organicmaps/organicmaps-tmp
Archived
13
Fork 1
Code Issues 2.7k Pull requests 182 Projects Releases 65 Wiki Activity Actions
This repository has been archived on 2025-03-22. You can view files and clone it, but cannot push or open issues or pull requests.
organicmaps-tmp/xcode/fastlane/Fastfile
Roman Tsisyk e00f33a076 [github] Manage private secrets with GitHub Secrets to enhance security 
1. Restore the original simple version of `configure.sh`
   Restores 08e37f4 "Refactor configure.sh"
   Reverts b87ee95b "Fixed configure.sh script and gh actions"

2. Use GitHub Secrets instead of a private git repository to enhance
   security standards and ensure credentials are encrypted and safely
   managed.

3. Document credentials used by GitHub Actions in docs/CREDENTIALS.md

4. Include `network_security_config.xml` directly into the repo
   as it has nothing sensitive.

5. Include Apple WWDR intermediate certificates directly into the repo
   as they are not sensitive and publicly available.
   https://developer.apple.com/help/account/reference/wwdr-intermediate-certificates

6. Add `private.h` in the repository since it does not differ from
   `private_defaults.h`.

Signed-off-by: Roman Tsisyk <roman@tsisyk.com>
2024-12-27 20:16:52 +00:00

144 lines
5.2 KiB
Ruby
Raw Blame History

opt_out_usage
default_platform(:ios)
platform :ios do
private_lane :prepare do
if is_ci
setup_ci # creates MATCH_KEYCHAIN_NAME on CI
ensure_env_vars(
env_vars: ['APPSTORE_CERTIFICATE_PASSWORD']
)
# Fixes random Fastlane failures by manually importing Apple certificates.
# See https://github.com/fastlane/fastlane/issues/20960#issuecomment-1621931850
import_certificate(
certificate_path: 'keys/Apple/AppleWWDRCAG2.cer',
keychain_name: ENV['MATCH_KEYCHAIN_NAME'],
keychain_password: ENV['MATCH_KEYCHAIN_PASSWORD']
)
import_certificate(
certificate_path: 'keys/Apple/AppleWWDRCAG3.cer',
keychain_name: ENV['MATCH_KEYCHAIN_NAME'],
keychain_password: ENV['MATCH_KEYCHAIN_PASSWORD']
)
import_certificate(
certificate_path: 'keys/Apple/AppleWWDRCAG4.cer',
keychain_name: ENV['MATCH_KEYCHAIN_NAME'],
keychain_password: ENV['MATCH_KEYCHAIN_PASSWORD']
)
import_certificate(
certificate_path: 'keys/Apple/AppleWWDRCAG5.cer',
keychain_name: ENV['MATCH_KEYCHAIN_NAME'],
keychain_password: ENV['MATCH_KEYCHAIN_PASSWORD']
)
import_certificate(
certificate_path: 'keys/Apple/AppleWWDRCAG6.cer',
keychain_name: ENV['MATCH_KEYCHAIN_NAME'],
keychain_password: ENV['MATCH_KEYCHAIN_PASSWORD']
)
import_certificate(
certificate_path: 'keys/Apple/AppleWWDRCAG7.cer',
keychain_name: ENV['MATCH_KEYCHAIN_NAME'],
keychain_password: ENV['MATCH_KEYCHAIN_PASSWORD']
)
import_certificate(
certificate_path: 'keys/Apple/AppleWWDRCAG8.cer',
keychain_name: ENV['MATCH_KEYCHAIN_NAME'],
keychain_password: ENV['MATCH_KEYCHAIN_PASSWORD']
)
# Organic Maps certificates.
import_certificate(
certificate_path: 'keys/CertificatesDev.p12',
certificate_password: ENV['APPSTORE_CERTIFICATE_PASSWORD'],
keychain_name: ENV['MATCH_KEYCHAIN_NAME'],
keychain_password: ENV['MATCH_KEYCHAIN_PASSWORD']
)
import_certificate(
certificate_path: 'keys/CertificatesDistr.p12',
certificate_password: ENV['APPSTORE_CERTIFICATE_PASSWORD'],
keychain_name: ENV['MATCH_KEYCHAIN_NAME'],
keychain_password: ENV['MATCH_KEYCHAIN_PASSWORD']
)
get_provisioning_profile(
api_key_path: 'keys/appstore.json',
app_identifier: 'app.organicmaps',
provisioning_name: 'CarPlay Release',
ignore_profiles_with_different_name: true,
readonly: true,
development: true,
skip_install: false,
filename: 'keys/CarPlay_Release.mobileprovision'
)
get_provisioning_profile(
api_key_path: 'keys/appstore.json',
app_identifier: 'app.organicmaps',
provisioning_name: 'CarPlay AppStore',
ignore_profiles_with_different_name: true,
adhoc: false,
readonly: true,
skip_install: false,
filename: 'keys/CarPlay_AppStore.mobileprovision'
)
get_provisioning_profile(
api_key_path: 'keys/appstore.json',
app_identifier: 'app.organicmaps.widgetextension',
provisioning_name: 'WidgetExtension Release',
ignore_profiles_with_different_name: true,
readonly: true,
development: true,
skip_install: false,
filename: 'keys/WidgetExtension_Release.mobileprovision'
)
get_provisioning_profile(
api_key_path: 'keys/appstore.json',
app_identifier: 'app.organicmaps.widgetextension',
provisioning_name: 'WidgetExtension AppStore',
ignore_profiles_with_different_name: true,
adhoc: false,
readonly: true,
skip_install: false,
filename: 'keys/WidgetExtension_AppStore.mobileprovision'
)
end
end
private_lane :generate_version do
lane_context[SharedValues::VERSION_NUMBER] = sh('../../tools/unix/version.sh ios_version').strip
lane_context[SharedValues::BUILD_NUMBER] = sh('../../tools/unix/version.sh ios_build').strip
end
private_lane :generate_testflight_changelog do
changelog = sh('git --no-pager show -s --format=%s%n%n%b HEAD|tr -dc \'\0-\177\'')
lane_context[SharedValues::FL_CHANGELOG] = changelog
end
lane :upload_testflight do
prepare
generate_version
generate_testflight_changelog
build_ios_app(
workspace: 'omim.xcworkspace',
scheme: 'OMaps',
configuration: 'Release',
destination: 'generic/platform=iOS',
silent: false,
clean: false,
include_symbols: true,
export_method: 'app-store',
export_options: {
provisioningProfiles: {
'app.organicmaps' => 'CarPlay AppStore',
'app.organicmaps.widgetextension' => 'WidgetExtension AppStore',
}
},
skip_profile_detection: false,
output_directory: 'build',
xcargs: 'MARKETING_VERSION=' + lane_context[SharedValues::VERSION_NUMBER] + ' ' +
'CURRENT_PROJECT_VERSION=' + lane_context[SharedValues::BUILD_NUMBER] + ' '
)
upload_to_testflight(
beta_app_feedback_email: 'testflight@organicmaps.app',
notify_external_testers: false,
changelog: lane_context[SharedValues::FL_CHANGELOG]
)
end
end
Reference in a new issue View git blame Copy permalink