require "shellwords" default_platform(:ios) APP_IDENTIFIER = "net.buzzert.sybil2" SCHEME = "Sybil" TEAM_ID = "DQQH5H6GBD" PROFILE_NAME = "Sybil AppStore CI" SIGNING_IDENTITY_NAME = "Apple Distribution: James Magahern (DQQH5H6GBD)" SIGNING_IDENTITY_SHA1 = "6B74B268C4761720FB2051D01D8BB3E47B55D9F5" MATCH_BRANCH = "master" IOS_ROOT = File.expand_path("..", __dir__) PROJECT_FILE = File.join(IOS_ROOT, "Sybil.xcodeproj") PROJECT_SPEC = File.join(IOS_ROOT, "project.yml") def present?(value) !value.to_s.strip.empty? end def release_version tag = ENV["SYBIL_VERSION_TAG"].to_s tag = ENV["GITHUB_REF_NAME"].to_s if !present?(tag) tag = ENV["GITHUB_REF"].to_s.sub(%r{\Arefs/tags/}, "") if !present?(tag) tag = sh("git describe --tags --abbrev=0").strip if !present?(tag) version = tag.sub(%r{\Arelease/}, "").sub(/\Av/, "") unless version.match?(/\A\d+\.\d+\.\d+\z/) UI.user_error!("Release tag must look like v1.2.3; got #{tag.inspect}") end version end platform :ios do private_lane :cleanup_ci_signing_identity do next unless ENV["CI"] sh("security delete-identity -Z #{SIGNING_IDENTITY_SHA1.shellescape} || true", log: false) end private_lane :prepare_ci_keychain do next unless ENV["CI"] cleanup_ci_signing_identity ENV.delete("MATCH_KEYCHAIN_NAME") ENV.delete("MATCH_KEYCHAIN_PASSWORD") end private_lane :verify_ci_signing_identity do next unless ENV["CI"] identities = sh("security find-identity -v -p codesigning", log: false) UI.message(identities) unless identities.include?(SIGNING_IDENTITY_NAME) UI.user_error!("The runner login keychain does not contain the expected Apple Distribution signing identity") end end private_lane :app_store_api_key do app_store_connect_api_key( key_id: ENV.fetch("APP_STORE_CONNECT_KEY_ID"), issuer_id: ENV.fetch("APP_STORE_CONNECT_ISSUER_ID"), key_content: ENV.fetch("APP_STORE_CONNECT_KEY_CONTENT"), is_key_content_base64: true ) end private_lane :sync_match_signing do |options| %w[ APP_STORE_CONNECT_API_KEY APP_STORE_CONNECT_API_KEY_PATH SIGH_API_KEY SIGH_API_KEY_PATH ].each { |key| ENV.delete(key) } match_options = { type: "appstore", readonly: options.fetch(:readonly), app_identifier: APP_IDENTIFIER, team_id: TEAM_ID, profile_name: PROFILE_NAME, git_branch: MATCH_BRANCH, git_full_name: "Sybil Release Bot", git_user_email: "james.magahern@me.com", api_key: app_store_api_key } match_options[:git_url] = ENV.fetch("MATCH_GIT_URL") match_options[:keychain_name] = ENV["MATCH_KEYCHAIN_NAME"] if present?(ENV["MATCH_KEYCHAIN_NAME"]) match_options[:keychain_password] = ENV["MATCH_KEYCHAIN_PASSWORD"] if present?(ENV["MATCH_KEYCHAIN_PASSWORD"]) match(match_options) end desc "Create or update match signing assets" lane :setup_signing do prepare_ci_keychain sync_match_signing(readonly: false) end desc "Build and upload to TestFlight" lane :beta do prepare_ci_keychain api_key = app_store_api_key sh("xcodegen --spec #{PROJECT_SPEC.shellescape}") increment_version_number( version_number: release_version, xcodeproj: PROJECT_FILE ) latest_build_number = latest_testflight_build_number( app_identifier: APP_IDENTIFIER, api_key: api_key, initial_build_number: 0 ) increment_build_number( build_number: latest_build_number + 1, xcodeproj: PROJECT_FILE ) build_options = { project: PROJECT_FILE, scheme: SCHEME, export_method: "app-store", export_options: { provisioningProfiles: { APP_IDENTIFIER => PROFILE_NAME } } } if ENV["CI"] build_options[:xcargs] = [ "CODE_SIGN_IDENTITY=#{SIGNING_IDENTITY_SHA1.shellescape}" ].join(" ") end begin sync_match_signing(readonly: true) verify_ci_signing_identity build_app(build_options) ensure cleanup_ci_signing_identity end upload_to_testflight( api_key: api_key, skip_waiting_for_build_processing: true ) end end