name: Create release and upload to Apple and Google on: push: tags: # Only builds for tags with a meaningless build number suffix: v1.0.0-1 - 'v[0-9]+.[0-9]+.[0-9]+-*' jobs: build: name: Build ios and android package runs-on: macos-latest steps: - name: Check out code uses: actions/checkout@v4 with: progress: false - name: Set up Go 1.22 uses: actions/setup-go@v5 with: go-version: "1.22" cache-dependency-path: nebula/go.sum - uses: actions/setup-java@v2 with: distribution: 'zulu' java-version: '17' - name: Install flutter uses: subosito/flutter-action@v2 with: flutter-version: '3.24.1' - name: Install the appstore connect key material env: AC_API_KEY_SECRET_BASE64: ${{ secrets.AC_API_KEY_SECRET_BASE64 }} run: | AC_API_KEY_SECRET_PATH="$RUNNER_TEMP/key.p8" echo "APP_STORE_CONNECT_API_KEY_KEY_FILEPATH=$AC_API_KEY_SECRET_PATH" >> $GITHUB_ENV echo -n "$AC_API_KEY_SECRET_BASE64" | base64 --decode --output "$AC_API_KEY_SECRET_PATH" - name: Install the google play key material env: GOOGLE_PLAY_API_JWT_BASE64: ${{ secrets.GOOGLE_PLAY_API_JWT_BASE64 }} GOOGLE_PLAY_KEYSTORE_BASE64: ${{ secrets.GOOGLE_PLAY_KEYSTORE_BASE64 }} run: | GOOGLE_PLAY_API_JWT_PATH="$RUNNER_TEMP/gp_api.json" echo "GOOGLE_PLAY_API_JWT_PATH=$GOOGLE_PLAY_API_JWT_PATH" >> $GITHUB_ENV echo -n "$GOOGLE_PLAY_API_JWT_BASE64" | base64 --decode --output "$GOOGLE_PLAY_API_JWT_PATH" GOOGLE_PLAY_KEYSTORE_PATH="$RUNNER_TEMP/gp_signing.jks" echo "GOOGLE_PLAY_KEYSTORE_PATH=$GOOGLE_PLAY_KEYSTORE_PATH" >> $GITHUB_ENV echo -n "$GOOGLE_PLAY_KEYSTORE_BASE64" | base64 --decode --output "$GOOGLE_PLAY_KEYSTORE_PATH" - name: Place Github token for fastlane match env: TOKEN: ${{ secrets.MACHINE_USER_PAT }} run: echo "MATCH_GIT_BASIC_AUTHORIZATION=$(echo -n "defined-machine:${TOKEN}" | base64)" >> $GITHUB_ENV - name: Get build name and number, install dependencies env: TOKEN: ${{ secrets.MACHINE_USER_PAT }} run: | go install golang.org/x/mobile/cmd/gomobile@latest gomobile init flutter pub get touch env.sh cd android fastlane release_build_number echo "BUILD_NUMBER=$(cat ../release_build_number)" >> $GITHUB_ENV BUILD_NAME="${GITHUB_REF#refs/tags/v}" # strip the front refs/tags/v off BUILD_NAME="${BUILD_NAME%-*}" # strip the junk build number off echo "BUILD_NAME=$BUILD_NAME" >> $GITHUB_ENV - name: Build iOS env: TOKEN: ${{ secrets.MACHINE_USER_PAT }} MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} run: | cd ios pod install fastlane build cd - # verify that the github token didn't make it into the output mkdir -p build/app/test-ios cp ios/MobileNebula.ipa build/app/test-ios cd build/app/test-ios unzip MobileNebula.ipa if find . | xargs strings 2>/dev/null | grep -qF "${TOKEN}" ; then echo "Token found in iOS build" exit 1 fi - name: Collect iOS artifacts uses: actions/upload-artifact@v3 with: name: MobileNebula.ipa path: ios/MobileNebula.ipa retention-days: 5 - name: Build Android env: TOKEN: ${{ secrets.MACHINE_USER_PAT }} GOOGLE_PLAY_KEYSTORE_PASSWORD: ${{ secrets.GOOGLE_PLAY_KEYSTORE_PASSWORD }} run: | flutter build appbundle --build-number="$BUILD_NUMBER" --build-name="$BUILD_NAME" # verify that the github token didn't make it into the output mkdir -p build/app/test-android cp build/app/outputs/bundle/release/app-release.aab build/app/test-android cd build/app/test-android unzip app-release.aab if find . | xargs strings 2>/dev/null | grep -qF "${TOKEN}" ; then echo "Token found in Android build" exit 1 fi - name: Collect Android artifacts uses: actions/upload-artifact@v3 with: name: MobileNebula.aab path: build/app/outputs/bundle/release/app-release.aab retention-days: 5 - name: Publish to iOS TestFlight env: APP_STORE_CONNECT_API_KEY_KEY_ID: ${{ secrets.AC_API_KEY_ID }} APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.AC_API_KEY_ISSUER_ID }} run: | cd ios fastlane release - name: Publish to Android internal track run: | cd android fastlane release - name: Create Release id: create_release uses: actions/create-release@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: tag_name: ${{ github.ref }} release_name: Release ${{ github.ref }} draft: true prerelease: false - name: Upload release Android app uses: actions/upload-release-asset@v1.0.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: build/app/outputs/bundle/release/app-release.aab asset_name: MobileNebula.aab asset_content_type: text/plain - name: Upload release iOS app uses: actions/upload-release-asset@v1.0.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ steps.create_release.outputs.upload_url }} asset_path: ios/MobileNebula.ipa asset_name: MobileNebula.ipa asset_content_type: text/plain - name: Create Sentry release uses: getsentry/action-release@v1 env: SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} SENTRY_ORG: ${{ secrets.SENTRY_ORG }} SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}