diff --git a/.github/workflows/smoke.yml b/.github/workflows/smoke.yml new file mode 100644 index 0000000..d11d24b --- /dev/null +++ b/.github/workflows/smoke.yml @@ -0,0 +1,104 @@ +# This workflow builds the iOS and Android apps, just to check they build without error + +name: Smoke build +on: + push: + branches: + - main + pull_request: + +jobs: + build-android: + name: Android + runs-on: macos-latest + steps: + - name: Set up Go 1.22 + uses: actions/setup-go@v4 + with: + go-version: "1.22" + + - uses: actions/setup-java@v2 + with: + distribution: 'zulu' + java-version: '17' + + - name: Install flutter + uses: subosito/flutter-action@v2 + with: + flutter-version: '3.24.1' + + - name: Check out code + uses: actions/checkout@v3 + + - name: install dependencies + env: + TOKEN: ${{ secrets.MACHINE_USER_PAT }} + run: | + go install golang.org/x/mobile/cmd/gomobile@latest + gomobile init + flutter pub get + touch env.sh + + - name: Build Android debug + run: flutter build appbundle --debug + + build-ios: + name: iOS + runs-on: macos-latest + + steps: + - name: Set up Go 1.22 + uses: actions/setup-go@v4 + with: + go-version: "1.22" + + - name: Install flutter + uses: subosito/flutter-action@v2 + with: + flutter-version: '3.24.1' + + - name: Check out code + uses: actions/checkout@v3 + + - name: Install the appstore connect key material + env: + AC_API_KEY_SECRET_BASE64: ${{ secrets.AC_API_KEY_SECRET_BASE64 }} + run: | + AC_API_KEY_SECRET_PATH="$RUNNER_TEMP/key.p8" + echo "APP_STORE_CONNECT_API_KEY_KEY_FILEPATH=$AC_API_KEY_SECRET_PATH" >> $GITHUB_ENV + echo -n "$AC_API_KEY_SECRET_BASE64" | base64 --decode --output "$AC_API_KEY_SECRET_PATH" + + - name: Place Github token for fastlane match + env: + TOKEN: ${{ secrets.MACHINE_USER_PAT }} + run: + echo "MATCH_GIT_BASIC_AUTHORIZATION=$(echo -n "defined-machine:${TOKEN}" | base64)" >> $GITHUB_ENV + + - name: install dependencies + env: + TOKEN: ${{ secrets.MACHINE_USER_PAT }} + run: | + go install golang.org/x/mobile/cmd/gomobile@latest + gomobile init + flutter pub get + touch env.sh + + - name: Build iOS + env: + TOKEN: ${{ secrets.MACHINE_USER_PAT }} + MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} + run: | + cd ios + pod install + fastlane checkBuild + cd - + + # verify that the github token didn't make it into the output + mkdir -p build/app/test-ios + cp ios/MobileNebula.ipa build/app/test-ios + cd build/app/test-ios + unzip MobileNebula.ipa + if find . | xargs strings 2>/dev/null | grep -qF "${TOKEN}" ; then + echo "Token found in iOS build" + exit 1 + fi \ No newline at end of file diff --git a/ios/fastlane/Fastfile b/ios/fastlane/Fastfile index 3969b63..ab4e9dd 100644 --- a/ios/fastlane/Fastfile +++ b/ios/fastlane/Fastfile @@ -18,6 +18,50 @@ default_platform(:ios) platform :ios do desc "Push a new beta build to TestFlight" + lane :checkBuild do + # Do some things like setting up a temporary keystore to host secrets in CI + setup_ci + + # Change signing behavior to work in CI + update_code_signing_settings( + # Automatic signing seems to be a good thing to have on in dev but will not work in CI + use_automatic_signing: false, + # The default value for this is iOS Development which is not appropriate for release + code_sign_identity: "Apple Distribution", + ) + + # Find our signing certs and profiles, these come from a private repository and managed by `fastlane match` + match(type: 'appstore', app_identifier: ["net.defined.mobileNebula","net.defined.mobileNebula.NebulaNetworkExtension"], readonly: true) + + # Update our main program to have the correct provisioning profile from Apple + update_project_provisioning( + xcodeproj: "Runner.xcodeproj", + target_filter: "Runner", + # This comes from match() above + profile:ENV["sigh_net.defined.mobileNebula_appstore_profile-path"], + build_configuration: "Release" + ) + + # Update our network extension to have the correct provisioning profile from Apple + update_project_provisioning( + xcodeproj: "Runner.xcodeproj", + target_filter: "NebulaNetworkExtension", + # This comes from match() above + profile:ENV["sigh_net.defined.mobileNebula.NebulaNetworkExtension_appstore_profile-path"], + build_configuration: "Release" + ) + + build_app( + output_name: "MobileNebula.ipa", + workspace: "Runner.xcworkspace", + scheme: "Runner", + export_method: "app-store", + export_options: { + manageAppVersionAndBuildNumber: false + } + ) + end + lane :build do # Do some things like setting up a temporary keystore to host secrets in CI setup_ci diff --git a/nebula/Makefile b/nebula/Makefile index 3d95d0c..b1d4789 100644 --- a/nebula/Makefile +++ b/nebula/Makefile @@ -7,7 +7,7 @@ clean: mobileNebula.aar: *.go go.sum go get -d golang.org/x/mobile/cmd/gomobile - gomobile bind -trimpath -v --target=android + gomobile bind -trimpath -v --target=android -androidapi=26 MobileNebula.xcframework: *.go go.sum go get -d golang.org/x/mobile/cmd/gomobile