@@ -125,23 +125,31 @@ jobs:
125125 - run : dart format --set-exit-if-changed lib
126126 - name : Prepare certificate and provisioning profile
127127 env :
128+ IOS_CERTIFICATE_PASSWORD : ${{ secrets.IOS_CERTIFICATE_PASSWORD }}
128129 IOS_CERTIFICATE_BASE64 : ${{ secrets.IOS_CERTIFICATE_BASE64 }}
129130 IOS_PROVISIONING_PROFILE_BASE64 : ${{ secrets.IOS_PROVISIONING_PROFILE_BASE64 }}
131+ IOS_KEYCHAIN_PASSWORD : ${{ secrets.IOS_KEYCHAIN_PASSWORD }}
130132 run : |
131133 CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
132134 PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
133135 KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
134136
137+ # import certificate and provisioning profile from secrets
135138 echo -n "$IOS_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
139+
136140 echo -n "$IOS_PROVISIONING_PROFILE_BASE64" | base64 --decode -o $PP_PATH
137141
138- security create-keychain -p "" $KEYCHAIN_PATH
139- security set-keychain-settings $KEYCHAIN_PATH
140- security unlock-keychain -p "" $KEYCHAIN_PATH
142+ # create temporary keychain
143+ security create-keychain -p "$IOS_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
144+ security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
145+ security unlock-keychain -p "$IOS_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
141146
142- security import $CERTIFICATE_PATH -P "" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
147+ # import certificate to keychain
148+ security import $CERTIFICATE_PATH -P "$IOS_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
149+ security set-key-partition-list -S apple-tool:,apple: -k "$IOS_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
143150 security list-keychain -d user -s $KEYCHAIN_PATH
144151
152+ # apply provisioning profile
145153 mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
146154 cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
147155name : Build .ipa
0 commit comments