-
Notifications
You must be signed in to change notification settings - Fork 65
235 lines (204 loc) · 9.09 KB
/
ios.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
name: iOS Build
on:
push:
paths:
- 'app/**'
- 'core/**'
- 'scripts/**'
- 'cmake/**'
- 'cmake_templates/**'
- 'CMakeLists.txt'
- '.github/workflows/ios.yml'
- '.github/secrets/ios/**'
release:
types:
- published
env:
QT_VERSION: '6.5.3' # use scripts/update_qt_version.bash to change
XC_VERSION: ${{ '14.2' }}
IOS_CMAKE_TOOLCHAIN_VERSION: "4.4.0"
INPUT_SDK_VERSION: arm64-ios-20231006-158
IOS_PROVISIONING_PROFILE_UUID: 59aaa8d7-516a-4592-8c58-d7d1c1f81610
KEYCHAIN: ${{ 'inputapp.keychain' }}
CCACHE_DIR: /Users/runner/work/ccache
CACHE_VERSION: 0
concurrency:
group: ci-${{github.ref}}-ios
cancel-in-progress: true
jobs:
ios_build:
if: ( github.repository == 'MerginMaps/input' ) && (!contains(github.event.head_commit.message, 'Translate '))
runs-on: macos-12
steps:
- name: Select latest Xcode
run: "sudo xcode-select -s /Applications/Xcode_$XC_VERSION.app"
- uses: actions/checkout@v3
- name: Download ios-cmake toolchain
uses: actions/checkout@v3
with:
repository: leetal/ios-cmake
ref: ${{ env.IOS_CMAKE_TOOLCHAIN_VERSION }}
path: ios-cmake
# CCache
- name: Prepare build cache for pull request
uses: pat-s/[email protected]
if: github.event_name == 'pull_request'
with:
path: ${{ env.CCACHE_DIR }}
key: build-ios-ccache-${{ github.actor }}-${{ github.head_ref }}-${{ github.sha }}
# The head_ref or source branch of the pull request in a workflow run.
# The base_ref or target branch of the pull request in a workflow run.
restore-keys: |
build-ios-ccache-${{ github.actor }}-${{ github.head_ref }}-
build-ios-ccache-refs/heads/${{ github.base_ref }}-
build-ios-ccache-refs/heads/master-
- name: Prepare build cache for branch/tag
# use a fork of actions/cache@v2 to upload cache even when the build or test failed
uses: pat-s/[email protected]
if: github.event_name != 'pull_request'
with:
path: ${{ env.CCACHE_DIR }}
# The branch or tag ref that triggered the workflow run. For branches this in the format refs/heads/<branch_name>, and for tags it is refs/tags/<tag_name>
key: build-ios-ccache-${{ github.ref }}-${{ github.sha }}
restore-keys: |
build-ios-ccache-${{ github.ref }}-
build-ios-ccache-refs/heads/master-
- name: Install brew deps
run: |
brew install gnupg
brew install [email protected]
brew install python3
brew install ccache
brew install ninja
pip3 install -U pip
pip3 install aqtinstall
- name: Install ccache
run: |
mkdir -p ${CCACHE_DIR}
ccache --set-config=max_size=2.0G
ccache -s
- name: Extract Mergin API_KEY
env:
MERGINSECRETS_DECRYPT_KEY: ${{ secrets.MERGINSECRETS_DECRYPT_KEY }}
run: |
cd core/
/usr/local/opt/[email protected]/bin/openssl \
aes-256-cbc -d \
-in merginsecrets.cpp.enc \
-out merginsecrets.cpp \
-k "$MERGINSECRETS_DECRYPT_KEY" \
-md md5
- name: Configure Keychain
run: |
security create-keychain -p "" "$KEYCHAIN"
security list-keychains -s "$KEYCHAIN"
security default-keychain -s "$KEYCHAIN"
security unlock-keychain -p "" "$KEYCHAIN"
security set-keychain-settings
security list-keychains
- name: Configure Code Signing
env:
IOS_GPG_KEY: ${{ secrets.IOS_GPG_KEY }}
IOS_CERT_KEY: ${{ secrets.IOS_CERT_KEY }}
run: |
gpg --quiet --batch --yes --decrypt --passphrase="$IOS_GPG_KEY" --output ./.github/secrets/ios/Certificates_ios_dist.p12 ./.github/secrets/ios/Certificates_ios_dist.p12.gpg
security import "./.github/secrets/ios/Certificates_ios_dist.p12" -k "$KEYCHAIN" -P "$IOS_CERT_KEY" -A
security set-key-partition-list -S apple-tool:,apple: -s -k "" "$KEYCHAIN"
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
gpg --quiet --batch --yes --decrypt --passphrase="$IOS_GPG_KEY" --output ./.github/secrets/ios/LutraConsultingLtdInputAppStore.mobileprovision ./.github/secrets/ios/LutraConsultingLtdInputAppStore.mobileprovision.gpg
cp ./.github/secrets/ios/LutraConsultingLtdInputAppStore.mobileprovision ~/Library/MobileDevice/Provisioning\ Profiles/${IOS_PROVISIONING_PROFILE_UUID}.mobileprovision
# Input SDK
- name: Cache Input-SDK
id: cache-input-sdk
uses: pat-s/[email protected]
with:
path: ${{ github.workspace }}/input-sdk
key: ${{ runner.os }}-input-sdk-v0-${{ env.INPUT_SDK_VERSION }}-${{ env.CACHE_VERSION }}
- name: Install Input-SDK
if: steps.cache-input-sdk.outputs.cache-hit != 'true'
run: |
wget -O \
${{ github.workspace }}/input-sdk.tar.gz \
https://github.com/MerginMaps/input-sdk/releases/download/${{ env.INPUT_SDK_VERSION }}/mergin-maps-input-sdk-qt-${{ env.QT_VERSION }}-${{ env.INPUT_SDK_VERSION }}.tar.gz
mkdir -p ${{ github.workspace }}/input-sdk/arm64-ios
cd ${{ github.workspace }}/input-sdk/arm64-ios
tar -xvzf ${{ github.workspace }}/input-sdk.tar.gz
# Qt
- name: Cache Qt
id: cache-qt
uses: pat-s/[email protected]
with:
path: ${{ github.workspace }}/Qt
key: ${{ runner.os }}-QtCache-v2-${{ env.QT_VERSION }}-ios
- name: Install Qt
if: steps.cache-qt.outputs.cache-hit != 'true'
run: |
python3 -m aqt install-qt \
mac ios ${{ env.QT_VERSION }} \
-m qtsensors qtconnectivity qt5compat qtmultimedia qtpositioning qtshadertools \
-O ${{ github.workspace }}/Qt
python3 -m aqt install-qt \
mac desktop ${{ env.QT_VERSION }} \
-m qtsensors qtconnectivity qt5compat qtmultimedia qtpositioning qtshadertools \
-O ${{ github.workspace }}/Qt
- name: Calculate a build number
env:
OFFFSET: 10 # offset for build number - due to previous builds ~ new builds must always have a higher number
run: |
BUILD_NUM=$GITHUB_RUN_NUMBER$((GITHUB_RUN_ATTEMPT + OFFFSET))
TIMESTAMP=`date "+%y.%m"`
CF_BUNDLE_VERSION=${TIMESTAMP}.${BUILD_NUM}
echo "INPUT_VERSION_CODE=${CF_BUNDLE_VERSION}" >> $GITHUB_ENV
echo "Build number: ${CF_BUNDLE_VERSION}"
- name: Create build system with cmake
run: |
mkdir -p install-Input
mkdir -p build-INPUT
cd build-INPUT
ls -1 ${{ github.workspace }}/Qt/${{ env.QT_VERSION }}
# run cmake
cmake \
-DCMAKE_TOOLCHAIN_FILE:PATH="${{ github.workspace }}/ios-cmake/ios.toolchain.cmake" \
-DCMAKE_PREFIX_PATH=${{ github.workspace }}/Qt/${{ env.QT_VERSION }}/ios \
-DIOS_USE_PRODUCTION_SIGNING=TRUE \
-DQT_HOST_PATH=${{ github.workspace }}/Qt/${{ env.QT_VERSION }}/macos \
-DIOS=TRUE \
-DCMAKE_INSTALL_PREFIX:PATH=../install-Input \
-DINPUT_SDK_PATH=${{ github.workspace }}/input-sdk/arm64-ios \
-G "Xcode" \
-DCMAKE_CXX_COMPILER_LAUNCHER=ccache \
-S ${{ github.workspace }} \
-B ./
- name: Build Input
run: |
cd build-INPUT
xcodebuild \
-project Input.xcodeproj/ \
-scheme Input \
-sdk iphoneos \
-configuration Release \
archive -archivePath Input.xcarchive \
"OTHER_CODE_SIGN_FLAGS=--keychain '$KEYCHAIN'"
- name: Create Input Package
run: |
INPUT_DIR=`pwd`
cd build-INPUT
xcodebuild \
-archivePath Input.xcarchive \
-exportOptionsPlist $INPUT_DIR/scripts/ci/ios/exportOptions.plist \
-exportPath $PWD \
-allowProvisioningUpdates \
-exportArchive
- name: Upload .ipa to TestFlight
env:
INPUTAPP_BOT_APPLEID_PASS: ${{ secrets.INPUTAPP_BOT_APPLEID_PASS }}
INPUTAPP_BOT_APPLEID_USER: ${{ secrets.INPUTAPP_BOT_APPLEID_USER }}
INPUTAPP_BOT_GITHUB_TOKEN: ${{ secrets.INPUTAPP_BOT_GITHUB_TOKEN }}
if: success()
run: |
CF_BUNDLE_VERSION=`/usr/libexec/PlistBuddy -c "Print :CFBundleVersion" build-INPUT/app/CMakeFiles/Input.dir/Info.plist`
echo "Publishing ios ${CF_BUNDLE_VERSION}"
xcrun altool --upload-app -t ios -f build-INPUT/Input.ipa -u "$INPUTAPP_BOT_APPLEID_USER" -p "$INPUTAPP_BOT_APPLEID_PASS" --verbose
# Add comment to GitHub
GITHUB_API=https://api.github.com/repos/MerginMaps/input/commits/${GITHUB_SHA}/comments
curl -u inputapp-bot:${INPUTAPP_BOT_GITHUB_TOKEN} -X POST --data '{"body": "iOS - version '${CF_BUNDLE_VERSION}' just submitted!"}' ${GITHUB_API}