iOS App Store Release #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: iOS App Store Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| marketing_version: | |
| description: "App version to release (e.g., 1.2.3). Defaults to project.yml version." | |
| required: false | |
| type: string | |
| build_number: | |
| description: "Specific build number. Defaults to latest build for the version." | |
| required: false | |
| type: string | |
| permissions: | |
| contents: read | |
| jobs: | |
| submit-app-store: | |
| runs-on: macos-26 | |
| timeout-minutes: 15 | |
| environment: release | |
| env: | |
| HOMEBREW_NO_AUTO_UPDATE: "1" | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Validate required secrets | |
| env: | |
| ASC_KEY_ID: ${{ secrets.ASC_KEY_ID }} | |
| ASC_ISSUER_ID: ${{ secrets.ASC_ISSUER_ID }} | |
| ASC_PRIVATE_KEY_P8_B64: ${{ secrets.ASC_PRIVATE_KEY_P8_B64 }} | |
| IOS_APP_STORE_APP_ID: ${{ secrets.IOS_APP_STORE_APP_ID }} | |
| run: | | |
| set -euo pipefail | |
| required=(ASC_KEY_ID ASC_ISSUER_ID ASC_PRIVATE_KEY_P8_B64 IOS_APP_STORE_APP_ID) | |
| for name in "${required[@]}"; do | |
| if [[ -z "${!name:-}" ]]; then | |
| echo "Missing required secret: $name" >&2 | |
| exit 1 | |
| fi | |
| done | |
| - name: Install dependencies | |
| run: brew install jq asc | |
| - name: Decode App Store Connect API key | |
| env: | |
| ASC_KEY_ID: ${{ secrets.ASC_KEY_ID }} | |
| ASC_PRIVATE_KEY_P8_B64: ${{ secrets.ASC_PRIVATE_KEY_P8_B64 }} | |
| run: | | |
| set -euo pipefail | |
| ASC_KEY_PATH="$RUNNER_TEMP/AuthKey_${ASC_KEY_ID}.p8" | |
| echo "$ASC_PRIVATE_KEY_P8_B64" | base64 --decode > "$ASC_KEY_PATH" | |
| chmod 600 "$ASC_KEY_PATH" | |
| echo "ASC_PRIVATE_KEY_PATH=$ASC_KEY_PATH" >> "$GITHUB_ENV" | |
| - name: Submit to App Store | |
| env: | |
| APP_STORE_APP_ID: ${{ secrets.IOS_APP_STORE_APP_ID }} | |
| MARKETING_VERSION: ${{ inputs.marketing_version }} | |
| BUILD_NUMBER: ${{ inputs.build_number }} | |
| ASC_KEY_ID: ${{ secrets.ASC_KEY_ID }} | |
| ASC_ISSUER_ID: ${{ secrets.ASC_ISSUER_ID }} | |
| ASC_PRIVATE_KEY_PATH: ${{ env.ASC_PRIVATE_KEY_PATH }} | |
| run: | | |
| set -euo pipefail | |
| ./apps/ios/scripts/app-store-release.sh |