-
-
Notifications
You must be signed in to change notification settings - Fork 70
87 lines (77 loc) · 3.24 KB
/
fastlane.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
name: FASTLANE_CI
on:
# push:
# branches: [ "main" ]
pull_request:
# branches: [ "main" ]
env:
APPLE_STORE_AUTH_KEY_PATH: /tmp/authkey.p8
KEYCHAIN: /Users/runner/build.keychain-db
KEYCHAIN_PASSWORD: mysecretpassword
workflow_dispatch:
jobs:
authorize:
# sets environment based on origin of PR: internal (non-existent) for own-repo or external (requires reviewer to run) for external repos
environment: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
runs-on: ubuntu-22.04
steps:
- run: true
build:
needs: authorize
runs-on: macos-13
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
# /!\ important: this checks out code from the HEAD of the PR instead of the main branch (for pull_request_target)
ref: ${{ github.event.pull_request.head.sha || github.ref }}
# - name: Checkout certs
# uses: actions/checkout@v4
# with:
# repository: kiwix/apple-certificates
# ref: master
# path: certificates
# token: ${{ secrets.APPLE_CERTIFICATES_PAT }}
- name: Create Keychain
shell: bash
env:
KEYCHAIN: ${{ env.KEYCHAIN }}
KEYCHAIN_PASSWORD: ${{ env.KEYCHAIN_PASSWORD }}
run: |
security create-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN
security default-keychain -s $KEYCHAIN
security set-keychain-settings $KEYCHAIN
security unlock-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN
- name: Add Apple Distribution certificate to Keychain
uses: ./.github/actions/install-cert
with:
# SIGNING_CERTIFICATE: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_CERTIFICATE }}
# SIGNING_CERTIFICATE_P12_PASSWORD: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD }}
SIGNING_CERTIFICATE: ${{ secrets.APPLE_DISTRIBUTION_SIGNING_CERTIFICATE }}
SIGNING_CERTIFICATE_P12_PASSWORD: ${{ secrets.APPLE_DISTRIBUTION_SIGNING_P12_PASSWORD }}
KEYCHAIN: ${{ env.KEYCHAIN }}
KEYCHAIN_PASSWORD: ${{ env.KEYCHAIN_PASSWORD }}
- name: Add Apple Store Key
env:
APPLE_STORE_AUTH_KEY_PATH: ${{ env.APPLE_STORE_AUTH_KEY_PATH }}
APPLE_STORE_AUTH_KEY: ${{ secrets.APPLE_STORE_AUTH_KEY }}
shell: bash
run: echo "${APPLE_STORE_AUTH_KEY}" | base64 --decode -o $APPLE_STORE_AUTH_KEY_PATH
- name: Download dependencies
run:
|
brew bundle
bundle update
- name: Build iOS Kiwix app with Fastlane
env:
APP_STORE_CONNECT_API_KEY_KEY_ID: ${{ secrets.APPLE_STORE_AUTH_KEY_ID }}
APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.APPLE_STORE_AUTH_KEY_ISSUER_ID }}
APP_STORE_CONNECT_API_KEY_KEY_FILEPATH: ${{ env.APPLE_STORE_AUTH_KEY_PATH }}
# MATCH_PASSWORD: ${{ secrets.APPLE_CERTIFICATES_MATCH_PASSWORD }}
# MATCH_KEYCHAIN_PASSWORD: ${{ secrets.APPLE_CERTIFICATES_MATCH_PASSWORD }}
KEYCHAIN: ${{ env.KEYCHAIN }}
KEYCHAIN_PASSWORD: ${{ env.KEYCHAIN_PASSWORD }}
shell: bash
run:
|
bundle exec fastlane ios build