Skip to content

Archive-CN

Archive-CN #49

Workflow file for this run

name: Archive-CN
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
workflow_dispatch:
jobs:
build:
name: Export iPa
runs-on: self-hosted
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: FillSLSSec
env:
SLS_AK: ${{ secrets.SLS_AK }}
SLS_SK: ${{ secrets.SLS_SK }}
run: |
sh FillSecret.sh SLS_AK $SLS_AK ./Flat/EnvConfigs/Release.xcconfig
sh FillSecret.sh SLS_SK $SLS_SK ./Flat/EnvConfigs/Release.xcconfig
- name: PodInstall
run: |
pod repo update
pod install
- name: BuildNumber
uses: yanamura/ios-bump-version@v1
with:
version: ''
build-number: ${{github.run_number}}
- name: GenerateGooglePlist
env:
S: ${{ secrets.GOOGLE_SERVICE_BASE64 }}
run: |
echo $S | base64 -d > Flat/GoogleService-Info.plist
- name: Create action log
env:
RUN_ID: ${{github.run_id}}
RUN_NUMBER: ${{github.run_number}}
run: |
touch "archive_$RUN_NUMBER.log"
echo "url: https://github.com/netless-io/flat-ios/actions/runs/$RUN_ID" >> archive_$RUN_NUMBER.log
- name: Test
env:
RUN_NUMBER: ${{github.run_number}}
run: |
sh test.sh Flat_Release_Test test_flat_$RUN_NUMBER.log
- name: Archive
run: |
sh archive.sh Flat-PROD Flat_Release export_release.plist
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision
continue-on-error: true
- name: Upload to appstore
env:
APPSTOREACCOUNT: ${{ secrets.APPSTOREACCOUNT }}
APPSTOREPASSWORD: ${{ secrets.APPSTOREPASSWORD }}
RUN_NUMBER: ${{github.run_number}}
run: |
# upload to appstore using altool
sh upload.sh "$APPSTOREACCOUNT" "$APPSTOREPASSWORD"
IPA=$(find . -name '*.ipa')
SHA=$(shasum -a 256 $IPA)
echo "sha: $SHA" >> archive_$RUN_NUMBER.log
- name: BlackDuck
env:
BLACK_DUCK_TOKEN: ${{ secrets.BLACK_DUCK_TOKEN }}
BD_HOST: ${{ secrets.BD_HOST }}
RUN_NUMBER: ${{github.run_number}}
BD_COMMAND: ${{secrets.BLACK_DUCK_COMMAND}}
run: |
sh blackduck.sh "$BLACK_DUCK_TOKEN" "$BD_COMMAND"
echo "blackduck: $BD_HOST/api/projects/888fe533-a493-45d1-adfd-9e4765793731/versions/ae27340f-0807-4fb0-93a4-5ee322ece657/components" >> archive_$RUN_NUMBER.log
- name: Upload Test Result
uses: actions/upload-artifact@v4
with:
name: test
path: test_flat_${{github.run_number}}.log
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: output
path: iPa/
- name: Upload Report
uses: actions/upload-artifact@v4
with:
name: report
path: archive_${{github.run_number}}.log