-
-
Notifications
You must be signed in to change notification settings - Fork 2
155 lines (131 loc) · 5.75 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
name: CI
on:
schedule:
- cron: '01 0 * * *' # NIGHTLY @ 00:01
workflow_dispatch:
push:
branches:
- main
# taken from: kiwix/apple .github/workflows/cd.yml
env:
KEYCHAIN: /Users/runner/build.keychain-db
KEYCHAIN_PASSWORD: mysecretpassword
KEYCHAIN_PROFILE: build-profile
SSH_KEY: /tmp/id_rsa
APPLE_STORE_AUTH_KEY_PATH: /tmp/authkey.p8
jobs:
test_and_build:
strategy:
fail-fast: false
matrix:
destination:
- platform: macOS
- platform: iOS
xcode_extra: -sdk iphoneos
runs-on: macos-13
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
path: custom
- name: Install Python dependencies for custom project generation
run: python -m pip install pyyaml
- name: Test python scripts
working-directory: custom
run: PYTHONPATH=src python -m unittest discover -s tests
- name: Set test tag variable as an output
id: vars
run: echo "tag=testapp_2023.12.1" >> $GITHUB_OUTPUT
- name: Validate and parse the tag
working-directory: custom
run: python src/tag_validator.py ${{ steps.vars.outputs.tag }}
- name: Check-out kiwix/apple
uses: actions/checkout@v4
with:
repository: kiwix/apple
path: apple
- name: Install Kiwix dependencies
working-directory: apple
run: | # remove pre-commit, it's not needed for CI
cat Brewfile | grep -v -e pre-commit > Brewfile_CI
brew bundle --force --file Brewfile_CI
- name: Generate project based on tag
env:
DWDS_HTTP_BASIC_ACCESS_AUTHENTICATION: ${{ secrets.DWDS_HTTP_BASIC_ACCESS_AUTHENTICATION }}
run:
|
# move the custom files under the same folder as the kiwix repo
mv custom/ apple/
cd apple/custom
# make a custom copy of the Info.plist file
cp ../Support/Info.plist Custom.plist
python src/tag_validator.py ${{ steps.vars.outputs.tag }}
python src/generate_and_download.py
# move the custom project file to the main folder
mv custom_project.yml ../
cd ..
# run xcodegen on our custom project
xcodegen -s custom_project.yml
ls -la
- name: Set up scheme, version, build_number from files
run: |
# move the checked out github actions to root folder:
mv apple/.github/ .
BRAND=$(<./apple/custom/.brand_name)
echo "BRAND=$BRAND" >> $GITHUB_ENV
VERSION=$(<./apple/custom/.version_number)
echo "VERSION=$VERSION" >> $GITHUB_ENV
# taken from: kiwix/apple .github/workflows/cd.yml
- name: Set up variables for build
env:
PLATFORM: ${{ matrix.destination.platform }}
EXTRA_XCODEBUILD: ${{ matrix.destination.xcode_extra }}
APPLE_STORE_AUTH_KEY_PATH: ${{ env.APPLE_STORE_AUTH_KEY_PATH }}
APPLE_STORE_AUTH_KEY_ID: ${{ secrets.APPLE_STORE_AUTH_KEY_ID }}
APPLE_STORE_AUTH_KEY_ISSUER_ID: ${{ secrets.APPLE_STORE_AUTH_KEY_ISSUER_ID }}
shell: python
run: |
import os
extra_xcode = os.getenv("EXTRA_XCODEBUILD", "")
if os.getenv("PLATFORM") == "iOS":
extra_xcode += f" -authenticationKeyPath {os.getenv('APPLE_STORE_AUTH_KEY_PATH')}"
extra_xcode += f" -authenticationKeyID {os.getenv('APPLE_STORE_AUTH_KEY_ID')}"
extra_xcode += f" -authenticationKeyIssuerID {os.getenv('APPLE_STORE_AUTH_KEY_ISSUER_ID')}"
with open(os.getenv("GITHUB_ENV"), "a") as fh:
fh.write(f"EXPORT_METHOD={'app-store'}\n")
fh.write(f"EXTRA_XCODEBUILD={extra_xcode}\n")
- name: Prepare use of Apple Distribution Certificate
shell: bash
env:
APPLE_DISTRIBUTION_SIGNING_CERTIFICATE: ${{ secrets.APPLE_DISTRIBUTION_SIGNING_CERTIFICATE }}
APPLE_DISTRIBUTION_SIGNING_P12_PASSWORD: ${{ secrets.APPLE_DISTRIBUTION_SIGNING_P12_PASSWORD }}
APPLE_DEVELOPMENT_SIGNING_IDENTITY: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_IDENTITY }}
run: |
echo "SIGNING_CERTIFICATE=${APPLE_DISTRIBUTION_SIGNING_CERTIFICATE}" >> "$GITHUB_ENV"
echo "SIGNING_CERTIFICATE_P12_PASSWORD=${APPLE_DISTRIBUTION_SIGNING_P12_PASSWORD}" >> "$GITHUB_ENV"
echo "SIGNING_IDENTITY=${APPLE_DEVELOPMENT_SIGNING_IDENTITY}" >> "$GITHUB_ENV"
- name: Add Apple Store Key
env:
APPLE_STORE_AUTH_KEY_PATH: ${{ env.APPLE_STORE_AUTH_KEY_PATH }}
APPLE_STORE_AUTH_KEY: ${{ secrets.APPLE_STORE_AUTH_KEY }}
shell: bash
run: echo "${APPLE_STORE_AUTH_KEY}" | base64 --decode -o $APPLE_STORE_AUTH_KEY_PATH
- name: Build xcarchive
uses: ./.github/actions/xcbuild
with:
action: archive
xc-destination: generic/platform=${{ matrix.destination.platform }}
# custom app specific
version: ${{ env.VERSION }}
XC_SCHEME: ${{ env.BRAND }}
DOWNLOAD_DEPENDENCIES: false
XC_WORKSPACE: apple/Kiwix.xcodeproj/project.xcworkspace/
# eof custom app specific
APPLE_DEVELOPMENT_SIGNING_CERTIFICATE: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_CERTIFICATE }}
APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD }}
DEPLOYMENT_SIGNING_CERTIFICATE: ${{ env.SIGNING_CERTIFICATE }}
DEPLOYMENT_SIGNING_CERTIFICATE_P12_PASSWORD: ${{ env.SIGNING_CERTIFICATE_P12_PASSWORD }}
KEYCHAIN: ${{ env.KEYCHAIN }}
KEYCHAIN_PASSWORD: ${{ env.KEYCHAIN_PASSWORD }}
KEYCHAIN_PROFILE: ${{ env.KEYCHAIN_PROFILE }}
EXTRA_XCODEBUILD: ${{ env.EXTRA_XCODEBUILD }}