diff --git a/.github/actions/install-cert/action.yml b/.github/actions/install-cert/action.yml deleted file mode 100644 index fea8855..0000000 --- a/.github/actions/install-cert/action.yml +++ /dev/null @@ -1,31 +0,0 @@ -name: Install Certificate in Keychain -description: Install a single cert in existing keychain - -inputs: - KEYCHAIN: - required: true - KEYCHAIN_PASSWORD: - required: true - SIGNING_CERTIFICATE: - required: true - SIGNING_CERTIFICATE_P12_PASSWORD: - required: true - -runs: - using: composite - steps: - - name: Install certificate - shell: bash - env: - KEYCHAIN: ${{ inputs.KEYCHAIN }} - KEYCHAIN_PASSWORD: ${{ inputs.KEYCHAIN_PASSWORD }} - CERTIFICATE_PATH: /tmp/cert.p12 - SIGNING_CERTIFICATE: ${{ inputs.SIGNING_CERTIFICATE }} - SIGNING_CERTIFICATE_P12_PASSWORD: ${{ inputs.SIGNING_CERTIFICATE_P12_PASSWORD }} - run: | - security unlock-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN - echo "${SIGNING_CERTIFICATE}" | base64 --decode -o $CERTIFICATE_PATH - security import $CERTIFICATE_PATH -k $KEYCHAIN -P "${SIGNING_CERTIFICATE_P12_PASSWORD}" -A -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild - rm $CERTIFICATE_PATH - security find-identity -v $KEYCHAIN - security set-key-partition-list -S apple-tool:,apple: -s -k $KEYCHAIN_PASSWORD $KEYCHAIN diff --git a/.github/actions/xcbuild/action.yml b/.github/actions/xcbuild/action.yml deleted file mode 100644 index 6492d62..0000000 --- a/.github/actions/xcbuild/action.yml +++ /dev/null @@ -1,128 +0,0 @@ -name: Build with Xcode -description: Run xcodebuild for Kiwix - -inputs: - action: - required: true - version: - required: true - xc-destination: - required: true - upload-to: - required: true - APPLE_DEVELOPMENT_SIGNING_CERTIFICATE: - required: true - APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD: - required: true - DOWNLOAD_DEPENDENCIES: - required: true - default: true - DEPLOYMENT_SIGNING_CERTIFICATE: - required: false - DEPLOYMENT_SIGNING_CERTIFICATE_P12_PASSWORD: - required: false - KEYCHAIN: - required: false - default: /Users/runner/build.keychain-db - KEYCHAIN_PASSWORD: - required: false - default: mysecretpassword - KEYCHAIN_PROFILE: - required: false - default: build-profile - XC_WORKSPACE: - required: false - default: Kiwix.xcodeproj/project.xcworkspace/ - XC_SCHEME: - required: false - default: Kiwix - XC_CONFIG: - required: false - default: Release - EXTRA_XCODEBUILD: - required: false - default: "" - -runs: - using: composite - steps: - - # not necessary on github runner but serves as documentation for local setup - - name: Update Apple Intermediate Certificate - shell: bash - run: | - curl -L -o ~/Downloads/AppleWWDRCAG3.cer https://www.apple.com/certificateauthority/AppleWWDRCAG3.cer - sudo security import ~/Downloads/AppleWWDRCAG3.cer \ - -k /Library/Keychains/System.keychain \ - -T /usr/bin/codesign \ - -T /usr/bin/security \ - -T /usr/bin/productbuild || true - - - name: Set Xcode version (15.0.1) - shell: bash - # https://github.com/actions/runner-images/blob/main/images/macos/macos-13-Readme.md#xcode - run: sudo xcode-select -s /Applications/Xcode_15.0.1.app - - - name: Create Keychain - shell: bash - env: - KEYCHAIN: ${{ inputs.KEYCHAIN }} - KEYCHAIN_PASSWORD: ${{ inputs.KEYCHAIN_PASSWORD }} - KEYCHAIN_PROFILE: ${{ inputs.KEYCHAIN_PROFILE }} - CERTIFICATE_PATH: /tmp/cert.p12 - APPLE_DEVELOPER_CERTIFICATE_PATH: /tmp/dev-cert.p12 - SIGNING_CERTIFICATE: ${{ inputs.SIGNING_CERTIFICATE }} - SIGNING_CERTIFICATE_P12_PASSWORD: ${{ inputs.SIGNING_CERTIFICATE_P12_PASSWORD }} - APPLE_DEVELOPER_ID_SIGNING_CERTIFICATE: ${{ inputs.APPLE_DEVELOPER_ID_SIGNING_CERTIFICATE }} - APPLE_DEVELOPER_ID_SIGNING_P12_PASSWORD: ${{ inputs.APPLE_DEVELOPER_ID_SIGNING_P12_PASSWORD }} - run: | - security create-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN - security default-keychain -s $KEYCHAIN - security set-keychain-settings $KEYCHAIN - security unlock-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN - - - name: Add Apple Development certificate to Keychain - uses: ./apple/custom/.github/actions/install-cert - with: - SIGNING_CERTIFICATE: ${{ inputs.APPLE_DEVELOPMENT_SIGNING_CERTIFICATE }} - SIGNING_CERTIFICATE_P12_PASSWORD: ${{ inputs.APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD }} - KEYCHAIN: ${{ inputs.KEYCHAIN }} - KEYCHAIN_PASSWORD: ${{ inputs.KEYCHAIN_PASSWORD }} - - - name: Add Distribution certificate to Keychain - if: ${{ inputs.DEPLOYMENT_SIGNING_CERTIFICATE }} - uses: ./apple/custom/.github/actions/install-cert - with: - SIGNING_CERTIFICATE: ${{ inputs.DEPLOYMENT_SIGNING_CERTIFICATE }} - SIGNING_CERTIFICATE_P12_PASSWORD: ${{ inputs.DEPLOYMENT_SIGNING_CERTIFICATE_P12_PASSWORD }} - KEYCHAIN: ${{ inputs.KEYCHAIN }} - KEYCHAIN_PASSWORD: ${{ inputs.KEYCHAIN_PASSWORD }} - - - name: Download dependencies - if: ${{ inputs.DOWNLOAD_DEPENDENCIES }} - shell: bash - run: brew bundle - - - name: Prepare Xcode - shell: bash - run: xcrun xcodebuild -checkFirstLaunchStatus || xcrun xcodebuild -runFirstLaunch - - - name: Dump build settings - env: - XC_WORKSPACE: ${{ inputs.XC_WORKSPACE }} - XC_SCHEME: ${{ inputs.XC_SCHEME }} - shell: bash - run: xcrun xcodebuild -workspace $XC_WORKSPACE -scheme $XC_SCHEME -showBuildSettings - - - name: Build with Xcode - env: - FRAMEWORK_SEARCH_PATHS: ${{ env.PWD }} - ACTION: ${{ inputs.action }} - VERSION: ${{ inputs.version }} - XC_WORKSPACE: ${{ inputs.XC_WORKSPACE }} - XC_SCHEME: ${{ inputs.XC_SCHEME }} - XC_CONFIG: ${{ inputs.XC_CONFIG }} - XC_DESTINATION: ${{ inputs.xc-destination }} - EXTRA_XCODEBUILD: ${{ inputs.EXTRA_XCODEBUILD }} - shell: bash - run: xcrun xcodebuild ${EXTRA_XCODEBUILD} -workspace $XC_WORKSPACE -scheme $XC_SCHEME -destination "$XC_DESTINATION" -configuration $XC_CONFIG -onlyUsePackageVersionsFromResolvedFile -allowProvisioningUpdates -verbose -archivePath $PWD/Kiwix-$VERSION.xcarchive ${ACTION} diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 18bec51..f6cf914 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -86,12 +86,13 @@ jobs: - name: Set up scheme, version, build_number from files run: | - cd apple + # move the checked out github actions to root folder: + mv apple/.github/ . - BRAND=$(<./custom/.brand_name) + BRAND=$(<./apple/custom/.brand_name) echo "BRAND=$BRAND" >> $GITHUB_ENV - VERSION=$(<./custom/.version_number) + VERSION=$(<./apple/custom/.version_number) echo "VERSION=$VERSION" >> $GITHUB_ENV # taken from: kiwix/apple .github/workflows/cd.yml @@ -136,7 +137,7 @@ jobs: run: echo "${APPLE_STORE_AUTH_KEY}" | base64 --decode -o $APPLE_STORE_AUTH_KEY_PATH - name: Build xcarchive - uses: ./apple/custom/.github/actions/xcbuild + uses: ./.github/actions/xcbuild with: action: archive xc-destination: generic/platform=${{ matrix.destination.platform }} @@ -145,6 +146,7 @@ jobs: version: ${{ env.VERSION }} XC_SCHEME: ${{ env.BRAND }} DOWNLOAD_DEPENDENCIES: false + XC_WORKSPACE: apple/Kiwix.xcodeproj/project.xcworkspace/ # eof custom app specific APPLE_DEVELOPMENT_SIGNING_CERTIFICATE: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_CERTIFICATE }} APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD }}