From b90708fea39c05315c7bab075352fce395b07112 Mon Sep 17 00:00:00 2001 From: Tomasz Lesniakiewicz Date: Wed, 8 Oct 2025 17:21:00 +0200 Subject: [PATCH 1/6] add support form special char in the profiles names --- action.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/action.yml b/action.yml index 75043c3..4c0b538 100644 --- a/action.yml +++ b/action.yml @@ -134,9 +134,9 @@ runs: # Validate provisioning profiles if provided if [ -n "${{ inputs.provisioning-profiles }}" ]; then while read -r profile; do - name=$(echo "$profile" | jq -r '.name') - file_path=$(echo "$profile" | jq -r '.file // empty') - base64_content=$(echo "$profile" | jq -r '.base64 // empty') + name="$(echo "$profile" | jq -r '.name')" + file_path="$(echo "$profile" | jq -r '.file // empty')" + base64_content="$(echo "$profile" | jq -r '.base64 // empty')" if [ -z "$name" ]; then echo "Provisioning profile missing 'name' field" @@ -157,7 +157,7 @@ runs: echo "Provisioning profile file not found: '$file_path'" exit 1 fi - done < <(echo "${{ inputs.provisioning-profiles }}" | jq -c '.[]') + done < <(echo '${{ inputs.provisioning-profiles }}' | jq -c '.[]') fi fi shell: bash @@ -291,9 +291,9 @@ runs: # Setup provisioning profiles if [ -n "${{ inputs.provisioning-profiles }}" ]; then while read -r profile; do - name=$(echo "$profile" | jq -r '.name') - file_path=$(echo "$profile" | jq -r '.file // empty') - base64_content=$(echo "$profile" | jq -r '.base64 // empty') + name="$(echo "$profile" | jq -r '.name')" + file_path="$(echo "$profile" | jq -r '.file // empty')" + base64_content="$(echo "$profile" | jq -r '.base64 // empty')" ADDITIONAL_PROFILE_PATH="$PROFILE_DIR/${name}.mobileprovision" @@ -304,7 +304,7 @@ runs: fi echo "Installed provisioning profile: $name" - done < <(echo "${{ inputs.provisioning-profiles }}" | jq -c '.[]') + done < <(echo '${{ inputs.provisioning-profiles }}' | jq -c '.[]') fi shell: bash @@ -481,11 +481,11 @@ runs: if [ -n "${{ inputs.provisioning-profiles }}" ]; then PROFILE_DIR="$HOME/Library/MobileDevice/Provisioning Profiles" while read -r profile; do - name=$(echo "$profile" | jq -r '.name') + name="$(echo "$profile" | jq -r '.name')" PROFILE_PATH="$PROFILE_DIR/${name}.mobileprovision" rm "$PROFILE_PATH" echo "Cleaned up additional provisioning profile: $name" - done < <(echo "${{ inputs.provisioning-profiles }}" | jq -c '.[]') + done < <(echo '${{ inputs.provisioning-profiles }}' | jq -c '.[]') fi shell: bash From 29e2f8ca5f70d07f0c255ad03f30c44d1196db85 Mon Sep 17 00:00:00 2001 From: Tomasz Lesniakiewicz Date: Wed, 8 Oct 2025 18:31:48 +0200 Subject: [PATCH 2/6] use printf to support special characters --- action.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/action.yml b/action.yml index 4c0b538..bb41b5b 100644 --- a/action.yml +++ b/action.yml @@ -133,7 +133,7 @@ runs: # Validate provisioning profiles if provided if [ -n "${{ inputs.provisioning-profiles }}" ]; then - while read -r profile; do + while IFS= read -r profile; do name="$(echo "$profile" | jq -r '.name')" file_path="$(echo "$profile" | jq -r '.file // empty')" base64_content="$(echo "$profile" | jq -r '.base64 // empty')" @@ -144,17 +144,17 @@ runs: fi if [ -n "$file_path" ] && [ -n "$base64_content" ]; then - echo "Cannot specify both 'file' and 'base64' for profile '$name'" + printf "Cannot specify both 'file' and 'base64' for profile: %s\n" "$name" exit 1 fi if [ -z "$file_path" ] && [ -z "$base64_content" ]; then - echo "Either 'file' or 'base64' is required for profile '$name'" + printf "Either 'file' or 'base64' is required for profile: %s\n" "$name" exit 1 fi if [ -n "$file_path" ] && [ ! -f "$file_path" ]; then - echo "Provisioning profile file not found: '$file_path'" + printf "Provisioning profile file not found: %s\n" "$file_path" exit 1 fi done < <(echo '${{ inputs.provisioning-profiles }}' | jq -c '.[]') @@ -290,7 +290,7 @@ runs: # Setup provisioning profiles if [ -n "${{ inputs.provisioning-profiles }}" ]; then - while read -r profile; do + while IFS= read -r profile; do name="$(echo "$profile" | jq -r '.name')" file_path="$(echo "$profile" | jq -r '.file // empty')" base64_content="$(echo "$profile" | jq -r '.base64 // empty')" @@ -303,7 +303,7 @@ runs: echo -n "$base64_content" | base64 --decode -o "$ADDITIONAL_PROFILE_PATH" fi - echo "Installed provisioning profile: $name" + printf "Installed provisioning profile: %s\n" "$name" done < <(echo '${{ inputs.provisioning-profiles }}' | jq -c '.[]') fi shell: bash @@ -480,11 +480,11 @@ runs: # Clean up provisioning profiles if [ -n "${{ inputs.provisioning-profiles }}" ]; then PROFILE_DIR="$HOME/Library/MobileDevice/Provisioning Profiles" - while read -r profile; do + while IFS= read -r profile; do name="$(echo "$profile" | jq -r '.name')" PROFILE_PATH="$PROFILE_DIR/${name}.mobileprovision" rm "$PROFILE_PATH" - echo "Cleaned up additional provisioning profile: $name" + printf "Cleaned up provisioning profile: %s\n" "$name" done < <(echo '${{ inputs.provisioning-profiles }}' | jq -c '.[]') fi shell: bash From e33de1b69ca51fce36f27f7ee4bf0ea4ac5352a9 Mon Sep 17 00:00:00 2001 From: Tomasz Lesniakiewicz Date: Thu, 9 Oct 2025 12:36:03 +0200 Subject: [PATCH 3/6] fix: use variable to support multiline string --- action.yml | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/action.yml b/action.yml index bb41b5b..2163b34 100644 --- a/action.yml +++ b/action.yml @@ -99,8 +99,9 @@ runs: fi - # Legacy provisioning profile validation (only when not using provisioning-profiles) - if [ -z "${{ inputs.provisioning-profiles }}" ]; then + # Legacy provisioning profile validation (only when not using provisioning-profiles) + PROVISIONING_PROFILES='${{ inputs.provisioning-profiles }}' + if [ -z "$PROVISIONING_PROFILES" ]; then if [ -n "${{ inputs.provisioning-profile-file }}" ] && [ -n "${{ inputs.provisioning-profile-base64 }}" ]; then echo "Cannot specify both 'provisioning-profile-file' and 'provisioning-profile-base64'. Use one or the other." exit 1 @@ -119,20 +120,20 @@ runs: fi fi - # Check if either provisioning-profile-name or provisioning-profiles is provided - if [ -z "${{ inputs.provisioning-profile-name }}" ] && [ -z "${{ inputs.provisioning-profiles }}" ]; then + # Check if either provisioning-profile-name or provisioning-profiles is provided + if [ -z "${{ inputs.provisioning-profile-name }}" ] && [ -z "$PROVISIONING_PROFILES" ]; then echo "Either 'provisioning-profile-name' or 'provisioning-profiles' is required for device builds." exit 1 fi - if [ -n "${{ inputs.provisioning-profile-name }}" ] && [ -n "${{ inputs.provisioning-profiles }}" ]; then + if [ -n "${{ inputs.provisioning-profile-name }}" ] && [ -n "$PROVISIONING_PROFILES" ]; then echo "Cannot specify both 'provisioning-profile-name' and 'provisioning-profiles'. Use one or the other." exit 1 fi # Validate provisioning profiles if provided - if [ -n "${{ inputs.provisioning-profiles }}" ]; then + if [ -n "$PROVISIONING_PROFILES" ]; then while IFS= read -r profile; do name="$(echo "$profile" | jq -r '.name')" file_path="$(echo "$profile" | jq -r '.file // empty')" @@ -157,7 +158,7 @@ runs: printf "Provisioning profile file not found: %s\n" "$file_path" exit 1 fi - done < <(echo '${{ inputs.provisioning-profiles }}' | jq -c '.[]') + done < <(echo "$PROVISIONING_PROFILES" | jq -c '.[]') fi fi shell: bash @@ -230,6 +231,9 @@ runs: - name: Setup Code Signing (device builds only) if: ${{ inputs.re-sign == 'true' && inputs.destination == 'device' || (!env.ARTIFACT_URL && inputs.destination == 'device') }} run: | + # Store provisioning profiles input + PROVISIONING_PROFILES='${{ inputs.provisioning-profiles }}' + # Create temporary keychain KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db @@ -289,7 +293,7 @@ runs: fi # Setup provisioning profiles - if [ -n "${{ inputs.provisioning-profiles }}" ]; then + if [ -n "$PROVISIONING_PROFILES" ]; then while IFS= read -r profile; do name="$(echo "$profile" | jq -r '.name')" file_path="$(echo "$profile" | jq -r '.file // empty')" @@ -304,7 +308,7 @@ runs: fi printf "Installed provisioning profile: %s\n" "$name" - done < <(echo '${{ inputs.provisioning-profiles }}' | jq -c '.[]') + done < <(echo "$PROVISIONING_PROFILES" | jq -c '.[]') fi shell: bash @@ -464,6 +468,9 @@ runs: - name: Clean Up Code Signing (device builds only) if: ${{ inputs.re-sign == 'true' && inputs.destination == 'device' || (!env.ARTIFACT_URL && inputs.destination == 'device') }} run: | + # Store provisioning profiles input + PROVISIONING_PROFILES='${{ inputs.provisioning-profiles }}' + KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db security delete-keychain "$KEYCHAIN_PATH" @@ -478,14 +485,14 @@ runs: fi # Clean up provisioning profiles - if [ -n "${{ inputs.provisioning-profiles }}" ]; then + if [ -n "$PROVISIONING_PROFILES" ]; then PROFILE_DIR="$HOME/Library/MobileDevice/Provisioning Profiles" while IFS= read -r profile; do name="$(echo "$profile" | jq -r '.name')" PROFILE_PATH="$PROFILE_DIR/${name}.mobileprovision" rm "$PROFILE_PATH" printf "Cleaned up provisioning profile: %s\n" "$name" - done < <(echo '${{ inputs.provisioning-profiles }}' | jq -c '.[]') + done < <(echo "$PROVISIONING_PROFILES" | jq -c '.[]') fi shell: bash From 6ee54ff9295b496eb6c8993920101f69c48a0f9f Mon Sep 17 00:00:00 2001 From: Tomasz Lesniakiewicz Date: Wed, 15 Oct 2025 11:42:10 +0200 Subject: [PATCH 4/6] fix: add quotes in resign paths --- action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 2163b34..e033d4d 100644 --- a/action.yml +++ b/action.yml @@ -382,7 +382,7 @@ runs: - name: Re-sign IPA if: ${{ env.ARTIFACT_URL && inputs.destination == 'device' && inputs.re-sign == 'true' }} run: | - npx rock sign:ios ${{ env.ARTIFACT_PATH }} \ + npx rock sign:ios "${{ env.ARTIFACT_PATH }}" \ --build-jsbundle \ --identity ${{ env.IDENTITY }} shell: bash @@ -391,7 +391,7 @@ runs: - name: Re-bundle APP if: ${{ env.ARTIFACT_URL && inputs.destination == 'simulator' && inputs.re-sign == 'true' }} run: | - npx rock sign:ios ${{ env.ARTIFACT_TAR_PATH }} \ + npx rock sign:ios "${{ env.ARTIFACT_TAR_PATH }}" \ --build-jsbundle \ --app shell: bash From c70432de061261e0bb0a3a2f892f7a9266657c64 Mon Sep 17 00:00:00 2001 From: Tomasz Lesniakiewicz Date: Wed, 15 Oct 2025 11:50:17 +0200 Subject: [PATCH 5/6] chore: fix formatting --- action.yml | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/action.yml b/action.yml index e033d4d..8ccf2b8 100644 --- a/action.yml +++ b/action.yml @@ -95,13 +95,12 @@ runs: if [ ! -f "${{ inputs.certificate-file }}" ]; then echo "Certificate file not found: '${{ inputs.certificate-file }}'" exit 1 - fi fi + fi - - # Legacy provisioning profile validation (only when not using provisioning-profiles) - PROVISIONING_PROFILES='${{ inputs.provisioning-profiles }}' - if [ -z "$PROVISIONING_PROFILES" ]; then + # Legacy provisioning profile validation (only when not using provisioning-profiles) + PROVISIONING_PROFILES='${{ inputs.provisioning-profiles }}' + if [ -z "$PROVISIONING_PROFILES" ]; then if [ -n "${{ inputs.provisioning-profile-file }}" ] && [ -n "${{ inputs.provisioning-profile-base64 }}" ]; then echo "Cannot specify both 'provisioning-profile-file' and 'provisioning-profile-base64'. Use one or the other." exit 1 @@ -119,19 +118,18 @@ runs: fi fi fi - - # Check if either provisioning-profile-name or provisioning-profiles is provided - if [ -z "${{ inputs.provisioning-profile-name }}" ] && [ -z "$PROVISIONING_PROFILES" ]; then + + # Check if either provisioning-profile-name or provisioning-profiles is provided + if [ -z "${{ inputs.provisioning-profile-name }}" ] && [ -z "$PROVISIONING_PROFILES" ]; then echo "Either 'provisioning-profile-name' or 'provisioning-profiles' is required for device builds." exit 1 fi - + if [ -n "${{ inputs.provisioning-profile-name }}" ] && [ -n "$PROVISIONING_PROFILES" ]; then echo "Cannot specify both 'provisioning-profile-name' and 'provisioning-profiles'. Use one or the other." exit 1 fi - # Validate provisioning profiles if provided if [ -n "$PROVISIONING_PROFILES" ]; then while IFS= read -r profile; do @@ -242,7 +240,6 @@ runs: KEYCHAIN_PASSWORD=$(openssl rand -base64 32) fi - security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH From 69e6797a036045db47a43f22bcd20350c25898e1 Mon Sep 17 00:00:00 2001 From: Tomasz Lesniakiewicz Date: Wed, 15 Oct 2025 11:57:50 +0200 Subject: [PATCH 6/6] chore: fix fomatting --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 8ccf2b8..511a023 100644 --- a/action.yml +++ b/action.yml @@ -95,8 +95,8 @@ runs: if [ ! -f "${{ inputs.certificate-file }}" ]; then echo "Certificate file not found: '${{ inputs.certificate-file }}'" exit 1 + fi fi - fi # Legacy provisioning profile validation (only when not using provisioning-profiles) PROVISIONING_PROFILES='${{ inputs.provisioning-profiles }}'