Release Mobile App #156
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release Mobile App | |
on: | |
workflow_call: | |
inputs: | |
build-target: | |
description: 'Build Target' | |
type: string | |
required: true | |
build-type: | |
description: 'Build Type' | |
type: string | |
required: true | |
workflow_dispatch: | |
inputs: | |
build-target: | |
description: 'Build Target' | |
type: choice | |
required: true | |
default: distribution | |
options: | |
- development | |
- distribution | |
build-type: | |
description: 'Build Type' | |
type: choice | |
required: true | |
default: canary | |
options: | |
- canary | |
- beta | |
- stable | |
env: | |
BUILD_TYPE: ${{ inputs.build-type || github.event.inputs.build-type }} | |
BUILD_TARGET: ${{ inputs.build-target || github.event.inputs.build-target }} | |
DEBUG: napi:* | |
KEYCHAIN_NAME: ${{ github.workspace }}/signing_temp | |
jobs: | |
output-env: | |
runs-on: ubuntu-latest | |
outputs: | |
ENVIRONMENT: ${{ steps.env.outputs.ENVIRONMENT }} | |
steps: | |
- name: Output Environment | |
id: env | |
run: | | |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then | |
echo "ENVIRONMENT=${{ github.event.inputs.build-type }}" >> $GITHUB_OUTPUT | |
else | |
echo "ENVIRONMENT=" >> $GITHUB_OUTPUT | |
fi | |
build-ios-web: | |
needs: | |
- output-env | |
runs-on: ubuntu-latest | |
environment: ${{ needs.output-env.outputs.ENVIRONMENT }} | |
outputs: | |
RELEASE_VERSION: ${{ steps.version.outputs.APP_VERSION }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Version | |
id: version | |
uses: ./.github/actions/setup-version | |
- name: Setup Node.js | |
uses: ./.github/actions/setup-node | |
- name: Setup @sentry/cli | |
uses: ./.github/actions/setup-sentry | |
- name: Build Mobile | |
run: yarn nx build @affine/ios --skip-nx-cache | |
env: | |
PUBLIC_PATH: '/' | |
MIXPANEL_TOKEN: ${{ secrets.MIXPANEL_TOKEN }} | |
SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
SENTRY_PROJECT: 'affine' | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
SENTRY_DSN: ${{ secrets.SENTRY_DSN }} | |
SENTRY_RELEASE: ${{ steps.version.outputs.APP_VERSION }} | |
RELEASE_VERSION: ${{ steps.version.outputs.APP_VERSION }} | |
SKIP_NX_CACHE: 'true' | |
- name: Upload ios artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ios | |
path: packages/frontend/apps/ios/dist | |
build-android-web: | |
runs-on: ubuntu-latest | |
needs: | |
- output-env | |
environment: ${{ needs.output-env.outputs.ENVIRONMENT }} | |
outputs: | |
RELEASE_VERSION: ${{ steps.version.outputs.APP_VERSION }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Version | |
id: version | |
uses: ./.github/actions/setup-version | |
- name: Setup Node.js | |
uses: ./.github/actions/setup-node | |
- name: Setup @sentry/cli | |
uses: ./.github/actions/setup-sentry | |
- name: Build Mobile | |
run: yarn nx build @affine/android --skip-nx-cache | |
env: | |
PUBLIC_PATH: '/' | |
MIXPANEL_TOKEN: ${{ secrets.MIXPANEL_TOKEN }} | |
SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
SENTRY_PROJECT: 'affine' | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
SENTRY_DSN: ${{ secrets.SENTRY_DSN }} | |
SENTRY_RELEASE: ${{ steps.version.outputs.APP_VERSION }} | |
RELEASE_VERSION: ${{ steps.version.outputs.APP_VERSION }} | |
SKIP_NX_CACHE: 'true' | |
- name: Upload android artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: android | |
path: packages/frontend/apps/android/dist | |
ios: | |
runs-on: macos-latest | |
needs: | |
- build-ios-web | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Download mobile artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: ios | |
path: packages/frontend/apps/ios/dist | |
- name: Setup Node.js | |
uses: ./.github/actions/setup-node | |
timeout-minutes: 10 | |
with: | |
extra-flags: workspaces focus @affine/ios | |
playwright-install: false | |
electron-install: false | |
hard-link-nm: false | |
enableScripts: false | |
- name: Cap sync | |
run: yarn workspace @affine/ios cap sync | |
- name: Signing By Apple Developer ID | |
uses: apple-actions/import-codesign-certs@v3 | |
id: import-codesign-certs | |
with: | |
p12-file-base64: ${{ secrets.CERTIFICATES_P12_MOBILE }} | |
p12-password: ${{ secrets.CERTIFICATES_P12_PASSWORD_MOBILE }} | |
- uses: maxim-lobanov/setup-xcode@v1 | |
with: | |
xcode-version: latest-stable | |
- name: Setup Rust | |
uses: ./.github/actions/setup-rust | |
with: | |
targets: 'aarch64-apple-ios' | |
- name: Testflight | |
if: ${{ env.BUILD_TYPE != 'stable' }} | |
working-directory: packages/frontend/apps/ios/App | |
run: | | |
echo -n "${{ env.BUILD_PROVISION_PROFILE }}" | base64 --decode -o $PP_PATH | |
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles | |
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles | |
fastlane beta | |
env: | |
BUILD_PROVISION_PROFILE: ${{ secrets.BUILD_PROVISION_PROFILE }} | |
PP_PATH: ${{ runner.temp }}/build_pp.mobileprovision | |
APPLE_STORE_CONNECT_API_KEY_ID: ${{ secrets.APPLE_STORE_CONNECT_API_KEY_ID }} | |
APPLE_STORE_CONNECT_API_ISSUER_ID: ${{ secrets.APPLE_STORE_CONNECT_API_ISSUER_ID }} | |
APPLE_STORE_CONNECT_API_KEY: ${{ secrets.APPLE_STORE_CONNECT_API_KEY }} | |
android: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: 'write' | |
needs: | |
- build-android-web | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Download mobile artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: android | |
path: packages/frontend/apps/android/dist | |
- name: Setup Node.js | |
uses: ./.github/actions/setup-node | |
timeout-minutes: 10 | |
with: | |
extra-flags: workspaces focus @affine/android @affine/playstore-auto-bump | |
playwright-install: false | |
electron-install: false | |
hard-link-nm: false | |
enableScripts: false | |
- name: Setup Rust | |
uses: ./.github/actions/setup-rust | |
with: | |
targets: 'aarch64-linux-android' | |
- name: Cap sync | |
run: yarn workspace @affine/android cap sync | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.12' | |
- name: Auth gcloud | |
id: auth | |
uses: google-github-actions/auth@v2 | |
if: ${{ env.BUILD_TARGET == 'distribution' }} | |
with: | |
workload_identity_provider: 'projects/${{ secrets.GCP_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/github-actions/providers/github-actions-helm-deploy' | |
service_account: '${{ secrets.GCP_HELM_DEPLOY_SERVICE_ACCOUNT }}' | |
token_format: 'access_token' | |
project_id: '${{ secrets.GCP_PROJECT_ID }}' | |
access_token_scopes: 'https://www.googleapis.com/auth/androidpublisher' | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: '17' | |
cache: 'gradle' | |
- name: Auto increment version code | |
id: bump | |
if: ${{ env.BUILD_TARGET == 'distribution' }} | |
run: yarn workspace @affine/playstore-auto-bump bump | |
env: | |
GOOGLE_APPLICATION_CREDENTIALS: ${{ steps.auth.outputs.credentials_file_path }} | |
- name: Build | |
run: | | |
echo -n "${{ env.AFFINE_ANDROID_SIGN_KEYSTORE }}" | base64 --decode > packages/frontend/apps/android/affine.keystore | |
yarn workspace @affine/android cap build android | |
env: | |
AFFINE_ANDROID_KEYSTORE_PASSWORD: ${{ secrets.AFFINE_ANDROID_KEYSTORE_PASSWORD }} | |
AFFINE_ANDROID_KEYSTORE_ALIAS_PASSWORD: ${{ secrets.AFFINE_ANDROID_KEYSTORE_ALIAS_PASSWORD }} | |
AFFINE_ANDROID_SIGN_KEYSTORE: ${{ secrets.AFFINE_ANDROID_SIGN_KEYSTORE }} | |
- name: Upload to Google Play | |
uses: r0adkll/upload-google-play@v1 | |
if: ${{ env.BUILD_TARGET == 'distribution' }} | |
with: | |
serviceAccountJson: ${{ steps.auth.outputs.credentials_file_path }} | |
packageName: app.affine.pro | |
releaseFiles: packages/frontend/apps/android/App/app/build/outputs/bundle/release/app-release-signed.aab | |
track: internal | |
status: draft | |
existingEditId: ${{ steps.bump.outputs.EDIT_ID }} |