diff --git a/.github/workflows/ios_ci.yml b/.github/workflows/ios_ci.yml index 23cddc2c2..92d1e4081 100644 --- a/.github/workflows/ios_ci.yml +++ b/.github/workflows/ios_ci.yml @@ -1,72 +1,69 @@ name: iOS Build CI on: push: branches: - master - 'debugci/ios_ci/*' paths-ignore: - 'landing/**' - 'web/**' - 'docs/**' - 'keyserver/**' - 'desktop/**' -env: - DEVELOPER_DIR: /Applications/Xcode_15.0.app/Contents/Developer - jobs: build: name: Build and archive iOS app - runs-on: macos-13 + runs-on: macos-14 steps: - name: Checkout uses: actions/checkout@v3 - name: Install Developer certificate env: BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} P12_PASSWORD: ${{ secrets.P12_PASSWORD }} run: | # create variables CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db # import certificate from secrets echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH # create temporary keychain security create-keychain -p "123456" $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "123456" $KEYCHAIN_PATH # import certificate to keychain security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH - name: brew install protobuf run: brew install protobuf - name: Fix node-gyp run: python3 -m pip install packaging setuptools - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: Save auth_key to file working-directory: ./native/ios env: AUTH_KEY: ${{secrets.AUTH_KEY}} run: echo "$AUTH_KEY" > AUTH_KEY.p8 - name: Archive working-directory: ./native/ios env: AUTH_KEY_ID: ${{secrets.AUTH_KEY_ID}} AUTH_KEY_ISSUER_ID: ${{secrets.AUTH_KEY_ISSUER_ID}} run: xcodebuild archive -workspace Comm.xcworkspace -scheme Comm -configuration Release -archivePath archives/Comm.xcarchive -destination generic/platform=iOS -allowProvisioningUpdates -authenticationKeyIssuerID "$AUTH_KEY_ISSUER_ID" -authenticationKeyID "$AUTH_KEY_ID" -authenticationKeyPath $PWD/AUTH_KEY.p8 - name: Set up tmate session if: failure() && startsWith(github.ref, 'refs/heads/debugci/') uses: mxschmitt/action-tmate@v3 diff --git a/.github/workflows/ios_release.yml b/.github/workflows/ios_release.yml index 9c6677fe7..77ab03ab6 100644 --- a/.github/workflows/ios_release.yml +++ b/.github/workflows/ios_release.yml @@ -1,81 +1,78 @@ name: iOS Build/Archive/Upload to AppStore Connect on: push: tags: - mobile-** -env: - DEVELOPER_DIR: /Applications/Xcode_15.0.app/Contents/Developer - jobs: build: name: Build, archive, and upload iOS app - runs-on: macos-13 + runs-on: macos-14 steps: - name: Checkout uses: actions/checkout@v3 - name: Install Developer certificate env: BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} P12_PASSWORD: ${{ secrets.P12_PASSWORD }} run: | # create variables CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db # import certificate from secrets echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH # create temporary keychain security create-keychain -p "123456" $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "123456" $KEYCHAIN_PATH # import certificate to keychain security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH - name: brew install protobuf run: brew install protobuf - name: Fix node-gyp run: python3 -m pip install packaging setuptools - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: Save ALCHEMY_API_KEY to file working-directory: ./native env: ALCHEMY_API_KEY: ${{secrets.ALCHEMY_API_KEY}} run: mkdir -p facts && echo '{"key":"'"$ALCHEMY_API_KEY"'"}' > facts/alchemy.json - name: Save auth_key to file working-directory: ./native/ios env: AUTH_KEY: ${{secrets.AUTH_KEY}} run: echo "$AUTH_KEY" > AUTH_KEY.p8 - name: Archive working-directory: ./native/ios env: AUTH_KEY_ID: ${{secrets.AUTH_KEY_ID}} AUTH_KEY_ISSUER_ID: ${{secrets.AUTH_KEY_ISSUER_ID}} run: xcodebuild archive -workspace Comm.xcworkspace -scheme Comm -configuration Release -archivePath archives/Comm.xcarchive -destination generic/platform=iOS -allowProvisioningUpdates -authenticationKeyIssuerID "$AUTH_KEY_ISSUER_ID" -authenticationKeyID "$AUTH_KEY_ID" -authenticationKeyPath $PWD/AUTH_KEY.p8 - name: Export IPA working-directory: ./native/ios env: AUTH_KEY_ID: ${{secrets.AUTH_KEY_ID}} AUTH_KEY_ISSUER_ID: ${{secrets.AUTH_KEY_ISSUER_ID}} run: xcodebuild -exportArchive -archivePath archives/Comm.xcarchive -exportOptionsPlist exportOptions.plist -exportPath output -allowProvisioningUpdates -authenticationKeyIssuerID "$AUTH_KEY_ISSUER_ID" -authenticationKeyID "$AUTH_KEY_ID" -authenticationKeyPath $PWD/AUTH_KEY.p8 - name: Upload IPA to TestFlight working-directory: ./native/ios env: APPLE_USER_NAME: ${{secrets.APPLE_USER_NAME}} APPLE_APP_SPECIFIC_PASSWORD: ${{secrets.APPLE_APP_SPECIFIC_PASSWORD}} run: xcrun altool --upload-app --type ios --file output/Comm.ipa --username "$APPLE_USER_NAME" --password "$APPLE_APP_SPECIFIC_PASSWORD" diff --git a/.github/workflows/macos_ci.yml b/.github/workflows/macos_ci.yml index 92c0ae56d..ae75262b7 100644 --- a/.github/workflows/macos_ci.yml +++ b/.github/workflows/macos_ci.yml @@ -1,72 +1,72 @@ name: macOS Build CI on: workflow_call: push: branches: [master] paths-ignore: - 'landing/**' - 'docs/**' - 'keyserver/**' - 'native/**' - 'shared/**' jobs: build: name: Build macOS app - runs-on: macos-13 + runs-on: macos-14 steps: - name: Checkout uses: actions/checkout@v3 - name: Fix node-gyp run: python3 -m pip install packaging setuptools - name: Install Developer certificate env: MACOS_BUILD_CERTIFICATE_BASE64: ${{ secrets.MACOS_BUILD_CERTIFICATE_BASE64 }} MACOS_BUILD_P12_PASSWORD: ${{ secrets.MACOS_BUILD_P12_PASSWORD }} MACOS_PROVISIONPROFILE_BASE64: ${{ secrets.MACOS_PROVISIONPROFILE_BASE64 }} run: | # create variables CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db PROVISIONPROFILE_PATH=$GITHUB_WORKSPACE/desktop/macOS_App_Provisioning_Profile.provisionprofile # import certificate from secrets echo -n "$MACOS_BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH # create temporary keychain security create-keychain -p "123456" $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "123456" $KEYCHAIN_PATH # import certificate to keychain security import $CERTIFICATE_PATH -P "$MACOS_BUILD_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH # import provisioning profile from secrets echo -n "$MACOS_PROVISIONPROFILE_BASE64" | base64 --decode -o $PROVISIONPROFILE_PATH - name: sudo ./install_protobuf.sh working-directory: ./scripts run: sudo ./install_protobuf.sh - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: Build App env: APPLE_USER_NAME: ${{secrets.APPLE_USER_NAME}} APPLE_APP_SPECIFIC_PASSWORD: ${{secrets.APPLE_APP_SPECIFIC_PASSWORD}} TEAM_ID: ${{secrets.TEAM_ID}} working-directory: './desktop' run: yarn make --arch universal - name: Upload Artifact uses: actions/upload-artifact@v3 with: name: macos-artifacts path: ./desktop/out/make/**/* if-no-files-found: error retention-days: 1