-
Notifications
You must be signed in to change notification settings - Fork 12
183 lines (152 loc) · 6.1 KB
/
build_and_release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
name: Build Flutter App
run-name: ${{ github.actor }} is building the Android app bundle 🚀
on:
push:
branches:
- main
jobs:
GetVersionNumber:
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
version: ${{ steps.version.outputs.content }}
steps:
- uses: actions/checkout@v3
- name: Read file
id: version
uses: juliangruber/[email protected]
with:
path: VERSION
- name: Print version
run: echo ${{ steps.version.outputs.content }}
BuildAndroidRelease:
runs-on: ubuntu-latest
environment: production
needs: GetVersionNumber
permissions:
contents: write
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout@v3
# Checkout the repository code and get packages.
- name: Checkout app code
uses: actions/checkout@v3
# Set up Flutter.
- uses: subosito/flutter-action@v1
with:
channel: "stable"
- run: flutter doctor -v
- run: flutter pub get
- name: Download Android keystore
id: android_keystore
uses: timheuer/[email protected]
with:
fileName: upload-keystore.jks
encodedString: ${{ secrets.KEYSTORE_FILE_BASE64 }}
- name: Create key.properties
run: |
echo "storeFile=${{ steps.android_keystore.outputs.filePath }}" > android/key.properties
echo "storePassword=${{ secrets.KEYSTORE_PASSWORD }}" >> android/key.properties
echo "keyPassword=${{ secrets.KEYSTORE_KEY_PASSWORD }}" >> android/key.properties
echo "keyAlias=${{ secrets.KEYSTORE_KEY_ALIAS }}" >> android/key.properties
- name: Build Android Release APK
run: flutter build apk --release
- name: Build Android Release AppBundle
run: flutter build appbundle
- name: Upload APK Artifact
uses: actions/upload-artifact@v3
with:
name: release-apk
path: build/app/outputs/apk/release/app-release.apk
- name: Upload Android AppBundle Artifact
uses: actions/upload-artifact@v3
with:
name: release-aab
path: build/app/outputs/bundle/release/app-release.aab
BuildiOSRelease:
runs-on: macos-latest
environment: production
needs: GetVersionNumber
permissions:
contents: write
steps:
# Checks-out our repository under $GITHUB_WORKSPACE, so our job can access it
- name: Checkout repository
uses: actions/checkout@v3
# Set up Flutter.
- uses: subosito/flutter-action@v1
with:
channel: "stable"
- run: flutter doctor -v
- run: flutter pub get
# Install the Apple certificate and provisioning profile
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.APPSTORE_CERT_BASE64 }}
P12_PASSWORD: ${{ secrets.APPSTORE_CERT_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.MOBILEPROVISION_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
EXPORT_OPTIONS_PLIST: ${{ secrets.EXPORT_OPTIONS_PLIST }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode --output $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
EXPORT_OPTS_PATH=$RUNNER_TEMP/ExportOptions.plist
echo -n "$EXPORT_OPTIONS_PLIST" | base64 --decode -o $EXPORT_OPTS_PATH
# Build and sign the ipa using a single flutter command
- name: Building IPA
run: flutter build ipa --release --export-options-plist=$RUNNER_TEMP/ExportOptions.plist
# Collect the file and upload as artifact
- name: Upload IPA Artifact
uses: actions/upload-artifact@v3
with:
name: release-ipa
path: build/ios/ipa/*.ipa
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision
CreateDraftRelease:
runs-on: macos-latest
needs: [BuildAndroidRelease, BuildiOSRelease, GetVersionNumber]
permissions:
contents: write
steps:
- name: Download Android APK Artifact
uses: actions/download-artifact@master
with:
name: release-apk
path: build/app/outputs/apk/release/app-release.apk
- name: Download Android AAB Artifact
uses: actions/download-artifact@master
with:
name: release-aab
path: build/app/outputs/bundle/release/app-release.aab
- name: Download iOS IPA Artifact
uses: actions/download-artifact@master
with:
name: release-ipa
path: build/ios/ipa/*.ipa
- name: Create Draft Release
uses: ncipollo/[email protected]
with:
artifacts: "build/app/outputs/apk/release/*.apk, build/app/outputs/bundle/release/*.aab, build/ios/ipa/*.ipa"
draft: "true"
tag: ${{needs.GetVersionNumber.outputs.version}}
generateReleaseNotes: "true"