Merge pull request #5 from SputNikPlop/ipa #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release iOS to App Store | |
| on: | |
| workflow_call: | |
| inputs: | |
| working-directory: | |
| default: "." | |
| type: string | |
| whats-new: | |
| default: "New features and minor bug fixes." | |
| type: string | |
| environment-name: | |
| type: string | |
| environment-url: | |
| type: string | |
| publish: | |
| description: 'Publish to App Store' | |
| required: false | |
| default: true | |
| type: boolean | |
| secrets: | |
| APPSTORE_API_PRIVATE_KEY: | |
| required: true | |
| APPLE_CERTIFICATE_PRIVATE_KEY: | |
| required: true | |
| jobs: | |
| ipa: | |
| runs-on: macos-latest | |
| env: | |
| APP_STORE_CONNECT_ISSUER_ID: 863d4663-9217-4c36-9caa-e7b2201ec4f1 | |
| APP_STORE_CONNECT_KEY_IDENTIFIER: PQPDACRFT7 | |
| APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.APPSTORE_API_PRIVATE_KEY }} | |
| CERTIFICATE_PRIVATE_KEY: ${{ secrets.APPLE_CERTIFICATE_PRIVATE_KEY }} | |
| environment: | |
| name: ${{ inputs.environment-name }} | |
| url: ${{ inputs.environment-url }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: paulhatch/[email protected] | |
| id: semantic | |
| with: | |
| change_path: ${{ inputs.working-directory }} | |
| namespace: ${{ inputs.working-directory != '.' && inputs.working-directory || '' }} | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| architecture: x64 | |
| - run: pip3 install codemagic-cli-tools | |
| - uses: subosito/flutter-action@v2 | |
| with: | |
| channel: "stable" | |
| - name: flutter build ipa | |
| - working-directory: ${{ inputs.working-directory }} | |
| run: | | |
| pod repo update | |
| flutter pub get | |
| # configure codesigning | |
| app-store-connect fetch-signing-files $(xcode-project detect-bundle-id) --platform IOS --type IOS_APP_STORE --create | |
| xcode-project use-profiles --export-options-plist=$RUNNER_TEMP/export_options.plist --archive-method=app-store | |
| keychain initialize -p $RUNNER_TEMP/build.keychain | |
| keychain add-certificates -p $RUNNER_TEMP/build.keychain | |
| # fix expired apple wwdc certificate | |
| curl -o $RUNNER_TEMP/AppleWWDRCAG3.cer https://www.apple.com/certificateauthority/AppleWWDRCAG3.cer | |
| security import $RUNNER_TEMP/AppleWWDRCAG3.cer -k $RUNNER_TEMP/build.keychain -T /usr/bin/codesign | |
| flutter build ipa --release --build-name=${{ steps.semantic.outputs.version }} --build-number=$(date +%Y%m%d%H%M) --export-options-plist=$RUNNER_TEMP/export_options.plist | |
| # upload debugging symbols | |
| ./ios/Pods/FirebaseCrashlytics/upload-symbols -gsp ./ios/Runner/GoogleService-Info.plist -p ios ./build || true | |
| # remove keychain | |
| keychain delete -p $RUNNER_TEMP/build.keychain | |
| security default-keychain -s login.keychain | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: release.ipa | |
| path: ${{ inputs.working-directory }}/build/ios/ipa | |
| - if: ${{ inputs.publish }} | |
| working-directory: ${{ inputs.working-directory }} | |
| run: app-store-connect publish --testflight --whats-new "${{ inputs.whats-new }}" | |
| - if: ${{ inputs.publish && github.event_name == 'release' }} | |
| working-directory: ${{ inputs.working-directory }} | |
| run: app-store-connect publish --app-store --whats-new "${{ inputs.whats-new }}" |