Migrate to tool-agnostic agent structure and optimize documentation (… #296
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Alfie CI/CD | |
| on: | |
| push: | |
| branches: | |
| - "main" | |
| pull_request: | |
| branches: | |
| - "main" | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| ARTIFACTS_PATH: "/tmp/alfie-artifacts" | |
| SPM_CLONED_DEPENDENCIES_PATH: "/tmp/SourcePackages" | |
| jobs: | |
| setup: | |
| runs-on: macos-15 | |
| timeout-minutes: 15 | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Cache Homebrew | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/Library/Caches/Homebrew | |
| /usr/local/Homebrew | |
| key: brew-${{ runner.os }}-${{ hashFiles('Brewfile') }} | |
| restore-keys: | | |
| brew-${{ runner.os }}- | |
| - name: Cache Ruby Gems | |
| uses: actions/cache@v4 | |
| with: | |
| path: vendor/bundle | |
| key: gems-${{ runner.os }}-${{ hashFiles('Gemfile', 'Gemfile.lock') }} | |
| restore-keys: | | |
| gems-${{ runner.os }}-${{ hashFiles('Gemfile') }}- | |
| gems-${{ runner.os }}- | |
| - name: Install Homebrew formulas | |
| run: | | |
| brew update | |
| brew bundle install | |
| - name: Install Ruby dependencies | |
| run: | | |
| gem install bundler --no-document | |
| bundle config set --local path 'vendor/bundle' | |
| bundle install --jobs 4 --retry 3 | |
| unit-tests: | |
| needs: setup | |
| runs-on: macos-15 | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Restore Ruby Gems | |
| uses: actions/cache@v4 | |
| with: | |
| path: vendor/bundle | |
| key: gems-${{ runner.os }}-${{ hashFiles('Gemfile', 'Gemfile.lock') }} | |
| restore-keys: | | |
| gems-${{ runner.os }}-${{ hashFiles('Gemfile') }}- | |
| gems-${{ runner.os }}- | |
| - name: Restore Swift Package Manager Cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/Library/Caches/org.swift.swiftpm | |
| ${{ env.SPM_CLONED_DEPENDENCIES_PATH }} | |
| key: spm-${{ runner.os }}-${{ hashFiles('Alfie/AlfieKit/Package.swift', 'Alfie/AlfieKit/Package.resolved') }} | |
| restore-keys: | | |
| spm-${{ runner.os }}- | |
| - name: Install Homebrew formulas | |
| run: | | |
| brew bundle install | |
| - name: Install Ruby dependencies | |
| run: | | |
| bundle config set --local path 'vendor/bundle' | |
| bundle install --jobs 4 --retry 3 | |
| - name: Import GPG Private Key and Decrypt sensitive files | |
| env: | |
| SECRETS_GPG_PRIVATE_KEY: ${{ secrets.SECRETS_GPG_PRIVATE_KEY }} | |
| SECRETS_GPG_PASSPHRASE: ${{ secrets.SECRETS_GPG_PASSPHRASE }} | |
| run: | | |
| git config --global user.email "${{ secrets.GIT_EMAIL }}" | |
| git config --global user.name "${{ secrets.GIT_USER_NAME }}" | |
| mkdir -p ~/.gnupg | |
| chmod 700 ~/.gnupg | |
| echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf | |
| echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf | |
| chmod 600 ~/.gnupg/gpg-agent.conf | |
| chmod 600 ~/.gnupg/gpg.conf | |
| echo "$SECRETS_GPG_PRIVATE_KEY" | gpg --batch --yes --import | |
| gpg-connect-agent reloadagent /bye || true | |
| git secret reveal -p "$SECRETS_GPG_PASSPHRASE" | |
| - name: Run Tests | |
| run: bundle exec fastlane ios test --env default | |
| env: | |
| BUILD_CONFIGURATION: "Debug" | |
| - name: Upload Test Results | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: test-results | |
| path: | | |
| ${{ env.ARTIFACTS_PATH }}/*.xcresult | |
| ${{ env.ARTIFACTS_PATH }}/*.junit | |
| retention-days: 7 | |
| release: | |
| needs: [setup, unit-tests] | |
| runs-on: macos-15 | |
| timeout-minutes: 60 | |
| if: github.event_name == 'push' | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Restore Ruby Gems | |
| uses: actions/cache@v4 | |
| with: | |
| path: vendor/bundle | |
| key: gems-${{ runner.os }}-${{ hashFiles('Gemfile', 'Gemfile.lock') }} | |
| restore-keys: | | |
| gems-${{ runner.os }}-${{ hashFiles('Gemfile') }}- | |
| gems-${{ runner.os }}- | |
| - name: Restore Swift Package Manager Cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/Library/Caches/org.swift.swiftpm | |
| ${{ env.SPM_CLONED_DEPENDENCIES_PATH }} | |
| key: spm-${{ runner.os }}-${{ hashFiles('Alfie/AlfieKit/Package.swift', 'Alfie/AlfieKit/Package.resolved') }} | |
| restore-keys: | | |
| spm-${{ runner.os }}- | |
| - name: Configure Bundler | |
| run: | | |
| bundle config set --local path 'vendor/bundle' | |
| bundle install --jobs 4 --retry 3 | |
| - name: Set up SSH for Bitbucket | |
| run: | | |
| mkdir -p ~/.ssh | |
| echo "${{ secrets.BITBUCKET_SSH_KEY }}" > ~/.ssh/id_rsa | |
| chmod 600 ~/.ssh/id_rsa | |
| ssh-keyscan -t rsa bitbucket.org >> ~/.ssh/known_hosts | |
| - name: Import GPG Private Key and Decrypt sensitive files | |
| env: | |
| SECRETS_GPG_PRIVATE_KEY: ${{ secrets.SECRETS_GPG_PRIVATE_KEY }} | |
| SECRETS_GPG_PASSPHRASE: ${{ secrets.SECRETS_GPG_PASSPHRASE }} | |
| run: | | |
| git config --global user.email "${{ secrets.GIT_EMAIL }}" | |
| git config --global user.name "${{ secrets.GIT_USER_NAME }}" | |
| mkdir -p ~/.gnupg | |
| chmod 700 ~/.gnupg | |
| echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf | |
| echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf | |
| chmod 600 ~/.gnupg/gpg-agent.conf | |
| chmod 600 ~/.gnupg/gpg.conf | |
| echo "$SECRETS_GPG_PRIVATE_KEY" | gpg --batch --yes --import | |
| gpg-connect-agent reloadagent /bye || true | |
| git secret reveal -p "$SECRETS_GPG_PASSPHRASE" | |
| - name: Build and deploy release to TestFlight | |
| run: bundle exec fastlane ios release --env default | |
| env: | |
| BUILD_CONFIGURATION: "Release" | |
| APPSTORE_CONNECT_ISSUER_ID: ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }} | |
| APPSTORE_CONNECT_KEY_CONTENT_BASE64: ${{ secrets.APPSTORE_CONNECT_KEY_CONTENT_BASE64 }} | |
| APPSTORE_CONNECT_KEY_ID: ${{ secrets.APPSTORE_CONNECT_KEY_ID }} | |
| APPSTORE_CONNECT_TEAM_ID: ${{ secrets.APPSTORE_CONNECT_TEAM_ID }} | |
| APP_IDENTIFIER: ${{ secrets.APP_IDENTIFIER }} | |
| GIT_EMAIL: ${{ secrets.GIT_EMAIL }} | |
| GIT_TOKEN: ${{ secrets.GIT_TOKEN }} | |
| GIT_USER_NAME: ${{ secrets.GIT_USER_NAME }} | |
| ITUNESCONNECT_TEAM_ID: ${{ secrets.ITUNESCONNECT_TEAM_ID }} | |
| MATCH_GIT_URL: ${{ secrets.MATCH_GIT_URL }} | |
| MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} |