Add new settings design #725
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: RIA DigiDoc iOS | |
on: [push, pull_request] | |
env: | |
BUILD_NUMBER: ${{ github.run_number }} | |
jobs: | |
macos: | |
name: Build on macOS | |
if: contains(github.repository, 'open-eid/MOPP-iOS') && contains(github.ref, 'master') | |
runs-on: macos-latest | |
strategy: | |
matrix: | |
xcode: | |
- 14.3 | |
platform: | |
- iOS | |
env: | |
DEFAULT_CENTRAL_CONFIGURATION_URL: "https://id.eesti.ee" | |
DEFAULT_CENTRAL_CONFIGURATION_UPDATE_INTERVAL: 4 | |
DEFAULT_CENTRAL_CONFIGURATION_TSL_URL: "https://ec.europa.eu/tools/lotl/eu-lotl.xml" | |
TEMP_KEYCHAIN_PATH: "$RUNNER_TEMP/ios-github-actions.keychain-db" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Download Libdigidocpp iOS artifact | |
uses: dawidd6/action-download-artifact@v2 | |
with: | |
workflow: build.yml | |
branch: master | |
name: ios | |
path: libdigidocpp-ios | |
repo: open-eid/libdigidocpp | |
- name: Download Libdigidocpp iOS Simulator artifact | |
uses: dawidd6/action-download-artifact@v2 | |
with: | |
workflow: build.yml | |
branch: master | |
name: iossimulator | |
path: libdigidocpp-ios-simulator | |
repo: open-eid/libdigidocpp | |
- name: Extract libdigidocpp artifacts | |
run: | | |
unzip -o libdigidocpp-ios/libdigidocpp.ios.zip -d libdigidocpp.ios | |
unzip -o libdigidocpp-ios-simulator/libdigidocpp.iossimulator.zip -d libdigidocpp.iphonesimulator | |
- name: Update libdigidocpp in project | |
run: | | |
export LIBDIGIDOCPP_PATH=${{ github.workspace }}/MoppLib/MoppLib/libdigidocpp | |
export LIBDIGIDOCPP_TESTENV_PATH=${{ github.workspace }}/MoppLib/MoppLib/libdigidocpp_testenv | |
rm -rf $LIBDIGIDOCPP_PATH/libdigidocpp.iphoneos && mkdir $LIBDIGIDOCPP_PATH/libdigidocpp.iphoneos && cp -r ${{ github.workspace }}/libdigidocpp.ios/libdigidocpp.iphoneos/ $LIBDIGIDOCPP_PATH/libdigidocpp.iphoneos/ | |
rm -rf $LIBDIGIDOCPP_PATH/libdigidocpp.iphonesimulator && mkdir $LIBDIGIDOCPP_PATH/libdigidocpp.iphonesimulator && cp -r ${{ github.workspace }}/libdigidocpp.iphonesimulator/libdigidocpp.iphonesimulator/* $LIBDIGIDOCPP_PATH/libdigidocpp.iphonesimulator/ | |
rm -rf $LIBDIGIDOCPP_TESTENV_PATH/libdigidocpp.iphoneos && mkdir $LIBDIGIDOCPP_TESTENV_PATH/libdigidocpp.iphoneos && cp -r ${{ github.workspace }}/libdigidocpp.ios/libdigidocpp.iphoneos/* $LIBDIGIDOCPP_TESTENV_PATH/libdigidocpp.iphoneos/ | |
rm -rf $LIBDIGIDOCPP_TESTENV_PATH/libdigidocpp.iphonesimulator && mkdir $LIBDIGIDOCPP_TESTENV_PATH/libdigidocpp.iphonesimulator && cp -r ${{ github.workspace }}/libdigidocpp.iphonesimulator/libdigidocpp.iphonesimulator/* $LIBDIGIDOCPP_TESTENV_PATH/libdigidocpp.iphonesimulator/ | |
- name: Install the Apple certificate and provisioning profiles | |
env: | |
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
P12_PASSWORD: ${{ secrets.P12_PASSWORD }} | |
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }} | |
BUILD_PROVISION_PROFILE_SHARE_EXTENSION_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_SHARE_EXTENSION_BASE64 }} | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
run: | | |
# https://docs.github.com/en/actions/deployment/deploying-xcode-applications/installing-an-apple-certificate-on-macos-runners-for-xcode-development | |
# Create variables | |
CERTIFICATE_P12_PATH=$RUNNER_TEMP/Certificate_iOS_Github_Actions.p12 | |
MOBILEPROVISIONING_PATH=$RUNNER_TEMP/MobileProvisioning_iOS_Github_Actions.mobileprovision | |
MOBILEPROVISIONING_SHARE_EXTENSION_PATH=$RUNNER_TEMP/MobileProvisioningShareExtension_iOS_Github_Actions.mobileprovision | |
# Import certificate and provisioning profile from Github secrets | |
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_P12_PATH | |
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode --output $MOBILEPROVISIONING_PATH | |
echo -n "$BUILD_PROVISION_PROFILE_SHARE_EXTENSION_BASE64" | base64 --decode --output $MOBILEPROVISIONING_SHARE_EXTENSION_PATH | |
# Create temporary keychain | |
security create-keychain -p "$TEMP_KEYCHAIN_PASSWORD" $TEMP_KEYCHAIN_PATH | |
security set-keychain-settings -lut 21600 $TEMP_KEYCHAIN_PATH | |
security unlock-keychain -p "$TEMP_KEYCHAIN_PASSWORD" $TEMP_KEYCHAIN_PATH | |
security set-keychain-settings -lut 900 | |
# Import certificate to temporary keychain | |
security import $CERTIFICATE_P12_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $TEMP_KEYCHAIN_PATH | |
security list-keychain -d user -s $TEMP_KEYCHAIN_PATH | |
security set-key-partition-list -S apple-tool:,apple: -s -k "$TEMP_KEYCHAIN_PASSWORD" $TEMP_KEYCHAIN_PATH | |
# Apply provisioning profile | |
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles | |
cp $MOBILEPROVISIONING_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
cp $MOBILEPROVISIONING_SHARE_EXTENSION_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
- name: Setup environment | |
env: | |
GOOGLE_SERVICES_PLIST: ${{ secrets.GOOGLE_SERVICES_PLIST }} | |
run: | | |
export LANG=en_US.UTF-8 | |
cd ${{ github.workspace }}/CryptoLib/CryptoLib/cdocFramework/cdoc.framework/ | |
lipo -info cdoc | grep -q 'x86_64' && lipo -remove x86_64 cdoc -o cdoc | |
cd ${{ github.workspace }}/MoppApp | |
echo -n "$GOOGLE_SERVICES_PLIST" | base64 --decode --output "GoogleService-Info.plist" | |
echo "APP_VERSION=$('/usr/bin/xcodebuild' -showBuildSettings | grep MARKETING_VERSION | tr -d 'MARKETING_VERSION =')" >> $GITHUB_ENV | |
- name: Setup CocoaPods | |
uses: maxim-lobanov/setup-cocoapods@v1 | |
with: | |
podfile-path: ${{ github.workspace }}/MoppApp/Podfile.lock | |
- name: Install dependencies | |
run: | | |
cd ${{ github.workspace }}/MoppApp | |
pod install | |
- name: Build and Archive | |
env: | |
APP_PROVISIONING_PROFILE_UUID: ${{ secrets.APP_PROVISIONING_PROFILE_UUID }} | |
SHARE_EXTENSION_PROVISIONING_PROFILE_UUID: ${{ secrets.SHARE_EXTENSION_PROVISIONING_PROFILE_UUID }} | |
run: | | |
cd ${{ github.workspace }}/MoppApp | |
xcodebuild archive -workspace MoppApp.xcworkspace -scheme MoppApp -configuration Release -archivePath "${{ github.workspace }}/MoppApp/build/DigiDoc.xcarchive" -allowProvisioningUpdates APP_PROVISIONING_PROFILE="$APP_PROVISIONING_PROFILE_UUID" SHARE_EXTENSION_PROVISIONING_PROFILE="$SHARE_EXTENSION_PROVISIONING_PROFILE_UUID" CODE_SIGN_IDENTITY="Apple Distribution" | |
- name: Export | |
env: | |
EXPORT_OPTIONS_PLIST: ${{ secrets.EXPORT_OPTIONS_PLIST }} | |
run: | | |
cd ${{ github.workspace }}/MoppApp | |
echo -n "$EXPORT_OPTIONS_PLIST" | base64 --decode --output "ExportOptions.plist" | |
xcodebuild -exportArchive -archivePath "${{ github.workspace }}/MoppApp/build/DigiDoc.xcarchive" -exportPath "${{ github.workspace }}/MoppApp/build/" -configuration Release -exportOptionsPlist ExportOptions.plist DEFAULT_CENTRAL_CONFIGURATION_URL=${{ env.DEFAULT_CENTRAL_CONFIGURATION_URL }} DEFAULT_CENTRAL_CONFIGURATION_UPDATE_INTERVAL=${{ env.DEFAULT_CENTRAL_CONFIGURATION_UPDATE_INTERVAL }} DEFAULT_CENTRAL_CONFIGURATION_TSL_URL=${{ env.DEFAULT_CENTRAL_CONFIGURATION_TSL_URL }} "OTHER_SWIFT_FLAGS=-DCOCOAPODS" | xcpretty | |
# Change .ipa name | |
mv ${{ github.workspace }}/MoppApp/build/MoppApp.ipa ${{ github.workspace }}/MoppApp/build/RIA_DigiDoc_${{ env.APP_VERSION }}.${{ env.BUILD_NUMBER }}.ipa | |
- name: Upload artifact | |
uses: actions/upload-artifact@v2 | |
if: success() | |
with: | |
name: "RIA_DigiDoc_${{ env.APP_VERSION }}.${{ env.BUILD_NUMBER }}" | |
path: "${{ github.workspace }}/MoppApp/build/RIA_DigiDoc_${{ env.APP_VERSION }}.${{ env.BUILD_NUMBER }}.ipa" | |
- name: Clean up | |
if: ${{ always() }} | |
run: | | |
TEMP_KEYCHAIN_PATH="$RUNNER_TEMP/ios-github-actions.keychain-db" | |
MOBILEPROVISIONING_PATH=$RUNNER_TEMP/MobileProvisioning_iOS_Github_Actions.mobileprovision | |
MOBILEPROVISIONING_SHARE_EXTENSION_PATH=$RUNNER_TEMP/MobileProvisioningShareExtension_iOS_Github_Actions.mobileprovision | |
# Keychain | |
if [[ -f $TEMP_KEYCHAIN_PATH ]] | |
then | |
security delete-keychain $TEMP_KEYCHAIN_PATH | |
fi | |
# Main provisioning profile | |
if [[ -f $MOBILEPROVISIONING_PATH ]] | |
then | |
rm $MOBILEPROVISIONING_PATH | |
fi | |
# Share Extension provisioning profile | |
if [[ -f $MOBILEPROVISIONING_SHARE_EXTENSION_PATH ]] | |
then | |
rm $MOBILEPROVISIONING_SHARE_EXTENSION_PATH | |
fi | |