phet_2025.03.02_dev #55
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Custom App | |
| on: | |
| release: | |
| types: [published] | |
| branches: | |
| - main | |
| # taken from: kiwix/kiwix-apple .github/workflows/cd.yml | |
| env: | |
| KEYCHAIN: /Users/runner/build.keychain-db | |
| KEYCHAIN_PASSWORD: mysecretpassword | |
| SSH_KEY: /tmp/id_rsa | |
| APPLE_STORE_AUTH_KEY_PATH: /tmp/authkey.p8 | |
| jobs: | |
| generate_build_deploy: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| destination: | |
| - platform: macOS | |
| - platform: iOS | |
| xcode_extra: -sdk iphoneos | |
| runs-on: macos-14 | |
| environment: ${{ contains(github.ref, 'dwds') && 'dwds' || 'internal' }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| path: custom | |
| - name: Set tag variable as an output | |
| id: vars | |
| run: echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT | |
| - name: Validate tag | |
| run: | |
| | | |
| cd custom | |
| python src/tag_validator.py ${{ steps.vars.outputs.tag }} | |
| cd .. | |
| - name: Find latest stable release of kiwix-apple, unless triggering tag indicates develop branch | |
| if: ${{ !contains(github.ref, '_dev') }} | |
| id: kiwix_latest_release | |
| uses: joutvhu/get-release@9a8271732adc3299a22f8ad09b0a67eb3aa836ac #v1.0.3 | |
| with: | |
| latest: true | |
| prerelease: false | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check-out kiwix/kiwix-apple | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: kiwix/kiwix-apple | |
| path: apple | |
| ref: ${{ !contains(github.ref, '_dev') && steps.kiwix_latest_release.outputs.tag_name || '' }} | |
| - name: Install Python dependencies for custom project generation | |
| run: python -m pip install pyyaml | |
| - name: Install Kiwix dependencies | |
| run: | # remove pre-commit, it's not needed for CI | |
| cd apple | |
| cat Brewfile | grep -v -e pre-commit > Brewfile_CI | |
| brew bundle --force --file Brewfile_CI | |
| cp Support/CoreKiwix.modulemap CoreKiwix.xcframework/ios-arm64/Headers/module.modulemap | |
| cp Support/CoreKiwix.modulemap CoreKiwix.xcframework/ios-arm64_x86_64-simulator/Headers/module.modulemap | |
| cp Support/CoreKiwix.modulemap CoreKiwix.xcframework/macos-arm64_x86_64/Headers/module.modulemap | |
| python localizations.py generate | |
| cd .. | |
| - name: Generate project based on tag | |
| env: | |
| HTTP_BASIC_ACCESS_AUTHENTICATION: ${{ secrets.HTTP_BASIC_ACCESS_AUTHENTICATION }} | |
| run: | |
| | | |
| # move the custom files under the same folder as the kiwix repo | |
| mv custom/ apple/ | |
| cd apple/custom | |
| # make a custom copy of the Info.plist file | |
| cp ../Support/Info.plist Custom.plist | |
| python src/tag_validator.py ${{ steps.vars.outputs.tag }} | |
| python src/generate_and_download.py | |
| # move the custom project file to the main folder | |
| mv custom_project.yml ../ | |
| cd .. | |
| # run xcodegen on our custom project | |
| xcodegen -s custom_project.yml | |
| ls -la | |
| - name: Set up scheme, version, build_number, and team-id from files | |
| run: | | |
| # move the checked out github actions to root folder: | |
| mv apple/.github/ . | |
| # each of these dot files below contain a single value | |
| # and are created by: src/tag_validator.py | |
| # brand_name comes from the valid tag | |
| BRAND=$(<./apple/custom/.brand_name) | |
| echo "BRAND=$BRAND" >> $GITHUB_ENV | |
| # version comes from the tag | |
| VERSION=$(<./apple/custom/.version_number) | |
| echo "VERSION=$VERSION" >> $GITHUB_ENV | |
| # team_id comes from the brand's json file | |
| TEAM_ID=$(<./apple/custom/.team_id) | |
| echo "TEAM_ID=$TEAM_ID" >> $GITHUB_ENV | |
| # taken from: kiwix/kiwix-apple .github/workflows/cd.yml | |
| - name: Set up variables for build | |
| env: | |
| PLATFORM: ${{ matrix.destination.platform }} | |
| EXTRA_XCODEBUILD: ${{ matrix.destination.xcode_extra }} | |
| APPLE_STORE_AUTH_KEY_PATH: ${{ env.APPLE_STORE_AUTH_KEY_PATH }} | |
| APPLE_STORE_AUTH_KEY_ID: ${{ secrets.APPLE_STORE_AUTH_KEY_ID }} | |
| APPLE_STORE_AUTH_KEY_ISSUER_ID: ${{ secrets.APPLE_STORE_AUTH_KEY_ISSUER_ID }} | |
| shell: python | |
| run: | | |
| import os | |
| extra_xcode = os.getenv("EXTRA_XCODEBUILD", "") | |
| if os.getenv("PLATFORM") == "iOS": | |
| extra_xcode += f" -authenticationKeyPath {os.getenv('APPLE_STORE_AUTH_KEY_PATH')}" | |
| extra_xcode += f" -authenticationKeyID {os.getenv('APPLE_STORE_AUTH_KEY_ID')}" | |
| extra_xcode += f" -authenticationKeyIssuerID {os.getenv('APPLE_STORE_AUTH_KEY_ISSUER_ID')}" | |
| with open(os.getenv("GITHUB_ENV"), "a") as fh: | |
| fh.write(f"EXPORT_METHOD={'app-store'}\n") | |
| fh.write(f"EXTRA_XCODEBUILD={extra_xcode}\n") | |
| - name: Prepare use of Apple Distribution Certificate | |
| shell: bash | |
| env: | |
| APPLE_DISTRIBUTION_SIGNING_CERTIFICATE: ${{ secrets.APPLE_DISTRIBUTION_SIGNING_CERTIFICATE }} | |
| APPLE_DISTRIBUTION_SIGNING_P12_PASSWORD: ${{ secrets.APPLE_DISTRIBUTION_SIGNING_P12_PASSWORD }} | |
| run: | | |
| echo "SIGNING_CERTIFICATE=${APPLE_DISTRIBUTION_SIGNING_CERTIFICATE}" >> "$GITHUB_ENV" | |
| echo "SIGNING_CERTIFICATE_P12_PASSWORD=${APPLE_DISTRIBUTION_SIGNING_P12_PASSWORD}" >> "$GITHUB_ENV" | |
| - name: Add Apple Store Key | |
| env: | |
| APPLE_STORE_AUTH_KEY_PATH: ${{ env.APPLE_STORE_AUTH_KEY_PATH }} | |
| APPLE_STORE_AUTH_KEY: ${{ secrets.APPLE_STORE_AUTH_KEY }} | |
| shell: bash | |
| run: echo "${APPLE_STORE_AUTH_KEY}" | base64 --decode -o $APPLE_STORE_AUTH_KEY_PATH | |
| - name: Build xcarchive | |
| uses: ./.github/actions/xcbuild | |
| with: | |
| action: archive | |
| xc-destination: generic/platform=${{ matrix.destination.platform }} | |
| # custom app specific | |
| version: ${{ env.VERSION }} | |
| XC_SCHEME: ${{ env.BRAND }} | |
| DOWNLOAD_DEPENDENCIES: false | |
| XC_WORKSPACE: apple/Kiwix.xcodeproj/project.xcworkspace/ | |
| # eof custom app specific | |
| APPLE_DEVELOPMENT_SIGNING_CERTIFICATE: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_CERTIFICATE }} | |
| APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD: ${{ secrets.APPLE_DEVELOPMENT_SIGNING_P12_PASSWORD }} | |
| DEPLOYMENT_SIGNING_CERTIFICATE: ${{ env.SIGNING_CERTIFICATE }} | |
| DEPLOYMENT_SIGNING_CERTIFICATE_P12_PASSWORD: ${{ env.SIGNING_CERTIFICATE_P12_PASSWORD }} | |
| KEYCHAIN: ${{ env.KEYCHAIN }} | |
| KEYCHAIN_PASSWORD: ${{ env.KEYCHAIN_PASSWORD }} | |
| EXTRA_XCODEBUILD: ${{ env.EXTRA_XCODEBUILD }} | |
| - name: Prepare export for ${{ env.EXPORT_METHOD }} | |
| run: | | |
| plutil -create xml1 ./export.plist | |
| plutil -insert destination -string upload ./export.plist | |
| plutil -insert method -string $EXPORT_METHOD ./export.plist | |
| - name: Upload Archive to Apple (App Store or Notarization) | |
| env: | |
| APPLE_STORE_AUTH_KEY_PATH: ${{ env.APPLE_STORE_AUTH_KEY_PATH }} | |
| APPLE_STORE_AUTH_KEY_ID: ${{ secrets.APPLE_STORE_AUTH_KEY_ID }} | |
| APPLE_STORE_AUTH_KEY_ISSUER_ID: ${{ secrets.APPLE_STORE_AUTH_KEY_ISSUER_ID }} | |
| run: xcrun xcodebuild -exportArchive -archivePath $PWD/Kiwix-$VERSION.xcarchive -exportPath $PWD/export/ -exportOptionsPlist export.plist -authenticationKeyPath $APPLE_STORE_AUTH_KEY_PATH -allowProvisioningUpdates -authenticationKeyID $APPLE_STORE_AUTH_KEY_ID -authenticationKeyIssuerID $APPLE_STORE_AUTH_KEY_ISSUER_ID |