111 lines
4.3 KiB
YAML
111 lines
4.3 KiB
YAML
name: Build & Deploy iOS to TestFlight
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
build-and-deploy:
|
|
runs-on: macos-latest
|
|
|
|
steps:
|
|
- name: Checkout Repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Flutter
|
|
uses: subosito/flutter-action@v2
|
|
with:
|
|
flutter-version: "3.29.3"
|
|
channel: "stable"
|
|
cache: true
|
|
|
|
- name: Install Dependencies
|
|
run: flutter pub get
|
|
|
|
# ── Code Signing Setup ──────────────────────────────────────────────────
|
|
|
|
- name: Install Apple Certificate
|
|
env:
|
|
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
|
|
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
|
|
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
|
|
run: |
|
|
# Decode certificate to file
|
|
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
|
|
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
|
|
|
|
# Create temporary keychain
|
|
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
|
|
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
|
|
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
|
|
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
|
|
|
|
# Import certificate to keychain
|
|
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A \
|
|
-t cert -f pkcs12 -k $KEYCHAIN_PATH
|
|
security set-key-partition-list -S apple-tool:,apple: \
|
|
-s -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
|
|
security list-keychain -d user -s $KEYCHAIN_PATH
|
|
|
|
- name: Install Provisioning Profile
|
|
env:
|
|
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
|
|
run: |
|
|
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
|
|
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
|
|
|
|
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
|
|
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
|
|
|
|
# ── CocoaPods ───────────────────────────────────────────────────────────
|
|
|
|
- name: Install CocoaPods Dependencies
|
|
run: |
|
|
cd ios
|
|
rm -f Podfile.lock
|
|
pod install --repo-update
|
|
|
|
# ── Build ───────────────────────────────────────────────────────────────
|
|
|
|
- name: Build iOS IPA
|
|
env:
|
|
BUNDLE_ID: ${{ secrets.BUNDLE_ID }}
|
|
TEAM_ID: ${{ secrets.TEAM_ID }}
|
|
run: |
|
|
flutter build ipa --release \
|
|
--export-options-plist=ios/ExportOptions.plist
|
|
|
|
# ── Upload to TestFlight ────────────────────────────────────────────────
|
|
|
|
- name: Upload to TestFlight via Transporter
|
|
env:
|
|
APPLE_ID: ${{ secrets.APPLE_ID }}
|
|
APP_SPECIFIC_PASSWORD: ${{ secrets.APP_SPECIFIC_PASSWORD }}
|
|
run: |
|
|
xcrun altool --upload-app \
|
|
--type ios \
|
|
--file "build/ios/ipa/*.ipa" \
|
|
--username "$APPLE_ID" \
|
|
--password "$APP_SPECIFIC_PASSWORD" \
|
|
--verbose
|
|
|
|
# ── Cleanup ─────────────────────────────────────────────────────────────
|
|
|
|
- name: Clean Up Keychain and Provisioning Profile
|
|
if: ${{ always() }}
|
|
run: |
|
|
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db || true
|
|
rm -f ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision || true
|
|
|
|
# ── Artifact (opsional, untuk debugging) ────────────────────────────────
|
|
|
|
- name: Upload IPA as Artifact
|
|
if: always()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: ios-ipa
|
|
path: build/ios/ipa/*.ipa
|
|
retention-days: 7
|