Skip to content

Update deploy secret #29

Update deploy secret

Update deploy secret #29

Workflow file for this run

# This workflow will build a Swift project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-swift
name: deploy
on:
push:
branches: [ "develop" ]
jobs:
build:
runs-on: macos-latest
env:
# app archive 및 export 에 쓰일 환경 변수 설정
XC_WORKSPACE: ${{ 'three-days-iOS.xcworkspace' }}
XC_SCHEME: ${{ 'three-days-dev' }}
XC_ARCHIVE: ${{ 'three-days-dev.xcarchive' }}
# certificate
ENCRYPTED_CERT_FILE_PATH: ${{ '.github/secrets/certification.p12.gpg' }}
DECRYPTED_CERT_FILE_PATH: ${{ '.github/secrets/certification.p12' }}
CERT_ENCRYPTION_KEY: ${{ secrets.CERTS_ENCRYPTION_PWD }} # gpg로 파일 암호화할 때 사용한 암호
# provisioning
ENCRYPTED_PROVISION_FILE_PATH: ${{ '.github/secrets/3days-dev.mobileprovision.gpg' }}
DECRYPTED_PROVISION_FILE_PATH: ${{ '.github/secrets/3days-dev.mobileprovision' }}
PROVISIONING_ENCRYPTION_KEY: ${{ secrets.PROVISION_ENCRYPTION_PWD }} # gpg로 파일 암호화할 때 사용한 암호
# certification export key
CERT_EXPORT_KEY: ${{ secrets.CERT_EXPORT_PWD }}
KEYCHAIN: ${{ 'test.keychain' }}
steps:
# 단계별 task 를 나타낼 이름
- name: Select latest Xcode
# shell 이용해서 하나의 command 수행
run: "sudo xcode-select -s /Applications/Xcode.app"
- name: Checkout project
# uses 키워드를 통해 Github Actions에서 기본으로 제공하는 액션을 사용 가능. 아래 액션은 repository 에 체크아웃하는 것
uses: actions/checkout@v2
- name: Install Mise
run: |
curl https://mise.run | sh
mise install
- name: Create Secret.swift file
run: |
echo '${{ secrets.SECRET_SWIFT }}' > ./three-days-iOS/Projects/Core/CoreKit/Sources/Secret.swift
- name: Install Tuist dependencies
run: mise x -- tuist install
- name: Generate Xcworkspace
run: mise x -- tuist generate
- name: Get version number
id: get-version
run: |
cd Projects/App
VERSION_NUMBER=$(xcrun agvtool what-marketing-version -terse1)
echo "VERSION_NUMBER=$VERSION_NUMBER" >> $GITHUB_ENV
cd -
- name: set build number
run: |
cd Projects/App
# 시분초 기반 빌드넘버 생성
BUILD_DATE=$(TZ=Asia/Seoul date +'%y%m%d')
BUILD_TIME=$(TZ=Asia/Seoul date +'%H%M')
BUILD_NUMBER="${BUILD_DATE}${BUILD_TIME}"
# 로그
echo "BUILD_NUMBER=$BUILD_NUMBER" >> $GITHUB_ENV
# 빌드넘버 세팅
xcrun agvtool new-version -all $BUILD_NUMBER
# 기존 디렉토리로
cd -
- name: Send start notification to Discord
run: |
curl -H "Content-Type: application/json" \
-X POST \
-d "{\"content\": null, \"embeds\": [{\"title\": \"iOS 배포 시작(dev)\", \"description\": \"Actor: ${{ github.actor }} \nVersion: ${{ env.VERSION_NUMBER }} (${{ env.BUILD_NUMBER }})\", \"color\": 5814783}]}" \
${{ secrets.DISCORD_WEBHOOK_URL }}
- name: Configure Keychain
# 키체인 초기화 - 임시 키체인 생성
run: |
security create-keychain -p "" "$KEYCHAIN"
security list-keychains -s "$KEYCHAIN"
security default-keychain -s "$KEYCHAIN"
security unlock-keychain -p "" "$KEYCHAIN"
security set-keychain-settings
- name : Configure Code Signing
run: |
# certificate 복호화
gpg -d -o "$DECRYPTED_CERT_FILE_PATH" --pinentry-mode=loopback --passphrase "$CERT_ENCRYPTION_KEY" "$ENCRYPTED_CERT_FILE_PATH"
# provisioning 복호화
gpg -d -o "$DECRYPTED_PROVISION_FILE_PATH" --pinentry-mode=loopback --passphrase "$PROVISIONING_ENCRYPTION_KEY" "$ENCRYPTED_PROVISION_FILE_PATH"
# security를 사용하여 인증서와 개인 키를 새로 만든 키 체인으로 가져옴
security import "$DECRYPTED_CERT_FILE_PATH" -k "$KEYCHAIN" -P "$CERT_EXPORT_KEY" -A
security set-key-partition-list -S apple-tool:,apple: -s -k "" "$KEYCHAIN"
# Xcode에서 찾을 수 있는 프로비저닝 프로필 설치하기 위해 우선 프로비저닝 디렉토리를 생성
mkdir -p "$HOME/Library/MobileDevice/Provisioning Profiles"
# 디버깅 용 echo 명령어
echo `ls .github/secrets/*.mobileprovision`
# 모든 프로비저닝 프로파일을 rename 하고 위에서 만든 디렉토리로 복사하는 과정
for PROVISION in `ls .github/secrets/*.mobileprovision`
do
UUID=`/usr/libexec/PlistBuddy -c 'Print :UUID' /dev/stdin <<< $(security cms -D -i ./$PROVISION)`
cp "./$PROVISION" "$HOME/Library/MobileDevice/Provisioning Profiles/$UUID.mobileprovision"
done
- name: Archive app
# 빌드 및 아카이브
run: |
xcodebuild clean archive -workspace $XC_WORKSPACE -scheme $XC_SCHEME -archivePath $XC_ARCHIVE
- name: Export app
# export 를 통해 ipa 파일 만듦
run: |
xcodebuild -exportArchive -archivePath $XC_ARCHIVE -exportOptionsPlist ExportOptions-dev.plist -exportPath . -allowProvisioningUpdates
- name: Upload app to TestFlight
uses: apple-actions/upload-testflight-build@v1
with:
app-path: 'three_days_dev.ipa'
issuer-id: ${{ secrets.APPSTORE_ISSUER_ID }}
api-key-id: ${{ secrets.APPSTORE_API_KEY_ID }}
api-private-key: ${{ secrets.APPSTORE_API_PRIVATE_KEY }}
- name: Success notification to Discord
if: success()
run: |
curl -H "Content-Type: application/json" \
-X POST \
-d "{\"content\": null, \"embeds\": [{\"title\": \"iOS 배포 성공(dev)\", \"description\": \"Actor: ${{ github.actor }} \nVersion: ${{ env.VERSION_NUMBER }} (${{ env.BUILD_NUMBER }})\", \"color\": 5814783}]}" \
${{ secrets.DISCORD_WEBHOOK_URL }}
- name: Failure notification to Discord
if: failure()
run: |
curl -H "Content-Type: application/json" \
-X POST \
-d "{\"content\": null, \"embeds\": [{\"title\": \"iOS 배포 실패....(dev)\", \"description\": \"Actor: ${{ github.actor }} \nVersion: ${{ env.VERSION_NUMBER }} (${{ env.BUILD_NUMBER }})\", \"color\": 16711741}]}" \
${{ secrets.DISCORD_WEBHOOK_URL }}