Mirrored_Repos/yattee
1
0
Fork 0
mirror of https://github.com/yattee/yattee.git synced 2026-05-02 05:27:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c978ec6b8982649addc8d7d0c49071ba9dad5119
yattee/fastlane/Fastfile
Arkadiusz Fal c978ec6b89 Work around invalid curve name on CI runners 
The hosted macOS runner's OpenSSL rejects Apple's PKCS#8 .p8 key via
OpenSSL::PKey::EC.new with "invalid curve name". Shell out to system
openssl to convert the key to SEC1/traditional PEM before handing it
to fastlane's app_store_connect_api_key action.

Ref: fastlane/fastlane#20593
2026-04-18 19:03:27 +02:00

295 lines
8.3 KiB
Ruby
Raw Blame History

# This file contains the fastlane.tools configuration
# You can find the documentation at https://docs.fastlane.tools
#
# For a list of all available actions, check out
#
# https://docs.fastlane.tools/actions
#
# For a list of all available plugins, check out
#
# https://docs.fastlane.tools/plugins/available-plugins
#
# Uncomment the line if you want fastlane to automatically update itself
# update_fastlane
require 'tempfile'
APP_NAME = ENV['APP_NAME']
DEVELOPER_KEY_ID = ENV['DEVELOPER_KEY_ID']
DEVELOPER_KEY_ISSUER_ID = ENV['DEVELOPER_KEY_ISSUER_ID']
TEAM_ID = ENV['TEAM_ID']
TEMP_KEYCHAIN_USER = ENV['TEMP_KEYCHAIN_USER']
TEMP_KEYCHAIN_PASSWORD = ENV['TEMP_KEYCHAIN_PASSWORD']
DEVELOPER_APP_IDENTIFIER = ENV['DEVELOPER_APP_IDENTIFIER']
GIT_AUTHORIZATION = ENV['GIT_AUTHORIZATION']
TESTFLIGHT_EXTERNAL_GROUPS = ENV['TESTFLIGHT_EXTERNAL_GROUPS']
# Ruby's OpenSSL bindings (via OpenSSL::PKey::EC.new in spaceship) raise
# "invalid curve name" on the hosted macOS runners when given Apple's PKCS#8
# .p8 key directly. Shelling out to the system openssl to emit SEC1/traditional
# PEM sidesteps the issue. See fastlane/fastlane#20593.
def developer_key_content
return @developer_key_content if defined?(@developer_key_content)
content = ENV['DEVELOPER_KEY_CONTENT']
return @developer_key_content = nil if content.nil? || content.empty?
@developer_key_content = Tempfile.open(['AuthKey', '.p8']) do |f|
f.write(content)
f.flush
converted = `openssl pkey -in #{f.path} -traditional 2>&1`
raise "Failed to convert P8 key: #{converted}" unless $?.success?
converted
end
end
XCODEPROJ = "#{APP_NAME}.xcodeproj"
def delete_temp_keychain(name)
delete_keychain(
name: name
) if File.exist? File.expand_path("~/Library/Keychains/#{name}-db")
end
def create_temp_keychain(name, password)
create_keychain(
name: name,
password: password,
unlock: false,
timeout: 0
)
end
def ensure_temp_keychain(name, password)
delete_temp_keychain(name)
create_temp_keychain(name, password)
end
add_extra_platforms(platforms: [:tvos])
before_all do
update_fastlane
end
desc "Bump build number and commit"
lane :bump_build do
increment_build_number(xcodeproj: XCODEPROJ)
commit_version_bump(
message: "Bump build number to #{get_build_number(xcodeproj: XCODEPROJ)}",
xcodeproj: XCODEPROJ
)
end
desc "Bump version number and commit"
lane :bump_version do
increment_version_number
commit_version_bump(
message: "Bump version number to #{get_version_number}",
xcodeproj: XCODEPROJ
)
end
platform :ios do
desc "Push a new beta build to TestFlight"
lane :beta do
ensure_temp_keychain(TEMP_KEYCHAIN_USER, TEMP_KEYCHAIN_PASSWORD)
api_key = app_store_connect_api_key(
key_id: DEVELOPER_KEY_ID,
issuer_id: DEVELOPER_KEY_ISSUER_ID,
key_content: developer_key_content
)
build = get_build_number(xcodeproj: XCODEPROJ)
version = get_version_number(
xcodeproj: XCODEPROJ,
target: "#{APP_NAME} (iOS)"
)
match(
type: 'appstore',
platform: 'ios',
app_identifier: ["#{DEVELOPER_APP_IDENTIFIER}", "#{DEVELOPER_APP_IDENTIFIER}.Open-in-#{APP_NAME}"],
git_basic_authorization: Base64.strict_encode64(GIT_AUTHORIZATION),
readonly: true,
keychain_name: TEMP_KEYCHAIN_USER,
keychain_password: TEMP_KEYCHAIN_PASSWORD,
api_key: api_key
)
build_app(
scheme: "#{APP_NAME} (iOS)",
output_directory: "fastlane/builds/#{version}-#{build}/iOS",
output_name: "#{APP_NAME}-#{version}-iOS.ipa",
export_options: {
provisioningProfiles: {
"#{DEVELOPER_APP_IDENTIFIER}" => "match AppStore #{DEVELOPER_APP_IDENTIFIER}",
"#{DEVELOPER_APP_IDENTIFIER}.Open-in-#{APP_NAME}" => "match AppStore #{DEVELOPER_APP_IDENTIFIER}.Open-in-#{APP_NAME}"
}
}
)
changelog = File.read('../CHANGELOG.md')
upload_to_testflight(
api_key: api_key,
ipa: lane_context[SharedValues::IPA_OUTPUT_PATH],
# distribute_external: true,
# groups: TESTFLIGHT_EXTERNAL_GROUPS,
changelog: changelog
)
end
end
platform :tvos do
desc "Push a new beta build to TestFlight"
lane :beta do
ensure_temp_keychain(TEMP_KEYCHAIN_USER, TEMP_KEYCHAIN_PASSWORD)
api_key = app_store_connect_api_key(
key_id: DEVELOPER_KEY_ID,
issuer_id: DEVELOPER_KEY_ISSUER_ID,
key_content: developer_key_content
)
build = get_build_number(xcodeproj: XCODEPROJ)
version = get_version_number(
xcodeproj: XCODEPROJ,
target: "#{APP_NAME} (tvOS)"
)
match(
type: 'appstore',
platform: 'tvos',
app_identifier: "#{DEVELOPER_APP_IDENTIFIER}",
git_basic_authorization: Base64.strict_encode64(GIT_AUTHORIZATION),
readonly: true,
keychain_name: TEMP_KEYCHAIN_USER,
keychain_password: TEMP_KEYCHAIN_PASSWORD,
api_key: api_key
)
build_app(
scheme: "#{APP_NAME} (tvOS)",
output_directory: "fastlane/builds/#{version}-#{build}/tvOS",
output_name: "#{APP_NAME}-#{version}-tvOS.ipa",
export_method: "app-store",
export_options: {
provisioningProfiles: {
"#{DEVELOPER_APP_IDENTIFIER}" => "match AppStore #{DEVELOPER_APP_IDENTIFIER} tvos"
}
}
)
changelog = File.read('../CHANGELOG.md')
upload_to_testflight(
api_key: api_key,
ipa: lane_context[SharedValues::IPA_OUTPUT_PATH],
# distribute_external: true,
# groups: TESTFLIGHT_EXTERNAL_GROUPS,
changelog: changelog
)
end
end
platform :mac do
desc "Push a new beta build to TestFlight"
lane :beta do
ensure_temp_keychain(TEMP_KEYCHAIN_USER, TEMP_KEYCHAIN_PASSWORD)
api_key = app_store_connect_api_key(
key_id: DEVELOPER_KEY_ID,
issuer_id: DEVELOPER_KEY_ISSUER_ID,
key_content: developer_key_content
)
build = get_build_number(xcodeproj: XCODEPROJ)
version = get_version_number(
xcodeproj: XCODEPROJ,
target: "#{APP_NAME} (macOS)"
)
match(
type: 'appstore',
platform: 'macos',
additional_cert_types: ['mac_installer_distribution'],
app_identifier: "#{DEVELOPER_APP_IDENTIFIER}",
git_basic_authorization: Base64.strict_encode64(GIT_AUTHORIZATION),
readonly: true,
keychain_name: TEMP_KEYCHAIN_USER,
keychain_password: TEMP_KEYCHAIN_PASSWORD,
api_key: api_key
)
build_app(
scheme: "#{APP_NAME} (macOS)",
output_directory: "fastlane/builds/#{version}-#{build}/macOS",
output_name: "#{APP_NAME}-#{version}-macOS.app",
export_method: "app-store",
export_options: {
provisioningProfiles: {
"#{DEVELOPER_APP_IDENTIFIER}" => "match AppStore #{DEVELOPER_APP_IDENTIFIER} macos"
}
}
)
changelog = File.read('../CHANGELOG.md')
upload_to_testflight(
api_key: api_key,
pkg: lane_context[SharedValues::PKG_OUTPUT_PATH],
# distribute_external: true,
# groups: TESTFLIGHT_EXTERNAL_GROUPS,
changelog: changelog
)
end
desc "Build for Developer ID distribution and notarize"
lane :build_and_notarize do
ensure_temp_keychain(TEMP_KEYCHAIN_USER, TEMP_KEYCHAIN_PASSWORD)
api_key = app_store_connect_api_key(
key_id: DEVELOPER_KEY_ID,
issuer_id: DEVELOPER_KEY_ISSUER_ID,
key_content: developer_key_content
)
build = get_build_number(xcodeproj: XCODEPROJ)
version = get_version_number(
xcodeproj: XCODEPROJ,
target: "#{APP_NAME} (macOS)"
)
match(
type: 'developer_id',
platform: 'macos',
app_identifier: "#{DEVELOPER_APP_IDENTIFIER}",
git_basic_authorization: Base64.strict_encode64(GIT_AUTHORIZATION),
readonly: true,
keychain_name: TEMP_KEYCHAIN_USER,
keychain_password: TEMP_KEYCHAIN_PASSWORD,
api_key: api_key
)
build_mac_app(
scheme: "#{APP_NAME} (macOS)",
output_directory: "fastlane/builds/#{version}-#{build}/macOS",
output_name: "#{APP_NAME}",
export_method: "developer-id",
export_options: {
provisioningProfiles: {
"#{DEVELOPER_APP_IDENTIFIER}" => "match Direct #{DEVELOPER_APP_IDENTIFIER} macos"
}
}
)
notarize(
package: "fastlane/builds/#{version}-#{build}/macOS/#{APP_NAME}.app",
bundle_id: "#{DEVELOPER_APP_IDENTIFIER}",
api_key: api_key,
print_log: true
)
end
end
Reference in New Issue View Git Blame Copy Permalink