Skip to content
CD iOS

TransationManifest::securify_unsecurified_entity & `ProvisionalSec… #290

Sign in to view logs

TransationManifest::securify_unsecurified_entity & `ProvisionalSec…

TransationManifest::securify_unsecurified_entity & `ProvisionalSec… #290

Workflow file for this run

.github/workflows/release.yml at 7f13683
name: CD iOS
on:
workflow_dispatch:
push:
branches:
- main
permissions:
id-token: write
contents: write
env:
CARGO_TERM_COLOR: always
jobs:
build:
runs-on: macos-15-xlarge
steps:
- uses: RDXWorks-actions/checkout@main
with:
fetch-depth: 0
- uses: RDXWorks-actions/setup-xcode@master
with:
xcode-version: "16.0.0"
- name: Install Rust Toolchain for aarch64-apple-ios
uses: RDXWorks-actions/rust-toolchain@master
with:
toolchain: nightly-2024-01-11
components: rust-std
target: aarch64-apple-ios,aarch64-apple-darwin,aarch64-apple-ios-sim
- name: Compute release tag
id: tags
run: |
set -euo pipefail
LAST_TAG=`git tag --sort=creatordate | tail -1`
NEXT_TAG=$(echo ${LAST_TAG} | awk -F. -v OFS=. 'NF==1{print ++$NF}; NF>1{$NF=sprintf("%0*d", length($NF), ($NF+1)); print}')
echo "NEXT_TAG=$NEXT_TAG" >> "$GITHUB_OUTPUT"
echo "LAST_TAG=$LAST_TAG" >> "$GITHUB_OUTPUT"
echo "🚢 NEXT_TAG: $NEXT_TAG"
echo "🚢 LAST_TAG: $LAST_TAG"
- name: Build artifacts
id: build
run: |
set -euo pipefail
rustup target add aarch64-apple-darwin aarch64-apple-ios aarch64-apple-ios-sim
echo "🚢 Switch 'useLocalFramework' to 'false' in Package.swift for release"
sed -i '' 's/let useLocalFramework = true/let useLocalFramework = false/' Package.swift
# output is: "<CHKSUM>;<$XCFRAME_ZIP_PATH>"
OUTPUT_OF_BUILD=$(bash scripts/ios/build-sargon.sh --release-tag "$NEXT_TAG" | tail -n 1) || exit $?
if [[ "$OUTPUT_OF_BUILD" == "BUILT_WITHOUT_RELEASE" ]]; then
echo "Error, failed to build, did you forget to pass '--release' to build script? Otherwise check if build-sargon.sh has recently been changed (to something incorrect...)"
exit 1;
fi
CHECKSUM=`echo "$OUTPUT_OF_BUILD" | cut -d ";" -f 1` || exit $?
XCFRAME_ZIP_PATH=`echo "$OUTPUT_OF_BUILD" | cut -d ";" -f 2` || exit $?
echo "🚢 CHECKSUM: $CHECKSUM"
echo "🚢 XCFRAME_ZIP_PATH: $XCFRAME_ZIP_PATH"
echo "🚢 Ensuring Sargon build for release - that it will work for e.g. iOS wallet to archive."
sed -i '' 's/let useLocalFramework = false/let useLocalFramework = true/' Package.swift
swift build -c release || exit $?
echo "🚢 Swift Sargon builds for release ✅"
env:
NEXT_TAG: ${{ steps.tags.outputs.NEXT_TAG }}
- name: Push release tag
if: github.ref == 'refs/heads/main'
run: |
set -euo pipefail
echo "🚢 Setting 'useLocalFramework = false' for release"
sed -i '' 's/let useLocalFramework = true/let useLocalFramework = false/' Package.swift
# We have .gitigored Sargon.swift because we dont need it in git history, but we
# need it for this release, so we must FORCE add it (since it is ignored).
echo "🚢 Staging changed files"
git add --force Package.swift apple/Sources/UniFFI/Sargon.swift
git config user.name 'github-actions[bot]'
git config user.email 'github-actions[bot]@users.noreply.github.com'
echo "🚢 Git committing changes"
git status
git commit -m "Release of '$NEXT_TAG'" \
-m "Updated Package.swift with new checksum and path to zip on Github, and maybe apple/Sources/UniFFI/Sargon.swift." \
-m "This commit is not merged into main branch (and need not be)." \
--no-verify
echo "🚢 🏷️ 📡 Pushing tag: $NEXT_TAG, but only tag, not commit."
git tag $NEXT_TAG
git push origin $NEXT_TAG
env:
NEXT_TAG: ${{ steps.tags.outputs.NEXT_TAG }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create release
if: github.ref == 'refs/heads/main'
run: |
set -eux
ls -l target/swift/*.zip
# This MUST match whatever you we have declared in Package.swift
ARTIFACT_FILE=libsargon-rs.xcframework.zip
# Moving the artifact to the current directory.
mv target/swift/$ARTIFACT_FILE .
gh release create $NEXT_TAG $ARTIFACT_FILE --generate-notes --notes-start-tag $LAST_TAG --title "v$NEXT_TAG"
env:
LAST_TAG: ${{ steps.tags.outputs.LAST_TAG }}
NEXT_TAG: ${{ steps.tags.outputs.NEXT_TAG }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}