passepartout-apple/.github/workflows/release.yml
Davide De Rosa ca7de6d6ae Unlock keychain after creation
Might be the reason behind build hanging up in CI, arguably
waiting for a keychain password prompt.

Now, the issue never happened while prepping #207.

When testing the PR though, the testing step was omitted. This
drastically reduced the time between keychain creation and the
build to reach the codesigning phase. By restoring tests in
between, the increase in time would likely incur in keychain
auto-locking up.

- Convert action to keychain creation only

- Restore xcpretty as irrelevant (2a5c231)
2021-12-04 11:52:59 +01:00

194 lines
6.5 KiB
YAML

name: Release
on:
push:
branches:
- "master"
paths:
- ".beta-build"
env:
APP_STORE_CONNECT_API_KEY: ${{ secrets.APP_STORE_CONNECT_API_KEY }}
FASTLANE_USERNAME: ${{ secrets.FASTLANE_USERNAME }}
FASTLANE_PASSWORD: ${{ secrets.FASTLANE_PASSWORD }}
MATCH_USERNAME: ${{ secrets.MATCH_USERNAME }}
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
MATCH_GIT_URL: ${{ secrets.MATCH_GIT_URL }}
MATCH_GIT_PRIVATE_KEY: ${{ secrets.MATCH_GIT_PRIVATE_KEY }}
MATCH_KEYCHAIN_NAME: ${{ secrets.MATCH_KEYCHAIN_NAME }}
MATCH_KEYCHAIN_PASSWORD: ${{ secrets.MATCH_KEYCHAIN_PASSWORD }}
PILOT_USERNAME: ${{ secrets.PILOT_USERNAME }}
PILOT_GROUPS: ${{ secrets.PILOT_GROUPS }}
PILOT_BETA_APP_FEEDBACK: ${{ secrets.PILOT_BETA_APP_FEEDBACK }}
PILOT_BETA_APP_REVIEW_INFO: ${{ secrets.PILOT_BETA_APP_REVIEW_INFO }}
PILOT_NOTIFY_EXTERNAL_TESTERS: ${{ secrets.PILOT_NOTIFY_EXTERNAL_TESTERS }}
CHANGELOG_PREFACE: ${{ secrets.CHANGELOG_PREFACE }}
jobs:
build_upload:
name: Upload to ASC
runs-on: macos-11
strategy:
fail-fast: true
matrix:
name: ["iOS", "macOS"]
include:
- name: "iOS"
platform: "ios"
use_version: true
- name: "macOS"
platform: "mac"
env:
PLATFORM: ${{ matrix.platform }}
GYM_OUTPUT_DIRECTORY: "dist/${{ matrix.platform }}"
steps:
- uses: actions/checkout@v2
with:
submodules: true
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: latest-stable
- name: Create keychain
uses: ./.github/actions/create-keychain
with:
name: ${{ env.MATCH_KEYCHAIN_NAME }}
password: ${{ env.MATCH_KEYCHAIN_PASSWORD }}
- name: Preinstall certificates (SSH)
run: |
scripts/ci/recognize-match-hostname.sh
bundle exec fastlane --env ${{ matrix.platform }} match development
- name: Store app version
id: app_version
if: ${{ matrix.use_version }}
run: |
VERSION=`ci/version-number.sh $PLATFORM`
BUILD=`ci/build-number.sh $PLATFORM`
echo "::set-output name=version::$VERSION"
echo "::set-output name=build::$BUILD"
- name: Run tests
run: |
cd PassepartoutCore
swift test
- name: Build ${{ matrix.name }} app
timeout-minutes: 15
run: |
bundle exec fastlane --env $PLATFORM,beta test_and_build_app test:false
- name: Submit to TestFlight
run: |
if [ $PLATFORM == "ios" ]; then
export PILOT_IPA="$GYM_OUTPUT_DIRECTORY/Passepartout.ipa"
else
export PILOT_PKG="$GYM_OUTPUT_DIRECTORY/Passepartout.pkg"
fi
export PILOT_CHANGELOG=`ci/build-changelog.sh $PLATFORM`
bundle exec fastlane --env $PLATFORM,beta run pilot
outputs:
version: ${{ steps.app_version.outputs.version }}
build: ${{ steps.app_version.outputs.build }}
distribute_public_beta:
name: Distribute Public Beta
runs-on: ubuntu-latest
needs: build_upload
environment:
name: public_beta
url: "https://testflight.apple.com/join/K71mtLjZ"
env:
PILOT_USERNAME: ${{ secrets.PILOT_USERNAME }}
PILOT_GROUPS: ${{ secrets.PILOT_GROUPS }}
PILOT_APP_VERSION: ${{ needs.build_upload.outputs.version }}
PILOT_BUILD_NUMBER: ${{ needs.build_upload.outputs.build }}
PILOT_DISTRIBUTE_ONLY: true
steps:
- name: Check out repository
uses: actions/checkout@v2
with:
submodules: true
- name: Prepare Ruby bundle
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Publish on TestFlight (iOS)
run: |
bundle exec fastlane --env ios,beta run pilot
# - name: Publish on TestFlight (macOS)
# run: |
# bundle exec fastlane --env mac,beta run pilot
- name: Tag beta
run: |
git tag "v$PILOT_APP_VERSION-b$PILOT_BUILD_NUMBER" && git push --tags
submit_for_app_review:
name: Submit to App Review
runs-on: ubuntu-latest
needs: build_upload
environment:
name: app_review
env:
DELIVER_USERNAME: ${{ secrets.DELIVER_USERNAME }}
DELIVER_APP_VERSION: ${{ needs.build_upload.outputs.version }}
DELIVER_BUILD_NUMBER: ${{ needs.build_upload.outputs.build }}
DELIVER_FORCE: true
steps:
- name: Check out repository
uses: actions/checkout@v2
with:
submodules: true
- name: Prepare Ruby bundle
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Submit for App Review (iOS)
run: |
bundle exec fastlane --env ios deliver_review add_id_info_uses_idfa:false
- name: Submit for App Review (macOS)
run: |
bundle exec fastlane --env mac deliver_review add_id_info_uses_idfa:false
publish_to_app_store:
name: Publish to App Store
runs-on: ubuntu-latest
needs: submit_for_app_review
environment:
name: app_store
env:
TAG_NAME: ${{ needs.build_upload.outputs.version }}
steps:
- name: Check out repository
uses: actions/checkout@v2
with:
submodules: true
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v4
with:
gpg_private_key: ${{ secrets.GPG_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
git_user_signingkey: true
git_commit_gpgsign: true
git_tag_gpgsign: true
git_push_gpgsign: false
- name: Tag release
run: |
git pull --no-tags origin $GITHUB_REF_NAME
git submodule update --recursive
scripts/ci/commit-release.sh $TAG_NAME
git push && git push --tags
- name: Assemble notes
run: |
RELEASE_NOTES="release-notes.txt"
echo "# App Store" >$RELEASE_NOTES
echo >>$RELEASE_NOTES
echo "## iOS" >>$RELEASE_NOTES
echo >>$RELEASE_NOTES
cat Passepartout/App/iOS/fastlane/metadata/en-US/release_notes.txt >>$RELEASE_NOTES
echo "## macOS" >>$RELEASE_NOTES
echo >>$RELEASE_NOTES
cat Passepartout/App/macOS/fastlane/metadata/en-US/release_notes.txt >>$RELEASE_NOTES
- name: Publish release
uses: softprops/action-gh-release@v1
with:
tag_name: "v${{ needs.build_upload.outputs.version }}"
body_path: release-notes.txt
files: |
release-notes.txt