setup

Author: thymikee

.github/actions/find-artifact/action.yml

@@ -0,0 +1,32 @@
+# Note: this action will be published separate on the GitHub.
+# It's here only temporary for the development purposes.
+
+name: 'Find Artifact'
+description: 'Find the latest artifact'
+inputs:
+  name:
+    description: 'Artifact name'
+    required: false
+  re-sign:
+    description: Re-sign the app bundle with new JS bundle
+    required: false
+  github-token:
+    description: A GitHub Personal Access Token with write access to the project
+    required: false
+    default: ${{ github.token }}
+  repository:
+    description:
+      'The repository owner and the repository name joined together by "/".
+      If github-token is specified, this is the repository that artifacts will be downloaded from.'
+    required: false
+    default: ${{ github.repository }}
+outputs:
+  artifact-id:
+    description: 'The ID of the artifact'
+  artifact-url:
+    description: 'The URL of the artifact'
+  artifact-ids:
+    description: 'All IDs of the artifacts matching the name'
+runs:
+  using: 'node20'
+  main: 'index.js'

.github/actions/find-artifact/index.js

@@ -0,0 +1,112 @@
+const core = require('@actions/core');
+const github = require('@actions/github');
+
+const perPage = 100; // Maximum allowed by GitHub API
+
+async function fetchArtifacts(octokit, repository, name) {
+  const result = [];
+  let page = 1;
+
+  while (true) {
+    const response = await octokit.rest.actions.listArtifactsForRepo({
+      owner: repository.split('/')[0],
+      repo: repository.split('/')[1],
+      name,
+      per_page: perPage,
+      page,
+    });
+
+    const artifacts = response.data.artifacts;
+    result.push(...artifacts);
+
+    if (artifacts.length < perPage) {
+      break;
+    }
+
+    page++;
+  }
+
+  result.sort((a, b) => new Date(b.expires_at) - new Date(a.expires_at));
+  return result;
+}
+
+function getPrNumber() {
+  if (github.context.eventName === 'pull_request') {
+    return github.context.payload.pull_request.number;
+  }
+  return undefined;
+}
+
+async function run() {
+  try {
+    const token = core.getInput('github-token');
+    const repository = core.getInput('repository');
+    const name = core.getInput('name');
+    const reSign = core.getInput('re-sign');
+    const prNumber = getPrNumber();
+
+    const octokit = github.getOctokit(token);
+    const artifactsByName = await fetchArtifacts(octokit, repository, name);
+    const artifactsByPrNumber =
+      prNumber && reSign
+        ? await fetchArtifacts(octokit, repository, `${name}-${prNumber}`)
+        : [];
+    const artifacts = [...artifactsByPrNumber, ...artifactsByName];
+
+    if (artifacts.length === 0) {
+      return;
+    }
+
+    console.log(`Found ${artifacts.length} related artifacts:`);
+    for (const artifact of artifacts) {
+      console.log(
+        `- ID: ${artifact.id}, Name: ${artifact.name}, Size: ${formatSize(
+          artifact.size_in_bytes,
+        )}, Expires at: ${artifact.expires_at}`,
+      );
+    }
+
+    const firstArtifact = artifacts.find(artifact => !artifact.expired);
+    console.log(`First artifact: ${JSON.stringify(firstArtifact, null, 2)}`);
+
+    const url = formatDownloadUrl(
+      repository,
+      firstArtifact.workflow_run.id,
+      firstArtifact.id,
+    );
+    console.log('Stable download URL:', url);
+
+    let artifactName = name;
+    // There are artifacts from PR but the base artifact is gone, recreate with the original name
+    if (artifactsByName.length === 0) {
+      artifactName = name;
+      // First time an artifact is re-signed, it's not yet in artifact storage, setting the name explicitly.
+    } else if (prNumber && reSign) {
+      artifactName = `${name}-${prNumber}`;
+    }
+    core.setOutput('artifact-name', artifactName);
+    core.setOutput('artifact-id', firstArtifact.id);
+    core.setOutput('artifact-url', url);
+    core.setOutput(
+      'artifact-ids',
+      artifactsByPrNumber.map(artifact => artifact.id).join(' '),
+    );
+  } catch (error) {
+    core.setFailed(`Action failed with error: ${error.message}`);
+  }
+}
+
+// The artifact URL returned by the GitHub API expires in 1 minute, we need to generate a permanent one.
+function formatDownloadUrl(repository, workflowRunId, artifactId) {
+  return `https://github.com/${repository}/actions/runs/${workflowRunId}/artifacts/${artifactId}`;
+}
+
+function formatSize(size) {
+  if (size > 0.75 * 1024 * 1024) {
+    return `${(size / 1024 / 1024).toFixed(2)} MB`;
+  }
+
+  return `${(size / 1024).toFixed(2)} KB`;
+}
+
+run();

.github/actions/rnef-native-fingerprint/action.yml

@@ -0,0 +1,19 @@
+# Note: this action will be published separate on the GitHub.
+# It's here only temporary for the development purposes.
+
+name: 'Fingerprint'
+description: 'Fingerprint the current native-related files'
+inputs:
+  platform:
+    description: 'The platform to fingerprint: android or ios'
+    required: true
+  working-directory:
+    description: 'The working directory to fingerprint, where the rnef.config.mjs is located'
+    required: true
+    default: '.'
+outputs:
+  hash:
+    description: 'The fingerprint hash'
+runs:
+  using: 'node20'
+  main: 'index.mjs'

.github/actions/rnef-native-fingerprint/index.mjs

@@ -0,0 +1,31 @@
+import path from 'node:path';
+import core from '@actions/core';
+import {getConfig} from '@rnef/config';
+import {nativeFingerprint} from '@rnef/tools';
+
+const ALLOWED_PLATFORMS = ['android', 'ios'];
+
+async function run() {
+  const platform = core.getInput('platform');
+  const workingDirectory = core.getInput('working-directory');
+  if (!ALLOWED_PLATFORMS.includes(platform)) {
+    throw new Error(`Invalid platform: ${platform}`);
+  }
+  const dir = path.isAbsolute(workingDirectory)
+    ? workingDirectory
+    : path.join(process.cwd(), workingDirectory);
+  const config = await getConfig(dir);
+  const fingerprintOptions = config.getFingerprintOptions();
+
+  const fingerprint = await nativeFingerprint(dir, {
+    platform,
+    ...fingerprintOptions,
+  });
+
+  console.log('Hash:', fingerprint.hash);
+  console.log('Sources:', fingerprint.sources);
+
+  core.setOutput('hash', fingerprint.hash);
+}
+
+await run();

.github/actions/rnef-post-build/action.yml

@@ -0,0 +1,20 @@
+# Note: this action will be published separate on the GitHub.
+# It's here only temporary for the development purposes.
+
+name: 'Post Build'
+description: 'Post Build info'
+
+inputs:
+  artifact-url:
+    description: 'The URL of the artifact to post'
+    required: true
+  title:
+    description: 'The title of the GitHub comment'
+    required: true
+  github-token:
+    description: A GitHub Personal Access Token with write access to the project
+    required: false
+    default: ${{ github.token }}
+runs:
+  using: 'node20'
+  main: 'index.js'

.github/actions/rnef-post-build/index.js

@@ -0,0 +1,43 @@
+const core = require('@actions/core');
+const github = require('@actions/github');
+
+async function run() {
+  const token = core.getInput('github-token');
+  const titleInput = core.getInput('title');
+  const artifactUrl = core.getInput('artifact-url');
+
+  const title = `## ${titleInput}`;
+  const body = `🔗 [Download link](${artifactUrl}).\n\n
+Note: if the download link expires, please re-run the workflow to generate a new build.\n\n
+*Generated at ${new Date().toISOString()} UTC*\n`;
+
+  const octokit = github.getOctokit(token);
+  const {data: comments} = await octokit.rest.issues.listComments({
+    ...github.context.repo,
+    issue_number: github.context.issue.number,
+  });
+
+  const botComment = comments.find(
+    comment =>
+      comment.user.login === 'github-actions[bot]' &&
+      comment.body.includes(title),
+  );
+
+  if (botComment) {
+    await octokit.rest.issues.updateComment({
+      ...github.context.repo,
+      comment_id: botComment.id,
+      body: `${title}\n\n${body}`,
+    });
+    console.log('Updated comment');
+  } else {
+    await octokit.rest.issues.createComment({
+      ...github.context.repo,
+      issue_number: github.context.issue.number,
+      body: `${title}\n\n${body}`,
+    });
+    console.log('Created comment');
+  }
+}
+
+run();

.github/workflows/example.yml

@@ -0,0 +1,40 @@
+name: iOS Build Example
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build-simulator:
+    runs-on: macos-latest
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Build iOS for Simulator
+        uses: ./
+        with:
+          destination: 'simulator'
+          scheme: 'YourScheme'
+          configuration: 'Debug'
+          working-directory: './packages/mobile' # Adjust this path based on your project structure
+
+  build-device:
+    runs-on: macos-latest
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Build iOS for Device
+        uses: ./
+        with:
+          destination: 'device'
+          scheme: 'YourScheme'
+          configuration: 'Release'
+          certificate-base64: ${{ secrets.CERTIFICATE_BASE64 }}
+          certificate-password: ${{ secrets.CERTIFICATE_PASSWORD }}
+          provisioning-profile-base64: ${{ secrets.PROVISIONING_PROFILE_BASE64 }}
+          provisioning-profile-name: 'YourProfileName'
+          keychain-password: ${{ secrets.KEYCHAIN_PASSWORD }}
+          working-directory: './packages/mobile' # Adjust this path based on your project structure
+          re-sign: true # Enable re-signing for PR builds 

.gitignore

@@ -0,0 +1 @@
+node_modules

README.md

@@ -0,0 +1,80 @@
+# RNEF iOS GitHub Action
+
+This GitHub Action enables remote building of iOS applications using RNEF (React Native Enterprise Framework). It supports both simulator and device builds, with automatic artifact caching and code signing capabilities.
+
+## Features
+
+- Build iOS apps for simulator or device
+- Automatic artifact caching to speed up builds
+- Code signing support for device builds
+- Re-signing capability for PR builds
+- Native fingerprint-based caching
+- Configurable build parameters
+
+## Usage
+
+```yaml
+name: iOS Build
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: ['**']
+
+jobs:
+  build:
+    runs-on: macos-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Build iOS
+        uses: callstackincubator/ios@v1
+        with:
+          destination: 'simulator' # or 'device'
+          scheme: 'YourScheme'
+          configuration: 'Debug'
+          # For device builds, add these:
+          # certificate-base64: ${{ secrets.CERTIFICATE_BASE64 }}
+          # certificate-password: ${{ secrets.CERTIFICATE_PASSWORD }}
+          # provisioning-profile-base64: ${{ secrets.PROVISIONING_PROFILE_BASE64 }}
+          # provisioning-profile-name: 'YourProfileName'
+          # keychain-password: ${{ secrets.KEYCHAIN_PASSWORD }}
+```
+
+## Inputs
+
+| Input                         | Description                                | Required | Default               |
+| ----------------------------- | ------------------------------------------ | -------- | --------------------- |
+| `github-token`                | GitHub Token                               | No       | `${{ github.token }}` |
+| `working-directory`           | Working directory for the build command    | No       | `.`                   |
+| `destination`                 | Build destination: "simulator" or "device" | Yes      | `simulator`           |
+| `scheme`                      | Xcode scheme                               | Yes      | -                     |
+| `configuration`               | Xcode configuration                        | Yes      | -                     |
+| `re-sign`                     | Re-sign the app bundle with new JS bundle  | No       | `false`               |
+| `certificate-base64`          | Base64 encoded P12 file for device builds  | No       | -                     |
+| `certificate-password`        | Password for the P12 file                  | No       | -                     |
+| `provisioning-profile-base64` | Base64 encoded provisioning profile        | No       | -                     |
+| `provisioning-profile-name`   | Name of the provisioning profile           | No       | -                     |
+| `keychain-password`           | Password for temporary keychain            | No       | -                     |
+| `rnef-build-extra-params`     | Extra parameters for rnef build:ios        | No       | -                     |
+| `comment-bot`                 | Whether to comment PR with build link      | No       | `true`                |
+
+## Outputs
+
+| Output         | Description               |
+| -------------- | ------------------------- |
+| `artifact-url` | URL of the build artifact |
+| `artifact-id`  | ID of the build artifact  |
+
+## Prerequisites
+
+- macOS runner
+- RNEF CLI installed in your project
+- For device builds:
+  - Valid Apple Developer certificate
+  - Valid provisioning profile
+  - Proper code signing setup
+
+## License
+
+MIT