Omit deep signing flag #66
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy to Cocoapods | |
on: | |
push: | |
tags: '[0-9]+.[0-9]+.[0-9]+*' | |
jobs: | |
# test is copied pasted from test.yml - do in a clean way in the future | |
# BEGIN COPY PASTE FROM TEST.YML | |
test: | |
runs-on: macos-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
platform: [ios, mac, tvos] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: sh scripts/install.sh | |
- name: Run test | |
run: fastlane ${{ matrix.platform }} tests | |
pod-lint: | |
runs-on: macos-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: sh scripts/install.sh | |
- name: Run pod lib lint | |
run: pod lib lint --verbose --allow-warnings --sources='https://cdn.cocoapods.org/' | |
# END COPY PASTE FROM TEST.YML | |
deploy-cocoapods: | |
runs-on: macos-latest | |
needs: [pod-lint, test] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: sh scripts/install.sh | |
- name: Deploy to Cocoapods | |
run: sh scripts/deploy.sh | |
env: | |
COCOAPODS_TRUNK_TOKEN: ${{ secrets.COCOAPODS_TRUNK_TOKEN }} | |
sign-and-build-frameworks: | |
runs-on: macos-latest | |
needs: [pod-lint, test] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install pods | |
run: pod install | |
- name: Install the Apple certificate and provisioning profile | |
env: | |
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }} | |
MAC_BUILD_CERTIFICATE_BASE64: ${{ secrets.MAC_BUILD_CERTIFICATE_BASE64 }} | |
MAC_BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.MAC_BUILD_PROVISION_PROFILE_BASE64 }} | |
P12_PASSWORD: ${{ secrets.P12_PASSWORD }} | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
run: | | |
# create variables | |
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision | |
MAC_CERTIFICATE_PATH=$RUNNER_TEMP/mac_build_certificate.p12 | |
MAC_PP_PATH=$RUNNER_TEMP/mac_build_pp.provisionprofile | |
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
# import iOS certificate and provisioning profile from secrets | |
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH | |
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH | |
# import macOS certificate and provisioning profile from secrets | |
echo -n "$MAC_BUILD_CERTIFICATE_BASE64" | base64 --decode -o $MAC_CERTIFICATE_PATH | |
echo -n "$MAC_BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $MAC_PP_PATH | |
# create temporary keychain | |
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
# import iOS certificate to keychain | |
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
security list-keychain -d user -s $KEYCHAIN_PATH | |
# import macOS certificate to keychain | |
security import $MAC_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
security list-keychain -d user -s $KEYCHAIN_PATH | |
# apply provisioning profiles | |
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles | |
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
cp $MAC_PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
- name: Build frameworks | |
run: sh scripts/xcframeworkgen.sh | |
env: | |
BACKTRACE_VERSION: ${{ github.ref_name }} | |
- name: Codesign frameworks | |
env: | |
DISTRIBUTION_IDENTITY: ${{ secrets.DISTRIBUTION_IDENTITY }} | |
run: | | |
codesign --force --timestamp --sign "$DISTRIBUTION_IDENTITY" frameworks/Backtrace.xcframework | |
codesign --force --timestamp --sign "$DISTRIBUTION_IDENTITY" frameworks/PLCrashReporter/CrashReporter.xcframework | |
- name: Tar files to preserve file permissions | |
run: tar -cvzf Archive_XCFrameworks_${{ github.ref_name }}.tar.gz frameworks/ | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: Archive_XCFrameworks_${{ github.ref_name }} | |
path: Archive_XCFrameworks_${{ github.ref_name }}.tar.gz | |
upload-xcframeworks: | |
runs-on: ubuntu-latest | |
needs: sign-and-build-frameworks | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
id: download | |
with: | |
path: artifacts/ | |
- uses: xresloader/upload-to-github-release@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
file: ${{ steps.download.outputs.download-path }} | |
draft: true | |
verbose: env.ACTIONS_STEP_DEBUG |