Skip to content

Sonar changes

Sonar changes #5

Workflow file for this run

name: "Build iOS app"
on:
push:
tags:
- "v*.*.*-*"
# # manual trigger but change to any supported event
# # see addl: https://www.andrewhoog.com/post/how-to-build-react-native-android-app-with-github-actions/#3-run-build-workflow
# workflow_dispatch:
# branches: [main]
jobs:
build_with_signing:
runs-on: macos-14
steps:
- uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: 15.4
- name: checkout repository
uses: actions/checkout@v1
with:
submodules: recursive
- name: Prepare Brew
run: brew install boost
- name: Prepare LibTorrent
run: ./Submodules/LibTorrent-Swift/make.sh
- name: Install the Apple certificate and provisioning profile
env:
FIREBASE_INFO_PLIST_BASE64: ${{ secrets.FIREBASE_INFO_PLIST_BASE64 }}
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
BUILD_CERTIFICATE_PASSWORD: ${{ secrets.BUILD_CERTIFICATE_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
BUILD_PROVISION_PROFILE_PROD_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_PROD_BASE64 }}
BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_BASE64 }}
BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_PROD_BASE64: ${{ secrets.BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_PROD_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
FIREBASE_INFO_PLIST_PATH=iTorrent/Core/Assets/GoogleService-Info.plist
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
PP_PROD_PATH=$RUNNER_TEMP/build_pp_prod.mobileprovision
PW_PP_PATH=$RUNNER_TEMP/build_progresswidget_pp.mobileprovision
PW_PP_PROD_PATH=$RUNNER_TEMP/build_progresswidget_pp_prod.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import firebase plist to the project
echo -n "$FIREBASE_INFO_PLIST_BASE64" | base64 --decode -o $FIREBASE_INFO_PLIST_PATH
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
echo -n "$BUILD_PROVISION_PROFILE_PROD_BASE64" | base64 --decode -o $PP_PROD_PATH
echo -n "$BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_BASE64" | base64 --decode -o $PW_PP_PATH
echo -n "$BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_PROD_BASE64" | base64 --decode -o $PW_PP_PROD_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$BUILD_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PROD_PATH ~/Library/MobileDevice/Provisioning\ Profiles
cp $PW_PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
cp $PW_PP_PROD_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Fix build number
run: |
VERSION=${GITHUB_REF_NAME//v/}
VERSIONPARTS=(${VERSION//-/ })
echo "Set project build number to: ${VERSIONPARTS[1]}"
xcrun agvtool new-version -all ${VERSIONPARTS[1]}
- name: build archive
run: |
xcodebuild \
-workspace iTorrent.xcworkspace \
-scheme "iTorrent" \
-archivePath $RUNNER_TEMP/itorrent.xcarchive \
-sdk iphoneos \
-configuration Release \
-destination generic/platform=iOS \
clean archive
- name: Upload archive
uses: actions/upload-artifact@v4
with:
name: itorrent.xcarchive
path: |
${{ runner.temp }}/itorrent.xcarchive
retention-days: 3
export_ipa:
needs: [build_with_signing]
runs-on: macos-14
strategy:
matrix:
org: [adhoc, prod]
include:
- org: adhoc
export_options_plist_secret: EXPORT_OPTIONS_PLIST
- org: prod
export_options_plist_secret: EXPORT_PROD_OPTIONS_PLIST
steps:
- uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: 15.4
- name: Download artifacts
uses: actions/download-artifact@v4
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
BUILD_CERTIFICATE_PASSWORD: ${{ secrets.BUILD_CERTIFICATE_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
BUILD_PROVISION_PROFILE_PROD_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_PROD_BASE64 }}
BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_BASE64 }}
BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_PROD_BASE64: ${{ secrets.BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_PROD_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
PP_PROD_PATH=$RUNNER_TEMP/build_pp_prod.mobileprovision
PW_PP_PATH=$RUNNER_TEMP/build_progresswidget_pp.mobileprovision
PW_PP_PROD_PATH=$RUNNER_TEMP/build_progresswidget_pp_prod.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
echo -n "$BUILD_PROVISION_PROFILE_PROD_BASE64" | base64 --decode -o $PP_PROD_PATH
echo -n "$BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_BASE64" | base64 --decode -o $PW_PP_PATH
echo -n "$BUILD_PROGRESS_WIDGET_PROVISION_PROFILE_PROD_BASE64" | base64 --decode -o $PW_PP_PROD_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$BUILD_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PROD_PATH ~/Library/MobileDevice/Provisioning\ Profiles
cp $PW_PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
cp $PW_PP_PROD_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Export ipa
env:
EXPORT_OPTIONS_PLIST: ${{ secrets[matrix.export_options_plist_secret] }}
run: |
EXPORT_OPTS_PATH=$RUNNER_TEMP/ExportOptions.plist
echo -n "$EXPORT_OPTIONS_PLIST" | base64 --decode -o $EXPORT_OPTS_PATH
xcodebuild -exportArchive -archivePath itorrent.xcarchive -exportOptionsPlist $EXPORT_OPTS_PATH -exportPath $RUNNER_TEMP/build
- name: Move dSYMs
run: mv itorrent.xcarchive/dSYMs $RUNNER_TEMP/dSYMs
- name: Upload application
uses: actions/upload-artifact@v4
with:
name: app-Release-${{ matrix.org }}
path: |
${{ runner.temp }}/build/iTorrent.ipa
${{ runner.temp }}/build/manifest.plist
${{ runner.temp }}/dSYMs
retention-days: 3
github_release:
needs: [export_ipa]
runs-on: macos-14
steps:
- uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: 15.4
- name: Download artifacts
uses: actions/download-artifact@v4
- name: ZIP dSYMs
run: |
zip -vr dSYMs.zip app-Release-adhoc/dSYMs/ -x "*.DS_Store"
- name: Release to GitHub
uses: softprops/action-gh-release@v2
if: startsWith(github.ref, 'refs/tags/')
with:
repository: XITRIX/iTorrent
token: ${{ secrets.DISTRIB_REPO_ACCESS_TOKEN }}
files: |
app-Release-adhoc/build/iTorrent.ipa
app-Release-adhoc/build/manifest.plist
dSYMs.zip
altstore_release:
needs: [github_release]
runs-on: macos-14
steps:
- uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: 15.4
- name: Checkout repository
uses: actions/checkout@v1
- name: Build altstore source generator
run: xcrun swiftc -parse-as-library ./GenerateAltStoreJson.swift
- name: Generate AltStore Source
run: ./GenerateAltStoreJson >> ./AltStoreSource.json
- name: Release AltStore Source
uses: softprops/action-gh-release@v2
if: startsWith(github.ref, 'refs/tags/')
with:
repository: XITRIX/xitrix.github.io
token: ${{ secrets.DISTRIB_REPO_ACCESS_TOKEN }}
files: |
./AltStoreSource.json
appstore_release:
needs: [export_ipa]
runs-on: macos-14
steps:
- uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: 15.4
- name: Download artifacts
uses: actions/download-artifact@v4
- name: Copy P8 KEY from secrets
env:
PKCS8_KEY: ${{ secrets.APPSTORE_CONNECT_PKCS8_KEY }}
run: |
mkdir ./private_keys
echo -n "$PKCS8_KEY" >> ./private_keys/AuthKey_${{ secrets.APPSTORE_CONNECT_KEY_ID }}.p8
- name: Upload app to TestFlight
run: |
# xcrun altool --upload-package app-Release-prod/build/iTorrent.ipa --apiKey ${{ secrets.APPSTORE_CONNECT_KEY_ID }} --apiIssuer ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }}
xcrun altool --upload-app -f app-Release-prod/build/iTorrent.ipa --apiKey ${{ secrets.APPSTORE_CONNECT_KEY_ID }} --apiIssuer ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }} -t ios