-
-
Notifications
You must be signed in to change notification settings - Fork 83
148 lines (127 loc) · 5.61 KB
/
build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
name: Build Swiftcord Nightly
on:
push:
workflow_dispatch:
concurrency:
group: ref-${{ github.ref }}
cancel-in-progress: true
jobs:
build-nightly:
runs-on: macos-12
timeout-minutes: 30 # If a build exceeds 30 mins, it probably isn't ever going to complete
steps:
- uses: actions/checkout@v3
# Setup SSH identities for init-ing submodules during build
# Disabled as we don't use submodules anymore
# - uses: webfactory/ssh-agent@v0.5.4
# with:
# ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
##########################
## Select Xcode
##########################
- name: Select Xcode 14.2
run: sudo xcode-select -s /Applications/Xcode_14.2.app
##########################
## Caching
##########################
# DerivedData
- uses: actions/cache@v3
name: Cache Derived Data
with:
path: |
~/Library/Developer/Xcode/DerivedData/Swiftcord-*/Build
~/Library/Developer/Xcode/DerivedData/Swiftcord-*/SourcePackages
key: ${{ runner.os }}-derivedData-cache-${{ hashFiles('**/Package.resolved') }}
restore-keys: |
${{ runner.os }}-derivedData-cache-
- name: Avoid inode changes for DerivedData
run: defaults write com.apple.dt.XCBuild IgnoreFileSystemDeviceInodeChanges -bool YES
# SPM Packages
- uses: actions/cache@v3
name: Cache SPM Packages
with:
path: /Users/runner/Library/Developer/Xcode/DerivedData/**/SourcePackages/checkouts
key: ${{ runner.os }}-spm-${{ hashFiles('**/Package.resolved') }}
restore-keys: |
${{ runner.os }}-spm-
##########################
## Install Sentry CLI to upload symbols
##########################
- name: Install sentry-cli
run: curl -sL https://sentry.io/get-cli/ | SENTRY_CLI_VERSION="2.12.0" bash
##########################
## Import Dev & Dist Certificates
##########################
- name: Import Certificates
env:
DEV_CERTIFICATE_BASE64: ${{ secrets.DEVELOPMENT_CERTIFICATE_DATA }}
DEV_P12_PASSWORD: ${{ secrets.DEVELOPMENT_CERTIFICATE_PASSPHRASE }}
DIST_CERTIFICATE_BASE64: ${{ secrets.DISTRIBUTION_CERTIFICATE_DATA }}
DIST_P12_PASSWORD: ${{ secrets.DISTRIBUTION_CERTIFICATE_PASSPHRASE }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# Create variables
DEV_CERT_PATH=$RUNNER_TEMP/dev_certificate.p12
DIST_CERT_PATH=$RUNNER_TEMP/dist_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# Create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 1800 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# Import dev certificate to keychain
echo -n "$DEV_CERTIFICATE_BASE64" | base64 --decode --output $DEV_CERT_PATH
security import $DEV_CERT_PATH -P "$DEV_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
# Import distribution cert to keychain
echo -n "$DIST_CERTIFICATE_BASE64" | base64 --decode --output $DIST_CERT_PATH
security import $DIST_CERT_PATH -P "$DIST_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
- name: "Update Xcode Team ID"
run: |
TEAMID=`awk -F '=' '/DEVELOPMENT_TEAM/ {print $2; exit}' Swiftcord.xcodeproj/project.pbxproj`
sed -i '' "s/$TEAMID/ RJNC97Y8QD;/g" Swiftcord.xcodeproj/project.pbxproj
##########################
## Build
##########################
- name: Build with xcodebuild
run: |
xcodebuild -project Swiftcord.xcodeproj -scheme Swiftcord -configuration Release archive -archivePath Swiftcord.xcarchive \
COMPILER_INDEX_STORE_ENABLE=NO \
APPCENTER_APP_SECRET="${{ secrets.APPCENTER_APP_SECRET }}" SENTRY_API_TOKEN="${{ secrets.SENTRY_API_TOKEN }}" \
OTHER_CODE_SIGN_FLAGS="--keychain $RUNNER_TEMP/app-signing.keychain-db"
##########################
## Sign
##########################
- name: Export & Sign Release Build
uses: devbotsxyz/xcode-export-archive@main
with:
project: Swiftcord.xcodeproj
scheme: Swiftcord
##########################
## Create DMG
##########################
- name: Create Release DMG
run: npm i -g create-dmg && create-dmg Export/Swiftcord.app
##########################
## Notarize & Staple
##########################
- name: Notarize Release Build
run: |
xcrun notarytool store-credentials "AC_PASSWORD" --apple-id ${{ secrets.APPSTOREONNECT_USERNAME }} --team-id RJNC97Y8QD --password ${{ secrets.APPSTORECONNECT_PASSWORD }}
xcrun notarytool submit Swiftcord*.dmg --keychain-profile "AC_PASSWORD" --wait
- name: Staple Release Build
run: xcrun stapler staple Swiftcord*.dmg
##########################
## Upload DMG to build artifacts
##########################
- name: Upload a Build Artifact
uses: actions/upload-artifact@v3
with:
name: swiftcord-canary
path: Swiftcord*.dmg
##########################
## Remove Secrets Keychain
##########################
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db