ci: sign when creating xcarchive

poppingmoon · Oct 22, 2024 · 0b8c2a3 · 0b8c2a3
1 parent c051c31
commit 0b8c2a3
Show file tree

Hide file tree

Showing 5 changed files with 45 additions and 29 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -162,6 +162,12 @@ jobs:
 
     needs: get-flutter-version
 
+    env:
+      APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_ISSUER_ID }}
+      APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.APP_STORE_CONNECT_KEY_IDENTIFIER }}
+      APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.APP_STORE_CONNECT_PRIVATE_KEY }}
+      CERTIFICATE_PRIVATE_KEY: ${{ secrets.CERTIFICATE_PRIVATE_KEY }}
+
     steps:
       - uses: actions/checkout@v4
 
@@ -191,7 +197,6 @@ jobs:
         run: |
           mkdir Payload
           cp -R build/ios/iphoneos/Runner.app Payload
-
       - name: Create IPA (Unsigned)
         run: zip -r aria-${{ github.ref_name }}.ipa Payload
 
@@ -208,32 +213,41 @@ jobs:
           files: aria-${{ github.ref_name }}.ipa
           draft: true
 
+      - name: Install codemagic-cli-tools
+        run: pip install codemagic-cli-tools
+
+      - name: Fetch signing files
+        run: >
+          app-store-connect fetch-signing-files com.poppingmoon.aria
+          --platform IOS
+          --type IOS_APP_STORE
+          --create
+
+      - name: Set up keychain
+        run: keychain initialize
+
+      - name: Add certificates
+        run: keychain add-certificates
+
       - name: Create xcarchive
-        if: startsWith(github.ref, 'refs/tags/')
         working-directory: ios
         run: >
           xcodebuild archive
-          CODE_SIGNING_ALLOWED=NO
           -workspace Runner.xcworkspace
           -scheme Runner
           -configuration Release
           -archivePath Runner.xcarchive
-
-      - name: Dump AuthKey
-        if: startsWith(github.ref, 'refs/tags/')
-        run: echo "${{ secrets.APP_STORE_CONNECT_PRIVATE_KEY }}" > AuthKey.p8
+          -allowProvisioningUpdates
 
       - name: Create IPA
         if: startsWith(github.ref, 'refs/tags/')
+        working-directory: ios
         run: >
           xcodebuild
           -exportArchive
-          -archivePath ios/Runner.xcarchive
-          -exportOptionsPlist ios/ExportOptions.plist
+          -archivePath Runner.xcarchive
+          -exportOptionsPlist ExportOptions.plist
           -allowProvisioningUpdates
-          -authenticationKeyIssuerID ${{ secrets.APP_STORE_CONNECT_ISSUER_ID }}
-          -authenticationKeyID ${{ secrets.APP_STORE_CONNECT_KEY_IDENTIFIER }}
-          -authenticationKeyPath $(pwd)/AuthKey.p8
 
   build-windows-x64:
     runs-on: windows-latest
@@ -309,13 +323,11 @@ jobs:
       APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_ISSUER_ID }}
       APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.APP_STORE_CONNECT_KEY_IDENTIFIER }}
       APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.APP_STORE_CONNECT_PRIVATE_KEY }}
+      CERTIFICATE_PRIVATE_KEY: ${{ secrets.CERTIFICATE_PRIVATE_KEY }}
 
     steps:
       - uses: actions/checkout@v4
 
-      - name: Dump cert_key
-        run: echo "${{ secrets.CERT_KEY }}" > cert_key
-
       - name: Install codemagic-cli-tools
         run: pip install codemagic-cli-tools
 
@@ -324,14 +336,12 @@ jobs:
           app-store-connect fetch-signing-files com.poppingmoon.aria
           --platform MAC_OS
           --type MAC_APP_STORE
-          --certificate-key=@file:cert_key
           --create
 
       - name: Fetch certificates
         run: >
           app-store-connect certificates list
           --type MAC_INSTALLER_DISTRIBUTION
-          --certificate-key=@file:cert_key
           --save
 
       - name: Set up keychain
@@ -353,8 +363,14 @@ jobs:
       - name: Get dependencies
         run: flutter pub get
 
+      - name: Get build name
+        id: get-build-name
+        run: |
+          build_name=$(grep version pubspec.yaml | sed 's/[^0-9]*\([0-9.]*\).*/\1/')
+          echo build-name=$build_name >> $GITHUB_OUTPUT
+
       - name: Build for macOS
-        run: flutter build macos
+        run: flutter build macos --build-name ${{ steps.get-build-name.outputs.build-name }}
 
       - name: Install create-dmg
         run: brew install create-dmg

diff --git a/ios/ExportOptions.plist b/ios/ExportOptions.plist
@@ -9,7 +9,7 @@
 	<key>manageAppVersionAndBuildNumber</key>
 	<true/>
 	<key>method</key>
-	<string>app-store</string>
+	<string>app-store-connect</string>
 	<key>signingStyle</key>
 	<string>automatic</string>
 	<key>stripSwiftSymbols</key>

diff --git a/ios/Podfile.lock b/ios/Podfile.lock
@@ -109,7 +109,7 @@ PODS:
   - shared_preferences_foundation (0.0.1):
     - Flutter
     - FlutterMacOS
-  - sqflite (0.0.3):
+  - sqflite_darwin (0.0.4):
     - Flutter
     - FlutterMacOS
   - SwiftyGif (5.4.5)
@@ -148,7 +148,7 @@ DEPENDENCIES:
   - rust_lib_aria (from `.symlinks/plugins/rust_lib_aria/ios`)
   - share_plus (from `.symlinks/plugins/share_plus/ios`)
   - shared_preferences_foundation (from `.symlinks/plugins/shared_preferences_foundation/darwin`)
-  - sqflite (from `.symlinks/plugins/sqflite/darwin`)
+  - sqflite_darwin (from `.symlinks/plugins/sqflite_darwin/darwin`)
   - url_launcher_ios (from `.symlinks/plugins/url_launcher_ios/ios`)
   - video_player_avfoundation (from `.symlinks/plugins/video_player_avfoundation/darwin`)
   - wakelock_plus (from `.symlinks/plugins/wakelock_plus/ios`)
@@ -211,8 +211,8 @@ EXTERNAL SOURCES:
     :path: ".symlinks/plugins/share_plus/ios"
   shared_preferences_foundation:
     :path: ".symlinks/plugins/shared_preferences_foundation/darwin"
-  sqflite:
-    :path: ".symlinks/plugins/sqflite/darwin"
+  sqflite_darwin:
+    :path: ".symlinks/plugins/sqflite_darwin/darwin"
   url_launcher_ios:
     :path: ".symlinks/plugins/url_launcher_ios/ios"
   video_player_avfoundation:
@@ -252,7 +252,7 @@ SPEC CHECKSUMS:
   SDWebImageWebPCoder: e38c0a70396191361d60c092933e22c20d5b1380
   share_plus: 8875f4f2500512ea181eef553c3e27dba5135aad
   shared_preferences_foundation: fcdcbc04712aee1108ac7fda236f363274528f78
-  sqflite: 673a0e54cc04b7d6dba8d24fb8095b31c3a99eec
+  sqflite_darwin: a553b1fd6fe66f53bbb0fe5b4f5bab93f08d7a13
   SwiftyGif: 706c60cf65fa2bc5ee0313beece843c8eb8194d4
   Toast: 1f5ea13423a1e6674c4abdac5be53587ae481c4e
   url_launcher_ios: 5334b05cef931de560670eeae103fd3e431ac3fe

diff --git a/ios/Runner.xcodeproj/project.pbxproj b/ios/Runner.xcodeproj/project.pbxproj
@@ -297,7 +297,7 @@
 			attributes = {
 				BuildIndependentTargetsInParallel = YES;
 				LastSwiftUpdateCheck = 1530;
-				LastUpgradeCheck = 1510;
+				LastUpgradeCheck = 1600;
 				ORGANIZATIONNAME = "";
 				TargetAttributes = {
 					331C8080294A63A400263BE5 = {
@@ -572,6 +572,7 @@
 				CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
 				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
+				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
 				CLANG_WARN_STRICT_PROTOTYPES = YES;
 				CLANG_WARN_SUSPICIOUS_MOVE = YES;
@@ -604,7 +605,6 @@
 			isa = XCBuildConfiguration;
 			baseConfigurationReference = 7AFA3C8E1D35360C0083082E /* Release.xcconfig */;
 			buildSettings = {
-				ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES;
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CLANG_ENABLE_MODULES = YES;
 				CODE_SIGN_ENTITLEMENTS = Runner/Runner.entitlements;
@@ -705,6 +705,7 @@
 				CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
 				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
+				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
 				CLANG_WARN_STRICT_PROTOTYPES = YES;
 				CLANG_WARN_SUSPICIOUS_MOVE = YES;
@@ -761,6 +762,7 @@
 				CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
 				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
 				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
+				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
 				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
 				CLANG_WARN_STRICT_PROTOTYPES = YES;
 				CLANG_WARN_SUSPICIOUS_MOVE = YES;
@@ -795,7 +797,6 @@
 			isa = XCBuildConfiguration;
 			baseConfigurationReference = 9740EEB21CF90195004384FC /* Debug.xcconfig */;
 			buildSettings = {
-				ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES;
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CLANG_ENABLE_MODULES = YES;
 				CODE_SIGN_ENTITLEMENTS = Runner/Runner.entitlements;
@@ -826,7 +827,6 @@
 			isa = XCBuildConfiguration;
 			baseConfigurationReference = 7AFA3C8E1D35360C0083082E /* Release.xcconfig */;
 			buildSettings = {
-				ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES;
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CLANG_ENABLE_MODULES = YES;
 				CODE_SIGN_ENTITLEMENTS = Runner/Runner.entitlements;

diff --git a/ios/Runner.xcodeproj/xcshareddata/xcschemes/Runner.xcscheme b/ios/Runner.xcodeproj/xcshareddata/xcschemes/Runner.xcscheme
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <Scheme
-   LastUpgradeVersion = "1510"
+   LastUpgradeVersion = "1600"
    version = "1.3">
    <BuildAction
       parallelizeBuildables = "YES"