Skip to content

v2.11.0-beta.9

v2.11.0-beta.9 #214

Workflow file for this run

name: Release deploy
on:
release:
types:
- created
env:
FLUTTER_VERSION: stable
NAVIS_SERVICE_ACCOUNT: ${{ secrets.NAVIS_SERVICE_ACCOUNT }}
FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD: ${{ secrets.FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD }}
FASTLANE_SESSION: ${{ secrets.FASTLANE_SESSION }}
FASTLANE_PASSWORD: ${{ secrets.FASTLANE_PASSWORD }}
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
MATOMO_URL: ${{ secrets.MATOMO_URL }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
jobs:
release-android-google-play:
runs-on: ubuntu-20.04
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup Java
uses: actions/setup-java@v3
with:
distribution: microsoft
java-version: 11
- name: Setup Flutter
uses: subosito/[email protected]
with:
channel: ${{ env.FLUTTER_VERSION }}
cache: true
cache-key: "flutter-:os:-:channel:-:version:-:arch:-:hash:" # optional, change this to force refresh cache
cache-path: "${{ runner.tool_cache }}/flutter/:channel:-:version:-:arch:" # optional, change this to specify the cache path
architecture: x64 # optional, x64 or arm64
- name: Retrieve signing key
env:
KEYSTORE: ${{ secrets.KEYSTORE }}
run: echo $KEYSTORE | base64 -di > android/keystore.jks
- name: Setup Firebase
env:
FIREBASE_ANDROID: ${{ secrets.FIREBASE_ANDROID }}
FIREBASE_OPTIONS: ${{ secrets.FIREBASE_OPTIONS }}
run: |
echo $FIREBASE_OPTIONS | base64 --decode > lib/firebase_options.dart
echo $FIREBASE_ANDROID | base64 --decode > android/app/google-services.json
- name: Build App bundle
env:
KEYSTOREPASS: ${{ secrets.KEYSTOREPASS }}
run: |
flutter build appbundle \
--dart-define=SENTRY_DSN=$SENTRY_DSN --dart-define=MATOMO_URL=$MATOMO_URL \
-t lib/main_prod.dart --flavor prod \
--split-debug-info=debug_info
- name: Upload Sentry debug symbols
run: flutter packages pub run sentry_dart_plugin
- name: Retrieve service account
env:
KEYSTORE: ${{ secrets.KEYSTORE }}
run: echo $NAVIS_SERVICE_ACCOUNT | base64 -di > android/fastlane/service_account.json
- uses: ruby/setup-ruby@v1
with:
ruby-version: "3.0"
bundler-cache: true
working-directory: android
- name: Fastlane Google Play deploy Beta
uses: maierj/[email protected]
if: contains(github.ref_name, 'beta')
with:
lane: beta
subdirectory: android
- name: Fastlane Google Play deploy
uses: maierj/[email protected]
if: contains(github.ref_name, 'beta') == false
with:
lane: production
subdirectory: android
release-ios-appstore:
runs-on: macos-12
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Apple certificate and provisioning profile
env:
APPSTORE_CERT: ${{ secrets.APPSTORE_CERT }}
APPSTORE_CERT_PASSWORD: ${{ secrets.APPSTORE_CERT_PASSWORD }}
MOBILEPROVISION: ${{ secrets.MOBILEPROVISION }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$APPSTORE_CERT" | base64 --decode --output $CERTIFICATE_PATH
echo -n "$MOBILEPROVISION" | base64 --decode --output $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$APPSTORE_CERT_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Install Flutter SDK
uses: subosito/[email protected]
with:
channel: stable
architecture: x64
- name: Setup Firebase
env:
FIREBASE_IOS: ${{ secrets.FIREBASE_IOS }}
FIREBASE_OPTIONS: ${{ secrets.FIREBASE_OPTIONS }}
FIREBASE_IOS_SERVICES: ${{ secrets.FIREBASE_IOS_SERVICES }}
run: |
echo $FIREBASE_IOS | base64 --decode > ios/firebase_app_id_file.json
echo $FIREBASE_OPTIONS | base64 --decode > lib/firebase_options.dart
echo $FIREBASE_IOS_SERVICES | base64 --decode > ios/runner/GoogleService-Info.plist
- name: Build app
run: |
flutter build ipa \
--dart-define=SENTRY_DSN=$SENTRY_DSN --dart-define=MATOMO_URL=$MATOMO_URL \
-t lib/main_prod.dart --export-options-plist=ios/ExportOptions.plist
- uses: ruby/setup-ruby@v1
with:
ruby-version: "3.0"
bundler-cache: true
working-directory: ios
- name: App Store Deploy Beta
uses: maierj/[email protected]
if: contains(github.ref_name, 'beta')
with:
lane: beta
subdirectory: ios
- name: App Store Deploy
uses: maierj/[email protected]
if: contains(github.ref_name, 'beta') == false
with:
lane: production
subdirectory: ios
release-android-github:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-java@v3
with:
distribution: microsoft
java-version: 11
- uses: subosito/[email protected]
with:
channel: ${{ env.FLUTTER_VERSION }}
cache: true
cache-key: "flutter-:os:-:channel:-:version:-:arch:-:hash:" # optional, change this to force refresh cache
cache-path: "${{ runner.tool_cache }}/flutter/:channel:-:version:-:arch:" # optional, change this to specify the cache path
- name: Retrieve signing keys
env:
KEYSTORE: ${{ secrets.KEYSTORE }}
run: echo $KEYSTORE | base64 --decode > android/keystore.jks
- name: Setup Firebase
env:
FIREBASE_ANDROID: ${{ secrets.FIREBASE_ANDROID }}
FIREBASE_OPTIONS: ${{ secrets.FIREBASE_OPTIONS }}
run: |
echo $FIREBASE_OPTIONS | base64 --decode > lib/firebase_options.dart
echo $FIREBASE_ANDROID | base64 --decode > android/app/google-services.json
- name: Build split apks per abi
env:
KEYSTOREPASS: ${{ secrets.KEYSTOREPASS }}
run: |
flutter build apk \
--dart-define=SENTRY_DSN=$SENTRY_DSN --dart-define=MATOMO_URL=$MATOMO_URL \
-t lib/main_prod.dart --flavor prod --split-per-abi \
--split-debug-info=debug_info
- name: Github Releases Deploy Beta
uses: xresloader/[email protected]
if: contains(github.ref_name, 'beta')
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
with:
file: "build/app/outputs/flutter-apk/app-*-prod-release.apk"
tags: true
draft: false
prerelease: true
- name: Github Releases Deploy
uses: xresloader/[email protected]
if: contains(github.ref_name, 'beta') == false
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
with:
file: "build/app/outputs/flutter-apk/app-*-prod-release.apk"
tags: true
draft: false
release-ios-github:
runs-on: macos-12
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Apple certificate and provisioning profile
env:
APPSTORE_CERT: ${{ secrets.APPSTORE_CERT }}
APPSTORE_CERT_PASSWORD: ${{ secrets.APPSTORE_CERT_PASSWORD }}
MOBILEPROVISION: ${{ secrets.MOBILEPROVISION }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$APPSTORE_CERT" | base64 --decode --output $CERTIFICATE_PATH
echo -n "$MOBILEPROVISION" | base64 --decode --output $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$APPSTORE_CERT_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Install Flutter SDK
uses: subosito/[email protected]
with:
channel: stable
architecture: x64
- name: Setup Firebase
env:
FIREBASE_IOS: ${{ secrets.FIREBASE_IOS }}
FIREBASE_OPTIONS: ${{ secrets.FIREBASE_OPTIONS }}
FIREBASE_IOS_SERVICES: ${{ secrets.FIREBASE_IOS_SERVICES }}
run: |
echo $FIREBASE_IOS | base64 --decode > ios/firebase_app_id_file.json
echo $FIREBASE_OPTIONS | base64 --decode > lib/firebase_options.dart
echo $FIREBASE_IOS_SERVICES | base64 --decode > ios/runner/GoogleService-Info.plist
- name: Build app
run: |
flutter build ipa \
--dart-define=SENTRY_DSN=$SENTRY_DSN --dart-define=MATOMO_URL=$MATOMO_URL \
-t lib/main_prod.dart --export-options-plist=ios/ExportOptions.plist
- name: Github Releases Deploy Beta
uses: xresloader/[email protected]
if: contains(github.ref_name, 'beta')
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
with:
file: "build/ios/ipa/*.ipa"
tags: true
draft: false
prerelease: true
- name: Github Releases Deploy
uses: xresloader/[email protected]
if: contains(github.ref_name, 'beta') == false
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
with:
file: "build/ios/ipa/*.ipa"
tags: true
draft: false
# Only needed for self-hosted runners but I'm a paraniod person.
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision