Merge pull request #7 from Main-lib/codegen-bot/cleanup-source-folder #17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Sign and Distribute IPA | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: # Allows manual triggering | |
| jobs: | |
| sign-ipa: | |
| runs-on: macos-latest | |
| steps: | |
| # Step 1: Checkout the repository | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| # Step 2: Debug directory structure | |
| - name: List Directory Structure | |
| run: | | |
| echo "Current working directory: $(pwd)" | |
| echo "Listing all files in repository:" | |
| find . -type f -ls | |
| echo "Checking for Priv folder:" | |
| find . -type d -name "Priv" || echo "Priv folder not found" | |
| # Step 3: Install dependencies and download zsign | |
| - name: Install Dependencies and Download zsign | |
| run: | | |
| brew install curl unzip libplist | |
| curl -L -o zsign-v0.7-macos-x64.zip https://github.com/zhlynn/zsign/releases/download/v0.7/zsign-v0.7-macos-x64.zip --fail --show-error | |
| if [ ! -f zsign-v0.7-macos-x64.zip ]; then | |
| echo "Error: zsign download failed" | |
| exit 1 | |
| fi | |
| echo "ZIP download completed" | |
| unzip zsign-v0.7-macos-x64.zip -d zsign-bin | |
| if [ ! -f zsign-bin/zsign ]; then | |
| echo "Error: zsign binary not found after unzip" | |
| exit 1 | |
| fi | |
| echo "ZIP extraction completed" | |
| file zsign-bin/zsign | |
| xattr -d com.apple.quarantine zsign-bin/zsign || true | |
| chmod +x zsign-bin/zsign | |
| echo "Permissions set for zsign" | |
| sudo mv zsign-bin/zsign /usr/local/bin/zsign | |
| if [ ! -f /usr/local/bin/zsign ]; then | |
| echo "Error: Failed to move zsign to /usr/local/bin" | |
| exit 1 | |
| fi | |
| echo "zsign moved to /usr/local/bin" | |
| ZSIGN_OUTPUT=$(/usr/local/bin/zsign -h 2>&1 || true) | |
| ZSIGN_EXIT_CODE=$? | |
| echo "zsign -h exit code: $ZSIGN_EXIT_CODE" | |
| echo "zsign -h output: $ZSIGN_OUTPUT" | |
| if ! echo "$ZSIGN_OUTPUT" | grep -q "zsign (v0.7)"; then | |
| echo "Error: zsign is not valid or incorrect version" | |
| exit 1 | |
| fi | |
| echo "zsign installed successfully" | |
| # Step 4: Download and repair IPA file | |
| - name: Download and Repair IPA File | |
| run: | | |
| curl -L -o DokkanSparking_Release_5.25.3.ipa https://filebin.net/mwoj4adth3toumo1/DokkanSparking_Release_5.25.3.ipa --fail --show-error | |
| if [ ! -f DokkanSparking_Release_5.25.3.ipa ]; then | |
| echo "Error: IPA download failed" | |
| exit 1 | |
| fi | |
| ls -lh DokkanSparking_Release_5.25.3.ipa | |
| unzip -q DokkanSparking_Release_5.25.3.ipa -d temp_ipa | |
| echo "Inspecting CydiaSubstrate dylibs:" | |
| find temp_ipa -type f -path "*CydiaSubstrate.framework/Libraries/*.dylib" -exec file {} \; || echo "No CydiaSubstrate dylibs found" | |
| rm -rf temp_ipa/Payload/BNGI0221.app/Frameworks/CydiaSubstrate.framework | |
| echo "Removed CydiaSubstrate.framework" | |
| cd temp_ipa | |
| zip -qr ../repaired_ipa.ipa . | |
| cd .. | |
| mv repaired_ipa.ipa DokkanSparking_Release_5.25.3.ipa | |
| ls -lh DokkanSparking_Release_5.25.3.ipa | |
| # Step 5: Find certificate and provisioning profile | |
| - name: Locate Certificate and Provisioning Profile | |
| id: find-files | |
| run: | | |
| P12_FILE=$(find . -type f -name "*.p12" -path "*/Priv/*" | head -n 1) | |
| MOBILEPROVISION_FILE=$(find . -type f -name "*.mobileprovision" -path "*/Priv/*" | head -n 1) | |
| if [ -z "$P12_FILE" ] || [ -z "$MOBILEPROVISION_FILE" ]; then | |
| echo "Error: Could not find .p12 or .mobileprovision file in Priv folder" | |
| find . -type f -name "*.p12" -o -name "*.mobileprovision" | |
| exit 1 | |
| fi | |
| echo "p12_file=$P12_FILE" >> $GITHUB_OUTPUT | |
| echo "mobileprovision_file=$MOBILEPROVISION_FILE" >> $GITHUB_OUTPUT | |
| echo "Found .p12: $P12_FILE" | |
| echo "Found .mobileprovision: $MOBILEPROVISION_FILE" | |
| # Step 6: Sign the IPA with zsign | |
| - name: Sign IPA with zsign | |
| run: | | |
| /usr/local/bin/zsign -d -k "${{ steps.find-files.outputs.p12_file }}" \ | |
| -p "1234" \ | |
| -m "${{ steps.find-files.outputs.mobileprovision_file }}" \ | |
| -o signed_DokkanSparking_Release_5.25.3.ipa \ | |
| DokkanSparking_Release_5.25.3.ipa | |
| if [ ! -f signed_DokkanSparking_Release_5.25.3.ipa ]; then | |
| echo "Error: Signing failed, signed IPA not found" | |
| ls -lh .zsign_debug || echo "No debug folder found" | |
| exit 1 | |
| fi | |
| echo "Signed IPA created: signed_DokkanSparking_Release_5.25.3.ipa" | |
| ls -lh signed_DokkanSparking_Release_5.25.3.ipa | |
| # Step 7: Create manifest for OTA installation | |
| - name: Create Manifest for OTA Installation | |
| run: | | |
| # Decode mobileprovision | |
| security cms -D -i "${{ steps.find-files.outputs.mobileprovision_file }}" > decoded_provision.plist | |
| if [ ! -f decoded_provision.plist ]; then | |
| echo "Error: Failed to decode mobileprovision" | |
| exit 1 | |
| fi | |
| echo "Decoded mobileprovision contents:" | |
| cat decoded_provision.plist | |
| # Extract bundle ID | |
| /usr/libexec/PlistBuddy -c "Print :Entitlements:application-identifier" decoded_provision.plist > temp_bundle_id.txt || { | |
| echo "Warning: Failed to extract bundle ID, using fallback" | |
| echo "GLB.Dkkn.Sparking.dev" > temp_bundle_id.txt | |
| } | |
| BUNDLE_ID=$(cat temp_bundle_id.txt | cut -d'.' -f2-) | |
| if [ -z "$BUNDLE_ID" ]; then | |
| echo "Error: Could not extract or set bundle ID" | |
| exit 1 | |
| fi | |
| echo "Bundle ID: $BUNDLE_ID" | |
| # Create manifest.plist | |
| cat << EOF > manifest.plist | |
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>items</key> | |
| <array> | |
| <dict> | |
| <key>assets</key> | |
| <array> | |
| <dict> | |
| <key>kind</key> | |
| <string>software-package</string> | |
| <key>url</key> | |
| <string>https://github.com/${{ github.repository }}/releases/latest/download/signed_DokkanSparking_Release_5.25.3.ipa</string> | |
| </dict> | |
| </array> | |
| <key>metadata</key> | |
| <dict> | |
| <key>bundle-identifier</key> | |
| <string>$BUNDLE_ID</string> | |
| <key>bundle-version</key> | |
| <string>5.25.3</string> | |
| <key>kind</key> | |
| <string>software</string> | |
| <key>title</key> | |
| <string>DokkanSparking</string> | |
| </dict> | |
| </dict> | |
| </array> | |
| </dict> | |
| </plist> | |
| EOF | |
| cat manifest.plist | |
| # Step 8: Upload signed IPA and manifest to GitHub Releases | |
| - name: Upload to GitHub Releases | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: | | |
| signed_DokkanSparking_Release_5.25.3.ipa | |
| manifest.plist | |
| tag_name: v${{ github.run_id }} | |
| name: Signed IPA Release | |
| draft: false | |
| prerelease: false | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Step 9: Generate and output OTA installation link | |
| - name: Output OTA Installation Link | |
| run: | | |
| INSTALL_LINK="itms-services://?action=download-manifest&url=https://github.com/${{ github.repository }}/releases/download/v${{ github.run_id }}/manifest.plist" | |
| echo "OTA Installation Link: $INSTALL_LINK" | |
| echo "Copy and open this link on your iOS device to install the app." | |
| echo "install_link=$INSTALL_LINK" >> $GITHUB_OUTPUT |