Skip to content

mg #64

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
tws521yy wants to merge 8 commits into from
Closed

mg #64

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
d0ba720
Update build_loopcaregiver.yml
tws521yy Sep 18, 2025
0ccee21
Update build_loopcaregiver.yml
tws521yy Sep 18, 2025
fb4adb1
Update create_certs.yml
tws521yy Sep 18, 2025
dee8272
Update build_loopcaregiver.yml
tws521yy Sep 19, 2025
1aad30d
Update build_loopcaregiver.yml
tws521yy Sep 19, 2025
d7490d1
Update build_loopcaregiver.yml
tws521yy Sep 19, 2025
3b9d98f
Update build_loopcaregiver.yml
tws521yy Sep 19, 2025
7f83234
Merge branch 'dev' of https://github.com/LoopKit/LoopCaregiver into dev
actions-user Sep 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 57 additions & 1 deletion .github/workflows/build_loopcaregiver.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ on:
workflow_dispatch:

## Remove the "#" sign from the beginning of the line below to get automated builds on push (code changes in your repository)
#push:
#push:f

# Automated builds now include automatic certificate update - the nuke certs part of that process could
# affect other OS apps if run simultaneously.
Expand Down Expand Up @@ -277,6 +277,16 @@ jobs:
- name: Sync clock
run: sudo sntp -sS time.windows.com

# 自动设置构建号并确认 Info.plist 的值
- name: Set and confirm build number
run: |
INFO_PLIST="LoopCaregiver/LoopCaregiver/Info.plist"
/usr/libexec/PlistBuddy -c "Set :CFBundleVersion $GITHUB_RUN_NUMBER" "$INFO_PLIST"
echo "=== Build number set to $GITHUB_RUN_NUMBER ==="
echo "=== Info.plist values ==="
/usr/libexec/PlistBuddy -c "Print :CFBundleShortVersionString" "$INFO_PLIST"
/usr/libexec/PlistBuddy -c "Print :CFBundleVersion" "$INFO_PLIST"

# Build signed LoopCaregiver IPA file
- name: Fastlane Build & Archive
run: bundle exec fastlane caregiver_build
Expand All @@ -287,6 +297,52 @@ jobs:
FASTLANE_ISSUER_ID: ${{ secrets.FASTLANE_ISSUER_ID }}
FASTLANE_KEY: ${{ secrets.FASTLANE_KEY }}
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}

# Inspect IPA before uploading (修正版)
- name: Inspect code signing & compatibility
run: |
set -e
# 幂等解包
rm -rf ipa_tmp prof.plist
unzip -o -q artifacts/*.ipa -d ipa_tmp
APP=$(ls -d ipa_tmp/Payload/*.app | head -1)
INFO="$APP/Info.plist"
BIN="$APP/$(/usr/libexec/PlistBuddy -c 'Print :CFBundleExecutable' "$INFO")"

echo "=== BUNDLE INFO ==="
/usr/libexec/PlistBuddy -c 'Print :CFBundleIdentifier' "$INFO" || true
/usr/libexec/PlistBuddy -c 'Print :CFBundleShortVersionString' "$INFO" || true
/usr/libexec/PlistBuddy -c 'Print :CFBundleVersion' "$INFO" || true
/usr/libexec/PlistBuddy -c 'Print :MinimumOSVersion' "$INFO" 2>/dev/null || echo "MinimumOSVersion: N/A"

echo "=== PROFILE (embedded.mobileprovision) BASIC ==="
security cms -D -i "$APP/embedded.mobileprovision" > prof.plist
/usr/libexec/PlistBuddy -c 'Print :Name' prof.plist || true
/usr/libexec/PlistBuddy -c 'Print :UUID' prof.plist || true
/usr/libexec/PlistBuddy -c 'Print :TeamIdentifier:0' prof.plist || true
/usr/libexec/PlistBuddy -c 'Print :ExpirationDate' prof.plist || true
/usr/libexec/PlistBuddy -c 'Print :Entitlements:application-identifier' prof.plist || true
/usr/libexec/PlistBuddy -c 'Print :Entitlements:beta-reports-active' prof.plist || true

echo "=== PROFILE ENTITLEMENTS (FULL) ==="
/usr/libexec/PlistBuddy -c 'Print :Entitlements' prof.plist || true
echo "=== PROFILE App Groups ==="
/usr/libexec/PlistBuddy -c 'Print :Entitlements:com.apple.security.application-groups' prof.plist 2>/dev/null || echo "No App Groups in profile"

echo "=== APP ENTITLEMENTS (FULL, actually signed) ==="
/usr/bin/codesign -d --entitlements :- "$APP" 2>/dev/null | plutil -p - || true

echo "=== App Groups - APP vs PROFILE ==="
echo "APP:"
/usr/bin/codesign -d --entitlements :- "$APP" 2>/dev/null | plutil -p - | grep -A5 "com.apple.security.application-groups" || echo "No App Groups in app"
echo "PROFILE:"
/usr/libexec/PlistBuddy -c 'Print :Entitlements:com.apple.security.application-groups' prof.plist 2>/dev/null || echo "No App Groups in profile"

echo "=== DEVICE COMPAT ==="
/usr/libexec/PlistBuddy -c 'Print :UIDeviceFamily' "$INFO" 2>/dev/null || echo "UIDeviceFamily: N/A"
/usr/libexec/PlistBuddy -c 'Print :CFBundleSupportedPlatforms' "$INFO" 2>/dev/null || echo "CFBundleSupportedPlatforms: N/A"
echo "=== ARCH ==="
lipo -info "$BIN" || true

# Upload to TestFlight
- name: Fastlane upload to TestFlight
Expand Down
5 changes: 5 additions & 0 deletions .github/workflows/create_certs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,11 @@ jobs:
- name: Check Distribution certificate and launch Nuke certificates if needed
run: bundle exec fastlane check_and_renew_certificates
id: check_certs

- name: Debug Nuke Vars
run: |
echo "ENABLE_NUKE_CERTS=${{ vars.ENABLE_NUKE_CERTS }}"
echo "FORCE_NUKE_CERTS=${{ vars.FORCE_NUKE_CERTS }}"

- name: Set output and annotations based on Fastlane result
id: set_output
Expand Down