD_CERTIFICATE_PASSWD }} | |
# These two keys are from your app's repo secrets | |
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.IOS_PROVISION_PROFILE_BASE64 }} | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
run: | | |
# create variables | |
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision | |
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
# import certificate and provisioning profile from secrets | |
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode > $CERTIFICATE_PATH | |
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode > $PP_PATH | |
# create temporary keychain | |
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
# import certificate to keychain | |
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
security list-keychain -d user -s $KEYCHAIN_PATH | |
# apply provisioning profile | |
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles | |
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
- name: Increment Build No. | |
env: | |
BUILD_NO: ${{ env.GITHUB_RUN_NUMBER_WITH_OFFSET }} | |
run: | | |
# Set Build Number. Not worrying about storing to repo. | |
agvtool new-version -all ${BUILD_NO} | |
- name: Build For Release | |
run: | | |
xcodebuild \ | |
-workspace ipad.xcworkspace \ | |
-scheme ipad \ | |
-configuration Release \ | |
-sdk iphoneos \ | |
-derivedDataPath $DATA_DIR \ | |
-archivePath ${DATA_DIR}/${ARCHIVE_NAME} \ | |
-arch x86_64 \ | |
archive | |
- name: Export Archive | |
# This is the step that signs the build | |
run: | | |
xcodebuild \ | |
-exportArchive \ | |
-archivePath ${DATA_DIR}/${ARCHIVE_NAME} \ | |
-exportPath $EXPORT_DIR \ | |
-exportOptionsPlist exportOptions.plist \ | |
-verbose | |
- name: Upload a Build Artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ios-release | |
path: ${{ env.EXPORT_DIR }} | |
if-no-files-found: error | |
retention-days: 5 | |
# https://blog.codemagic.io/app-store-connect-api-codemagic-cli-tools/ | |
- name: Install Codemagic CLI Tools | |
if: github.ref_name == 'master' | |
run: | | |
pip3 install codemagic-cli-tools | |
- name: Ship to App Store | |
if: github.ref_name == 'master' | |
env: | |
APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_ISSUER_ID }} | |
APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.APP_STORE_CONNECT_KEY_IDENTIFIER_95 }} | |
APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.APP_STORE_CONNECT_PRIVATE_KEY_95 }} | |
VERSION_CODE: ${{ env.GITHUB_RUN_NUMBER_WITH_OFFSET }} | |
VERSION_NAME: ${{ env.APP_BUILD_VERSION }} | |
run: | | |
export PATH=$PATH:/Library/Frameworks/Python.framework/Versions/3.11/bin | |
app-store-connect publish \ | |
--enable-package-validation \ | |
--max-build-processing-wait 10 \ | |
--testflight \ | |
--whats-new "Release ${VERSION_NAME}-${VERSION_CODE}" |