name: Release on: push: tags: - '*' jobs: # test: # runs-on: macOS-latest # timeout-minutes: 10 # steps: # - uses: actions/checkout@v3 # - name: Setup Signing # env: # SIGNING_DATA: ${{ secrets.SIGNING_DATA }} # SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }} # HOST_PROFILE_DATA: ${{ secrets.HOST_PROFILE_DATA }} # AGENT_PROFILE_DATA: ${{ secrets.AGENT_PROFILE_DATA }} # APPLE_API_KEY_DATA: ${{ secrets.APPLE_API_KEY_DATA }} # APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} # run: ./.github/scripts/signing.sh # - name: Set Environment # run: sudo xcrun xcode-select -s /Applications/Xcode_14.1.app # - name: Test # run: | # pushd Sources/Packages # swift test # popd build: runs-on: macOS-latest timeout-minutes: 10 steps: - uses: actions/checkout@v3 - name: Setup Signing env: SIGNING_DATA: ${{ secrets.SIGNING_DATA }} SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }} HOST_PROFILE_DATA: ${{ secrets.HOST_PROFILE_DATA }} AGENT_PROFILE_DATA: ${{ secrets.AGENT_PROFILE_DATA }} APPLE_API_KEY_DATA: ${{ secrets.APPLE_API_KEY_DATA }} APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} run: ./.github/scripts/signing.sh - name: Set Environment run: sudo xcrun xcode-select -s /Applications/Xcode_14.1.app - name: Update Build Number env: TAG_NAME: ${{ github.ref }} RUN_ID: ${{ github.run_id }} run: | export CLEAN_TAG=$(echo $TAG_NAME | sed -e 's/refs\/tags\/v//') sed -i '' -e "s/GITHUB_CI_VERSION/$CLEAN_TAG/g" Sources/Config/Config.xcconfig sed -i '' -e "s/GITHUB_BUILD_NUMBER/1.$RUN_ID/g" Sources/Config/Config.xcconfig sed -i '' -e "s/GITHUB_BUILD_URL/https:\/\/github.com\/maxgoedjen\/secretive\/actions\/runs\/$RUN_ID/g" Sources/Secretive/Credits.rtf - name: Build env: APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }} run: xcrun xcodebuild -project Sources/Secretive.xcodeproj -scheme Secretive -configuration Release -archivePath Archive.xcarchive -destination "generic/platform=macOS" archive -allowProvisioningUpdates -authenticationKeyIssuerID $APPLE_API_ISSUER -authenticationKeyID $APPLE_API_KEY_ID -authenticationKeyPath ~/.private_keys/AuthKey.p8 - name: Export Products env: APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }} run: xcrun xcodebuild -exportArchive -archivePath Archive.xcarchive -exportPath Export -exportOptionsPlist Sources/Config/ExportOptions.plist -allowProvisioningUpdates -authenticationKeyIssuerID $APPLE_API_ISSUER -authenticationKeyID $APPLE_API_KEY_ID -authenticationKeyPath ~/.private_keys/AuthKey.p8 - name: Create ZIPs run: | ditto -c -k --sequesterRsrc --keepParent Export/Secretive.app ./Secretive.zip ditto -c -k --sequesterRsrc --keepParent Archive.xcarchive ./Archive.zip - name: Notarize env: APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }} run: xcrun notarytool submit --key $(pwd)/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip - name: Document SHAs run: | echo "sha-512:" shasum -a 512 Secretive.zip shasum -a 512 Archive.zip echo "sha-256:" shasum -a 256 Secretive.zip shasum -a 256 Archive.zip - name: Create Release id: create_release uses: actions/create-release@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: tag_name: ${{ github.ref }} release_name: ${{ github.ref }} body: | Update description ## Features ## Fixes ## Minimum macOS Version ## Build https://github.com/maxgoedjen/secretive/actions/runs/${{ github.run_id }} draft: true prerelease: false - name: Upload App to Release id: upload-release-asset-app uses: actions/upload-release-asset@v1.0.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ./Secretive.zip asset_name: Secretive.zip asset_content_type: application/zip - name: Upload App to Artifacts uses: actions/upload-artifact@v1 with: name: Secretive.zip path: Secretive.zip - name: Upload Archive to Artifacts uses: actions/upload-artifact@v1 with: name: Xcode_Archive.zip path: Archive.zip