Skip to content

Commit

Permalink
Introduce fastlane and github workflow for bte ios (#883)
Browse files Browse the repository at this point in the history 
Why:
We would like to be able to use fastlane and match for signing and
pushing ipas for both the gps and bte targets of the app. We would also
like to have CD setup via github workflows for the BTE version of the
app.

This commit:
Introduces workflows for building and deploying the BTE version of the
app equivalent to the the existing workflows for the GPS app.

We set the triggering branch for publishing to be `bte-release`. A
lot of noise and potentially unnecessary builds are made if a new build
is cut with every commit to the develop branch. By having the release
action happen for new commits to bte-release we can better control what
builds get sent to the app and play store. We simply need to fastfoward
the `bte-release` branch to the correct commit on develop, (or ideally
master) I would consider doing a similar strategy for the gps build.

We also update the fastfile for distributing the ios targets. We added a
new set of lanes for bte_production and bte_staging.

Future work could include consolidating these lanes to build both or
either target depending on a passed parameter, though it is not clear
that this level of dryness would be worth the effort.

Co-Authored-By: efalkner <[email protected]>

Co-authored-by: efalkner <[email protected]>
  • Loading branch information
@johnschoeman @efalkner
johnschoeman and efalkner authored May 21, 2020
1 parent 93cca7d commit 90c3893
Show file tree
Hide file tree
Showing 11 changed files with 291 additions and 42 deletions.
113 changes: 113 additions & 0 deletions .github/workflows/publish-release-bte.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
name: Publish Release Candidates BTE

on:
push:
branches:
- bte-release
paths-ignore:
- 'package.json'
- 'CHANGELOG.md'

jobs:
version_bump:
name: "Bump version"
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.ref }}

- name: Bump version and push tag
uses: TriPSs/conventional-changelog-action@v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
git-message: 'chore(release): {version}'
preset: 'angular'
tag-prefix: ''
output-file: 'CHANGELOG.md'

deploy_ios:
runs-on: macOS-latest
needs: version_bump
steps:
- uses: actions/checkout@master

- name: Set XCode Version
run: sudo xcode-select -s /Applications/Xcode_11.app

- name: Cache node_modules/
uses: actions/cache@v1
id: node_cache
with:
path: node_modules
key: ${{ runner.OS }}-yarn-cache-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.OS }}-yarn-cache-
- name: Install Node Dependencies
if: steps.node_cache.outputs.cache-hit != 'true'
run: yarn --frozen-lockfile

- name: Install bundler for ruby package management
run: gem install bundler -v "$(grep -A 1 "BUNDLED WITH" ./Gemfile.lock | tail -n 1)"
working-directory: ./ios

- name: Cache ruby gems
uses: actions/cache@v1
id: ruby_cache
with:
path: ios/vendor/bundle
key: ${{ runner.os }}-gems-${{ hashFiles('**/ios/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-gems-
- name: Install Ruby Dependencies
if: steps.ruby_cache.outputs.cache-hit != 'true'
run: |
bundle config path vendor/bundle
bundle install --jobs 4 --retry 3
working-directory: ./ios

- name: Install Cocoapods
run: bundle exec pod install --repo-update
working-directory: ./ios

- name: Setup SSH Keys and known_hosts
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
run: |
mkdir -p ~/.ssh
ssh-keyscan github.com >> ~/.ssh/known_hosts
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add - <<< "${{ secrets.MATCH_SSH_CERT }}"
- name: Build ios Release artifact
uses: maierj/[email protected]
# The names of the keys for secrets are specific and meaningful to Match.
# Match password is responsible for decrypting the secrets from the cert repo
# Fastlane password is responsible for interacting with the App Store to validate certificates and profiles.
env:
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
FASTLANE_PASSWORD: ${{ secrets.FASTLANE_PASSWORD }}
MATCH_GIT_BASIC_AUTH: ${{ secrets.MATCH_GIT_BASIC_AUTH }}
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
with:
lane: 'release_bte'
subdirectory: 'ios'
bundle-install-path: 'vendor/bundle'

- name: Deploy to testflight
uses: maierj/[email protected]
# The names of the keys for secrets are specific and meaningful to Match.
# Match password is responsible for decrypting the secrets from the cert repo
# Fastlane password is responsible for interacting with the App Store to validate certificates and profiles.
env:
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
FASTLANE_PASSWORD: ${{ secrets.FASTLANE_PASSWORD }}
MATCH_GIT_BASIC_AUTH: ${{ secrets.MATCH_GIT_BASIC_AUTH }}
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
with:
lane: 'deploy'
subdirectory: 'ios'
bundle-install-path: 'vendor/bundle'
8 changes: 3 additions & 5 deletions .github/workflows/publish-release.yml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@
name: Publish Release Candidates
name: Publish Release Candidates GPS

on:
push:
branches:
- develop
- release-candidate
- master
- gps-release
paths-ignore:
- 'package.json'
- 'CHANGELOG.md'
Expand Down Expand Up @@ -199,4 +197,4 @@ jobs:
with:
lane: 'deploy'
subdirectory: 'ios'
bundle-install-path: 'vendor/bundle'
bundle-install-path: 'vendor/bundle'
4 changes: 1 addition & 3 deletions .github/workflows/staging-android.yml
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,14 @@
name: Staging Android
name: Staging Android GPS

on:
push:
branches:
- develop
- master
- release-candidate
pull_request:
branches:
- develop
- master
- release-candidate

jobs:
build_staging_android:
Expand Down
82 changes: 82 additions & 0 deletions .github/workflows/staging-ios-bte.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
name: Staging iOS BTE

# Deliberately turned off the pull request logic here
# because GitHub Actions explicitly turns off secrets for pull requests coming from a forked repo
on:
push:
branches:
- develop
- master

jobs:
build_staging_ios:
runs-on: macOS-latest
steps:
- uses: actions/checkout@master

- name: Set XCode Version
run: sudo xcode-select -s /Applications/Xcode_11.app

- name: Cache node_modules/
uses: actions/cache@v1
id: node_cache
with:
path: node_modules
key: ${{ runner.OS }}-yarn-cache-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.OS }}-yarn-cache-
- name: Install Node Dependencies
if: steps.node_cache.outputs.cache-hit != 'true'
run: yarn --frozen-lockfile

- name: Install bundler for ruby package management
run: gem install bundler -v "$(grep -A 1 "BUNDLED WITH" ./Gemfile.lock | tail -n 1)"
working-directory: ./ios

- name: Cache ruby gems
uses: actions/cache@v1
id: ruby_cache
with:
path: ios/vendor/bundle
key: ${{ runner.os }}-gems-${{ hashFiles('**/ios/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-gems-
- name: Install Ruby Dependencies
if: steps.ruby_cache.outputs.cache-hit != 'true'
run: |
bundle config path vendor/bundle
bundle install --jobs 4 --retry 3
working-directory: ./ios

- name: Install Cocoapods
run: bundle exec pod install --repo-update
working-directory: ./ios

- name: Setup SSH Keys and known_hosts
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
run: |
mkdir -p ~/.ssh
ssh-keyscan github.com >> ~/.ssh/known_hosts
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add - <<< "${{ secrets.MATCH_SSH_CERT }}"
- name: Build BTE iOS Production artifact for devices
uses: maierj/[email protected]
env:
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
FASTLANE_PASSWORD: ${{ secrets.FASTLANE_PASSWORD }}
MATCH_GIT_BASIC_AUTH: ${{ secrets.MATCH_GIT_BASIC_AUTH }}
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
with:
lane: 'staging_bte'
subdirectory: 'ios'
bundle-install-path: 'vendor/bundle'

- name: Upload Artifact
uses: actions/upload-artifact@v1
with:
name: Debug IPA file (work in progress)
path: ios/COVIDSafePaths-bte.ipa
5 changes: 2 additions & 3 deletions .github/workflows/staging-ios.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Staging iOS
name: Staging iOS GPS

# Deliberately turned off the pull request logic here
# because GitHub Actions explicitly turns off secrets for pull requests coming from a forked repo
Expand All @@ -7,7 +7,6 @@ on:
branches:
- develop
- master
- release-candidate

jobs:
build_staging_ios:
Expand Down Expand Up @@ -63,7 +62,7 @@ jobs:
ssh-keyscan github.com >> ~/.ssh/known_hosts
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add - <<< "${{ secrets.MATCH_SSH_CERT }}"
- name: Build iOS Staging artifact for devices
uses: maierj/[email protected]
env:
Expand Down
6 changes: 4 additions & 2 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,15 @@ on:
push:
branches:
- develop
- release-candidate
- master
- bte-release
- gps-release
pull_request:
branches:
- develop
- release-candidate
- master
- bte-release
- gps-release

jobs:
unit-test:
Expand Down
13 changes: 11 additions & 2 deletions ios/fastlane/Appfile
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,17 @@
app_identifier("org.pathcheck.covid-safepaths") # The bundle identifier of your app
apple_id("[email protected]") # Your Apple email address

itc_team_id("121372784") # App Store Connect Team ID
team_id("79Z8HUPGC3") # Developer Portal Team ID

for_platform :ios do
for_lane :release_bte do
app_identifier "org.pathcheck.bt"
end

for_lane :release do
app_identifier "org.pathcheck.covid-safepaths"
end
end

# For more information about the Appfile, see:
# https://docs.fastlane.tools/advanced/#appfile
# https://docs.fastlane.tools/advanced/#appfile
Loading

0 comments on commit 90c3893

Please sign in to comment.