Skip to content

Merge pull request #150 from jellyflix-app/main #67

Merge pull request #150 from jellyflix-app/main

Merge pull request #150 from jellyflix-app/main #67

Workflow file for this run

name: Deploy
on:
push:
branches:
- stable
- preview
paths-ignore:
- "README.md"
- "LICENSE"
- "CONTRIBUTING.md"
- "CODE_OF_CONDUCT.md"
jobs:
version:
name: Create version number
runs-on: ubuntu-latest
steps:
- name: Check out Git repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Fetch all history for all tags and branches
run: |
git config remote.origin.url https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}
git fetch --prune --depth=10000
- name: Install GitVersion
uses: gittools/actions/gitversion/setup@v1
with:
versionSpec: "5.x"
- name: Use GitVersion
id: gitversion
uses: gittools/actions/gitversion/execute@v1
- name: Create version.txt with nuGetVersion
run: echo ${{ steps.gitversion.outputs.nuGetVersion }} > version.txt
- name: Upload version.txt
uses: actions/upload-artifact@v4
with:
name: gitversion
path: version.txt
build_web:
name: Create Web Build
runs-on: ubuntu-latest
steps:
- name: Check out Git repository
uses: actions/checkout@v4
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-version: "12.x"
cache: gradle
- name: Setup Flutter
uses: subosito/flutter-action@v2
with:
channel: 'stable'
cache: true
- name: Get dependencies
run: flutter pub get
- name: Start Web Release Build
run: flutter build web --release
- name: Upload Web Build Files
uses: actions/upload-artifact@v4
with:
name: web-release
path: ./build/web
deploy_web:
name: Deploy Web Build
needs: build_web
runs-on: ubuntu-latest
steps:
- name: Download Web Release
uses: actions/download-artifact@v4
with:
name: web-release
- name: Deploy to gh-pages
uses: peaceiris/actions-gh-pages@v4
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./
cname: jellyflix.kiejon.com
build_android:
name: Build Android
needs: [version]
runs-on: ubuntu-latest
steps:
- name: Clone Repo
uses: actions/checkout@v4
- name: Get version.txt
uses: actions/download-artifact@v4
with:
name: gitversion
- name: Create new file without newline char from version.txt
run: tr -d '\n' < version.txt > version1.txt
- name: Read version
id: version
uses: juliangruber/read-file-action@v1
with:
path: version1.txt
- name: Update version in YAML
run: sed -i 's/00.00.00+0/${{ steps.version.outputs.content }}+${{ github.run_number }}/g' pubspec.yaml
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-version: '12.x'
cache: gradle
- name: Setup Flutter
uses: subosito/flutter-action@v2
with:
channel: 'stable'
cache: true
- name: Run Pub get
run: flutter pub get
- name: Download Android keystore
id: android_keystore
uses: timheuer/base64-to-file@v1
with:
fileName: ${{ secrets.ANDROID_KEY_ALIAS }}
encodedString: ${{ secrets.ANDROID_KEYSTORE_BASE64 }}
- name: Create key.properties
run: |
echo "storeFile=${{ steps.android_keystore.outputs.filePath }}" > android/key.properties
echo "storePassword=${{ secrets.ANDROID_KEYSTORE_PASSWORD }}" >> android/key.properties
echo "keyPassword=${{ secrets.ANDROID_KEY_PASSWORD }}" >> android/key.properties
echo "keyAlias=${{ secrets.ANDROID_KEY_ALIAS }}" >> android/key.properties
- name: Build apk
run: flutter build apk --release --dart-define=ENCRYPTION_KEY=${{ secrets.ENCRYPTION_KEY }}
- name: Build Android App Bundle
run: flutter build appbundle --release --dart-define=ENCRYPTION_KEY=${{ secrets.ENCRYPTION_KEY }}
- name: Rename APK
run: mv build/app/outputs/flutter-apk/app-release.apk build/app/outputs/flutter-apk/jellyflix.apk
- name: Upload apk
uses: actions/upload-artifact@v4
with:
name: jellyflix-apk
path: build/app/outputs/flutter-apk/jellyflix.apk
- name: Upload app bundle
uses: actions/upload-artifact@v4
with:
name: jellyflix-appbundle
path: build/app/outputs/bundle/release/app-release.aab
build_ios:
needs: [version]
name: Build iOS
runs-on: macos-14
steps:
- name: Checkout the code
uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: '2.6.10'
bundler-cache: true
working-directory: 'ios'
- name: Get version.txt
uses: actions/download-artifact@v4
with:
name: gitversion
- name: Create new file without newline char from version.txt
run: tr -d '\n' < version.txt > version1.txt
- name: Read version
id: version
uses: juliangruber/read-file-action@v1
with:
path: version1.txt
- name: Update version in YAML
run: sed -i '' 's/00.00.00+0/${{ steps.version.outputs.content }}+${{ github.run_number }}/g' pubspec.yaml
- name: Create release notes
uses: johnyherangi/create-release-notes@v1
if: ${{ github.ref == 'refs/heads/stable' }}
id: create-release-notes
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Flutter
uses: subosito/flutter-action@v2
with:
channel: 'stable'
cache: true
- name: Install packages
run: flutter pub get
- name: Install Cocoapods
working-directory: ios
run: pod install
- name: Install Fastlane
working-directory: ios
run: bundle install
- name: Setup SSH Keys and known_hosts for Fastlane Match
env:
PRIVATE_KEY: ${{ secrets.MATCH_SSH_PRIVATE_KEY }}
run: |
mkdir -p ~/.ssh && touch ~/.ssh/known_hosts
echo "$PRIVATE_KEY" > ~/.ssh/id_rsa
ssh-keyscan github.com >> ~/.ssh/known_hosts
chmod 600 ~/.ssh/known_hosts ~/.ssh/id_rsa
eval $(ssh-agent) && ssh-add ~/.ssh/id_rsa
- name: Save base64 encoded p8 cert
working-directory: ios
run: echo ${{ secrets.APPSTORE_CONNECT_API_KEY }} | base64 --decode > AuthKey_${{ secrets.APPSTORE_CONNECT_KEY_ID }}.p8
- name: Add Credentials / Keys, Build and Upload to TestFlight
working-directory: ios
env:
TEAM_ID: ${{ secrets.TEAM_ID }}
ITC_TEAM_ID: ${{ secrets.ITC_TEAM_ID }}
MATCH_GIT_URL: ${{ secrets.MATCH_GIT_URL }}
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
APP_STORE_CONNECT_KEY_ID: ${{ secrets.APPSTORE_CONNECT_KEY_ID }}
APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }}
APP_STORE_CONNECT_FILE_PATH: "./AuthKey_${{ secrets.APPSTORE_CONNECT_KEY_ID }}.p8"
RELEASE_NOTES: ${{ steps.create-release-notes.outputs.release-notes }}
run: |
sed -i "" "s/TEAM_ID/$TEAM_ID/g" ./Runner/ExportOptions.plist
sed -i "" "s/SENSITIVE_REPLACE_ME/$TEAM_ID/g" ./Runner.xcodeproj/project.pbxproj
bundle exec fastlane setup
bundle exec fastlane beta
# Collect the file and upload as artifact
- name: collect ipa artifacts
uses: actions/upload-artifact@v4
with:
name: jellyflix-ipa
# Path to the release files
path: ios/*.ipa
build_macos:
name: Build macOS
needs: [version]
runs-on: macos-14
steps:
- name: Clone Repo
uses: actions/checkout@v4
# Install the Apple certificate and provisioning profile
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.DEVELOPERID_CERT_BASE64 }}
P12_PASSWORD: ${{ secrets.DEVELOPERID_CERT_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.DEVELOPERID_MACPROVISION_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.provisionprofile
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode --output $PP_PATH
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Get version.txt
uses: actions/download-artifact@v4
with:
name: gitversion
- name: Create new file without newline char from version.txt
run: tr -d '\n' < version.txt > version1.txt
- name: Read version
id: version
uses: juliangruber/read-file-action@v1
with:
path: version1.txt
- name: Update version in YAML
run: sed -i '' 's/00.00.00+0/${{ steps.version.outputs.content }}+${{ github.run_number }}/g' pubspec.yaml
- name: Setup Flutter
uses: subosito/flutter-action@v2
with:
channel: 'stable'
cache: true
- name: Run Pub get
run: flutter pub get
- name: replace sensitive data
working-directory: macos
env:
TEAM_ID: ${{ secrets.TEAM_ID }}
run: |
sed -i "" "s/SENSITIVE_REPLACE_ME/$TEAM_ID/g" ./Runner.xcodeproj/project.pbxproj
- name: Build macOS
run: flutter build macos --dart-define=ENCRYPTION_KEY=${{ secrets.ENCRYPTION_KEY }}
- name: Sign app
run: |
codesign --options=runtime --force --deep --sign ${{ secrets.DEVELOPERID_CERT_FINGERPRINT }} build/macos/Build/Products/Release/jellyflix.app
codesign --verify --verbose build/macos/Build/Products/Release/jellyflix.app
- name: Create a dmg
working-directory: build/macos/Build/Products/Release
run: |
echo "Install create-dmg"
brew install create-dmg
create-dmg \
--volname "Jellyflix" \
--window-pos 200 120 \
--window-size 800 529 \
--icon-size 130 \
--text-size 14 \
--icon "Jellyflix.app" 260 250 \
--hide-extension "Jellyflix.app" \
--app-drop-link 540 250 \
--hdiutil-quiet \
"Jellyflix.dmg" \
"Jellyflix.app"
- name: Sign .dmg
run: codesign --options=runtime --force --deep -s ${{ secrets.DEVELOPERID_CERT_FINGERPRINT }} build/macos/Build/Products/Release/jellyflix.dmg -v
# only important for selfhosted runners
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.provisionprofile
- name: Save base64 encoded p8 cert
run: echo ${{ secrets.APPSTORE_CONNECT_API_KEY }} | base64 --decode > AuthKey_${{ secrets.APPSTORE_CONNECT_KEY_ID }}.p8
- name: Notarize
run: |
xcrun notarytool submit build/macos/Build/Products/Release/jellyflix.dmg -k AuthKey_${{ secrets.APPSTORE_CONNECT_KEY_ID }}.p8 -d ${{ secrets.APPSTORE_CONNECT_KEY_ID }} -i ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }} --wait
- name: Staple
run: xcrun stapler staple build/macos/Build/Products/Release/jellyflix.dmg
- name: Verify notarization and staple
run: |
spctl --assess -vvv --type install build/macos/Build/Products/Release/jellyflix.dmg
xcrun stapler validate build/macos/Build/Products/Release/jellyflix.dmg
- name: Upload macOS
uses: actions/upload-artifact@v4
with:
name: jellyflix-macos
path: build/macos/Build/Products/Release/jellyflix.dmg
build_linux:
name: Build Linux
needs: [version]
runs-on: ubuntu-latest
steps:
- name: Clone Repo
uses: actions/checkout@v4
- name: Get version.txt
uses: actions/download-artifact@v4
with:
name: gitversion
- name: Create new file without newline char from version.txt
run: tr -d '\n' < version.txt > version1.txt
- name: Read version
id: version
uses: juliangruber/read-file-action@v1
with:
path: version1.txt
- name: Update version in YAML
run: sed -i 's/00.00.00+0/${{ steps.version.outputs.content }}+${{ github.run_number }}/g' pubspec.yaml
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-version: '12.x'
cache: gradle
- name: Setup Flutter
uses: subosito/flutter-action@v2
with:
channel: 'stable'
cache: true
- name: Setup build tools
run: |
sudo apt-get update -y
sudo apt-get install -y ninja-build libgtk-3-dev clang libmpv-dev mpv libsecret-1-dev libjsoncpp-dev
flutter doctor
- name: Run Pub get
run: flutter pub get
- name: Build Linux
run: flutter build linux --release --dart-define=ENCRYPTION_KEY=${{ secrets.ENCRYPTION_KEY }}
- name: Install zip
uses: montudor/action-zip@v1
- name: Zip Linux
run: zip -qq -r jellyflix-linux.zip .
working-directory: build/linux/x64/release/bundle
- name: Upload Linux
uses: actions/upload-artifact@v4
with:
name: jellyflix-linux
path: build/linux/x64/release/bundle/jellyflix-linux.zip
build_windows:
name: Build Windows
needs: [version]
runs-on: windows-latest
steps:
- name: Clone Repo
uses: actions/checkout@v4
- name: Git:Enable long paths
run: git config --system core.longpaths true
- name: Get version.txt
uses: actions/download-artifact@v4
with:
name: gitversion
- name: Create new file without newline char from version.txt
run: (Get-Content version.txt) -join '' | Set-Content version1.txt
shell: pwsh
- name: Read version
id: version
uses: juliangruber/read-file-action@v1
with:
path: version1.txt
- name: Update version in YAML
run: (Get-Content pubspec.yaml) -replace '00.00.00+0', "${{ steps.version.outputs.content }}+${{ github.run_number }}" | Set-Content pubspec.yaml
shell: pwsh
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: 'zulu'
java-version: '12.x'
cache: gradle
# fixes #278 https://github.com/subosito/flutter-action/issues/278
- name: Export pub environment variable on Windows
run: |
if [ "$RUNNER_OS" == "Windows" ]; then
echo "PUB_CACHE=$LOCALAPPDATA\\Pub\\Cache" >> $GITHUB_ENV
fi
shell: bash
- name: Setup Flutter
uses: subosito/flutter-action@v2
with:
channel: 'stable'
cache: true
- name: Run Pub get
run: flutter pub get
- name: Build Windows
run: flutter build windows --release --dart-define=ENCRYPTION_KEY=${{ secrets.ENCRYPTION_KEY }}
- name: Zip Windows
run: Compress-Archive -Path ./build/windows/x64/runner/Release/* -Destination jellyflix-windows.zip
- name: Upload Windows
uses: actions/upload-artifact@v4
with:
name: jellyflix-windows
path: jellyflix-windows.zip
create_release:
name: Create Release
needs: [build_android, build_linux, build_windows, build_macos]
runs-on: ubuntu-latest
steps:
- name: Clone Repo
uses: actions/checkout@v4
- name: Get version.txt
uses: actions/download-artifact@v4
with:
name: gitversion
- name: Create new file without newline char from version.txt
run: tr -d '\n' < version.txt > version1.txt
- name: Read version
id: version
uses: juliangruber/read-file-action@v1
with:
path: version1.txt
- name: Download Artifacts APK
uses: actions/download-artifact@v4
with:
name: jellyflix-apk
path: jellyflix-apk
- name: Download Artifacts Linux
uses: actions/download-artifact@v4
with:
name: jellyflix-linux
path: jellyflix-linux
- name: Download Artifacts Windows
uses: actions/download-artifact@v4
with:
name: jellyflix-windows
path: jellyflix-windows
- name: Download Artifacts Mac
uses: actions/download-artifact@v4
with:
name: jellyflix-macos
path: jellyflix-macos
- name: Create release notes
uses: johnyherangi/create-release-notes@v1
if: ${{ github.ref == 'refs/heads/stable' }}
id: create-release-notes
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create Release
id: create_release
uses: ncipollo/release-action@v1
with:
artifacts: "jellyflix-apk/*.apk,jellyflix-linux/*,jellyflix-windows/*,jellyflix-macos/*"
token: ${{ secrets.GITHUB_TOKEN }}
tag: ${{ steps.version.outputs.content }}
commit: ${{ github.sha }}
body: ${{ steps.create-release-notes.outputs.release-notes }}
prerelease: ${{ github.ref == 'refs/heads/preview' }}
release-play-store:
name: Release app to play store
needs: [build_android]
runs-on: ubuntu-latest
steps:
- name: Check out Git repository
uses: actions/checkout@v4
- name: Get appbundle from artifacts
uses: actions/download-artifact@v4
with:
name: jellyflix-appbundle
- name: Release app to open testing track
if: ${{ github.ref == 'refs/heads/preview' }}
uses: r0adkll/upload-google-play@v1
with:
serviceAccountJsonPlainText: ${{ secrets.GOOGLE_SERVICE_ACCOUNT_KEY }}
packageName: ${{ secrets.ANDROID_PACKAGE_NAME }}
releaseFiles: app-release.aab
track: beta
status: draft
- name: Release app to production track
if: ${{ github.ref == 'refs/heads/stable' }}
uses: r0adkll/upload-google-play@v1
with:
serviceAccountJsonPlainText: ${{ secrets.GOOGLE_SERVICE_ACCOUNT_KEY }}
packageName: ${{ secrets.ANDROID_PACKAGE_NAME }}
releaseFiles: app-release.aab
track: production
status: draft