-
-
Notifications
You must be signed in to change notification settings - Fork 66
128 lines (106 loc) · 4.23 KB
/
xcframework.yml
File metadata and controls
128 lines (106 loc) · 4.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# This workflow builds binaries for a closed-source package.
# The output is an XCFramework container(!) zip a dSYMs zip.
# For this to work you must define these repository secrets:
# - BUILD_CERTIFICATE_BASE64
# - P12_PASSWORD
# - KEYCHAIN_PASSWORD
# VERY IMPORTANT!
# The XCFramework zip is a CONTAINER with the actual zip inside!
# You must download and unzip it, then upload the nested zip to a release.
# Uploading the container zip file will make Xcode fail to use the release.
# For more information see:
# https://danielsaidi.com/blog/2025/11/09/building-closed-source-binaries-with-github-actions
name: Create Binary Artifacts
on:
workflow_dispatch:
inputs:
bump_type:
description: 'Version bump'
required: false
type: choice
options:
- none
- patch
- minor
- major
- custom
default: none
custom_version:
description: 'Custom version (for "custom")'
required: false
type: string
permissions:
contents: write
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
build:
runs-on: macos-latest # macos-15
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch all history and tags (needed for version bumping)
- name: Get Package Name
run: |
PACKAGE_NAME=$(./scripts/package-name.sh)
echo "PACKAGE_NAME=$PACKAGE_NAME" >> $GITHUB_ENV
- name: Install build certificate
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
- name: Set up Xcode
uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: latest-stable # 16.4
- name: Validate git
run: ./scripts/release-validate-git.sh
- name: Validate project
run: ./scripts/release-validate-package.sh -p iOS --swiftlint 0
- name: Run framwork script
run: ./scripts/framework.sh -p iOS --dsyms 1 --zip 1
- name: Upload XCFramework Container
uses: actions/upload-artifact@v4
with:
name: ${{ env.PACKAGE_NAME }}-Container
path: .build/${{ env.PACKAGE_NAME }}.zip
if-no-files-found: error
- name: Upload dSYMs
uses: actions/upload-artifact@v4
with:
name: ${{ env.PACKAGE_NAME }}-dSYMs
path: .build/dSYMs
if-no-files-found: error
- name: Configure Git
if: ${{ inputs.bump_type != 'none' }}
run: |
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
- name: Bump Version
if: ${{ inputs.bump_type != 'none' }}
run: |
if [ "${{ inputs.bump_type }}" = "custom" ]; then
if [ -z "${{ inputs.custom_version }}" ]; then
echo "Error: Custom version not provided"
exit 1
fi
./scripts/version-bump.sh --version "${{ inputs.custom_version }}"
else
./scripts/version-bump.sh --type "${{ inputs.bump_type }}"
fi