name: "Patch" on: workflow_dispatch: env: SHOREBIRD_TOKEN: ${{ secrets.SHOREBIRD_TOKEN }} FLUTTER_VERSION: 3.35.5 jobs: build: name: Patch iOS, Android & macOS runs-on: macos-latest permissions: id-token: write pages: write contents: write steps: #1 Checkout Repository - name: Checkout Repository uses: actions/checkout@v3 - name: 🐦 Setup Shorebird uses: shorebirdtech/setup-shorebird@v1 with: cache: true - name: Install certificates env: DEVELOPER_ID_APPLICATION_P12_BASE64_MAC: ${{ secrets.DEVELOPER_ID_APPLICATION_P12_BASE64_MAC }} DEVELOPER_ID_INSTALLER_P12_BASE64_MAC: ${{ secrets.DEVELOPER_ID_INSTALLER_P12_BASE64_MAC }} P12_PASSWORD: ${{ secrets.P12_PASSWORD }} KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} APPSTORE_PROFILE_IOS_BASE64: ${{ secrets.APPSTORE_PROFILE_IOS_BASE64 }} APPSTORE_PROFILE_MACOS_BASE64: ${{ secrets.APPSTORE_PROFILE_MACOS_BASE64 }} APPSTORE_PROFILE_DEV_IOS_BASE64: ${{ secrets.APPSTORE_PROFILE_DEV_IOS_BASE64 }} run: | # create variables DEVELOPER_ID_APPLICATION_CERTIFICATE_PATH=$RUNNER_TEMP/build_developerID_application_certificate.p12 DEVELOPER_ID_INSTALLER_CERTIFICATE_PATH=$RUNNER_TEMP/build_developerID_installer_certificate.p12 PP_PATH_IOS=$RUNNER_TEMP/build_pp_ios.mobileprovision PP_PATH_IOS_DEV=$RUNNER_TEMP/build_pp_ios_dev.mobileprovision PP_PATH_MACOS=$RUNNER_TEMP/build_pp_macos.provisionprofile KEYCHAIN_PATH=$RUNNER_TEMP/pg-signing.keychain-db # import certificate and provisioning profile from secrets echo -n "$DEVELOPER_ID_APPLICATION_P12_BASE64_MAC" | base64 --decode --output $DEVELOPER_ID_APPLICATION_CERTIFICATE_PATH echo -n "$DEVELOPER_ID_INSTALLER_P12_BASE64_MAC" | base64 --decode --output $DEVELOPER_ID_INSTALLER_CERTIFICATE_PATH echo -n "$APPSTORE_PROFILE_IOS_BASE64" | base64 --decode -o $PP_PATH_IOS echo -n "$APPSTORE_PROFILE_DEV_IOS_BASE64" | base64 --decode -o $PP_PATH_IOS_DEV echo -n "$APPSTORE_PROFILE_MACOS_BASE64" | base64 --decode -o $PP_PATH_MACOS # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH # security default-keychain -s $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH # import certificate to keychain security import $DEVELOPER_ID_APPLICATION_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security import $DEVELOPER_ID_INSTALLER_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles cp $PP_PATH_IOS ~/Library/MobileDevice/Provisioning\ Profiles cp $PP_PATH_IOS_DEV ~/Library/MobileDevice/Provisioning\ Profiles cp $PP_PATH_MACOS ~/Library/MobileDevice/Provisioning\ Profiles - name: Decode Keystore run: | echo "${{ secrets.KEYSTORE_BASE64 }}" | base64 --decode > android/android.keystore; echo "${{ secrets.KEYSTORE_PROPERTIES }}" > android/keystore.properties; - name: 🚀 Shorebird Patch macOS uses: shorebirdtech/shorebird-patch@v1 with: platform: macos release-version: latest args: '--allow-asset-diffs --allow-native-diffs' - name: 🚀 Shorebird Patch Android uses: shorebirdtech/shorebird-patch@v1 with: platform: android release-version: latest args: '--allow-asset-diffs --allow-native-diffs' - name: 🚀 Shorebird Patch iOS uses: shorebirdtech/shorebird-patch@v1 with: platform: ios release-version: latest args: '--allow-asset-diffs --allow-native-diffs' - name: Set Up Flutter uses: subosito/flutter-action@v2 with: channel: 'stable' flutter-version: ${{ env.FLUTTER_VERSION }} # shorebird struggles with the app from GitHub - name: Build macOS run: flutter build macos --release; - name: Sign macOS build env: DEVELOPER_ID_APPLICATION_SIGNING_IDENTITY: ${{ secrets.DEVELOPER_ID_APPLICATION_SIGNING_IDENTITY }} run: | version=$(grep '^version: ' pubspec.yaml | cut -d ' ' -f 2 | tr -d '\r'); echo "VERSION=$version" >> $GITHUB_ENV; cd build/macos/Build/Products/Release/; /usr/bin/codesign --deep --force -s "$DEVELOPER_ID_APPLICATION_SIGNING_IDENTITY" --entitlements ../../../../../macos/Runner/Release.entitlements --options runtime SwiftControl.app -v; zip -r SwiftControl.macos.zip SwiftControl.app/; #9 Upload Artifacts - name: Upload Artifacts uses: actions/upload-artifact@v4 with: overwrite: true name: Releases path: | build/macos/Build/Products/Release/SwiftControl.macos.zip # add artifact to release - name: Create Release uses: ncipollo/release-action@v1 with: allowUpdates: true artifacts: "build/macos/Build/Products/Release/SwiftControl.macos.zip" bodyFile: scripts/RELEASE_NOTES.md tag: v${{ env.VERSION }} token: ${{ secrets.TOKEN }} windows: name: Patch Windows runs-on: windows-latest steps: #1 Checkout Repository - name: Checkout Repository uses: actions/checkout@v3 #2 Setup Java - name: Set Up Java uses: actions/setup-java@v3.12.0 with: distribution: 'oracle' java-version: '17' - name: 🐦 Setup Shorebird uses: shorebirdtech/setup-shorebird@v1 with: cache: true - name: 🚀 Shorebird Patch Windows uses: shorebirdtech/shorebird-patch@v1 with: platform: windows release-version: latest args: '--allow-asset-diffs --allow-native-diffs'