Added id token support (#92) #183
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Deployment | |
| on: | |
| push: | |
| branches: [main, ci] | |
| workflow_dispatch: | |
| env: | |
| SAMPLE_APP_PATH: 'apps/sample-app' | |
| jobs: | |
| build-android-sample-app: | |
| name: Build Android Sample App | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 'lts/iron' | |
| - name: Enable corepack | |
| run: corepack enable | |
| - name: Install JS dependencies | |
| run: yarn install | |
| - name: Build repo | |
| run: yarn build | |
| - name: Setup JDK | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'zulu' | |
| java-version: '17' | |
| - name: Add secrets to `local.properties` | |
| run: | | |
| echo GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} >> ${{ env.SAMPLE_APP_PATH }}/android/local.properties && | |
| echo FACEBOOK_CLIENT_ID=${{ secrets.FACEBOOK_CLIENT_ID }} >> ${{ env.SAMPLE_APP_PATH }}/android/local.properties && | |
| echo FACEBOOK_CLIENT_SECRET=${{ secrets.FACEBOOK_CLIENT_SECRET }} >> ${{ env.SAMPLE_APP_PATH }}/android/local.properties && | |
| echo MICROSOFT_CLIENT_ID=${{ secrets.MICROSOFT_CLIENT_ID }} >> ${{ env.SAMPLE_APP_PATH }}/android/local.properties && | |
| echo MICROSOFT_SIGNATURE_HASH=${{ secrets.MICROSOFT_SIGNATURE_HASH }} >> ${{ env.SAMPLE_APP_PATH }}/android/local.properties && | |
| echo DROPBOX_CLIENT_ID=${{ secrets.DROPBOX_CLIENT_ID }} >> ${{ env.SAMPLE_APP_PATH }}/android/local.properties | |
| - name: Add secrets to `.env` | |
| run: | | |
| echo GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} >> apps/sample-app/.env && | |
| echo FACEBOOK_CLIENT_ID=${{ secrets.FACEBOOK_CLIENT_ID }} >> apps/sample-app/.env && | |
| echo FACEBOOK_CLIENT_SECRET=${{ secrets.FACEBOOK_CLIENT_SECRET }} >> apps/sample-app/.env && | |
| echo MICROSOFT_CLIENT_ID=${{ secrets.MICROSOFT_CLIENT_ID }} >> apps/sample-app/.env && | |
| echo DROPBOX_CLIENT_ID=${{ secrets.DROPBOX_CLIENT_ID }} >> apps/sample-app/.env && | |
| echo DROPBOX_CLIENT_SECRET=${{ secrets.DROPBOX_CLIENT_SECRET }} >> apps/sample-app/.env | |
| - name: Build release | |
| run: | | |
| cd ${{ env.SAMPLE_APP_PATH }}/android | |
| ./gradlew assembleRelease | |
| - name: Upload .apk | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: apk | |
| path: ${{ env.SAMPLE_APP_PATH }}/android/app/build/outputs/apk/release/app-release.apk | |
| build-ios-sample-app: | |
| name: Build iOS Sample App | |
| runs-on: macos-14 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 'lts/iron' | |
| - name: Enable corepack | |
| run: corepack enable | |
| - name: Install JS dependencies | |
| run: yarn install | |
| - name: install CocoaPods dependencies | |
| run: | | |
| cd ${{ env.SAMPLE_APP_PATH }}/ios | |
| pod repo update | |
| pod install | |
| - name: Build repo | |
| run: yarn build | |
| - name: Add secrets to `.env` | |
| run: | | |
| echo GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} >> apps/sample-app/.env && | |
| echo FACEBOOK_CLIENT_ID=${{ secrets.FACEBOOK_CLIENT_ID }} >> apps/sample-app/.env && | |
| echo FACEBOOK_CLIENT_SECRET=${{ secrets.FACEBOOK_CLIENT_SECRET }} >> apps/sample-app/.env && | |
| echo MICROSOFT_CLIENT_ID=${{ secrets.MICROSOFT_CLIENT_ID }} >> apps/sample-app/.env && | |
| echo DROPBOX_CLIENT_ID=${{ secrets.DROPBOX_CLIENT_ID }} >> apps/sample-app/.env && | |
| echo DROPBOX_CLIENT_SECRET=${{ secrets.DROPBOX_CLIENT_SECRET }} >> apps/sample-app/.env | |
| - name: Install the Apple certificate and provisioning profile | |
| env: | |
| BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
| P12_PASSWORD: ${{ secrets.P12_PASSWORD }} | |
| BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }} | |
| KEYCHAIN_PASSWORD: KEYCHAIN_PASSWORD | |
| run: | | |
| # create variables | |
| CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
| PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision | |
| KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
| # import certificate and provisioning profile from secrets | |
| echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH | |
| echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH | |
| # create temporary keychain | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| # import certificate to keychain | |
| security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
| security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security list-keychain -d user -s $KEYCHAIN_PATH | |
| # apply provisioning profile | |
| mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles | |
| cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
| - name: build archive | |
| run: | | |
| cd ${{ env.SAMPLE_APP_PATH }}/ios | |
| xcodebuild -workspace RNAuthSample.xcworkspace \ | |
| -scheme "RNAuthSample" \ | |
| -sdk iphoneos \ | |
| -configuration Release \ | |
| -destination generic/platform=iOS \ | |
| -archivePath $RUNNER_TEMP/RNAuthSample.xcarchive \ | |
| archive | |
| - name: export ipa | |
| env: | |
| EXPORT_OPTIONS_PLIST: ${{ secrets.EXPORT_OPTIONS_PLIST }} | |
| run: | | |
| # create variables | |
| EXPORT_OPTS_PATH=$RUNNER_TEMP/ExportOptions.plist | |
| # import profile lists from secrets | |
| echo -n "$EXPORT_OPTIONS_PLIST" | base64 --decode -o $EXPORT_OPTS_PATH | |
| # extract .ipa | |
| xcodebuild -exportArchive -archivePath $RUNNER_TEMP/RNAuthSample.xcarchive -exportOptionsPlist $EXPORT_OPTS_PATH -exportPath $RUNNER_TEMP/build | |
| - name: Upload .ipa | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ipa | |
| path: ${{ runner.temp }}/build/RNAuthSample.ipa | |
| deploy-android-and-ios-sample-app: | |
| name: Deploy Android and iOS Sample App to AppCenter | |
| needs: [build-android-sample-app, build-ios-sample-app] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Download .apk & .ipa files | |
| uses: actions/download-artifact@v4 | |
| with: | |
| merge-multiple: true | |
| - name: Upload .apk to App Center | |
| uses: wzieba/AppCenter-Github-Action@v1 | |
| with: | |
| appName: Callstack-dev/React-Native-Auth-Sample-App | |
| group: Testers | |
| token: ${{ secrets.APP_CENTER_TOKEN }} | |
| file: app-release.apk | |
| notifyTesters: true | |
| debug: true | |
| gitReleaseNotes: true | |
| - name: Upload .ipa to App Center | |
| uses: wzieba/AppCenter-Github-Action@v1 | |
| with: | |
| appName: Callstack-dev/RN-iOS-OMH-Auth-Sample | |
| group: Testers | |
| token: ${{ secrets.APP_CENTER_TOKEN }} | |
| file: RNAuthSample.ipa | |
| notifyTesters: true | |
| debug: true | |
| gitReleaseNotes: true | |
| check-version: | |
| name: Check if version changed | |
| runs-on: ubuntu-latest | |
| outputs: | |
| package_version: ${{ steps.check_version.outputs.package_version }} | |
| version_changed: ${{ steps.check_version.outputs.version_changed }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Check if version changed | |
| id: check_version | |
| run: bash ./.github/scripts/check-version.sh | |
| publish-packages: | |
| name: Publish NPM packages | |
| needs: check-version | |
| runs-on: ubuntu-latest | |
| if: needs.check-version.outputs.version_changed == 'true' | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 'lts/iron' | |
| - name: Enable corepack | |
| run: corepack enable | |
| - name: Install JS dependencies | |
| run: yarn install | |
| - name: Build repo | |
| run: yarn build | |
| - name: Setup NPM token | |
| run: echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > .npmrc | |
| env: | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| - name: Publish packages | |
| run: npx lerna publish from-package --no-changelog --yes | |
| create-release: | |
| name: Create Release and Upload Artifacts | |
| needs: [build-android-sample-app, build-ios-sample-app, check-version] | |
| runs-on: ubuntu-latest | |
| if: needs.check-version.outputs.version_changed == 'true' | |
| env: | |
| TAG_NAME: v${{ needs.check-version.outputs.package_version }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Setup git user | |
| run: | | |
| git config user.name "${{ github.actor }}" | |
| git config user.email "[email protected]" | |
| - name: Create new tag | |
| run: | | |
| git tag ${{ env.TAG_NAME }} | |
| git push origin ${{ env.TAG_NAME }} | |
| - name: Download .apk & .ipa files | |
| uses: actions/download-artifact@v4 | |
| with: | |
| merge-multiple: true | |
| - name: Rename .apk & .ipa files | |
| run: | | |
| mv app-release.apk sample-app.apk | |
| mv RNAuthSample.ipa sample-app.ipa | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| tag_name: ${{ env.TAG_NAME }} | |
| files: | | |
| sample-app.apk | |
| sample-app.ipa |