-
Notifications
You must be signed in to change notification settings - Fork 1
101 lines (88 loc) · 3.81 KB
/
master_deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
name: master_deploy
on:
push:
tags: [ v* ]
jobs:
master_deploy:
runs-on: macos-latest
steps:
- name: Checkout project
uses: actions/checkout@v2
- name: Find first scheme of default project
run: |
echo "SCHEME=$(xcodebuild -list -json | jq -r '.project.schemes[0]')" >> $GITHUB_ENV
- name: Set environment variables from project settings
run: |
function set-env-from-proj {
echo "$1=$(xcodebuild -scheme "$SCHEME" -showBuildSettings | grep " $1 " | sed "s/[ ]*$1 = //")" >> $GITHUB_ENV
}
set-env-from-proj FULL_PRODUCT_NAME
set-env-from-proj INSTALL_PATH
set-env-from-proj PRODUCT_BUNDLE_IDENTIFIER
set-env-from-proj PRODUCT_MODULE_NAME
set-env-from-proj PRODUCT_NAME
set-env-from-proj PROJECT_NAME
- name: Import signing certificate into keychain
run: |
KEYCHAIN_FILE=default.keychain
KEYCHAIN_PASSWORD=myvoiceismypassport
security create-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_FILE
security default-keychain -s $KEYCHAIN_FILE
security unlock-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_FILE
security import <(echo $SIGNING_CERTIFICATE_P12_DATA | base64 --decode) \
-f pkcs12 \
-k $KEYCHAIN_FILE \
-P $SIGNING_CERTIFICATE_PASSWORD \
-T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple: -s -k $KEYCHAIN_PASSWORD $KEYCHAIN_FILE
env:
SIGNING_CERTIFICATE_P12_DATA: ${{ secrets.SIGNING_CERTIFICATE_P12_DATA }}
SIGNING_CERTIFICATE_PASSWORD: ${{ secrets.SIGNING_CERTIFICATE_PASSWORD }}
- name: Build and test app
shell: bash --noprofile --norc -eo pipefail {0}
run: |
xcodebuild -scheme "$SCHEME" test CODE_SIGN_IDENTITY=- | xcpretty
- name: Build and install app
shell: bash --noprofile --norc -eo pipefail {0}
run: |
xcodebuild -scheme "$SCHEME" install DSTROOT=build/root | xcpretty
- name: Package app
run: |
hdiutil create \
-fs HFS+ \
-srcfolder "build/root/$INSTALL_PATH/$FULL_PRODUCT_NAME" \
-volname "$PRODUCT_NAME" "build/$PRODUCT_MODULE_NAME.dmg"
- name: Notarize app
run: |
npx notarize-cli --file "build/$PRODUCT_MODULE_NAME.dmg"
env:
NOTARIZE_USERNAME: ${{ secrets.NOTARIZE_USERNAME }}
NOTARIZE_PASSWORD: ${{ secrets.NOTARIZE_PASSWORD }}
- name: Release app
uses: softprops/action-gh-release@v1
with:
files: build/${{ env.PRODUCT_MODULE_NAME }}.dmg
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Homebrew tap
uses: actions/checkout@v2
with:
repository: ${{ secrets.CASK_REPO }}
token: ${{ secrets.CASK_REPO_TOKEN }}
path: homebrew-tap
- name: Update cask in Homebrew tap
run: |
CASK_NAME=$PROJECT_NAME
CASK_VERSION=$(echo "$GITHUB_REF" | cut -c12-)
CASK_SHA256=$(shasum --algorithm 256 "build/$PRODUCT_MODULE_NAME.dmg" | awk '{print $1}')
cd homebrew-tap
git config --local user.name "${USER_NAME}"
git config --local user.email "${USER_NAME}@users.noreply.github.com"
sed -i '' "s/\( *version *'\)\([^']*\)'/\1${CASK_VERSION}'/" Casks/${CASK_NAME}.rb
sed -i '' "s/\( *sha256 *'\)\([^']*\)'/\1${CASK_SHA256}'/" Casks/${CASK_NAME}.rb
git add Casks/${CASK_NAME}.rb
git commit -m "update ${CASK_NAME} to v${CASK_VERSION}"
git push origin
env:
GITHUB_REF: ${{ github.ref }}
USER_NAME: ${{ github.event.sender.login }}