RedGridLink/codemagic.yaml at master · RedGridTactical/RedGridLink · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
# =============================================================================
# Codemagic CI/CD Configuration — Red Grid Link
# =============================================================================
#
# Environment Variables (set in Codemagic UI under App Settings > Environment):
#
# --- Android Code Signing ---
# CM_KEYSTORE              : Base64-encoded .jks/.keystore file.
#                            Generate with: base64 -i release.keystore | pbcopy
#                            Create keystore with: keytool -genkeypair -v
#                              -keystore release.keystore -keyalg RSA
#                              -keysize 2048 -validity 10000
#                              -alias <your-alias>
# CM_KEY_ALIAS             : Alias used when creating the keystore (e.g., "redgridlink")
# CM_KEY_PASSWORD          : Password for the key within the keystore
# CM_KEYSTORE_PASSWORD     : Password for the keystore file itself
#
# --- Google Play Publishing ---
# GOOGLE_PLAY_SERVICE_ACCOUNT_JSON : Contents of the Google Play service account
#                            JSON key file. Create at Google Cloud Console >
#                            Service Accounts > Keys > Add Key > JSON.
#                            The service account must have "Release Manager"
#                            or equivalent permissions in Google Play Console >
#                            Settings > API access.
#
# --- App Store Connect Publishing ---
# APP_STORE_CONNECT_ISSUER_ID      : Issuer ID from App Store Connect >
#                            Users and Access > Integrations > App Store
#                            Connect API > Issuer ID (UUID format).
# APP_STORE_CONNECT_KEY_IDENTIFIER : Key ID from App Store Connect >
#                            Users and Access > Integrations > App Store
#                            Connect API > Active Keys (10-char alphanumeric).
# APP_STORE_CONNECT_PRIVATE_KEY    : Contents of the .p8 private key file
#                            downloaded when creating the API key. Starts with
#                            -----BEGIN PRIVATE KEY-----. Can only be
#                            downloaded once; regenerate if lost.
#
# =============================================================================

definitions:
  environment: &flutter_env
    flutter: stable
    java: 17
  scripts:
    - &pub_get
      name: Install dependencies
      script: flutter pub get
    - &code_gen
      name: Run Drift code generation
      script: dart run build_runner build --delete-conflicting-outputs
    - &run_tests
      name: Run tests
      script: flutter test
      ignore_failure: true

workflows:
  # ===========================================================================
  # Android Release — Build AAB and publish to Google Play (internal track)
  # ===========================================================================
  android-release:
    name: Android Release
    max_build_duration: 30
    instance_type: mac_mini_m2
    triggering:
      events: []
      cancel_previous_builds: true
    environment:
      <<: *flutter_env
      groups:
        - android_credentials    # CM_KEYSTORE, CM_KEY_ALIAS, CM_KEY_PASSWORD, CM_KEYSTORE_PASSWORD
    scripts:
      - *pub_get
      - *code_gen
      - *run_tests
      - name: Set up Android keystore
        script: |
          # Decode the base64-encoded keystore into a file
          echo $CM_KEYSTORE | base64 --decode > $CM_BUILD_DIR/release.keystore

          # Create key.properties for Gradle to consume
          cat > $CM_BUILD_DIR/android/key.properties <<EOF
          storePassword=$CM_KEYSTORE_PASSWORD
          keyPassword=$CM_KEY_PASSWORD
          keyAlias=$CM_KEY_ALIAS
          storeFile=$CM_BUILD_DIR/release.keystore
          EOF
      - name: Build Android App Bundle
        script: |
          flutter build appbundle \
            --release \
            --build-number=275
    artifacts:
      - build/app/outputs/bundle/release/*.aab
      - build/app/outputs/mapping/release/mapping.txt
      - flutter_drive.log
    publishing:
      email:
        recipients:
          - redgridtactical@gmail.com
        notify:
          success: true
          failure: true

  # ===========================================================================
  # iOS Release — Build IPA and publish to TestFlight
  # ===========================================================================
  ios-release:
    name: iOS Release
    max_build_duration: 60
    instance_type: mac_mini_m2
    integrations:
      app_store_connect: Red Grid Link ASC  # Name of the ASC integration in Codemagic UI
    triggering:
      events: []
      cancel_previous_builds: true
    environment:
      <<: *flutter_env
      groups:
        - ios_signing    # CERTIFICATE_PRIVATE_KEY (RSA 2048 PEM)
    scripts:
      - *pub_get
      - *code_gen
      - name: Install CocoaPods
        script: |
          cd ios
          pod install
      - name: Set up iOS code signing
        script: |
          # CERTIFICATE_PRIVATE_KEY is stored as a Codemagic env var
          # (ios_signing group) so the same key is reused across builds.
          # This ensures fetch-signing-files finds the matching cert
          # instead of trying to create a new one each time.
          keychain initialize
          app-store-connect fetch-signing-files "com.redgrid.redGridLink" \
            --type IOS_APP_STORE \
            --create
          keychain add-certificates
          xcode-project use-profiles
      - name: Build IPA
        script: |
          flutter build ipa \
            --release \
            --build-number=275 \
            --export-options-plist=/Users/builder/export_options.plist
    artifacts:
      - build/ios/ipa/*.ipa
      - /tmp/xcodebuild_logs/*.log
      - flutter_drive.log
    publishing:
      app_store_connect:
        auth: integration
        submit_to_testflight: true
        beta_groups:
          - Internal Testers
        submit_to_app_store: false

  # ===========================================================================
  # Test — Run analysis and tests on pull requests
  # ===========================================================================
  test:
    name: Test & Analyze
    max_build_duration: 15
    instance_type: mac_mini_m2
    triggering:
      events:
        - pull_request
      branch_patterns:
        - pattern: master
          include: true
      cancel_previous_builds: true
    environment:
      <<: *flutter_env
    scripts:
      - *pub_get
      - *code_gen
      - name: Run Flutter analyze
        script: flutter analyze --no-fatal-infos
      - *run_tests