Skip to content

Update ci_cd.yml

Update ci_cd.yml #13

Workflow file for this run

name: CI/CD
on:
# Push on main excluding tags
push:
branches:
- 'main'
tags-ignore:
- '*.*'
jobs:
build:
name: CI/CD
runs-on: macos-latest
steps:
- name: Cancel previous runs
uses: styfle/cancel-workflow-action@0.12.1
with:
access_token: ${{ github.token }}
- name: Checkout
uses: actions/checkout@v4
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.APPLE_BUILD_CERT_PASSWORD }}
GENERIC_APP_PROVISION_PROFILE: ${{ secrets.APPLE_GENERIC_APP_PROVISION_PROFILE_BASE64 }}
NOTIFICATION_SERVICE_PROVISION_PROFILE: ${{ secrets.APPLE_NOTIFICATION_SERVICE_PROVISION_PROFILE_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$GENERIC_APP_PROVISION_PROFILE" | base64 --decode -o $PP_PATH
echo -n "$NOTIFICATION_SERVICE_PROVISION_PROFILE" | base64 --decode -o $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Pods cache
uses: actions/cache@v4
with:
path: Pods
key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }}
restore-keys: |
${{ runner.os }}-pods-
- name: Setup Cocoapods based on Podfile.lock
uses: maxim-lobanov/setup-cocoapods@v1
with:
podfile-path: GenericApp/Podfile.lock
- name: CocoaPod Install
run: pod install --project-directory=./GenericApp
- name: build archive
run: |
xcodebuild -workspace GenericApp/GenericApp.xcodeproj/project.xcworkspace -scheme "GenericApp" \
-archivePath $RUNNER_TEMP/genericapp.xcarchive \
-sdk iphoneos \
-configuration Release \
-destination generic/platform=iOS \
clean archive
- name: export ipa
env:
EXPORT_OPTIONS_PLIST: ${{ secrets.APPLE_EXPORT_OPTIONS_PLIST }}
run: |
EXPORT_OPTS_PATH=$RUNNER_TEMP/ExportOptions.plist
echo -n "$EXPORT_OPTIONS_PLIST" | base64 --decode -o $EXPORT_OPTS_PATH
xcodebuild -exportArchive -archivePath $RUNNER_TEMP/genericapp.xcarchive -exportOptionsPlist $EXPORT_OPTS_PATH -exportPath $RUNNER_TEMP/build
- name: Upload IPAs
if: success()
uses: actions/upload-artifact@v4
with:
name: ipas
path: |
**/*.ipa