buzzert/Sybil-2
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: buzzert:release/v1.12.10
Branches Tags
buzzert:master buzzert:codex/system-prompt-and-settings buzzert:wip/spacer-scroll buzzert:ios-pull-to-refresh buzzert:codex/ios-right-align-user-bubbles buzzert:codex/chat-with-search-results buzzert:codex/ios-software-keyboard-send buzzert:codex/ios-no-autofocus-after-send
buzzert:release/ios/v1.13.3 buzzert:release/ios/v1.13.2 buzzert:release/v1.13.1 buzzert:v1.13.0 buzzert:v1.12.0 buzzert:release/v1.12.29 buzzert:release/v1.12.28 buzzert:release/v1.12.27 buzzert:release/v1.12.26 buzzert:release/v1.12.25 buzzert:release/v1.12.24 buzzert:release/v1.12.23 buzzert:release/v1.12.22 buzzert:release/v1.12.21 buzzert:release/v1.12.20 buzzert:release/v1.12.19 buzzert:release/v1.12.18 buzzert:release/v1.12.17 buzzert:release/v1.12.16 buzzert:release/v1.12.15 buzzert:release/v1.12.14 buzzert:release/v1.12.13 buzzert:release/v1.12.12 buzzert:release/v1.12.11 buzzert:release/v1.12.10 buzzert:release/v1.12.9 buzzert:release/v1.12.8 buzzert:release/v1.12.7 buzzert:release/v1.12.6 buzzert:release/v1.12.5 buzzert:release/v1.12.4 buzzert:release/v1.12.3 buzzert:release/v1.12.2 buzzert:release/v1.12.1 buzzert:release/v1.12.0 buzzert:v1.11 buzzert:v1.2.0 buzzert:v1.10
...
compare: buzzert:release/v1.12.11
Branches Tags
buzzert:master buzzert:codex/system-prompt-and-settings buzzert:wip/spacer-scroll buzzert:ios-pull-to-refresh buzzert:codex/ios-right-align-user-bubbles buzzert:codex/chat-with-search-results buzzert:codex/ios-software-keyboard-send buzzert:codex/ios-no-autofocus-after-send
buzzert:release/ios/v1.13.3 buzzert:release/ios/v1.13.2 buzzert:release/v1.13.1 buzzert:v1.13.0 buzzert:v1.12.0 buzzert:release/v1.12.29 buzzert:release/v1.12.28 buzzert:release/v1.12.27 buzzert:release/v1.12.26 buzzert:release/v1.12.25 buzzert:release/v1.12.24 buzzert:release/v1.12.23 buzzert:release/v1.12.22 buzzert:release/v1.12.21 buzzert:release/v1.12.20 buzzert:release/v1.12.19 buzzert:release/v1.12.18 buzzert:release/v1.12.17 buzzert:release/v1.12.16 buzzert:release/v1.12.15 buzzert:release/v1.12.14 buzzert:release/v1.12.13 buzzert:release/v1.12.12 buzzert:release/v1.12.11 buzzert:release/v1.12.10 buzzert:release/v1.12.9 buzzert:release/v1.12.8 buzzert:release/v1.12.7 buzzert:release/v1.12.6 buzzert:release/v1.12.5 buzzert:release/v1.12.4 buzzert:release/v1.12.3 buzzert:release/v1.12.2 buzzert:release/v1.12.1 buzzert:release/v1.12.0 buzzert:v1.11 buzzert:v1.2.0 buzzert:v1.10

1 Commits
release/v1 ... release/v1

Author SHA1 Message Date
James Magahern
76cb808c33 ios: use disposable keychain as ci default
Some checks failed
TestFlight Release / testflight (push) Failing after 15s
Details
2026-06-25 21:27:19 -07:00
2 changed files with 12 additions and 3 deletions
Expand all files Collapse all files

7
.gitea/workflows/testflight-release.yml
View File

@@ -85,6 +85,7 @@ jobs:
keychain_password="$(uuidgen)" keychain_password="$(uuidgen)"
keychain_path="${HOME}/Library/Keychains/${SIGNING_KEYCHAIN}.keychain-db" keychain_path="${HOME}/Library/Keychains/${SIGNING_KEYCHAIN}.keychain-db"
previous_default_keychain="$(security default-keychain -d user | sed 's/[ "]//g' || true)"
mkdir -p "${HOME}/Library/Keychains" "${HOME}/Library/MobileDevice/Provisioning Profiles" ios/build/secrets mkdir -p "${HOME}/Library/Keychains" "${HOME}/Library/MobileDevice/Provisioning Profiles" ios/build/secrets
printf '%s' "${APPSTORE_CERTIFICATES_FILE_BASE64}" | base64 --decode > ios/build/secrets/appstore-signing.p12 printf '%s' "${APPSTORE_CERTIFICATES_FILE_BASE64}" | base64 --decode > ios/build/secrets/appstore-signing.p12
@@ -95,6 +96,7 @@ jobs:
security set-keychain-settings -lut 21600 "${keychain_path}" security set-keychain-settings -lut 21600 "${keychain_path}"
security unlock-keychain -p "${keychain_password}" "${keychain_path}" security unlock-keychain -p "${keychain_password}" "${keychain_path}"
security list-keychains -d user -s "${keychain_path}" $(security list-keychains -d user | sed 's/[ "]//g') security list-keychains -d user -s "${keychain_path}" $(security list-keychains -d user | sed 's/[ "]//g')
security default-keychain -d user -s "${keychain_path}"
security import ios/build/secrets/AppleWWDRCAG3.cer \ security import ios/build/secrets/AppleWWDRCAG3.cer \
-k "${keychain_path}" \ -k "${keychain_path}" \
-T /usr/bin/codesign \ -T /usr/bin/codesign \
@@ -111,6 +113,7 @@ jobs:
{ {
echo "SYBIL_SIGNING_KEYCHAIN_PATH=${keychain_path}" echo "SYBIL_SIGNING_KEYCHAIN_PATH=${keychain_path}"
echo "SYBIL_SIGNING_KEYCHAIN_PASSWORD=${keychain_password}" echo "SYBIL_SIGNING_KEYCHAIN_PASSWORD=${keychain_password}"
echo "SYBIL_PREVIOUS_DEFAULT_KEYCHAIN=${previous_default_keychain}"
} >> "${GITHUB_ENV}" } >> "${GITHUB_ENV}"
- name: Build and upload to TestFlight - name: Build and upload to TestFlight
@@ -129,6 +132,7 @@ jobs:
security unlock-keychain -p "${SYBIL_SIGNING_KEYCHAIN_PASSWORD}" "${SYBIL_SIGNING_KEYCHAIN_PATH}" security unlock-keychain -p "${SYBIL_SIGNING_KEYCHAIN_PASSWORD}" "${SYBIL_SIGNING_KEYCHAIN_PATH}"
security list-keychains -d user -s "${SYBIL_SIGNING_KEYCHAIN_PATH}" $(security list-keychains -d user | sed 's/[ "]//g') security list-keychains -d user -s "${SYBIL_SIGNING_KEYCHAIN_PATH}" $(security list-keychains -d user | sed 's/[ "]//g')
security default-keychain -d user -s "${SYBIL_SIGNING_KEYCHAIN_PATH}"
security find-identity -v -p codesigning "${SYBIL_SIGNING_KEYCHAIN_PATH}" security find-identity -v -p codesigning "${SYBIL_SIGNING_KEYCHAIN_PATH}"
SYBIL_VERSION_TAG="${TAG_NAME}" bundle exec fastlane ios beta SYBIL_VERSION_TAG="${TAG_NAME}" bundle exec fastlane ios beta
@@ -220,4 +224,7 @@ jobs:
- name: Clean up temporary keychain - name: Clean up temporary keychain
if: always() if: always()
run: | run: |
if [[ -n "${SYBIL_PREVIOUS_DEFAULT_KEYCHAIN:-}" ]]; then
security default-keychain -d user -s "${SYBIL_PREVIOUS_DEFAULT_KEYCHAIN}" || true
fi
security delete-keychain "${HOME}/Library/Keychains/${SIGNING_KEYCHAIN}.keychain-db" || true security delete-keychain "${HOME}/Library/Keychains/${SIGNING_KEYCHAIN}.keychain-db" || true

8
ios/fastlane/CI.md
View File

@@ -14,10 +14,12 @@ git push origin release/v1.10.0
``` ```
The release job runs on the `xcode` runner label, imports the signing p12 into The release job runs on the `xcode` runner label, imports the signing p12 into
a temporary keychain, installs the App Store provisioning profile, builds and a temporary per-user keychain, makes that keychain the user default for the
duration of the job, installs the App Store provisioning profile, builds and
uploads the app with fastlane, then creates or updates the matching Gitea uploads the app with fastlane, then creates or updates the matching Gitea
release with the generated IPA as an asset. The job deletes the temporary release with the generated IPA as an asset. The job restores the previous user
signing keychain in an `always()` cleanup step. default keychain and deletes the temporary signing keychain in an `always()`
cleanup step.
Required repository secrets: Required repository secrets: