From 79eca148561f4a9a27f9ddbc255f4e7d4801b1ee Mon Sep 17 00:00:00 2001 From: Siddarth Kumar Date: Sun, 10 May 2026 17:04:44 +0530 Subject: [PATCH] ci: use fast runners from bladerunner --- .github/workflows/ci.yml | 2 +- .github/workflows/release-ios.yml | 2 +- fastlane/Fastfile | 58 +++++++++++++++++++++++++------ 3 files changed, 49 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ce8a59a..76104b4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -58,7 +58,7 @@ jobs: ios: name: ios build if: github.event_name == 'push' - runs-on: [self-hosted, macOS] + runs-on: bladerunner-macos needs: lint-and-typecheck timeout-minutes: 60 steps: diff --git a/.github/workflows/release-ios.yml b/.github/workflows/release-ios.yml index 5291e04..79a0aad 100644 --- a/.github/workflows/release-ios.yml +++ b/.github/workflows/release-ios.yml @@ -21,7 +21,7 @@ jobs: pr-build: name: pr build + appdrop upload if: github.event_name == 'pull_request' - runs-on: [self-hosted, macOS] + runs-on: bladerunner-macos timeout-minutes: 60 permissions: contents: read diff --git a/fastlane/Fastfile b/fastlane/Fastfile index e2f5317..739a8ea 100644 --- a/fastlane/Fastfile +++ b/fastlane/Fastfile @@ -81,29 +81,65 @@ platform :ios do ) end + def keychain_name + "syncup_ci_#{ENV['GITHUB_RUN_ID'] || ENV['BUILD_NUMBER'] || 'local'}.keychain" + end + + def keychain_password + ENV["MATCH_PASSWORD"] + end + + private_lane :setup_ci_keychain do + if is_ci + create_keychain( + name: keychain_name, + password: keychain_password, + default_keychain: true, + unlock: true, + timeout: 3600, + lock_when_sleeps: false, + ) + + kc_path = File.expand_path("~/Library/Keychains/#{keychain_name}-db") + login_kc = File.expand_path("~/Library/Keychains/login.keychain-db") + sh("security", "list-keychains", "-d", "user", "-s", kc_path, login_kc) + end + end + + error do + delete_keychain(name: keychain_name) rescue nil if is_ci + end + desc "Sync the AdHoc cert + profile for the .pr bundle ID into the keychain." lane :match_pr do - # On CI: create an ephemeral unlocked keychain so codesign (run from the - # [CP] Embed Pods Frameworks build phase, in a non-interactive session) - # can find the identity match just installed. - setup_ci if ENV["CI"] - match( + setup_ci_keychain + params = { type: "adhoc", app_identifier: PR_BID, api_key: asc_api_key, - readonly: !ENV["CI"].nil?, - ) + readonly: is_ci, + } + if is_ci + params[:keychain_name] = keychain_name + params[:keychain_password] = keychain_password + end + match(params) end desc "Sync the AppStore cert + profile for the prod bundle ID into the keychain." lane :match_release do - setup_ci if ENV["CI"] - match( + setup_ci_keychain + params = { type: "appstore", app_identifier: RELEASE_BID, api_key: asc_api_key, - readonly: !ENV["CI"].nil?, - ) + readonly: is_ci, + } + if is_ci + params[:keychain_name] = keychain_name + params[:keychain_password] = keychain_password + end + match(params) end desc "Upload an already-built syncup.ipa to TestFlight."