This action is an amalgamation of a few old actions which did below. (All WIP)
- Build scheme/archive
- Override
CURRENT_PROJECT_VERSION(build number) for Continious Deployment runs
- Override
- Installed signing certificates to runner
- Set entitlements (macos)
- Inserted provision files for macos & ios
- Re-signed internal frameworks (macos)
- Modified info.plist for testflight (eg. encryption excemptions)
- Setup sandboxing (macos)
- Resign app (post internal resigning)
- Packaged into installer (then signed with installer provision) for macos; making it MacAppStore compatible
- Upload to testflight
You can use this action locally by prefixing any inputs with -- as an argument (eg. --ProductPath=path)
node ./Action.js --ProjectPath=~/Projects/YourProduct.xcodeproj --Destination="generic/platform=macOS" --Configuration=ReleaseProduction --Clean=true --ZipProduct=true --NotarizeAppleId=graham@grahamreeves.com --NotarizeAppSpecificPassword=SomePassword --TeamIdentifier=abcdefg
Use these outputs in your work flow with ${{ steps.yourstepid.outputs.ProductName }}
ProductNameFilename(or magic directory) of the build product. Eg.YourApp.Appfor mac appsProductDirectoryDirectory containing the built product (and other build files)
See action.yml for a live comprehensive list of params.
configuration=Debug- Note: if the configuration is spelled incorrectly (eg
debuginstead ofDebug) the bundles from SPM package dependencies will be missing andcopys will fail.
- Note: if the configuration is spelled incorrectly (eg
- 'Clean=true|false'
- Will do a
cleanbefore building
- Will do a
TeamIdentifier=AA1A111A1to find installed certificateSigningCertificate_P12_Base64env or input should be a base64 encoded version of your~Apple ~Distributionsigning certificate exported to.p12- Get this from https://developer.apple.com under
Certificates, find the one forDistribution - Download the
distribution.cercertificate and install to keychain access and should appear asApple Distribution: Company (TeamIdentifier) - Export this to
.p12(Must be in yourlogin/personal keychain to export) with a password. base64 -i ./AppleDistribution.p12 > AppleDistribution.p12.base64.txt- Copy this base64 data into a secret and pass into action
- or testing locally
export SigningCertificate_P12_Base64=$(base64 -i ./AppleDistribution.p12)
- Get this from https://developer.apple.com under
SigningCertificate_Passwordenv or input which is the password to the above.p12exported certificate
ProvisioningProfile_Base64env or input should be a base64 encoded version of yourembedded.provisionprofilethat will be inserted into your .app to allow testflight to be used(provisioned)- Get your
.provisionprofilefrom https://developer.apple.com underProfiles, then find the provisioning profile for theMac App Store. Then download. base64 -i ./embedded.provisionprofile > embedded.provisionprofile.base64.txt- Copy this base64 data into a secret and pass into action
- or testing locally
export ProvisioningProfile_Base64=$(base64 -i ./embedded.provisionprofile)
- Get your
AppStoreConnect_Auth_KeyAn Auth Key from app store connect, like1234A5B6CDAppStoreConnect_Auth_IssuerIssuer from appstore connect (same page!) - a long hex guidaaaaaaaa-bbbb-aaaa-dddd-12345678901AppStoreConnect_Auth_P8_Base64.p8file from AppStoreConnect encoded to base64base64 -i ./AuthKey.p8 > AuthKey.p8.base64.txt- Copy this base64 data into a secret and pass into action
- or testing locally
export AppStoreConnect_Auth_P8_Base64=$(base64 -i ./AuthKey.p8)
InstallerCertificate_P12_Base64env or input should be a base64 encodedMac Installer Distribution Certificate- Get your
mac_installer.cerfrom https://developer.apple.com underCertificates, find the one forac Installer Distribution Certificate - Install to keychain (must be under a local keychain) and should appear as
3rd party mac developer installer - Export to
mac_installer.p12with password base64 -i ./mac_installer.p12 > mac_installer.p12.base64.txtexport InstallerCertificate_P12_Base64=$(base64 -i ./mac_installer.p12)
- Get your
When notarising, if an invalid apple id is supplied (eg. "true") you will get this error
Error: HTTP status code: 401. Your Apple ID has been locked. Visit iForgot to reset your account
(https://iforgot.apple.com), then generate a new app-specific password. Ensure that all authentication arguments are correct.