Update main.yml #51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Native Build & Test | |
| env: | |
| cacheId: "8" # increment to expire the cache | |
| appBuildNumber: ${{ github.run_number }} | |
| appBuildVersion: "0.0.8" | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: [main] | |
| paths: | |
| - .github/workflows/** | |
| pull_request: | |
| branches: [main] | |
| paths: | |
| - .github/workflows/** | |
| - package.json | |
| jobs: | |
| check-android-secrets: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| isReleaseBuild: ${{ steps.isReleaseBuild.outputs.defined }} | |
| steps: | |
| - id: isReleaseBuild | |
| if: env.PLAY_STORE_JKS_BASE64 != null && env.PLAY_STORE_JKS_ALIAS != null && env.PLAY_STORE_JKS_PASSWD != null | |
| run: echo "::set-output name=defined::true" | |
| env: | |
| PLAY_STORE_JKS_BASE64: ${{ secrets.PLAY_STORE_JKS_BASE64 }} | |
| PLAY_STORE_JKS_ALIAS: ${{ secrets.PLAY_STORE_JKS_ALIAS }} | |
| PLAY_STORE_JKS_PASSWD: ${{ secrets.PLAY_STORE_JKS_PASSWD }} | |
| check-ios-secrets: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| isReleaseBuild: ${{ steps.isReleaseBuild.outputs.defined }} | |
| steps: | |
| - id: isReleaseBuild | |
| if: env.CERTIFICATE != null && env.KEYCHIAN_PASSWD != null && env.PROVISIONING_PROFILE != null | |
| run: echo "::set-output name=defined::true" | |
| env: | |
| CERTIFICATE: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
| KEYCHIAN_PASSWD: ${{ secrets.KEYCHIAN_PASSWD }} | |
| PROVISIONING_PROFILE: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }} | |
| build-ios: | |
| needs: [check-ios-secrets] | |
| runs-on: macos-13 | |
| env: | |
| BUNDLE_GEMFILE: ${{ github.workspace }}/Gemfile | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Setup NodeJS | |
| uses: ./.github/workflows/actions/setup-node | |
| - name: Configure ruby | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: 2.7 | |
| - name: What XCode are we using? | |
| run: | | |
| xcode-select -p | |
| - name: Cached pip dependencies | |
| uses: actions/cache@v3 | |
| id: pip-cache | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Cache pod dependencies | |
| id: pod-cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ios/Pods | |
| ~/Library/Caches/CocoaPods | |
| ~/.cocoapods | |
| key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pods- | |
| - name: Restore cached derived data | |
| id: cache-dd-restore | |
| uses: actions/cache/restore@v3 | |
| with: | |
| path: ios/xbuild/Build | |
| key: ${{ runner.os }}-dd-xcode | |
| - name: Install dependencies | |
| working-directory: ./ | |
| run: | | |
| yarn install --immutable && \ | |
| git status | |
| - name: Install iOS dependencies | |
| # if: steps.pod-cache.outputs.cache-hit != 'true' || steps.npm-cache.outputs.cache-hit != 'true' | |
| working-directory: ios | |
| run: | | |
| bundle install --frozen --gemfile=${BUNDLE_GEMFILE} && \ | |
| pod install && \ | |
| git status && \ | |
| git diff Podfile.lock | |
| - name: Bump Build No. | |
| working-directory: ios | |
| env: | |
| CURRENT_PROJECT_VERSION: ${{ env.appBuildNumber }} | |
| MARKETING_VERSION: ${{ env.appBuildVersion }} | |
| run: | | |
| agvtool new-version ${CURRENT_PROJECT_VERSION} && \ | |
| agvtool new-marketing-version ${MARKETING_VERSION} | |
| # https://docs.github.com/en/actions/deployment/deploying-xcode-applications/installing-an-apple-certificate-on-macos-runners-for-xcode-development | |
| - name: Create Provisioning Profile | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| env: | |
| PROVISIONING_PROFILE: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }} | |
| run: | | |
| chmod +x scripts/makepp.sh && \ | |
| scripts/makepp.sh | |
| # https://docs.github.com/en/actions/deployment/deploying-xcode-applications/installing-an-apple-certificate-on-macos-runners-for-xcode-development | |
| - name: Build Keychain | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| env: | |
| CERTIFICATE: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
| run: | | |
| scripts/makekc.sh ${{ secrets.KEYCHIAN_PASSWD }} | |
| - name: Release build | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: ios | |
| run: | | |
| xcodebuild \ | |
| -workspace mdlHolder.xcworkspace \ | |
| -scheme mdlHolder \ | |
| -configuration Release \ | |
| -derivedDataPath xbuild \ | |
| -xcconfig ../../release.xcconfig \ | |
| -archivePath mdlHolder.xcarchive \ | |
| -sdk iphoneos \ | |
| -verbose \ | |
| archive | |
| - name: Save cache for derived data | |
| id: cache-dd-save | |
| uses: actions/cache/save@v3 | |
| with: | |
| path: ios/xbuild/Build | |
| key: ${{ steps.cache-dd-restore.outputs.cache-primary-key }} | |
| - name: Archive & Sign | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: ios | |
| run: | | |
| xcodebuild \ | |
| -exportArchive \ | |
| -archivePath AriesBifold.xcarchive \ | |
| -exportPath export \ | |
| -exportOptionsPlist ../../options.plist \ | |
| -verbose | |
| # https://blog.codemagic.io/app-store-connect-api-codemagic-cli-tools/ | |
| - name: Install Codemagic CLI Tools | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| run: | | |
| pip3 install codemagic-cli-tools | |
| - name: Ship to iTunes | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: ios | |
| env: | |
| APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_ISSUER_ID }} | |
| APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.APP_STORE_CONNECT_KEY_IDENTIFIER }} | |
| APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.APP_STORE_CONNECT_PRIVATE_KEY_95 }} | |
| VERSION_CODE: ${{ env.appBuildNumber }} | |
| VERSION_NAME: ${{ env.appBuildVersion }} | |
| run: | | |
| export PATH=$PATH:/Library/Frameworks/Python.framework/Versions/3.11/bin | |
| app-store-connect publish \ | |
| --enable-package-validation \ | |
| --max-build-processing-wait 25 \ | |
| --testflight \ | |
| --beta-group "The Team" "IDIM Team" \ | |
| --whats-new "Release ${VERSION_NAME}-${GITHUB_RUN_NUMBER}" | |
| - name: Upload iOS artifact | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: ios-artifact | |
| path: ios/export/AriesBifold.ipa | |
| if-no-files-found: error | |
| retention-days: 7 | |
| build-android: | |
| needs: [check-android-secrets] | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Pull & update submodules recursively | |
| run: | | |
| git submodule update --init --recursive | |
| - name: Setup NodeJS | |
| uses: ./.github/workflows/actions/setup-node | |
| - name: Setup Java | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: "temurin" | |
| java-version: 17 | |
| cache: "gradle" | |
| server-id: github | |
| settings-path: ${{ github.workspace }} | |
| - name: Install dependencies | |
| working-directory: ./ | |
| run: | | |
| yarn install --immutable && \ | |
| git status | |
| - name: Create release keystore | |
| #if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: android/app | |
| env: | |
| PLAY_STORE_JKS_BASE64: ${{ secrets.PLAY_STORE_JKS_BASE64 }} | |
| PLAY_STORE_JKS_ALIAS: ${{ secrets.PLAY_STORE_JKS_ALIAS }} | |
| PLAY_STORE_JKS_PASSWD: ${{ secrets.PLAY_STORE_JKS_PASSWD }} | |
| run: | | |
| echo "${PLAY_STORE_JKS_BASE64}" | base64 -d >release.keystore && \ | |
| keytool -list -v -keystore release.keystore -alias ${PLAY_STORE_JKS_ALIAS} -storepass:env PLAY_STORE_JKS_PASSWD | \ | |
| grep "SHA1" | |
| # - name: Android debug build | |
| # if: github.ref_name != 'main' || needs.check-android-secrets.outputs.isReleaseBuild != 'true' | |
| # working-directory: app/android | |
| # env: | |
| # VERSION_CODE: ${{ env.appBuildNumber }} | |
| # VERSION_NAME: ${{ env.appBuildVersion }} | |
| # run: | | |
| # ./gradlew --no-daemon bundleRelease | |
| - name: Android release build | |
| #if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: android | |
| env: | |
| PLAY_STORE_JKS_ALIAS: ${{ secrets.PLAY_STORE_JKS_ALIAS }} | |
| PLAY_STORE_JKS_PASSWD: ${{ secrets.PLAY_STORE_JKS_PASSWD }} | |
| VERSION_CODE: ${{ env.appBuildNumber }} | |
| VERSION_NAME: ${{ env.appBuildVersion }} | |
| run: | | |
| ./gradlew bundleRelease | |
| # - name: Publish to GitHub Packages Registry | |
| # run: mvn deploy:deploy-file -s $GITHUB_WORKSPACE/settings.xml -DgroupId=com.github.bcgov -DartifactId=bc-wallet -Dclassifier=android -DrepositoryId=github -Durl=https://maven.pkg.github.com/$GITHUB_REPOSITORY -Dversion=${{ env.appBuildVersion }}.${{ env.appBuildNumber }} -DgeneratePom=false -Dpackaging=aab -Dfile=app/android/app/build/outputs/bundle/release/app-release.aab | |
| # env: | |
| # GITHUB_TOKEN: ${{ github.token }} | |
| - name: List Artifacts | |
| #if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| run: | | |
| find . -type f -name '*.apk' | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: android | |
| path: | | |
| android/app/build/outputs/bundle/release/app-release.aab | |
| android/app/build/outputs/apk/release/app-release.apk | |
| - name: Upload Android artifact | |
| if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: android-artifact | |
| path: android/app/build/outputs/bundle/release/app-release.aab | |
| if-no-files-found: error | |
| retention-days: 7 | |
| - name: Ship to Google Play | |
| if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: ./ | |
| env: | |
| GOOGLE_API_CREDENTIALS_BASE64: ${{ secrets.GOOGLE_API_CREDENTIALS_BASE64 }} | |
| GOOGLE_API_CREDENTIALS: "api_keys.json" | |
| ANDROID_PACKAGE_NAME: "com.mdlholder" | |
| ANDROID_BUNDLE_PATH: "./android/app/build/outputs/bundle/release/app-release.aab" | |
| VERSION_CODE: ${{ env.appBuildNumber }} | |
| VERSION_NAME: ${{ env.appBuildVersion }} | |
| run: | | |
| # when we updated to yarn we started getting an error with paths | |
| # and had to add `/android` to the path. | |
| # when we updated to yarn we started getting an error with paths | |
| # and had to add `/android` to the path. | |
| echo "${GOOGLE_API_CREDENTIALS_BASE64}" | base64 -d >${GOOGLE_API_CREDENTIALS} && \ | |
| npm i | |
| chmod +x deploy-to-playstore.js | |
| node ./deploy-to-playstore.js | |
| - name: Upload Android artifact | |
| if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: android-artifact | |
| path: android/app/build/outputs/bundle/release/app-release.aab | |
| if-no-files-found: error | |
| retention-days: 7 |