Expose AUTH_KEY_PATH as env var #235
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 🚀 Publish Demo App | ||
|
Check failure on line 1 in .github/workflows/publish-demo-app.yml
|
||
| on: | ||
| workflow_dispatch: | ||
| workflow_call: | ||
| secrets: # When triggered via another workflow, secrets are not automatically forwarded | ||
| BUILD_CERTIFICATE_BASE64: | ||
| required: true | ||
| DEVELOPMENT_CERTIFICATE_BASE64: | ||
| required: true | ||
| P12_PASSWORD: | ||
| required: true | ||
| BUILD_PROVISION_PROFILE_BASE64: | ||
| required: true | ||
| KEYCHAIN_PASSWORD: | ||
| required: true | ||
| DEMO_APP_TEST_ENV_CLIENT_KEY: | ||
| required: true | ||
| DEMO_SERVER_TEST_ENV_API_KEY: | ||
| required: true | ||
| MERCHANT_ACCOUNT: | ||
| required: true | ||
| APPLE_DEVELOPMENT_TEAM_ID: | ||
| required: true | ||
| ENVIRONMENT: | ||
| required: true | ||
| APPLE_ID_USERNAME: | ||
| required: true | ||
| APPLE_APP_SPECIFIC_PASSWORD: | ||
| required: true | ||
| XCODE_AUTHENTICATION_KEY_ID: | ||
| required: true | ||
| XCODE_AUTHENTICATION_KEY_ISSUER_ID: | ||
| required: true | ||
| XCODE_AUTHENTICATION_KEY_BASE64: | ||
| required: true | ||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }} | ||
| cancel-in-progress: true | ||
| permissions: | ||
| contents: read | ||
| jobs: | ||
| Publish: | ||
| runs-on: macos-15-xlarge | ||
| steps: | ||
| - uses: actions/checkout@v6 | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: Select latest Xcode | ||
| uses: maxim-lobanov/setup-xcode@v1 | ||
| with: | ||
| xcode-version: '16.4' | ||
| - name: 🛡️ Install the distribution certificate and provisioning profile | ||
| env: | ||
| BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | ||
| DEVELOPMENT_CERTIFICATE_BASE64: ${{ secrets.DEVELOPMENT_CERTIFICATE_BASE64 }} | ||
| P12_PASSWORD: ${{ secrets.P12_PASSWORD }} | ||
| BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }} | ||
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | ||
| run: | | ||
| # create variables | ||
| CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | ||
| DEV_CERTIFICATE_PATH=$RUNNER_TEMP/dev_certificate.p12 | ||
| PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision | ||
| KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | ||
| # import certificate and provisioning profile from secrets | ||
| echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH | ||
| echo -n "$DEVELOPMENT_CERTIFICATE_BASE64" | base64 --decode -o $DEV_CERTIFICATE_PATH | ||
| echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH | ||
| # create temporary keychain | ||
| security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | ||
| security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | ||
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | ||
| # import release certificate to keychain | ||
| security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | ||
| security import $DEV_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | ||
| security list-keychain -d user -s $KEYCHAIN_PATH | ||
| # apply provisioning profile | ||
| mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles | ||
| cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles | ||
| - name: ⚙️ Configure Demo App | ||
| env: | ||
| CLIENT_KEY: ${{ secrets.DEMO_APP_TEST_ENV_CLIENT_KEY }} | ||
| DEMO_SERVER_API_KEY: ${{ secrets.DEMO_SERVER_TEST_ENV_API_KEY }} | ||
| MERCHANT_ACCOUNT: ${{ secrets.MERCHANT_ACCOUNT }} | ||
| APPLE_DEVELOPMENT_TEAM_ID: ${{ secrets.APPLE_DEVELOPMENT_TEAM_ID }} | ||
| ENVIRONMENT: ${{ secrets.ENVIRONMENT }} | ||
| APPLE_PAY_MERCHANT_IDENTIFIER: ${{ secrets.APPLE_PAY_MERCHANT_IDENTIFIER }} | ||
| run: | | ||
| # demoServerEnvironment | ||
| sed -i '' "s/static let demoServerEnvironment.*=.*/static let demoServerEnvironment = DemoCheckoutAPIEnvironment.$ENVIRONMENT/g" ./Demo/Configuration.swift | ||
| # classicAPIEnvironment | ||
| sed -i '' "s/static let classicAPIEnvironment.*=.*/static let classicAPIEnvironment = DemoClassicAPIEnvironment.$ENVIRONMENT/g" ./Demo/Configuration.swift | ||
| # componentsEnvironment | ||
| sed -i '' "s/static let componentsEnvironment.*=.*/static let componentsEnvironment = Environment.$ENVIRONMENT/g" ./Demo/Configuration.swift | ||
| - name: 🚀 Publish Demo App | ||
| env: | ||
| # Workflow configuration | ||
| APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} | ||
| APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} | ||
| XCODE_AUTHENTICATION_KEY_ID: ${{ secrets.XCODE_AUTHENTICATION_KEY_ID }} | ||
| XCODE_AUTHENTICATION_KEY_ISSUER_ID: ${{ secrets.XCODE_AUTHENTICATION_KEY_ISSUER_ID }} | ||
| XCODE_AUTHENTICATION_KEY_BASE64: ${{ secrets.XCODE_AUTHENTICATION_KEY_BASE64 }} | ||
| # Build configuration | ||
| MERCHANT_CLIENT_KEY: ${{ secrets.DEMO_APP_TEST_ENV_CLIENT_KEY }} | ||
| MERCHANT_SERVER_HOST: ${{ secrets.MERCHANT_SERVER_HOST }} | ||
| MERCHANT_ACCOUNT: ${{ secrets.MERCHANT_ACCOUNT }} | ||
| ADYEN_SERVER_API_KEY: ${{ secrets.DEMO_SERVER_TEST_ENV_API_KEY }} | ||
| APPLE_TEAM_IDENTIFIER: ${{ secrets.APPLE_DEVELOPMENT_TEAM_ID }} | ||
| ENVIRONMENT: ${{ secrets.ENVIRONMENT }} | ||
| run: | | ||
| AUTH_KEY_PATH=$RUNNER_TEMP/authentication_key_path.p8 | ||
| rm -f $AUTH_KEY_PATH | ||
| echo -n "$XCODE_AUTHENTICATION_KEY_BASE64" | base64 --decode -o $AUTH_KEY_PATH | ||
| # Make it available for the current shell | ||
| export AUTH_KEY_PATH=$AUTH_KEY_PATH | ||
| chmod +x ./Scripts/publish-demo-app.sh | ||
| ./Scripts/publish-demo-app.sh | ||
