[Infra] API Call 정리 #53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will build a Swift project | |
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-swift | |
| name: deploy | |
| on: | |
| push: | |
| branches: [ "develop" ] | |
| jobs: | |
| build: | |
| runs-on: macos-15 | |
| environment: develop | |
| env: | |
| # app archive 및 export 에 쓰일 환경 변수 설정 | |
| XC_WORKSPACE: ${{ 'three-days-iOS.xcworkspace' }} | |
| XC_SCHEME: ${{ 'three-days-dev' }} | |
| XC_ARCHIVE: ${{ 'three-days-dev.xcarchive' }} | |
| # certificate | |
| ENCRYPTED_CERT_FILE_PATH: ${{ '.github/secrets/certification.p12.gpg' }} | |
| DECRYPTED_CERT_FILE_PATH: ${{ '.github/secrets/certification.p12' }} | |
| CERT_ENCRYPTION_KEY: ${{ secrets.CERTS_ENCRYPTION_PWD }} # gpg로 파일 암호화할 때 사용한 암호 | |
| # provisioning | |
| ENCRYPTED_PROVISION_FILE_PATH: ${{ '.github/secrets/3days-dev.mobileprovision.gpg' }} | |
| DECRYPTED_PROVISION_FILE_PATH: ${{ '.github/secrets/3days-dev.mobileprovision' }} | |
| PROVISIONING_ENCRYPTION_KEY: ${{ secrets.PROVISION_ENCRYPTION_PWD }} # gpg로 파일 암호화할 때 사용한 암호 | |
| # certification export key | |
| CERT_EXPORT_KEY: ${{ secrets.CERT_EXPORT_PWD }} | |
| KEYCHAIN: ${{ 'test.keychain' }} | |
| steps: | |
| # 단계별 task 를 나타낼 이름 | |
| - name: Select latest Xcode | |
| # shell 이용해서 하나의 command 수행 | |
| run: "sudo xcode-select -s /Applications/Xcode.app" | |
| - name: Checkout project | |
| # uses 키워드를 통해 Github Actions에서 기본으로 제공하는 액션을 사용 가능. 아래 액션은 repository 에 체크아웃하는 것 | |
| uses: actions/checkout@v2 | |
| - name: Install Mise | |
| run: | | |
| curl https://mise.run | sh | |
| mise install | |
| - name: Create Secret.swift file | |
| run: | | |
| echo '${{ secrets.SECRET_SWIFT }}' > ./Projects/Core/CoreKit/Sources/Secret.swift | |
| - name: Install Tuist dependencies | |
| run: mise x -- tuist install | |
| - name: Generate Xcworkspace | |
| run: mise x -- tuist generate | |
| - name: Get version number | |
| id: get-version | |
| run: | | |
| cd Projects/App | |
| VERSION_NUMBER=$(xcrun agvtool what-marketing-version -terse1) | |
| echo "VERSION_NUMBER=$VERSION_NUMBER" >> $GITHUB_ENV | |
| cd - | |
| - name: set build number | |
| run: | | |
| cd Projects/App | |
| # 시분초 기반 빌드넘버 생성 | |
| BUILD_DATE=$(TZ=Asia/Seoul date +'%y%m%d') | |
| BUILD_TIME=$(TZ=Asia/Seoul date +'%H%M') | |
| BUILD_NUMBER="${BUILD_DATE}${BUILD_TIME}" | |
| # 로그 | |
| echo "BUILD_NUMBER=$BUILD_NUMBER" >> $GITHUB_ENV | |
| # 빌드넘버 세팅 | |
| xcrun agvtool new-version -all $BUILD_NUMBER | |
| # 기존 디렉토리로 | |
| cd - | |
| - name: Send start notification to Discord | |
| run: | | |
| curl -H "Content-Type: application/json" \ | |
| -X POST \ | |
| -d "{\"content\": null, \"embeds\": [{\"title\": \"iOS 배포 시작(dev)\", \"description\": \"Actor: ${{ github.actor }} \nVersion: ${{ env.VERSION_NUMBER }} (${{ env.BUILD_NUMBER }})\", \"color\": 5814783}]}" \ | |
| ${{ secrets.DISCORD_WEBHOOK_URL }} | |
| - name: Configure Keychain | |
| # 키체인 초기화 - 임시 키체인 생성 | |
| run: | | |
| security create-keychain -p "" "$KEYCHAIN" | |
| security list-keychains -s "$KEYCHAIN" | |
| security default-keychain -s "$KEYCHAIN" | |
| security unlock-keychain -p "" "$KEYCHAIN" | |
| security set-keychain-settings | |
| - name : Configure Code Signing | |
| run: | | |
| # certificate 복호화 | |
| gpg -d -o "$DECRYPTED_CERT_FILE_PATH" --pinentry-mode=loopback --passphrase "$CERT_ENCRYPTION_KEY" "$ENCRYPTED_CERT_FILE_PATH" | |
| # provisioning 복호화 | |
| gpg -d -o "$DECRYPTED_PROVISION_FILE_PATH" --pinentry-mode=loopback --passphrase "$PROVISIONING_ENCRYPTION_KEY" "$ENCRYPTED_PROVISION_FILE_PATH" | |
| # security를 사용하여 인증서와 개인 키를 새로 만든 키 체인으로 가져옴 | |
| security import "$DECRYPTED_CERT_FILE_PATH" -k "$KEYCHAIN" -P "$CERT_EXPORT_KEY" -A | |
| security set-key-partition-list -S apple-tool:,apple: -s -k "" "$KEYCHAIN" | |
| # Xcode에서 찾을 수 있는 프로비저닝 프로필 설치하기 위해 우선 프로비저닝 디렉토리를 생성 | |
| mkdir -p "$HOME/Library/MobileDevice/Provisioning Profiles" | |
| # 디버깅 용 echo 명령어 | |
| echo `ls .github/secrets/*.mobileprovision` | |
| # 모든 프로비저닝 프로파일을 rename 하고 위에서 만든 디렉토리로 복사하는 과정 | |
| for PROVISION in `ls .github/secrets/*.mobileprovision` | |
| do | |
| UUID=`/usr/libexec/PlistBuddy -c 'Print :UUID' /dev/stdin <<< $(security cms -D -i ./$PROVISION)` | |
| cp "./$PROVISION" "$HOME/Library/MobileDevice/Provisioning Profiles/$UUID.mobileprovision" | |
| done | |
| - name: Archive app | |
| # 빌드 및 아카이브 | |
| run: | | |
| xcodebuild clean archive -workspace $XC_WORKSPACE -scheme $XC_SCHEME -archivePath $XC_ARCHIVE | |
| - name: Export app | |
| # export 를 통해 ipa 파일 만듦 | |
| run: | | |
| xcodebuild -exportArchive -archivePath $XC_ARCHIVE -exportOptionsPlist ExportOptions-dev.plist -exportPath . -allowProvisioningUpdates | |
| - name: Upload app to TestFlight | |
| uses: apple-actions/upload-testflight-build@v1 | |
| with: | |
| app-path: 'three_days_dev.ipa' | |
| issuer-id: ${{ secrets.APPSTORE_ISSUER_ID }} | |
| api-key-id: ${{ secrets.APPSTORE_API_KEY_ID }} | |
| api-private-key: ${{ secrets.APPSTORE_API_PRIVATE_KEY }} | |
| - name: Success notification to Discord | |
| if: success() | |
| run: | | |
| curl -H "Content-Type: application/json" \ | |
| -X POST \ | |
| -d "{\"content\": null, \"embeds\": [{\"title\": \"iOS 배포 성공(dev)\", \"description\": \"Actor: ${{ github.actor }} \nVersion: ${{ env.VERSION_NUMBER }} (${{ env.BUILD_NUMBER }})\", \"color\": 5814783}]}" \ | |
| ${{ secrets.DISCORD_WEBHOOK_URL }} | |
| - name: Failure notification to Discord | |
| if: failure() | |
| run: | | |
| curl -H "Content-Type: application/json" \ | |
| -X POST \ | |
| -d "{\"content\": null, \"embeds\": [{\"title\": \"iOS 배포 실패....(dev)\", \"description\": \"Actor: ${{ github.actor }} \nVersion: ${{ env.VERSION_NUMBER }} (${{ env.BUILD_NUMBER }})\", \"color\": 16711741}]}" \ | |
| ${{ secrets.DISCORD_WEBHOOK_URL }} |