Skip to content

Add version code generation in CI #287

Add version code generation in CI

Add version code generation in CI #287

Workflow file for this run

name: iOS
on:
push:
branches:
- main
- ci-version-code # TODO: this is a temporary branch for testing (REMOVE)
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
build-number:
uses: ./.github/workflows/build-number.yml
build:
runs-on: macos-latest
steps:
- name: Check Xcode version
run: /usr/bin/xcodebuild -version
- name: Checkout Repo
uses: actions/checkout@v4
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.IOS_DEV_CERT }}
DISTRIBUTION_CERTIFICATE_BASE64: ${{ secrets.IOS_DISTRIBUTION_CERT }}
P12_PASSWORD: ${{ secrets.IOS_CERT_PASSWORD }}
DISTRIBUTION_P12_PASSWORD: ${{ secrets.IOS_DISTRO_CERT_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.IOS_PROVISIONING_PROFILE }}
DISTRIBUTION_PROFILE_BASE64: ${{ secrets.IOS_DISTRIBUTION_PROFILE }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
BUILD_CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
DISTRO_CERTIFICATE_PATH=$RUNNER_TEMP/distro_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
DISTRO_PP_PATH=$RUNNER_TEMP/distro_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo "$BUILD_CERTIFICATE_BASE64" | sed 's/[^A-Za-z0-9+/=]//g' | base64 --decode -o $BUILD_CERTIFICATE_PATH
echo "$DISTRIBUTION_CERTIFICATE_BASE64" | sed 's/[^A-Za-z0-9+/=]//g' | base64 --decode -o $DISTRO_CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
echo -n "$DISTRIBUTION_PROFILE_BASE64" | base64 --decode -o $DISTRO_PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $BUILD_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
echo "imported build cert"
security import $DISTRO_CERTIFICATE_PATH -P "$DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
echo "imported distribution cert"
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
cp $DISTRO_PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'zulu'
cache: gradle
- name: Setup gradle
uses: gradle/gradle-build-action@v2
with:
gradle-home-cache-cleanup: true
# DEBUG: print out all environment variables
- name: Output Run ID
run: echo ${{ github.run_id }}
- name: Output Run Number
run: echo ${{ github.run_number }}
- name: Output Run Attempt
run: echo ${{ github.run_attempt }}
- name: Generate Version Code
run: |
echo "VERSION_CODE=$GITHUB_RUN_NUMBER" >> $GITHUB_ENV
- name: Build Artifact with Xcode
run: xcodebuild -project iosApp/iosApp.xcodeproj -scheme iosApp -configuration Debug -destination generic/platform=iOS -archivePath $RUNNER_TEMP/Tidy.xcarchive archive
- name: Upload Archive Artifacts
uses: actions/upload-artifact@v4
with:
name: iOS Archive
path: ${{ runner.temp }}/**/*.xcarchive
# Only run the following steps when a push event occurs on main branch
- name: Build IPA Artifact with Xcode
if: github.event_name == 'push'
env:
IOS_EXPORT_OPTIONS: ${{ secrets.IOS_EXPORT_OPTIONS }}
run: |
EXPORT_OPTS_PATH=$RUNNER_TEMP/ExportOptions.plist
echo -n "$IOS_EXPORT_OPTIONS" | base64 --decode -o $EXPORT_OPTS_PATH
xcodebuild -exportArchive -archivePath $RUNNER_TEMP/Tidy.xcarchive -exportPath $RUNNER_TEMP -exportOptionsPlist $EXPORT_OPTS_PATH
- name: Upload to Github Artifacts
if: github.event_name == 'push'
uses: actions/upload-artifact@v4
with:
name: app
path: ${{ runner.temp }}/**/*.ipa
- name: Upload to TestFlight
if: github.event_name == 'push'
env:
IOS_APPSTORE_PRIVATE_KEY: ${{ secrets.IOS_APPSTORE_PRIVATE_KEY }}
APPSTORE_API_KEY_ID: ${{ secrets.IOS_APPSTORE_API_KEY_ID }}
run: |
mkdir -p ./private_keys
echo "$IOS_APPSTORE_PRIVATE_KEY" | sed 's/[^A-Za-z0-9+/=]//g' | base64 --decode -o "./private_keys/AuthKey_$APPSTORE_API_KEY_ID.p8"
xcrun altool --validate-app -f ${{ runner.temp }}/Tidy.ipa -t ios --apiKey "$APPSTORE_API_KEY_ID" --apiIssuer ${{ secrets.IOS_APPSTORE_ISSUER_ID }}
xcrun altool --upload-app -f ${{ runner.temp }}/Tidy.ipa -t ios --apiKey "$APPSTORE_API_KEY_ID" --apiIssuer ${{ secrets.IOS_APPSTORE_ISSUER_ID }}
# - name: Upload app to TestFlight
# if: github.event_name == 'push'
# uses: apple-actions/upload-testflight-build@v1
# with:
# app-path: $RUNNER_TEMP/Tidy.ipa
# issuer-id: ${{ secrets.IOS_APPSTORE_ISSUER_ID }}
# api-key-id: ${{ secrets.IOS_APPSTORE_API_KEY_ID }}
# api-private-key: $RUNNER_TEMP/appstore_private_key.p8