Skip to content

another try

another try #17

Workflow file for this run

name: Build and sign application
on:
push:
# TODO remove
branches: ['feature/signing_key']
# tags:
# - "v[0-9]+.[0-9]+.[0-9]+"
# - "v[0-9]+.[0-9]+.[0-9]+([0-9]+)"
workflow_dispatch:
inputs:
name:
description: "Release-Build"
default: "Generate release build"
permissions:
contents: write
jobs:
# build-android:
# name: Android Build
# environment: packaging
# runs-on: ubuntu-latest
# steps:
# - name: Checkout
# uses: actions/checkout@v4
# with:
# path: app
# - name: Checkout "eidmsdk_flutter"
# uses: actions/checkout@v4
# with:
# repository: slovensko-digital/eidmsdk-flutter
# token: ${{ secrets.GH_PAT }}
# path: eidmsdk_flutter
# - name: Checkout "autogram_sign"
# uses: actions/checkout@v4
# with:
# repository: slovensko-digital/avm-client-dart
# token: ${{ secrets.GH_PAT }}
# path: autogram_sign
# - uses: actions/setup-java@v1
# with:
# java-version: '17.x'
# - uses: subosito/flutter-action@v1
# with:
# flutter-version: '3.16.5'
# channel: 'stable'
# - name: Install dependencies
# working-directory: ./app
# run: flutter pub get
# - name: Test
# working-directory: ./app
# run: flutter test
# - name: Decode Keystore
# env:
# ENCODED_STRING: ${{ secrets.GOOGLE_KEYSTORE_BASE_64 }}
# working-directory: ./app
# run: echo $ENCODED_STRING | base64 -d > release_keystore.jks
# - name: Build
# env:
# AVM_KEYSTORE_FILE: ../../release_keystore.jks
# AVM_KEYSTORE_PASSWORD: ${{ secrets.GOOGLE_RELEASE_KEYSTORE_PASSWORD }}
# AVM_KEY_ALIAS: ${{ secrets.GOOGLE_RELEASE_KEYSTORE_ALIAS }}
# AVM_KEY_PASSWORD: ${{ secrets.GOOGLE_RELEASE_KEY_PASSWORD }}
# working-directory: ./app
# run: flutter build appbundle --release
# - name: Upload Release Build to Artifacts
# uses: actions/upload-artifact@v3
# with:
# name: release-artifacts
# path: ./app/build/app/outputs/bundle/release/app-release.aab
# - name: Create release if tag pushed
# uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
# if: startsWith(github.ref, 'refs/tags/')
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# with:
# draft: true
# prerelease: true
# files: |
# ./app/build/app/outputs/bundle/release/app-release.aab
build-ios:
name: iOS Build
environment: packaging
runs-on: macos-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
path: app
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_CERT_BASE_64 }}
P12_PASSWORD: ${{ secrets.APPLE_CERT_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.APPLE_PROVISION_PROFILE_BASE_64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode --output $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Checkout "eidmsdk_flutter"
uses: actions/checkout@v4
with:
repository: slovensko-digital/eidmsdk-flutter
token: ${{ secrets.GH_PAT }}
path: eidmsdk_flutter
- name: Checkout "autogram_sign"
uses: actions/checkout@v4
with:
repository: slovensko-digital/avm-client-dart
token: ${{ secrets.GH_PAT }}
path: autogram_sign
- uses: actions/setup-java@v1
with:
java-version: '17.x'
- uses: subosito/flutter-action@v1
with:
flutter-version: '3.16.5'
channel: 'stable'
- name: Install dependencies
working-directory: ./app
run: flutter pub get
- name: Test
working-directory: ./app
run: flutter test
- name: Building IPA
working-directory: ./app
run: flutter build ipa --release --export-options-plist=./ios/ExportOptions.plist
- name: collect ipa artifacts
uses: actions/upload-artifact@v2
with:
name: release-ipa
path: ./app/build/ios/ipa/*.ipa
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision