beta #29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright (c) 2022 Sharezone UG (haftungsbeschränkt) | |
# Licensed under the EUPL-1.2-or-later. | |
# | |
# You may obtain a copy of the Licence at: | |
# https://joinup.ec.europa.eu/software/page/eupl | |
# | |
# SPDX-License-Identifier: EUPL-1.2 | |
name: beta | |
concurrency: | |
# Our Android & iOS builds require unique build numbers. Therefore, we should | |
# never build a new version while a build is already running. This is why we | |
# use the branch name as a concurrency group. This way, we can only build one | |
# version per branch at the same time. | |
group: app-release | |
on: | |
workflow_dispatch: | |
inputs: | |
ios-changelog: | |
type: string | |
description: | | |
iOS changelog: Used for the App Store release notes. If the changelog | |
is not provided, the deployment for iOS will be skipped. Use '\n' for | |
line breaks. | |
# For web deployments, we don't have a changelog. | |
deploy-web-app: | |
type: boolean | |
description: | | |
Whether to deploy the web app. If this is set to false, the web | |
deployment will be skipped. | |
android-changelog: | |
type: string | |
description: | | |
Android changelog: Used for the Google Play Store release notes. If the | |
changelog is not provided, the deployment for Android will be skipped. | |
Use '\n' for line breaks. | |
android-rollout-percentage: | |
type: number | |
description: | | |
Android rollout percentage: The percentage of users that should receive | |
the new version. | |
default: "1.0" | |
macos-changelog: | |
type: string | |
description: | | |
macOS changelog: Used for the App Store release notes. If the changelog | |
is not provided, the deployment for macOS will be skipped. Use '\n' for | |
line breaks. | |
# Set permissions to none. | |
# | |
# Using the broad default permissions is considered a bad security practice | |
# and would cause alerts from our scanning tools. | |
permissions: {} | |
env: | |
CI_CD_DART_SCRIPTS_PACKAGE_PATH: "tools/sz_repo_cli/" | |
jobs: | |
deploy-ios: | |
# We skip the deployment if no changelog is provided because we assume that | |
# nothing has changed in the iOS app and therefore no new version is needed. | |
if: github.event.inputs.ios-changelog != '' | |
runs-on: macos-13 | |
timeout-minutes: 120 | |
steps: | |
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 | |
- name: Install Codemagic CLI Tools | |
run: pip3 install codemagic-cli-tools==0.50.7 | |
- name: Set Flutter version from FVM config file to environment variables | |
id: fvm-config-action | |
uses: kuhnroyal/flutter-fvm-config-action@34c3905bc939a4ff9d9cb07d5a977493fa73b2aa | |
- uses: subosito/flutter-action@44ac965b96f18d999802d4b807e3256d5a3f9fa1 | |
with: | |
flutter-version: ${{ steps.fvm-config-action.outputs.FLUTTER_VERSION }} | |
channel: ${{ steps.fvm-config-action.outputs.FLUTTER_CHANNEL }} | |
- name: Install Sharezone Repo CLI | |
run: | | |
flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH" | |
echo $(pwd)/bin >> $GITHUB_PATH | |
- name: Deploy | |
env: | |
# The following secrets are used by the Codemagic CLI tool. It's important | |
# to use the same names as the CLI tool expects. | |
CERTIFICATE_PRIVATE_KEY: ${{ secrets.SHAREZONE_CERTIFICATE_PRIVATE_KEY }} | |
APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_KEY_IDENTIFIER }} | |
APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_ISSUER_ID }} | |
APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_PRIVATE_KEY }} | |
run: | | |
# When passing the changelog from GitHub Actions to the CLI, the line | |
# breaks are escaped. We need to replace them with actual line breaks. | |
CHANGELOG="${{ github.event.inputs.ios-changelog }}" | |
CHANGELOG_WITH_NEW_LINES=$(echo -e "$CHANGELOG" | sed 's/\\n/\\n/g') | |
sz deploy app ios \ | |
--stage beta \ | |
--whats-new "$CHANGELOG_WITH_NEW_LINES" \ | |
--export-options-plist=$HOME/export_options.plist | |
deploy-web-app: | |
if: github.event.inputs.deploy-web-app == 'true' | |
name: "deploy-beta-web-app-${{ matrix.environment.flavor }}" | |
runs-on: ubuntu-22.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
environment: | |
- flavor: prod | |
serviceAccountSecret: FIREBASE_HOSTING_PROD_KEY | |
- flavor: dev | |
serviceAccountSecret: FIREBASE_SERVICE_ACCOUNT_SHAREZONE_DEBUG | |
steps: | |
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 | |
- name: Set Flutter version from FVM config file to environment variables | |
id: fvm-config-action | |
uses: kuhnroyal/flutter-fvm-config-action@34c3905bc939a4ff9d9cb07d5a977493fa73b2aa | |
- uses: subosito/flutter-action@44ac965b96f18d999802d4b807e3256d5a3f9fa1 | |
with: | |
flutter-version: ${{ steps.fvm-config-action.outputs.FLUTTER_VERSION }} | |
channel: ${{ steps.fvm-config-action.outputs.FLUTTER_CHANNEL }} | |
- name: Install Sharezone Repo CLI | |
run: | | |
flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH" | |
echo $(pwd)/bin >> $GITHUB_PATH | |
- name: Install Firebase CLI | |
run: npm i -g [email protected] | |
- name: Build and deploy web-app | |
env: | |
FIREBASE_HOSTING_KEY: ${{ secrets[matrix.environment.serviceAccountSecret] }} | |
run: | | |
echo $FIREBASE_HOSTING_KEY > firebase-hosting-key.json | |
export GOOGLE_APPLICATION_CREDENTIALS=$(pwd)/firebase-hosting-key.json | |
sz deploy app web \ | |
--stage beta \ | |
--message "Workflow $GITHUB_JOB, commit $GITHUB_SHA" \ | |
--flavor ${{ matrix.environment.flavor }} | |
deploy-android: | |
# We skip the deployment if no changelog is provided because we assume that | |
# nothing has changed in the Android app and therefore no new version is needed. | |
if: github.event.inputs.android-changelog != '' | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 120 | |
steps: | |
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 | |
# Our Android configurations require Java 17. | |
- uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 | |
with: | |
distribution: "oracle" | |
java-version: "17" | |
- name: Install Codemagic CLI Tools | |
run: pip3 install codemagic-cli-tools==0.50.7 | |
- name: Setup signing | |
working-directory: app/android | |
env: | |
KEYSTORE_STRING: ${{ secrets.SHAREZONE_ANDROID_APP_KEYSTORE_STRING }} | |
KEY_PASSWORD: ${{ secrets.SHAREZONE_ANDROID_APP_KEY_PASSWORD }} | |
KEY_ALIAS: ${{ secrets.SHAREZONE_ANDROID_APP_KEY_ALIAS }} | |
STORE_PASSWORD: ${{ secrets.SHAREZONE_ANDROID_APP_STORE_PASSWORD }} | |
run: | | |
echo $KEYSTORE_STRING | base64 -di > app/key.jks | |
echo "storePassword=$STORE_PASSWORD" >> key.properties | |
echo "keyPassword=$KEY_PASSWORD" >> key.properties | |
echo "keyAlias=$KEY_ALIAS" >> key.properties | |
echo "storeFile=key.jks" >> key.properties | |
- name: Set Flutter version from FVM config file to environment variables | |
id: fvm-config-action | |
uses: kuhnroyal/flutter-fvm-config-action@34c3905bc939a4ff9d9cb07d5a977493fa73b2aa | |
- uses: subosito/flutter-action@44ac965b96f18d999802d4b807e3256d5a3f9fa1 | |
with: | |
flutter-version: ${{ steps.fvm-config-action.outputs.FLUTTER_VERSION }} | |
channel: ${{ steps.fvm-config-action.outputs.FLUTTER_CHANNEL }} | |
- name: Install Fastlane | |
run: sudo gem install fastlane -v 2.216.0 | |
- name: Install Sharezone Repo CLI | |
run: | | |
flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH" | |
echo $(pwd)/bin >> $GITHUB_PATH | |
- name: Deploy | |
env: | |
# Export the Google Play service account credentials as an environment | |
# variable for Sharezone Repo CLI. | |
GCLOUD_SERVICE_ACCOUNT_CREDENTIALS: ${{ secrets.SHAREZONE_GOOGLE_PLAY_SERVICE_ACCOUNT_JSON }} | |
run: | | |
# When passing the changelog from GitHub Actions to the CLI, the line | |
# breaks are escaped. We need to replace them with actual line breaks. | |
CHANGELOG="${{ github.event.inputs.android-changelog }}" | |
CHANGELOG_WITH_NEW_LINES=$(echo -e "$CHANGELOG" | sed 's/\\n/\\n/g') | |
sz deploy app android \ | |
--stage beta \ | |
--whats-new "$CHANGELOG_WITH_NEW_LINES" \ | |
--rollout-percentage ${{ github.event.inputs.android-rollout-percentage }} | |
deploy-macos: | |
# We skip the deployment if no changelog is provided because we assume that | |
# nothing has changed in the macOS app and therefore no new version is needed. | |
if: github.event.inputs.macos-changelog != '' | |
runs-on: macos-13 | |
timeout-minutes: 60 | |
steps: | |
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 | |
- name: Install Codemagic CLI Tools | |
run: pip3 install codemagic-cli-tools==0.50.7 | |
- name: Set Flutter version from FVM config file to environment variables | |
id: fvm-config-action | |
uses: kuhnroyal/flutter-fvm-config-action@34c3905bc939a4ff9d9cb07d5a977493fa73b2aa | |
- uses: subosito/flutter-action@44ac965b96f18d999802d4b807e3256d5a3f9fa1 | |
with: | |
flutter-version: ${{ steps.fvm-config-action.outputs.FLUTTER_VERSION }} | |
channel: ${{ steps.fvm-config-action.outputs.FLUTTER_CHANNEL }} | |
- name: Install Sharezone Repo CLI | |
run: | | |
flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH" | |
echo $(pwd)/bin >> $GITHUB_PATH | |
# We need to install the FlutterFire CLI because we have Build Phases in | |
# XCode configured which are using the FlutterFire CLI. Without the CLI, | |
# the build would fail. | |
- name: Install FlutterFire CLI | |
run: flutter pub global activate flutterfire_cli 0.3.0-dev.19 | |
- name: Deploy to TestFlight | |
env: | |
# The following secrets are used by the Codemagic CLI tool. It's important | |
# to use the same names as the CLI tool expects. | |
CERTIFICATE_PRIVATE_KEY: ${{ secrets.SHAREZONE_CERTIFICATE_PRIVATE_KEY }} | |
APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_KEY_IDENTIFIER }} | |
APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_ISSUER_ID }} | |
APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.SHAREZONE_APP_STORE_CONNECT_PRIVATE_KEY }} | |
run: | | |
# When passing the changelog from GitHub Actions to the CLI, the line | |
# breaks are escaped. We need to replace them with actual line breaks. | |
CHANGELOG="${{ github.event.inputs.macos-changelog }}" | |
CHANGELOG_WITH_NEW_LINES=$(echo -e "$CHANGELOG" | sed 's/\\n/\\n/g') | |
sz deploy app macos \ | |
--stage beta \ | |
--whats-new "$CHANGELOG_WITH_NEW_LINES" |