# This workflow uses actions that are not certified by GitHub. # They are provided by a third-party and are governed by # separate terms of service, privacy policy, and support # documentation. name: Build iOS run-name: Build iOS v${{ inputs.version }} on: workflow_call: inputs: version: description: "Version" required: true type: string include-iap: type: boolean description: Include IAP package default: true stage-backend: type: boolean description: Use stage backend default: true workflow_dispatch: inputs: version: description: "Version" required: true type: string include-iap: type: boolean description: Include IAP package default: true stage-backend: type: boolean description: Use stage backend default: true env: FLAVOR: "prod" RELEASE_NOTES_ARTIFACT_NAME: release_notes_en_${{ inputs.version }} RELEASE_NOTES_PATH: "assets/release_notes" jobs: build: name: Build .ipa runs-on: macos-13 timeout-minutes: 60 steps: - uses: actions/checkout@v3 with: submodules: recursive - name: Connect private iap package uses: webfactory/ssh-agent@v0.8.0 with: ssh-private-key: ${{ secrets.M3_LIGHTMETER_IAP_KEY }} - name: Install the Apple certificate and provisioning profile env: APP_STORE_P12: ${{ secrets.APP_STORE_P12 }} APP_STORE_P12_PASSWORD: ${{ secrets.APP_STORE_P12_PASSWORD }} APP_STORE_PROVISION_PROD: ${{ secrets.APP_STORE_PROVISION_PROD }} KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} run: | # create variables CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 PROVISION_PATH=$RUNNER_TEMP/build_provision.mobileprovision KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db # import certificate and provisioning profile from secrets echo -n "$APP_STORE_P12" | base64 --decode -o $CERTIFICATE_PATH echo -n "$APP_STORE_PROVISION_PROD" | base64 --decode -o $PROVISION_PATH # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH # import certificate to keychain security import $CERTIFICATE_PATH -P "$APP_STORE_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH # apply provisioning profile mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles cp $PROVISION_PATH ~/Library/MobileDevice/Provisioning\ Profiles - name: Restore GoogleService-Info.plist run: bash .github/scripts/restore_from_base64.sh "${{ secrets.GOOGLE_SERVICES_JSON_IOS }}" "ios/Runner/GoogleService-Info.plist" - name: Restore ExportOptions.plist run: bash .github/scripts/restore_from_base64.sh "${{ secrets.APP_STORE_EXPORT_OPTIONS }}" "ios/Runner/ExportOptions.plist" - name: Restore firebase_app_id_file.json run: bash .github/scripts/restore_from_base64.sh "${{ secrets.FIREBASE_APP_ID_FILE }}" "ios/firebase_app_id_file.json" - name: Restore firebase_options.dart run: bash .github/scripts/restore_from_base64.sh "${{ secrets.FIREBASE_OPTIONS }}" "lib/firebase_options.dart" - name: Restore constants.dart env: CONSTANTS: ${{inputs.stage-backend && secrets.CONSTANTS_STAGE || secrets.CONSTANTS }} run: bash .github/scripts/restore_from_base64.sh "${{ env.CONSTANTS }}" "lib/constants.dart" - name: Increment build number & replace version number run: bash ./.github/scripts/increment_build_number.sh ${{ github.event.inputs.version }} - name: Download release notes uses: actions/download-artifact@v3 with: name: ${{ env.RELEASE_NOTES_ARTIFACT_NAME }} path: ${{ env.RELEASE_NOTES_PATH }} - name: Install Flutter uses: subosito/flutter-action@v2 with: channel: "stable" flutter-version: "3.27.1" - name: Prepare flutter project run: | flutter --version flutter pub get flutter pub run intl_utils:generate - name: Build .ipa run: | flutter build ipa \ --release \ --flavor $FLAVOR \ --target lib/main_$FLAVOR.dart \ --export-options-plist=ios/Runner/ExportOptions.plist - name: Upload artifact uses: actions/upload-artifact@v3 with: name: m3_lightmeter_ipa path: build/ios/ipa/lightmeter.ipa - name: Clean up keychain and provisioning profile if: ${{ always() }} run: | security delete-keychain $RUNNER_TEMP/app-signing.keychain-db rm ~/Library/MobileDevice/Provisioning\ Profiles/build_provision.mobileprovision