IOS review changes v1 (#8418) #185

Workflow file for this run

.github/workflows/release.yml at 744a5a3

	name: Build and Release All Platforms

	on:
	push:
	tags:
	- "v..*"
	permissions:
	contents: write
	id-token: "write"
	jobs:
	set-release-metadata:
	runs-on: ubuntu-latest
	outputs:
	build_type: ${{ steps.meta.outputs.build_type }}
	version: ${{ steps.meta.outputs.version }}
	installer_name: ${{ steps.meta.outputs.installer_name }}
	platform: ${{ steps.meta.outputs.platform }}
	steps:
	- id: meta
	run: \|
	tag=${GITHUB_REF#refs/tags/}
	base_version=$(echo "$tag" \| sed -E 's/^v([0-9]+\.[0-9]+\.[0-9]+).*$/\1/')
	echo "version=$base_version" >> $GITHUB_OUTPUT
	echo "tag_base=v${base_version}" >> $GITHUB_OUTPUT

	# Extract platform suffix (if any, after final hyphen)
	platform_suffix="${tag##*-}"

	if [[ "$tag" == "-internal" ]]; then
	echo "build_type=internal" >> $GITHUB_OUTPUT
	elif [[ "$tag" == "-beta" ]]; then
	echo "build_type=beta" >> $GITHUB_OUTPUT
	else
	echo "build_type=production" >> $GITHUB_OUTPUT
	fi

	if [[ "$tag" == "-internal" ]]; then
	echo "installer_name=lantern-installer-internal" >> $GITHUB_OUTPUT
	elif [[ "$tag" == "-beta" ]]; then
	echo "installer_name=lantern-installer-beta" >> $GITHUB_OUTPUT
	else
	echo "installer_name=lantern-installer" >> $GITHUB_OUTPUT
	fi

	case "$platform_suffix" in
	windows)
	echo "platform=windows" >> $GITHUB_OUTPUT
	;;
	macos)
	echo "platform=macos" >> $GITHUB_OUTPUT
	;;
	linux)
	echo "platform=linux" >> $GITHUB_OUTPUT
	;;
	android)
	echo "platform=android" >> $GITHUB_OUTPUT
	;;
	ios)
	echo "platform=ios" >> $GITHUB_OUTPUT
	;;
	*)
	echo "platform=all" >> $GITHUB_OUTPUT
	;;
	esac
	- name: Checkout repo
	uses: actions/checkout@v4

	- name: Update app version in pubspec.yaml
	shell: bash
	env:
	RUN_NUMBER: ${{ github.run_number }}
	VERSION: ${{ steps.meta.outputs.version }}
	run: \|
	NEW_VERSION="${VERSION}+${RUN_NUMBER}"
	echo "Updating pubspec.yaml to version: $NEW_VERSION"
	sed -i.bak -E "s/^version: .*/version: $NEW_VERSION/" pubspec.yaml
	cat pubspec.yaml
	echo "app_version=$NEW_VERSION" >> $GITHUB_OUTPUT

	- name: Upload pubspec.yaml as artifact
	uses: actions/upload-artifact@v4
	with:
	name: pubspec
	path: pubspec.yaml

	build-macos:
	needs: set-release-metadata
	uses: ./.github/workflows/build-macos.yml
	secrets: inherit
	if: ${{ needs.set-release-metadata.outputs.platform == 'all' \|\| needs.set-release-metadata.outputs.platform == 'macos' }}
	with:
	version: ${{ needs.set-release-metadata.outputs.version }}
	build_type: ${{ needs.set-release-metadata.outputs.build_type }}
	installer_name: ${{ needs.set-release-metadata.outputs.installer_name }}

	# build-windows:
	# needs: set-release-metadata
	# uses: ./.github/workflows/build-windows.yml
	# secrets: inherit
	# if: ${{ needs.set-release-metadata.outputs.platform == 'all' \|\| needs.set-release-metadata.outputs.platform == 'windows' }}
	# with:
	# version: ${{ needs.set-release-metadata.outputs.version }}
	# build_type: ${{ needs.set-release-metadata.outputs.build_type }}
	# installer_name: ${{ needs.set-release-metadata.outputs.installer_name }}

	build-linux:
	needs: set-release-metadata
	uses: ./.github/workflows/build-linux.yml
	secrets: inherit
	if: ${{ needs.set-release-metadata.outputs.platform == 'all' \|\| needs.set-release-metadata.outputs.platform == 'linux' }}
	with:
	version: ${{ needs.set-release-metadata.outputs.version }}
	build_type: ${{ needs.set-release-metadata.outputs.build_type }}
	installer_name: ${{ needs.set-release-metadata.outputs.installer_name }}

	build-ios:
	needs: set-release-metadata
	uses: ./.github/workflows/build-ios.yml
	secrets: inherit
	if: ${{ needs.set-release-metadata.outputs.platform == 'all' \|\| needs.set-release-metadata.outputs.platform == 'ios' }}
	with:
	version: ${{ needs.set-release-metadata.outputs.version }}
	build_type: ${{ needs.set-release-metadata.outputs.build_type }}
	installer_name: ${{ needs.set-release-metadata.outputs.installer_name }}

	build-android:
	needs: set-release-metadata
	uses: ./.github/workflows/build-android.yml
	secrets: inherit
	if: ${{ needs.set-release-metadata.outputs.platform == 'all' \|\| needs.set-release-metadata.outputs.platform == 'android' }}
	with:
	version: ${{ needs.set-release-metadata.outputs.version }}
	build_type: ${{ needs.set-release-metadata.outputs.build_type }}
	installer_name: ${{ needs.set-release-metadata.outputs.installer_name }}

	upload-google-play:
	needs: [set-release-metadata, build-android]
	if:
	${{ (needs.set-release-metadata.outputs.platform == 'all' \|\| needs.set-release-metadata.outputs.platform == 'android')
	&& (needs.set-release-metadata.outputs.build_type == 'beta' \|\| needs.set-release-metadata.outputs.build_type == 'production') }}
	runs-on: ubuntu-latest
	steps:
	- name: Download AAB artifact
	uses: actions/download-artifact@v4
	with:
	name: lantern-installer-aab
	path: aab

	- name: Download mapping.txt
	uses: actions/download-artifact@v4
	with:
	name: play-mapping
	path: play

	- name: Download native debug symbols
	uses: actions/download-artifact@v4
	with:
	name: play-debug-symbols
	path: play

	- name: Pick Play track
	id: track
	run: \|
	if [ "${{ needs.set-release-metadata.outputs.build_type }}" = "beta" ]; then
	echo "track=beta" >> "$GITHUB_OUTPUT"
	else
	echo "track=production" >> "$GITHUB_OUTPUT"
	fi

	- name: Upload to Google Play
	uses: r0adkll/upload-google-play@v1
	with:
	serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
	packageName: org.getlantern.lantern
	releaseFiles: aab/*.aab
	track: ${{ steps.track.outputs.track }}
	status: completed
	mappingFile: play/mapping.txt
	debugSymbols: play/debug-symbols.zip

	publish:
	needs:
	[
	set-release-metadata,
	build-macos,
	build-linux,
	build-android,
	build-ios,
	]
	if: ${{ needs.set-release-metadata.outputs.platform == 'all' \|\| needs.set-release-metadata.outputs.platform == 'ios' }}
	runs-on: ubuntu-latest
	env:
	BUILD_TYPE: ${{ needs.set-release-metadata.outputs.build_type }}
	INSTALLER_NAME: ${{ needs.set-release-metadata.outputs.installer_name }}
	BUCKET: ${{ vars.S3_RELEASES_BUCKET }}
	RELEASE_TAG: ${{ github.ref_name }}
	S3_TAG: ${{ needs.set-release-metadata.outputs.tag_base }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Install Flutter
	uses: subosito/flutter-action@v2.19.0
	with:
	channel: stable
	flutter-version-file: pubspec.yaml

	- name: Download build artifacts
	uses: actions/download-artifact@v4

	- name: Upload to S3 (tag + latest)
	shell: bash
	run: \|
	set -euxo pipefail

	prefix="releases/${BUILD_TYPE}"
	tag="${S3_TAG}"
	platform="${{ needs.set-release-metadata.outputs.platform }}"

	upload_if_exists () {
	local src="$1"
	local dst="$2"
	if [[ -f "$src" ]]; then
	aws s3 cp "$src" "$dst" --acl public-read
	return 0
	fi
	return 1
	}

	IPA="lantern-installer-ipa/${INSTALLER_NAME}.ipa"
	if [[ "$platform" == "ios" ]]; then
	if ! upload_if_exists "$IPA" "s3://${BUCKET}/${prefix}/${tag}/${INSTALLER_NAME}.ipa"; then
	echo "ERROR: Missing IPA: $IPA"
	ls -la lantern-installer-ipa \|\| true
	exit 1
	fi
	aws s3 cp "$IPA" "s3://${BUCKET}/${prefix}/latest/${INSTALLER_NAME}.ipa" --acl public-read
	else
	upload_if_exists "$IPA" "s3://${BUCKET}/${prefix}/${tag}/${INSTALLER_NAME}.ipa" \|\| true
	upload_if_exists "$IPA" "s3://${BUCKET}/${prefix}/latest/${INSTALLER_NAME}.ipa" \|\| true
	fi

	upload_if_exists "lantern-installer-dmg/${INSTALLER_NAME}.dmg" "s3://${BUCKET}/${prefix}/${tag}/${INSTALLER_NAME}.dmg" \|\| true
	upload_if_exists "lantern-installer-apk/${INSTALLER_NAME}.apk" "s3://${BUCKET}/${prefix}/${tag}/${INSTALLER_NAME}.apk" \|\| true
	upload_if_exists "lantern-installer-deb/${INSTALLER_NAME}.deb" "s3://${BUCKET}/${prefix}/${tag}/${INSTALLER_NAME}.deb" \|\| true
	upload_if_exists "lantern-installer-rpm/${INSTALLER_NAME}.rpm" "s3://${BUCKET}/${prefix}/${tag}/${INSTALLER_NAME}.rpm" \|\| true

	# Latest aliases
	upload_if_exists "lantern-installer-dmg/${INSTALLER_NAME}.dmg" "s3://${BUCKET}/${prefix}/latest/${INSTALLER_NAME}.dmg" \|\| true
	upload_if_exists "lantern-installer-apk/${INSTALLER_NAME}.apk" "s3://${BUCKET}/${prefix}/latest/${INSTALLER_NAME}.apk" \|\| true
	upload_if_exists "lantern-installer-deb/${INSTALLER_NAME}.deb" "s3://${BUCKET}/${prefix}/latest/${INSTALLER_NAME}.deb" \|\| true
	upload_if_exists "lantern-installer-rpm/${INSTALLER_NAME}.rpm" "s3://${BUCKET}/${prefix}/latest/${INSTALLER_NAME}.rpm" \|\| true
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

	- name: Write links to job summary
	shell: bash
	run: \|
	set -euxo pipefail

	prefix="releases/${BUILD_TYPE}"
	tag="${RELEASE_TAG}"

	{
	echo "## Release links (${BUILD_TYPE})"
	echo ""
	echo "- macOS: https://${BUCKET}.s3.amazonaws.com/${prefix}/${tag}/${INSTALLER_NAME}.dmg"
	echo "- Android: https://${BUCKET}.s3.amazonaws.com/${prefix}/${tag}/${INSTALLER_NAME}.apk"
	echo "- Linux (.deb): https://${BUCKET}.s3.amazonaws.com/${prefix}/${tag}/${INSTALLER_NAME}.deb"
	echo "- Linux (.rpm): https://${BUCKET}.s3.amazonaws.com/${prefix}/${tag}/${INSTALLER_NAME}.rpm"
	echo "- iOS (.ipa): https://${BUCKET}.s3.amazonaws.com/${prefix}/${tag}/${INSTALLER_NAME}.ipa"
	echo ""
	echo "Latest aliases"
	echo "- macOS: https://${BUCKET}.s3.amazonaws.com/${prefix}/latest/${INSTALLER_NAME}.dmg"
	echo "- Android: https://${BUCKET}.s3.amazonaws.com/${prefix}/latest/${INSTALLER_NAME}.apk"
	echo "- Linux (.deb): https://${BUCKET}.s3.amazonaws.com/${prefix}/latest/${INSTALLER_NAME}.deb"
	echo "- iOS (.ipa): https://${BUCKET}.s3.amazonaws.com/${prefix}/latest/${INSTALLER_NAME}.ipa"
	} >> "$GITHUB_STEP_SUMMARY"

	- name: Create GitHub Release
	if: ${{ needs.set-release-metadata.outputs.platform == 'all' }}
	uses: softprops/action-gh-release@v2
	with:
	token: ${{ github.token }}
	tag_name: ${{ github.ref_name }}
	name: "Lantern ${{ env.BUILD_TYPE }} ${{ github.ref_name }}"
	prerelease: true
	generate_release_notes: false
	files: \|
	lantern-installer-dmg/${{ env.INSTALLER_NAME }}.dmg
	lantern-installer-apk/${{ env.INSTALLER_NAME }}.apk
	lantern-installer-deb/${{ env.INSTALLER_NAME }}.deb
	lantern-installer-rpm/${{ env.INSTALLER_NAME }}.rpm
	lantern-installer-ipa/${{ env.INSTALLER_NAME }}.ipa

	- name: Install Python dependencies
	if: ${{ needs.set-release-metadata.outputs.build_type != 'internal' }}
	run: python3 -m pip install -r scripts/requirements.txt

	- name: Update appcast.xml
	if: ${{ needs.set-release-metadata.outputs.build_type != 'internal' }}
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	GITHUB_TOKEN: ${{ secrets.CI_PRIVATE_REPOS_GH_TOKEN }}
	run: \|
	python3 scripts/generate_appcast.py
	git config user.name github-actions
	git config user.email github-actions@github.com
	git add appcast.xml
	git commit -m "Update appcast.xml" \|\| echo "No changes to commit"
	git push
	bucket="${{ vars.S3_RELEASES_BUCKET }}"

	aws s3 cp appcast.xml "s3://${bucket}/releases/${{ env.BUILD_TYPE }}/latest/appcast.xml" --acl public-read

	if [[ "${{ env.BUILD_TYPE }}" == "production" ]]; then
	aws s3 cp appcast.xml "s3://${bucket}/releases/appcast.xml" --acl public-read
	fi

	- name: Build Slack message
	id: slack_msg
	run: \|
	prefix="releases/${BUILD_TYPE}"
	tag="${RELEASE_TAG}"
	s3_tag="${S3_TAG:-$tag}"
	text="Lantern ${BUILD_TYPE} <https://github.com/getlantern/lantern/releases/tag/$tag\|$tag}}> is released!\nBranch: '${{ github.ref_name }}'\nDownloads:"
	text="${text}\n• <https://${BUCKET}.s3.amazonaws.com/${prefix}/${s3_tag}/${INSTALLER_NAME}.dmg\|macOS>"
	text="${text}\n• <https://${BUCKET}.s3.amazonaws.com/${prefix}/${s3_tag}/${INSTALLER_NAME}.apk\|Android>"
	text="${text}\n• <https://${BUCKET}.s3.amazonaws.com/${prefix}/${s3_tag}/${INSTALLER_NAME}.deb\|Linux (.deb)>"
	text="${text}\n• <https://${BUCKET}.s3.amazonaws.com/${prefix}/${s3_tag}/${INSTALLER_NAME}.rpm\|Linux (.rpm)>"

	# Expose as output
	echo "text<<EOF" >> "$GITHUB_OUTPUT"
	echo "$text" >> "$GITHUB_OUTPUT"
	echo "EOF" >> "$GITHUB_OUTPUT"

	- name: Notify Slack
	uses: slackapi/slack-github-action@v2.0.0
	with:
	webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
	webhook-type: webhook-trigger
	payload: \|
	{
	"text": "${{ steps.slack_msg.outputs.text }}"
	}
	env:
	INSTALLER_NAME: ${{ needs.set-release-metadata.outputs.installer_name }}

	upload-testflight:
	needs: [build-ios, set-release-metadata]
	if:
	${{ (needs.set-release-metadata.outputs.platform == 'all' \|\| needs.set-release-metadata.outputs.platform == 'ios')
	&& (needs.set-release-metadata.outputs.build_type == 'beta' \|\| needs.set-release-metadata.outputs.build_type == 'production') }}
	runs-on: macos-15
	steps:
	- name: Download iOS Artifact
	uses: actions/download-artifact@v4
	with:
	name: lantern-installer-ipa
	path: .

	- name: Upload to TestFlight
	uses: apple-actions/upload-testflight-build@v3.0.0
	with:
	app-path: ${{ needs.set-release-metadata.outputs.installer_name }}.ipa
	issuer-id: ${{ secrets.APPSTORE_ISSUER_ID }}
	api-key-id: ${{ secrets.APPSTORE_API_KEY_ID }}
	api-private-key: ${{ secrets.APPSTORE_API_PRIVATE_KEY }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

IOS review changes v1 (#8418) #185

Workflow file

IOS review changes v1 (#8418) #185

Uh oh!

Workflow file for this run