1.5 KiB
TestFlight Release CI
Gitea Actions publishes iOS releases from tags that match:
release/vN.N.N
For example:
git tag release/v1.10.0
git push origin release/v1.10.0
The release job runs on the xcode runner label, imports the signing p12 into
a temporary keychain, installs the App Store provisioning profile, builds and
uploads the app with fastlane, then creates or updates the matching Gitea
release with the generated IPA as an asset. The job deletes the temporary
signing keychain in an always() cleanup step.
Required repository secrets:
APP_STORE_CONNECT_API_KEY_ID
APP_STORE_CONNECT_API_ISSUER_ID
APP_STORE_CONNECT_API_KEY_CONTENT
APPSTORE_CERTIFICATES_FILE_BASE64
APPSTORE_CERTIFICATES_PASSWORD
APPSTORE_PROVISIONING_PROFILE_BASE64
Generate or refresh the signing assets locally with:
cd ios
fastlane ios create_ci_signing
The generated build/signing/ci-secrets.env file is ignored by Git. Copy its
certificate and provisioning profile values into the repository secrets listed
above. The workflow uses the Sybil AppStore CI provisioning profile name by
default.
If create_ci_signing fails with an expired or missing agreement error, the
Apple Developer Program account holder must accept the current agreements in
App Store Connect before new certificates or provisioning profiles can be
created through the API.
The workflow uses Gitea's built-in GITEA_TOKEN for release creation and asset
upload, with contents: write permissions. In Gitea this covers release asset
publication.