-
Notifications
You must be signed in to change notification settings - Fork 107
220 lines (220 loc) · 10.4 KB
/
release-canary.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
name: Canary release
on:
workflow_dispatch:
issue_comment:
types: [created, edited, deleted]
jobs:
run-static-checks:
if: contains(github.event.comment.html_url, '/pull/') && contains(github.event.comment.body, '/canary')
uses: ./.github/workflows/staticcheck.yaml
prepare-canary-release:
needs: run-static-checks
environment: canary
runs-on: ubuntu-latest
outputs:
currentAppVersion: ${{ steps.store-current-version.outputs.CURRENT_APP_VERSION }}
currentAppBuildCode: ${{ steps.store-current-version.outputs.CURRENT_APP_BUILD_CODE }}
steps:
- id: checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #v3.5.2
with:
fetch-depth: 0
- id: store-current-version
run: |
APP_VERSION=$(node -p -e "require('./package.json').version")
echo "CURRENT_APP_VERSION=$APP_VERSION" >> $GITHUB_OUTPUT
BUILD_CODE=$(node ./scripts/canary/readAndroidBuildCode.js)
echo "CURRENT_APP_BUILD_CODE=$BUILD_CODE" >> $GITHUB_OUTPUT
- id: replace-version-with-canary
run: |
node scripts/canary/replaceCanaryVersion.js ${{ vars.CANARY_VERSION }} ${{ vars.CANARY_BUILD_CODE }}
bash ./.github/scripts/package-name-replacer.sh it.pagopa.io.app it.pagopa.io.app.canary android
bash ./.github/scripts/package-name-replacer.sh it.pagopa.app.io it.pagopa.app.io.canary ios
bash ./.github/scripts/package-name-replacer.sh "git\@github.com:pagopa\/IO-App-certs.git" "git\@github.com:pagopa\/IO-App-canary-certs.git" ios
- id: bump-version
run: |
git config --local user.email "github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
yarn release-canary
- id: push-tags
run: |
git push --no-verify --follow-tags origin HEAD:${{ github.head_ref }}
- id: github-release-creation
run: |
APP_VERSION=$(node -p -e "require('./package.json').version")
gh release create "(Canary) $APP_VERSION" --generate-notes
gh variable set CANARY_VERSION -b "$APP_VERSION" -e canary
BUILD_CODE=$(node ./scripts/canary/readAndroidBuildCode.js)
gh variable set CANARY_BUILD_CODE -b "$BUILD_CODE" -e canary
release-android:
needs: prepare-canary-release
environment: canary
runs-on: ubuntu-latest
steps:
- id: checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #v3.5.2
with:
fetch-depth: 0
ref: ${{ needs.prepare-canary-release.outputs.currentAppVersion }}
- id: setup
uses: ./.github/actions/setup-composite
- id: setup-jdk-17
uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 #v3.11.0
with:
java-version: '17'
distribution: 'temurin'
cache: gradle
- id: setup-android-sdk
uses: android-actions/setup-android@00854ea68c109d98c75d956347303bf7c45b0277 #v3.2.1
- id: setup-ruby
uses: ruby/setup-ruby@d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c #v1.149.0
with:
bundler-cache: true
- id: build-release-android
run: |
./scripts/android-release.sh ./android/app
cd android && bundle exec fastlane alpha
shell: bash
env:
RUBYOPT: '-rostruct' # TODO: Remove when https://github.com/fastlane/fastlane/pull/21950 gets released
ENCODED_IOAPP_GOOGLE_SERVICES_JSON_FILE: ${{secrets.ENCODED_IOAPP_GOOGLE_SERVICES_JSON_FILE}}
ENCODED_IOAPP_JSON_KEY_FILE: ${{secrets.ENCODED_IOAPP_JSON_KEY_FILE}}
ENCODED_IO_APP_RELEASE_KEYSTORE: ${{secrets.ENCODED_IO_APP_RELEASE_KEYSTORE}}
ENCODED_IO_APP_SENTRY_PROPERTIES: ${{secrets.ENCODED_IO_APP_SENTRY_PROPERTIES}}
IO_APP_RELEASE_STORE_FILE : ${{secrets.IO_APP_RELEASE_STORE_FILE}}
IO_APP_RELEASE_STORE_PASSWORD: ${{secrets.IO_APP_RELEASE_STORE_PASSWORD}}
IO_APP_RELEASE_KEY_ALIAS: ${{secrets.IO_APP_RELEASE_KEY_ALIAS}}
IO_APP_RELEASE_KEY_PASSWORD: ${{secrets.IO_APP_RELEASE_KEY_PASSWORD}}
- id: download-universal-apk-from-store
# We don't want to fail whole job if the universal APK is not downloaded from the play store
continue-on-error: true
run: |
./scripts/android-release.sh ./android/app
cd android
VERSION_CODE=$(sed -n 's/.*versionCode \(.*\)/\1/p' "app/build.gradle")
echo "VERSION_CODE=$VERSION_CODE" >> $GITHUB_ENV
bundle exec fastlane download_apk
env:
RUBYOPT: '-rostruct' # TODO: Remove when https://github.com/fastlane/fastlane/pull/21950 gets released
ENCODED_IOAPP_JSON_KEY_FILE: ${{ secrets.ENCODED_IOAPP_JSON_KEY_FILE }}
VERSION_CODE: ${{ env.VERSION_CODE }}
- id: upload-universal-apk
# We don't want to fail whole job if the universal APK upload step fails
continue-on-error: true
uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8
with:
name: io-app-universal.apk
path: android/io-app-universal.apk
- id: upload-aab
# We don't want to fail whole job if the AAB upload step fails
continue-on-error: true
uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8
with:
name: app-release.aab
path: android/app/build/outputs/bundle/release/app-release.aab
- id: upload-android-assets-release
continue-on-error: true
run: |
APP_VERSION=$(node -p -e "require('./package.json').version")
gh release upload "(Canary) $APP_VERSION" android/app/build/outputs/bundle/release/app-release.aab#android-app-release.aab android/io-app-universal.apk#io-app-universal.apk
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
release-ios:
needs: prepare-canary-release
environment: canary
runs-on: macos-13-xlarge
steps:
- id: set-xcode-version
run: sudo xcode-select -s '/Applications/Xcode_15.2.app/Contents/Developer'
shell: bash
- id: checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #v3.5.2
with:
fetch-depth: 0
ref: ${{ needs.prepare-canary-release.outputs.currentAppVersion }}
- id: setup
uses: ./.github/actions/setup-composite
- id: setup-ruby
uses: ruby/setup-ruby@5f19ec79cedfadb78ab837f95b87734d0003c899 #v1.173.0
with:
bundler-cache: true
- id: prepare-ios-build
run: ./scripts/ios-release-build.sh
env:
APP_STORE_API_KEY_ID: ${{secrets.APP_STORE_API_KEY_ID}}
APP_STORE_API_PRIVATE_KEY: ${{secrets.APP_STORE_API_PRIVATE_KEY}}
ENCODED_IO_APP_SENTRY_PROPERTIES: ${{secrets.ENCODED_IO_APP_SENTRY_PROPERTIES}}
- id: add-ssh-deploy-key
run: |
echo -e "Host github.com
AddKeysToAgent yes
IdentityFile ~/.ssh/id_ed25519" > ~/.ssh/config
echo -e "$SSH_DEPLOY_KEY" > ~/.ssh/id_ed25519
chmod 400 ~/.ssh/id_ed25519
ssh-add ~/.ssh/id_ed25519
env:
SSH_DEPLOY_KEY: ${{secrets.SSH_CERTS_DEPLOY_KEY}}
- id: build-upload-app-store
name: Build & submit to App store
run: |
cd ios
bundle exec fastlane beta_circleci_testflight
env:
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
RUBYOPT: '-rostruct' # TODO: Remove when https://github.com/fastlane/fastlane/pull/21950 gets released
APP_STORE_API_KEY_ID: ${{secrets.APP_STORE_API_KEY_ID}}
APP_STORE_API_PRIVATE_KEY: ${{secrets.APP_STORE_API_PRIVATE_KEY}}
APP_STORE_API_KEY_ISSUER_ID: ${{secrets.APP_STORE_API_KEY_ISSUER_ID}}
ITMSTRANSPORTER_FORCE_ITMS_PACKAGE_UPLOAD: ${{secrets.ITMSTRANSPORTER_FORCE_ITMS_PACKAGE_UPLOAD}}
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
- id: upload-dsym-files
# Sometimes the build-upload-app-store step fails for timeout,
# in this case we want to upload the dSYM files anyway
if: ${{ always() }}
# We don't want to fail whole job if the dSYM upload step fails
continue-on-error: true
uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.0.3
with:
name: IO.app.dSYM.zip
path: ios/IO.app.dSYM.zip
- id: upload-ipa
# We don't want to fail whole job if the IPA upload step fails
continue-on-error: true
uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8
with:
name: IO.ipa
path: ios/IO.ipa
- id: upload-ipa-release
continue-on-error: true
run: |
APP_VERSION=$(node -p -e "require('./package.json').version")
gh release upload "(Canary) $APP_VERSION" ios/IO.ipa#IO-iOS.ipa
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
notify-new-version:
runs-on: ubuntu-latest
needs:
- prepare-canary-release
- release-android
- release-ios
steps:
- id: checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #v3.5.2
- id: revert-package-and-version
run: |
git config --local user.email "github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
node scripts/canary/replaceCanaryVersion.js ${{ needs.prepare-canary-release.outputs.currentAppVersion }} ${{ needs.prepare-canary-release.outputs.currentAppBuildCode }}
bash ./.github/scripts/package-name-restore.sh it.pagopa.io.app.canary it.pagopa.io.app android
bash ./.github/scripts/package-name-restore.sh it.pagopa.app.io.canary it.pagopa.app.io ios
bash ./.github/scripts/package-name-replacer.sh "git\@github.com:pagopa\/IO-App-canary-certs.git" "git\@github.com:pagopa\/IO-App-certs.git" ios
git add .
git commit -m "revert: restoring repository to default package name and version" --no-verify
git push --no-verify origin HEAD:${{ github.head_ref }}
- id: comment-process-end
if: github.event.issue.number
run: |
gh issue comment ${{ github.event.issue.number }} -b "Release correctly created, check it at the [release list](https://github.com/pagopa/io-app/releases)"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}