-
Notifications
You must be signed in to change notification settings - Fork 4
116 lines (94 loc) · 5.36 KB
/
release-app.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: Release App
on:
release:
types: [published]
jobs:
release:
name: 'Release MockingStar App'
runs-on: macOS
permissions:
contents: write
steps:
- name: Check out Repository
uses: actions/checkout@v3
- name: Set env
run: |
version_and_build=$(echo "${GITHUB_REF#refs/*/}" | awk -F '[-]' '{print $1 " " $2}')
version=$(echo $version_and_build | awk '{print $1}')
build=$(echo $version_and_build | awk '{print $2}')
echo "RELEASE_VERSION=$version" >> $GITHUB_ENV
echo "BUILD_NUMBER=$build" >> $GITHUB_ENV
- name: Configure git credentials
uses: fregante/setup-git-user@v2
- name: Install Certs and Profiles
run: |
mkdir ./certs
echo ${{ secrets.CERT }} | base64 -D > ./certs/MockingStarCert.p12
echo ${{ secrets.PROFILE }} | base64 -D > ./certs/Direct_com.trendyol.MockingStar.provisionprofile
echo ${{ secrets.ASC_KEY }} | base64 -D > ./certs/ASCKEY.p8
echo ${{ secrets.SPARKLE_PRIVATE_KEY }} | base64 -D > ./certs/Sparkle.key
export KEYCHAIN_PATH=$(security default-keychain | tr -d ' "' )
security unlock-keychain -p ${{ secrets.PASS }} $KEYCHAIN_PATH
security set-keychain-settings -u -t 3600 $KEYCHAIN_PATH
security import ./certs/MockingStarCert.p12 -k $KEYCHAIN_PATH -P ${{ secrets.CERT_PASS }} -A
security set-key-partition-list -S apple-tool:,apple: -k ${{ secrets.PASS }} $KEYCHAIN_PATH >/dev/null || true
cp ./certs/Direct_com.trendyol.MockingStar.provisionprofile ~/Library/MobileDevice/Provisioning\ Profiles/7a785103-ddb5-42f4-99b5-d7cdb5b6cae9.provisionprofile
- name: Update App Version
run: |
sed -i "" "s/MARKETING_VERSION = .*/MARKETING_VERSION = ${{ env.RELEASE_VERSION }};/g" "./MockingStar/MockingStar.xcodeproj/project.pbxproj"
sed -i "" "s/CURRENT_PROJECT_VERSION = .*/CURRENT_PROJECT_VERSION = ${{ env.BUILD_NUMBER }};/g" "./MockingStar/MockingStar.xcodeproj/project.pbxproj"
- name: Build Mocking Star
run: |
set -o pipefail && xcodebuild archive \
-workspace MockingStar.xcworkspace \
-scheme MockingStar \
-archivePath ./.build/archive \
-derivedDataPath ./.build/derivedData \
-skipMacroValidation \
DEVELOPMENT_TEAM=${{ secrets.TEAM_ID }} \
CODE_SIGN_STYLE=Manual \
CODE_SIGN_IDENTITY="${{ secrets.CODESIGNING_IDENTITY }}" \
PROVISIONING_PROFILE="com.trendyol.mocking-star Direct" \
OTHER_CODE_SIGN_FLAGS="--keychain '~/Library/Keychains/MockingStarKeychain.keychain-db'" | xcbeautify --renderer github-actions
- name: Export Archive
run: |
sed -i '' 's/TEAMID/${{ secrets.TEAM_ID }}/g' ExportOptions.plist
sed -i '' 's/DEVID_CERT/${{ secrets.CODESIGNING_IDENTITY }}/g' ExportOptions.plist
set -o pipefail && xcodebuild -exportArchive \
-archivePath ./.build/archive.xcarchive \
-exportPath ./.build/appBuildOutput \
-exportOptionsPlist ExportOptions.plist | xcbeautify --renderer github-actions
- name: Package App
run: ditto -c -k --sequesterRsrc --keepParent ./.build/appBuildOutput/MockingStar.app ./.build/appBuildOutput/MockingStar-App.zip
- name: Notarytool
run: xcrun notarytool submit ./.build/appBuildOutput/MockingStar-App.zip --issuer ${{ secrets.ASC_ISSUER_ID }} --key-id ${{ secrets.ASC_KEY_ID }} --key ./certs/ASCKEY.p8 --wait
- name: Create Sparkle Update
run: |
MinimumVersion=$(plutil -extract LSMinimumSystemVersion raw -o - .build/appBuildOutput/MockingStar.app/Contents/Info.plist)
Signature=$(./.build/derivedData/SourcePackages/artifacts/sparkle/Sparkle/bin/sign_update -f certs/Sparkle.key .build/appBuildOutput/MockingStar-App.zip)
Signature=$(echo "$Signature" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
export RELEASE_VERSION="${{ env.RELEASE_VERSION }}"
export BUILD_NUMBER="${{ env.BUILD_NUMBER }}"
export RELEASE_VERSION_TAG="${{ github.event.release.tag_name }}"
export RELEASE_NOTES="${{ github.event.release.body }}"
export MinimumVersion="$MinimumVersion"
export Signature="$Signature"
swift run --package-path ./SparkleActions
git commit -m 'Release version ${{ github.event.release.tag_name }}! 🎉' Appcast.xml
git branch Release/${{ github.event.release.tag_name }}
git push -u origin Release/${{ github.event.release.tag_name }}
- name: Create a Release
uses: ncipollo/release-action@v1
with:
tag: ${{ github.event.release.tag_name }}
name: MockingStar - Release ${{ github.event.release.tag_name }}
artifacts: '.build/appBuildOutput/MockingStar-App.zip'
allowUpdates: true
omitBodyDuringUpdate: true
makeLatest: false
- name: Clean Keychain And Files
if: always()
run: |
security delete-certificate -c "${{ secrets.CODESIGNING_IDENTITY }}"
rm -rf ./certs
rm ~/Library/MobileDevice/Provisioning\ Profiles/7a785103-ddb5-42f4-99b5-d7cdb5b6cae9.provisionprofile