1+ name : " Build iOS app"
2+
3+ on :
4+ pull_request :
5+ push :
6+
7+ env :
8+ GO_VERSION : " ~1.24.0"
9+
10+ permissions :
11+ id-token : write
12+ contents : read
13+ attestations : write
14+
15+ jobs :
16+ build_with_signing :
17+ runs-on : macos-latest
18+ steps :
19+ - name : Check Xcode version
20+ run : /usr/bin/xcodebuild -version
21+
22+ - name : Check out repository
23+ uses : actions/checkout@v3
24+
25+ - name : Install Go
26+ uses : actions/setup-go@v5
27+ with :
28+ go-version : ${{ env.GO_VERSION }}
29+ cache : false
30+ check-latest : true
31+
32+ - name : Build core
33+ run : |
34+ cd SushitrainCore && make deps && make
35+
36+ name : Install the Apple certificate and provisioning profile
37+ env :
38+ BUILD_CERTIFICATE_BASE64 : ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
39+ P12_PASSWORD : ${{ secrets.P12_PASSWORD }}
40+ BUILD_PROVISION_PROFILE_BASE64 : ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
41+ KEYCHAIN_PASSWORD : ${{ secrets.KEYCHAIN_PASSWORD }}
42+ run : |
43+ # create variables
44+ CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
45+ PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
46+ KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
47+
48+ # import certificate and provisioning profile from secrets
49+ echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
50+ echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
51+
52+ # create temporary keychain
53+ security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
54+ security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
55+ security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
56+
57+ # import certificate to keychain
58+ security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
59+ security list-keychain -d user -s $KEYCHAIN_PATH
60+
61+ # apply provisioning profile
62+ mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
63+ cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
64+
65+ name : Build archive
66+ run : |
67+ xcodebuild -scheme "Synctrain release" \
68+ -archivePath $RUNNER_TEMP/synctrain.xcarchive \
69+ -sdk iphoneos \
70+ -configuration Debug \
71+ -destination generic/platform=iOS \
72+ clean archive
73+
74+ name : Export ipa
75+ env :
76+ EXPORT_OPTIONS_PLIST : ${{ secrets.EXPORT_OPTIONS_PLIST }}
77+ run : |
78+ EXPORT_OPTS_PATH=$RUNNER_TEMP/ExportOptions.plist
79+ echo -n "$EXPORT_OPTIONS_PLIST" | base64 --decode -o $EXPORT_OPTS_PATH
80+ xcodebuild -exportArchive -archivePath $RUNNER_TEMP/synctrain.xcarchive -exportOptionsPlist $EXPORT_OPTS_PATH -exportPath $RUNNER_TEMP/build
81+ ls -la $RUNNER_TEMP
82+
83+ name : Upload application
84+ uses : actions/upload-artifact@v4
85+ with :
86+ name : app
87+ path : ${{ runner.temp }}/build/synctrain.ipa
88+ # you can also archive the entire directory
89+ # path: ${{ runner.temp }}/build
90+ retention-days : 3
91+
92+ - name : Generate artifact attestation
93+ uses : actions/attest-build-provenance@v2
94+ with :
95+ subject-path : ${{ runner.temp }}/build/synctrain.ipa
0 commit comments