Deliver for staging (on GitHub-hosted) #100

Workflow file for this run

.github/workflows/deliver-stg.yml at 5093027

	name: 03 Deliver for staging

	run-name: Deliver for staging ${{ (vars.RUNS_ON_SELF_HOSTED == null && '(on GitHub-hosted)') \|\| '(on self-hosted)' }}

	on:
	workflow_dispatch:
	inputs:
	upload:
	description: 'Upload'
	type: boolean
	default: true
	workflow_call:
	inputs:
	upload:
	description: 'Upload'
	type: boolean
	default: true

	permissions:
	contents: read

	env:
	DEVELOPER_DIR: ${{ (vars.DEVELOPER_DIR == null && '/Applications/Xcode_15.0.1.app') \|\| vars.DEVELOPER_DIR }}

	defaults:
	run:
	shell: bash -euo pipefail {0}

	jobs:
	android:
	runs-on: ${{ (vars.RUNS_ON_SELF_HOSTED == null && 'ubuntu-latest') \|\| 'self-hosted' }}
	environment: staging
	timeout-minutes: 30
	steps:
	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
	with:
	java-version: '17'
	distribution: 'temurin'

	- name: Run pre-process script
	shell: bash
	env:
	PREPROCESS_SCRIPT_BASE64: ${{ secrets.PREPROCESS_SCRIPT_BASE64 }}
	run: \|
	if [ -n "$PREPROCESS_SCRIPT_BASE64" ]; then
	echo "$PREPROCESS_SCRIPT_BASE64" \| base64 --decode > ${{ runner.temp }}/pre-process.sh && bash ${{ runner.temp }}/pre-process.sh
	fi

	- uses: subosito/flutter-action@44ac965b96f18d999802d4b807e3256d5a3f9fa1 # v2.16.0
	with:
	flutter-version: ${{ (vars.FLUTTER_VERSION != null && vars.FLUTTER_VERSION) \|\| '' }}
	channel: stable
	cache: ${{ (vars.RUNS_ON_SELF_HOSTED == null && true) \|\| false }}

	- run: flutter pub get

	- name: flutterfire configure
	env:
	FIREBASE_ADMIN_SERVICE_ACCOUNT_JSON_BASE64: ${{ secrets.FIREBASE_ADMIN_SERVICE_ACCOUNT_JSON_BASE64 }}
	run: \|
	which firebase \|\| curl -sL https://firebase.tools \| analytics=false bash
	dart pub global activate flutterfire_cli 1.0.1-dev.4
	echo -n "$FIREBASE_ADMIN_SERVICE_ACCOUNT_JSON_BASE64" \| base64 --decode > ${{ runner.temp }}/firebase_admin_service_account.json
	GOOGLE_APPLICATION_CREDENTIALS=${{ runner.temp }}/firebase_admin_service_account.json make flutterfire-configure-stg

	- name: Extract key.properties file
	env:
	ANDROID_KEYSTORE_BASE64: ${{ secrets.ANDROID_KEYSTORE_BASE64 }}
	ANDROID_KEY_PROPERTIES_BASE64: ${{ secrets.ANDROID_KEY_PROPERTIES_BASE64 }}
	run: \|
	echo "$ANDROID_KEYSTORE_BASE64" \| base64 --decode > ${{ runner.temp }}/release.jks
	echo "$ANDROID_KEY_PROPERTIES_BASE64" \| base64 --decode > android/key.properties
	echo storeFile=${{ runner.temp }}/release.jks >> android/key.properties

	- name: Build app bundle
	run: \|
	flutter build apk --dart-define=FLAVOR=stg

	- name: Extract Firebase Service Account file
	if: ${{ inputs.upload }}
	env:
	FIREBASE_SERVICE_ACCOUNT_JSON_BASE64: ${{ secrets.FIREBASE_SERVICE_ACCOUNT_JSON_BASE64 }}
	run: \|
	echo -n "$FIREBASE_SERVICE_ACCOUNT_JSON_BASE64" \| base64 --decode > ${{ runner.temp }}/firebase_service_account.json

	- name: Upload to Firebase App Distribution
	if: ${{ inputs.upload }}
	env:
	FIREBASE_APP_ID_ANDROID: ${{ secrets.FIREBASE_APP_ID_ANDROID }}
	run: \|
	which firebase \|\| curl -sL https://firebase.tools \| analytics=false bash
	GOOGLE_APPLICATION_CREDENTIALS=${{ runner.temp }}/firebase_service_account.json firebase appdistribution:distribute build/app/outputs/flutter-apk/app-release.apk --app $FIREBASE_APP_ID_ANDROID --testers "[email protected]"

	- name: Clean up
	if: ${{ always() }}
	run: \|
	rm -f ./android/key.properties

	ios:
	runs-on: ${{ (vars.RUNS_ON_SELF_HOSTED == null && 'macos-15') \|\| 'self-hosted' }}
	environment: staging
	timeout-minutes: 30
	steps:
	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- name: Run pre-process script
	shell: bash
	env:
	PREPROCESS_SCRIPT_BASE64: ${{ secrets.PREPROCESS_SCRIPT_BASE64 }}
	run: \|
	if [ -n "$PREPROCESS_SCRIPT_BASE64" ]; then
	echo "$PREPROCESS_SCRIPT_BASE64" \| base64 --decode > ${{ runner.temp }}/pre-process.sh && bash ${{ runner.temp }}/pre-process.sh
	fi

	- uses: subosito/flutter-action@44ac965b96f18d999802d4b807e3256d5a3f9fa1 # v2.16.0
	with:
	flutter-version: ${{ (vars.FLUTTER_VERSION != null && vars.FLUTTER_VERSION) \|\| '' }}
	channel: stable
	cache: ${{ (vars.RUNS_ON_SELF_HOSTED == null && true) \|\| false }}
	architecture: arm64

	- run: flutter pub get

	- name: flutterfire configure
	env:
	FIREBASE_ADMIN_SERVICE_ACCOUNT_JSON_BASE64: ${{ secrets.FIREBASE_ADMIN_SERVICE_ACCOUNT_JSON_BASE64 }}
	run: \|
	which firebase \|\| curl -sL https://firebase.tools \| analytics=false bash
	dart pub global activate flutterfire_cli 1.0.1-dev.4
	echo -n "$FIREBASE_ADMIN_SERVICE_ACCOUNT_JSON_BASE64" \| base64 --decode > ${{ runner.temp }}/firebase_admin_service_account.json
	GOOGLE_APPLICATION_CREDENTIALS=${{ runner.temp }}/firebase_admin_service_account.json make flutterfire-configure-stg

	- name: Import Apple Development Certificate(Required xcodebuild archive with entitlements)
	env:
	APPLE_DEVELOPMENT_CERTIFICATE_P12_BASE64: ${{ secrets.APPLE_DEVELOPMENT_CERTIFICATE_P12_BASE64 }}
	APPLE_DEVELOPMENT_CERTIFICATE_P12_PASSWORD: ${{ secrets.APPLE_DEVELOPMENT_CERTIFICATE_P12_PASSWORD }}
	APPLE_DEVELOPMENT_KEYCHAIN_PASSWORD: ${{ secrets.APPLE_DEVELOPMENT_KEYCHAIN_PASSWORD }}
	run: \|
	CERTIFICATE_P12_PATH=${{ runner.temp }}/build_certificate.p12
	KEYCHAIN_PATH=${{ runner.temp }}/app-signing.keychain-db

	# extract certificate from secrets
	echo -n "$APPLE_DEVELOPMENT_CERTIFICATE_P12_BASE64" \| base64 --decode --output $CERTIFICATE_P12_PATH

	# create temporary keychain
	security create-keychain -p "$APPLE_DEVELOPMENT_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
	security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
	security unlock-keychain -p "$APPLE_DEVELOPMENT_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH

	# import certificate to keychain
	security import $CERTIFICATE_P12_PATH -P "$APPLE_DEVELOPMENT_CERTIFICATE_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
	security list-keychain -d user -s $KEYCHAIN_PATH

	- name: Extract App Store Connect API Private Key
	env:
	APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
	APPLE_API_AUTHKEY_P8_BASE64: ${{ secrets.APPLE_API_AUTHKEY_P8_BASE64 }}
	run: \|
	mkdir -p ./private_keys
	echo -n "$APPLE_API_AUTHKEY_P8_BASE64" \| base64 --decode > ./private_keys/AuthKey_$APPLE_API_KEY_ID.p8

	- name: Create ExportOptions.plist and Runner.entitlements
	run: \|
	cat << EOS > ./ios/ExportOptions.plist
	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
	<plist version="1.0">
	<dict>
	<key>compileBitcode</key>
	<false/>
	<key>manageAppVersionAndBuildNumber</key>
	<false/>
	<key>method</key>
	<string>release-testing</string>
	</dict>
	</plist>
	EOS

	- name: Build
	env:
	APPLE_API_ISSUER_ID: ${{ secrets.APPLE_API_ISSUER_ID }}
	APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
	run: \|
	flutter build ios \
	--config-only \
	--no-codesign \
	--dart-define=FLAVOR=stg
	xcodebuild archive \
	-archivePath ./build/ios/Runner.xcarchive \
	-workspace ./ios/Runner.xcworkspace \
	-scheme Runner \
	-configuration Release \
	-destination "generic/platform=iOS" \
	-allowProvisioningUpdates \
	-allowProvisioningDeviceRegistration \
	-authenticationKeyIssuerID $APPLE_API_ISSUER_ID \
	-authenticationKeyID $APPLE_API_KEY_ID \
	-authenticationKeyPath `pwd`/private_keys/AuthKey_$APPLE_API_KEY_ID.p8 \| xcbeautify
	xcodebuild -exportArchive \
	-archivePath ./build/ios/Runner.xcarchive \
	-exportPath ./build/ios/ipa \
	-exportOptionsPlist ./ios/ExportOptions.plist \
	-allowProvisioningUpdates \
	-authenticationKeyIssuerID $APPLE_API_ISSUER_ID \
	-authenticationKeyID $APPLE_API_KEY_ID \
	-authenticationKeyPath `pwd`/private_keys/AuthKey_$APPLE_API_KEY_ID.p8 \| xcbeautify

	- name: Find ipa file path
	id: info
	run: \|
	echo "app-path=$(pwd)/$(find build/ios/ipa -type f -name '*.ipa')" >> $GITHUB_OUTPUT

	- name: Extract Firebase Service Account file
	if: ${{ inputs.upload }}
	env:
	FIREBASE_SERVICE_ACCOUNT_JSON_BASE64: ${{ secrets.FIREBASE_SERVICE_ACCOUNT_JSON_BASE64 }}
	run: \|
	echo -n "$FIREBASE_SERVICE_ACCOUNT_JSON_BASE64" \| base64 --decode > ${{ runner.temp }}/firebase_service_account.json

	- name: Upload to Firebase App Distribution
	if: ${{ inputs.upload }}
	env:
	FIREBASE_APP_ID_IOS: ${{ secrets.FIREBASE_APP_ID_IOS }}
	APP_PATH: ${{ steps.info.outputs.app-path }}
	run: \|
	which firebase \|\| curl -sL https://firebase.tools \| analytics=false bash
	GOOGLE_APPLICATION_CREDENTIALS=${{ runner.temp }}/firebase_service_account.json firebase appdistribution:distribute $APP_PATH --app $FIREBASE_APP_ID_IOS --testers "[email protected]"

	- name: Clean up
	if: ${{ always() }}
	run: \|
	security delete-keychain ${{ runner.temp }}/app-signing.keychain-db
	rm -rf ~/Library/MobileDevice/Provisioning\ Profiles
	rm -rf ./private_keys

	# macos:
	# runs-on: ${{ (vars.RUNS_ON_SELF_HOSTED == null && 'macos-15') \|\| 'self-hosted' }}
	# environment: staging
	# timeout-minutes: 30
	# steps:
	# - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	# - name: Run pre-process script
	# shell: bash
	# env:
	# PREPROCESS_SCRIPT_BASE64: ${{ secrets.PREPROCESS_SCRIPT_BASE64 }}
	# run: \|
	# if [ -n "$PREPROCESS_SCRIPT_BASE64" ]; then
	# echo "$PREPROCESS_SCRIPT_BASE64" \| base64 --decode > ${{ runner.temp }}/pre-process.sh && bash ${{ runner.temp }}/pre-process.sh
	# fi

	# - uses: subosito/flutter-action@44ac965b96f18d999802d4b807e3256d5a3f9fa1 # v2.16.0
	# with:
	# flutter-version: ${{ (vars.FLUTTER_VERSION != null && vars.FLUTTER_VERSION) \|\| '' }}
	# channel: stable
	# cache: ${{ (vars.RUNS_ON_SELF_HOSTED == null && true) \|\| false }}
	# architecture: arm64

	# - run: flutter pub get

	# - name: flutterfire configure
	# env:
	# FIREBASE_ADMIN_SERVICE_ACCOUNT_JSON_BASE64: ${{ secrets.FIREBASE_ADMIN_SERVICE_ACCOUNT_JSON_BASE64 }}
	# run: \|
	# which firebase \|\| curl -sL https://firebase.tools \| analytics=false bash
	# dart pub global activate flutterfire_cli 1.0.1-dev.4
	# echo -n "$FIREBASE_ADMIN_SERVICE_ACCOUNT_JSON_BASE64" \| base64 --decode > ${{ runner.temp }}/firebase_admin_service_account.json
	# GOOGLE_APPLICATION_CREDENTIALS=${{ runner.temp }}/firebase_admin_service_account.json make flutterfire-configure-stg

	# - run: flutter build macos --dart-define=FLAVOR=stg

	# - if: ${{ inputs.upload }}
	# run: \|
	# pushd build/macos/Build/Products/Release
	# zip -r buzz_recipe_viewer_macos_stg.zip buzz_recipe_viewer.app
	# popd
	# mv build/macos/Build/Products/Release/buzz_recipe_viewer_macos_stg.zip ./

	# - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
	# if: ${{ inputs.upload }}
	# with:
	# path: buzz_recipe_viewer_macos_stg.zip
	# name: buzz_recipe_viewer_macos_stg
	# overwrite: true

	action-timeline:
	needs: [android, ios]
	if: ${{ !cancelled() && github.event.workflow == '.github/workflows/deliver-stg.yml' }}
	timeout-minutes: 30
	runs-on: ubuntu-latest
	steps:
	- uses: Kesin11/actions-timeline@3046833d9aacfd7745c5264b7f3af851c3e2a619 # v2.2.1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deliver for staging (on GitHub-hosted) #100

Workflow file

Deliver for staging (on GitHub-hosted) #100

Jobs

Run details

Workflow file for this run