name: "Patch" on: workflow_dispatch: env: SHOREBIRD_TOKEN: ${{ secrets.SHOREBIRD_TOKEN }} FLUTTER_VERSION: 3.38.5 jobs: build: name: Patch iOS, Android & macOS runs-on: macos-latest permissions: id-token: write pages: write contents: write steps: #1 Checkout Repository - name: Checkout Repository uses: actions/checkout@v3 with: submodules: recursive token: ${{ secrets.PAT_TOKEN }} - name: rename pubspec_overrides_ci.yaml to pubspec_overrides.yaml run: | if [ -f pubspec_overrides_ci.yaml ]; then mv pubspec_overrides_ci.yaml pubspec_overrides.yaml else echo "No pubspec_overrides_ci.yaml found, skipping rename." fi - name: 🐦 Setup Shorebird uses: shorebirdtech/setup-shorebird@v1 with: cache: true - name: Set Up Flutter uses: subosito/flutter-action@v2 with: channel: 'stable' flutter-version: ${{ env.FLUTTER_VERSION }} - name: Generate translation files run: | flutter pub global activate intl_utils; flutter pub global run intl_utils:generate; - name: Install certificates env: DEVELOPER_ID_APPLICATION_P12_BASE64_MAC: ${{ secrets.DEVELOPER_ID_APPLICATION_P12_BASE64_MAC }} DEVELOPER_ID_INSTALLER_P12_BASE64_MAC: ${{ secrets.DEVELOPER_ID_INSTALLER_P12_BASE64_MAC }} P12_PASSWORD: ${{ secrets.P12_PASSWORD }} KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} APPSTORE_PROFILE_IOS_BASE64: ${{ secrets.APPSTORE_PROFILE_IOS_BASE64 }} APPSTORE_PROFILE_MACOS_BASE64: ${{ secrets.APPSTORE_PROFILE_MACOS_BASE64 }} APPSTORE_PROFILE_DEV_IOS_BASE64: ${{ secrets.APPSTORE_PROFILE_DEV_IOS_BASE64 }} run: | # create variables DEVELOPER_ID_APPLICATION_CERTIFICATE_PATH=$RUNNER_TEMP/build_developerID_application_certificate.p12 DEVELOPER_ID_INSTALLER_CERTIFICATE_PATH=$RUNNER_TEMP/build_developerID_installer_certificate.p12 PP_PATH_IOS=$RUNNER_TEMP/build_pp_ios.mobileprovision PP_PATH_IOS_DEV=$RUNNER_TEMP/build_pp_ios_dev.mobileprovision PP_PATH_MACOS=$RUNNER_TEMP/build_pp_macos.provisionprofile KEYCHAIN_PATH=$RUNNER_TEMP/pg-signing.keychain-db # import certificate and provisioning profile from secrets echo -n "$DEVELOPER_ID_APPLICATION_P12_BASE64_MAC" | base64 --decode --output $DEVELOPER_ID_APPLICATION_CERTIFICATE_PATH echo -n "$DEVELOPER_ID_INSTALLER_P12_BASE64_MAC" | base64 --decode --output $DEVELOPER_ID_INSTALLER_CERTIFICATE_PATH echo -n "$APPSTORE_PROFILE_IOS_BASE64" | base64 --decode -o $PP_PATH_IOS echo -n "$APPSTORE_PROFILE_DEV_IOS_BASE64" | base64 --decode -o $PP_PATH_IOS_DEV echo -n "$APPSTORE_PROFILE_MACOS_BASE64" | base64 --decode -o $PP_PATH_MACOS # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH # security default-keychain -s $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH # import certificate to keychain security import $DEVELOPER_ID_APPLICATION_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security import $DEVELOPER_ID_INSTALLER_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles cp $PP_PATH_IOS ~/Library/MobileDevice/Provisioning\ Profiles cp $PP_PATH_IOS_DEV ~/Library/MobileDevice/Provisioning\ Profiles cp $PP_PATH_MACOS ~/Library/MobileDevice/Provisioning\ Profiles - name: Decode Keystore run: | echo "${{ secrets.KEYSTORE_BASE64 }}" | base64 --decode > android/android.keystore; echo "${{ secrets.KEYSTORE_PROPERTIES }}" > android/keystore.properties; - name: 🚀 Shorebird Patch macOS if: false # patch doesn't work: https://github.com/OpenBikeControl/bikecontrol/issues/143 uses: shorebirdtech/shorebird-patch@v1 with: platform: macos release-version: latest args: '--allow-asset-diffs --allow-native-diffs -- --dart-define=VERIFYING_SHARED_SECRET=${{ secrets.VERIFYING_SHARED_SECRET }} --dart-define=REVENUECAT_API_KEY_IOS=${{ secrets.REVENUECAT_API_KEY_IOS }}' - name: 🚀 Shorebird Patch Android uses: shorebirdtech/shorebird-patch@v1 with: platform: android release-version: latest args: '--allow-asset-diffs --allow-native-diffs -- --obfuscate --split-debug-info=symbols --dart-define=REVENUECAT_API_KEY_ANDROID=${{ secrets.REVENUECAT_API_KEY_ANDROID }}' - name: 🚀 Shorebird Patch iOS uses: shorebirdtech/shorebird-patch@v1 with: platform: ios release-version: latest args: '--allow-asset-diffs --allow-native-diffs -- --dart-define=VERIFYING_SHARED_SECRET=${{ secrets.VERIFYING_SHARED_SECRET }} --dart-define=REVENUECAT_API_KEY_IOS=${{ secrets.REVENUECAT_API_KEY_IOS }}' windows: name: Patch Windows runs-on: windows-latest steps: #1 Checkout Repository - name: Checkout Repository uses: actions/checkout@v3 with: submodules: recursive token: ${{ secrets.PAT_TOKEN }} - name: rename pubspec_overrides_ci.yaml to pubspec_overrides.yaml shell: pwsh run: | if (Test-Path pubspec_overrides_ci.yaml) { Rename-Item -Path pubspec_overrides_ci.yaml -NewName pubspec_overrides.yaml } else { Write-Output "No pubspec_overrides_ci.yaml found, skipping rename." } - name: 🐦 Setup Shorebird uses: shorebirdtech/setup-shorebird@v1 with: cache: true - name: Set Up Flutter uses: subosito/flutter-action@v2 with: channel: 'stable' flutter-version: ${{ env.FLUTTER_VERSION }} - name: Generate translation files run: | flutter pub global activate intl_utils; flutter pub global run intl_utils:generate; - name: 🚀 Shorebird Patch Windows uses: shorebirdtech/shorebird-patch@v1 with: platform: windows release-version: latest args: '--allow-asset-diffs --allow-native-diffs -- --obfuscate --split-debug-info=symbols'