Skip to content

Instantly share code, notes, and snippets.

@joshjohanning

joshjohanning/deploy.yml

Last active June 25, 2023 23:29
Show Gist options
  • Save joshjohanning/15e2bda76687d353a50211a7477de370 to your computer and use it in GitHub Desktop.
Save joshjohanning/15e2bda76687d353a50211a7477de370 to your computer and use it in GitHub Desktop.
Download ZIP
Extracting, replacing values, and re-signing iOS app (IPA)
Raw
deploy.yml
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
with:
name: ipa-output
# TODO: set up build certificates and provisioning profiles - see note below
- name: extract ipa
run: |
unzip -q -o -d ${{ runner.temp }}/app ${{ github.workspace }}/$APPNAME.ipa
rm ${{ github.workspace }}/$APPNAME.ipa
- name: clean existing code signature
run: rm -rf ${{ runner.temp }}/app/Payload/$APPNAME.app/_CodeSignature/
- name: Inject Variables
uses: lindluni/actions-variable-groups@v2
with:
groups: |
.github/variables/dev.yml
- uses: cschleiden/replace-tokens@v1
with:
tokenPrefix: '#{'
tokenSuffix: '}#'
files: '["**/*_tokenized.json"]'
- name: replace plist values
working-directory: ${{ runner.temp }}/app/Payload/${{ env.APPNAME }}.app
run: |
# common actions for all but Release - Release already has the right values
if [ ! $CONFIGURATION = "Release" ]; then
# common plist actions
plutil -replace CFBundleDisplayName -string $APPNAME-$CONFIGURATION Info.plist
plutil -replace CFBundleIdentifier -string $BUNDLEPREFIX.$APPNAME-$CONFIGURATION Info.plist
plutil -replace CFBundleName -string $APPNAME-$CONFIGURATION Info.plist
plutil -replace CFBundleDisplayName -string $APPNAME-$CONFIGURATION Info.plist
plutil -replace Environment -string $CONFIGURATION Info.plist
fi
# use file compare to inspect the differences between the plist files from different configurations for what needs to change
- name: generate entitlements
run: |
# Generate entitlements.plist if it doesn't exist
codesign -d --entitlements :- "${{ runner.temp }}/app/Payload/$APPNAME.app" > entitlements.plist
# optionally if you need to remove anything
plutil -remove "com\.apple\.developer\.icloud-container-environment" entitlements.plist
# common actions for all but Release - Release already has the right values
if [ ! ${{ parameters.configuration }} = "Release" ]; then
# common plist actions
plutil -replace "application-identifier" -string ${{ parameters.teamId }}.${{ parameters.bundlePrefix }}.${{ parameters.appName }}-${abbrev} entitlements.plist
plutil -replace "com\.apple\.developer\.ubiquity-kvstore-identifier" -string ${{ parameters.teamId }}.${{ parameters.bundlePrefix }}.${{ parameters.appName }}-${abbrev} entitlements.plist
fi
- name: re-sign app
run: |
codesign -f -s "YourSigningCertificate" --entitlements entitlements.plist ${{ runner.temp }}/app/Payload/$APPNAME.app
- name: re-pack the ipa
run: |
zip -r ${{ runner.temp }}/$APPNAME.ipa ${{ runner.temp }}/app.* Payload
# TODO: push app to app store
Raw
instructions.md

Setup

There should be variables for:

  • APPNAME - the name of the app, used in the bundle identifier and if you extract the IPA, shows up in the <my-app>.app{: .filepath} directory
  • CONFIGURATION - the build configuration (ie: Release, Dev, QA, etc)
  • BUNDLEPREFIX - such as'com.universalapp'

Notes

  • See the GitHub docs, or an alternative example, on setting up your signing certificate and provisioning profile(s).
  • Build it in Release so that it has all of the right values for the production deployment. Use the plutil utility to modify the values for the other build configurations (ie: Dev, QA)
  • You can see how I did this with a real-world app in Azure DevOps in a deployment pipeline here.

Tips

  • Create a build locally with all configurations. Extract the .xcarchive or .ipa to see how the -Info.plist file changes between each build.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment