organicmaps/organicmaps-tmp
Archived
13
Fork 1
Code Issues 2.7k Pull requests 182 Projects Releases 65 Wiki Activity Actions
This repository has been archived on 2025-03-22. You can view files and clone it, but cannot push or open issues or pull requests.
organicmaps-tmp/.github/workflows/ios-release.yaml
Roman Tsisyk e00f33a076 [github] Manage private secrets with GitHub Secrets to enhance security 
1. Restore the original simple version of `configure.sh`
   Restores 08e37f4 "Refactor configure.sh"
   Reverts b87ee95b "Fixed configure.sh script and gh actions"

2. Use GitHub Secrets instead of a private git repository to enhance
   security standards and ensure credentials are encrypted and safely
   managed.

3. Document credentials used by GitHub Actions in docs/CREDENTIALS.md

4. Include `network_security_config.xml` directly into the repo
   as it has nothing sensitive.

5. Include Apple WWDR intermediate certificates directly into the repo
   as they are not sensitive and publicly available.
   https://developer.apple.com/help/account/reference/wwdr-intermediate-certificates

6. Add `private.h` in the repository since it does not differ from
   `private_defaults.h`.

Signed-off-by: Roman Tsisyk <roman@tsisyk.com>
2024-12-27 20:16:52 +00:00

58 lines
1.6 KiB
YAML
Raw Blame History

name: iOS Release
on:
workflow_dispatch: # Manual trigger
jobs:
ios-release:
name: iOS Release
runs-on: macos-15
env:
DEVELOPER_DIR: /Applications/Xcode_16.app/Contents/Developer
LANG: en_US.UTF-8 # Fastlane complains that the terminal is using ASCII.
LANGUAGE: en_US.UTF-8
LC_ALL: en_US.UTF-8
environment: production
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Restore release keys
shell: bash
run: |
mkdir -p xcode/keys
echo "$APPSTORE_JSON" | base64 -d > xcode/keys/appstore.json
env:
APPSTORE_JSON: ${{ secrets.APPSTORE_JSON }}
- name: Checkout screenshots
uses: actions/checkout@v4
with:
repository: ${{ secrets.SCREENSHOTS_REPO }}
ssh-key: ${{ secrets.SCREENSHOTS_SSH_KEY }}
ref: master
path: screenshots
- name: Checkout keywords
uses: actions/checkout@v4
with:
repository: ${{ secrets.KEYWORDS_REPO }}
ssh-key: ${{ secrets.KEYWORDS_SSH_KEY }}
ref: master
path: keywords
- name: Update metadata
shell: bash
run: ./tools/python/check_store_metadata.py ios
# NOTE: a new iOS draft must be created before this step
- name: Upload metadata
shell: bash
run: ./fastlane.sh upload_metadata
working-directory: xcode
timeout-minutes: 5
- name: Upload screenshots
shell: bash
run: ./fastlane.sh upload_screenshots
working-directory: xcode
timeout-minutes: 10
Reference in a new issue View git blame Copy permalink