Skip to content

Flutter CI CD

Flutter CI CD #156

name: Flutter CI CD
# This workflow is triggered on pushes to the repository.
on:
push:
# branches: [staging, master]
branches: [staging]
# pull_request:
# branches: [ dev ]
workflow_dispatch: # to manually run this workflow
# on: push # Default will running for every branch.
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref }}
cancel-in-progress: true
jobs:
android:
# This job will run on ubuntu virtual machine
runs-on: ubuntu-latest
timeout-minutes: 30
env:
KEY_JKS: ${{ secrets.ANDROID_KEY_JKS }}
KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }}
ALIAS_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }}
steps:
- uses: actions/checkout@v2
- name: Key base64 to file
id: write_file_key
uses: timheuer/base64-to-file@v1
with:
fileName: 'key.jks'
fileDir: './android/app/'
encodedString: ${{ secrets.KEY_JKS_BASE64 }}
- name: Key properties base64 to file
id: write_file_key_properties
uses: timheuer/[email protected]
with:
fileName: 'key.properties'
fileDir: './android/'
encodedString: ${{ secrets.KEY_PROPERTIES_BASE64 }}
# Setup Java environment in order to build the Android app.
- uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: 'gradle'
- name: Setup app
uses: ./.github/actions/setup-app
with:
firebaseConfig: ${{ secrets.FIREBASE_CONFIG_PROD }}
# env:
# ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true'
# env:
# KEY_JKS: ${{ secrets.ANDROID_KEY_JKS }}
# KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }}
# ALIAS_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }}
# run: echo $KEY_JKS > android/key.jks && flutter pub get && flutter build apk --release --no-shrink
# Export key into key.jks file
# - run: pwd
# - run: echo $TEST_SECRET
# - run: echo $KEY_JKS > android/key.jks
# Build apk
- run: flutter build appbundle --release -v
# Upload generated apk to the artifacts.
- uses: actions/upload-artifact@v1
with:
name: release-android
path: build/app/outputs/bundle/release/app-release.aab
- name: Upload to Play Store # Finish setting this up
uses: r0adkll/upload-google-play@v1
with:
serviceAccountJsonPlainText: ${{ secrets.ANDROID_SERVICE_ACCOUNT_JSON }}
packageName: com.nowu.app
releaseFiles: /home/runner/work/now-u-app/now-u-app/build/app/outputs/bundle/release/app-release.aab
track: beta
status: completed
# inAppUpdatePriority: 2
# userFraction: 0.33
# whatsNewDirectory: distribution/whatsnew
# mappingFile: app/build/outputs/mapping/release/mapping.txt
# TODO https://damienaicheh.github.io/flutter/github/actions/2021/04/22/build-sign-flutter-ios-github-actions-en.html
build_ios:
runs-on: macos-latest
timeout-minutes: 30
steps:
# Checks-out our repository under $GITHUB_WORKSPACE, so our job can access it
- name: Checkout repository
uses: actions/checkout@v2
# Install the Apple certificate and provisioning profile
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.APPSTORE_CERT_BASE64 }}
P12_PASSWORD: ${{ secrets.APPSTORE_CERT_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.MOBILEPROVISION_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode --output $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Create firebase GoogleService-Info.plist
env:
FIREBASE_CONFIG: ${{ secrets.FIREBASE_IOS_CONFIG_PROD }}
run: echo $FIREBASE_CONFIG > ./ios/Runner/GoogleService-Info.plist
- name: Setup app
uses: ./.github/actions/setup-app
with:
firebaseConfig: ${{ secrets.FIREBASE_CONFIG_PROD }}
# Build and sign the ipa using a single flutter command
- name: Building IPA
run: flutter build ipa --release --export-options-plist=ios/Runner/ExportOptions.plist
# Collect the file and upload as artifact
- name: collect ipa artifacts
uses: actions/upload-artifact@v2
with:
name: release-ipa
# Path to the release files
path: build/ios/ipa/*.ipa
# Important! Cleanup: remove the certificate and provisioning profile from the runner!
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision
- name: Publishing app to TestFlight
env:
APPLEID_USERNAME: ${{ secrets.APPLEID_USERNAME }}
APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }}
IPA_PATH: build/ios/ipa/now-u.ipa
run: ./.github/scripts/publish_testflight.sh