Skip to content

Commit

Permalink
Upload iOS App to testflight (#54)
Browse files Browse the repository at this point in the history
  • Loading branch information
geoff-powell authored Dec 25, 2023
1 parent 1ec09d3 commit f5c0ca3
Showing 1 changed file with 40 additions and 24 deletions.
64 changes: 40 additions & 24 deletions .github/workflows/ios.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ on:
push:
branches:
- main
- ios-upload-testflight # TODO: this is a temporary branch for testing (REMOVE)
pull_request:

concurrency:
Expand All @@ -23,31 +24,43 @@ jobs:
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.IOS_DEV_CERT }}
DISTRIBUTION_CERTIFICATE_BASE64: ${{ secrets.IOS_DISTRIBUTION_CERT }}
P12_PASSWORD: ${{ secrets.IOS_CERT_PASSWORD }}
DISTRIBUTION_P12_PASSWORD: ${{ secrets.IOS_DISTRO_CERT_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.IOS_PROVISIONING_PROFILE }}
DISTRIBUTION_PROFILE_BASE64: ${{ secrets.IOS_DISTRIBUTION_PROFILE }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
BUILD_CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
DISTRO_CERTIFICATE_PATH=$RUNNER_TEMP/distro_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
DISTRO_PP_PATH=$RUNNER_TEMP/distro_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
echo "$BUILD_CERTIFICATE_BASE64" | sed 's/[^A-Za-z0-9+/=]//g' | base64 --decode -o $BUILD_CERTIFICATE_PATH
echo "$DISTRIBUTION_CERTIFICATE_BASE64" | sed 's/[^A-Za-z0-9+/=]//g' | base64 --decode -o $DISTRO_CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
echo -n "$DISTRIBUTION_PROFILE_BASE64" | base64 --decode -o $DISTRO_PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security import $BUILD_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
echo "imported build cert"
security import $DISTRO_CERTIFICATE_PATH -P "$DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
echo "imported distribution cert"
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
cp $DISTRO_PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: set up JDK 17
uses: actions/setup-java@v4
Expand All @@ -61,45 +74,48 @@ jobs:
with:
gradle-home-cache-cleanup: true

- name: Build with Xcode
run: xcodebuild -project iosApp/iosApp.xcodeproj -scheme iosApp -configuration Debug -destination generic/platform=iOS -archivePath $RUNNER_TEMP/Tidy.xcarchive
- name: Build Artifact with Xcode
run: xcodebuild -project iosApp/iosApp.xcodeproj -scheme iosApp -configuration Debug -destination generic/platform=iOS -archivePath $RUNNER_TEMP/Tidy.xcarchive archive

- name: Upload Archive Artifacts
uses: actions/upload-artifact@v4
with:
name: iOS Archive
path: $RUNNER_TEMP/Tidy/**/*.xcarchive
path: ${{ runner.temp }}/**/*.xcarchive

# Only run the following steps when a push event occurs on main branch
- name: Build App Artifact with Xcode
- name: Build IPA Artifact with Xcode
if: github.event_name == 'push'
env:
EXPORT_OPTIONS_PLIST: ${{ secrets.IOS_EXPORT_OPTIONS }}
IOS_EXPORT_OPTIONS: ${{ secrets.IOS_EXPORT_OPTIONS }}
run: |
EXPORT_OPTS_PATH=$RUNNER_TEMP/ExportOptions.plist
echo -n "IOS_EXPORT_OPTIONS" | base64 --decode -o $RUNNER_TEMP/exportOptions.plist
xcodebuild -archivePath $RUNNER_TEMP/iosApp.xcarchive
-exportArchive -exportPath '$RUNNER_TEMP/Tidy.app'
-exportOptionsPlist $RUNNER_TEMP/exportOptions.plist
echo -n "$IOS_EXPORT_OPTIONS" | base64 --decode -o $EXPORT_OPTS_PATH
xcodebuild -exportArchive -archivePath $RUNNER_TEMP/Tidy.xcarchive -exportPath $RUNNER_TEMP -exportOptionsPlist $EXPORT_OPTS_PATH
- name: Upload to Github Artifacts
if: github.event_name == 'push'
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: app
path: $RUNNER_TEMP/**/*.app
path: ${{ runner.temp }}/**/*.ipa

- name: Copy App Store Private Key
- name: Upload to TestFlight
if: github.event_name == 'push'
env:
IOS_APPSTORE_PRIVATE_KEY: ${{ secrets.IOS_APPSTORE_PRIVATE_KEY }}
run: echo -n "$IOS_APPSTORE_PRIVATE_KEY" | base64 --decode -o $RUNNER_TEMP/appstore_private_key.p8
APPSTORE_API_KEY_ID: ${{ secrets.IOS_APPSTORE_API_KEY_ID }}
run: |
mkdir -p ./private_keys
echo "$IOS_APPSTORE_PRIVATE_KEY" | sed 's/[^A-Za-z0-9+/=]//g' | base64 --decode -o "./private_keys/AuthKey_$APPSTORE_API_KEY_ID.p8"
xcrun altool --validate-app -f ${{ runner.temp }}/Tidy.ipa -t ios --apiKey "$APPSTORE_API_KEY_ID" --apiIssuer ${{ secrets.IOS_APPSTORE_ISSUER_ID }}
xcrun altool --upload-app -f ${{ runner.temp }}/Tidy.ipa -t ios --apiKey "$APPSTORE_API_KEY_ID" --apiIssuer ${{ secrets.IOS_APPSTORE_ISSUER_ID }}
- name: Upload app to TestFlight
if: github.event_name == 'push'
uses: apple-actions/upload-testflight-build@v1
with:
app-path: $RUNNER_TEMP/Tidy.app
issuer-id: ${{ secrets.IOS_APPSTORE_ISSUER_ID }}
api-key-id: ${{ secrets.IOS_APPSTORE_API_KEY_ID }}
api-private-key: $RUNNER_TEMP/appstore_private_key.p8
# - name: Upload app to TestFlight
# if: github.event_name == 'push'
# uses: apple-actions/upload-testflight-build@v1
# with:
# app-path: $RUNNER_TEMP/Tidy.ipa
# issuer-id: ${{ secrets.IOS_APPSTORE_ISSUER_ID }}
# api-key-id: ${{ secrets.IOS_APPSTORE_API_KEY_ID }}
# api-private-key: $RUNNER_TEMP/appstore_private_key.p8

0 comments on commit f5c0ca3

Please sign in to comment.