.github/workflows/build-ios-prod.yml - 6177214e-ce7c-49e3-99de-ff9721b26f63

name: "iOS Prod"

on:
  push:
    branches: [ "main" ]

jobs:
  build:
    runs-on: macos-26
    steps:
      - name: Use Node
        uses: actions/setup-node@v6
        with:
          node-version: 24
      - name: Clone repository
        uses: actions/checkout@v5
        with:
          fetch-depth: 0 # we need the git history for the build number
      - name: Set up Flutter
        uses: subosito/flutter-action@v2
        with:
          channel: stable
          flutter-version: 3.35.4

      - name: xcode version
        run: |
          sudo xcode-select -s /Applications/Xcode_26.2.app
          /usr/bin/xcodebuild -version

      - name: Install the Apple certificate and provisioning profile
        shell: sh
        env:
          CERTIFICATE_P12: ${{ secrets.DISTRIBUTION_CERTIFICATE }}
          P12_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }}
          PROVISIONING_PROFILE: ${{ secrets.PROV_PROFILE_PROD }}
        run: |
          sh .github/workflows/scripts/ios_install_signing_files.sh $CERTIFICATE_P12 $P12_PASSWORD $PROVISIONING_PROFILE

      - name: Download dotenv
        env:
          DOTENV_FILE: ${{ secrets.DOTENV_PROD }}
          FILE_NAME: .prod.env
        run: >-
          sh .github/workflows/scripts/all_download_dotenv.sh
          $DOTENV_FILE
          $FILE_NAME

      - name: Update build number
        run: |
          sh .github/workflows/scripts/ios_update_version_number.sh

      - name: Enabled SPM
        run: flutter config --enable-swift-package-manager

      - name: Flutterfire
        run: |
          sh .github/workflows/scripts/all_install_flutterfire.sh

      - name: pigeon
        run: |
          sh .github/workflows/scripts/all_run_pigeon.sh

      - name: Update Pods
        run: |
          gem install cocoapods

      - name: flutter build ipa
        env:
          FLAVOR: prod
        run: |
          sh .github/workflows/scripts/ios_build_ipa.sh $FLAVOR 

      - name: Archive
        env:
          SCHEME: Prod
        run: sh .github/workflows/scripts/ios_archive.sh $SCHEME

      - name: export
        env:
          EXPORT_OPTIONS_PATH: comwell_key_app/ios/ExportOptions.plist
        run: sh .github/workflows/scripts/ios_export.sh $EXPORT_OPTIONS_PATH

      - name: Validate & upload
        env:
          API_KEY: ${{ secrets.APP_STORE_API_KEY }}
          ISSUER_ID: ${{ secrets.APP_STORE_ISSUER_ID }}
          APP_STORE_KEY_ID: ${{ secrets.APP_STORE_KEY_ID }}
          IPA_PATH: "comwell_key_app/output/Comwell Phoenix.ipa"
        run: |
          mkdir ~/.private_keys
          API_KEY_FILE_NAME=AuthKey_$APP_STORE_KEY_ID.p8
          API_KEY_PATH=~/.private_keys/$API_KEY_FILE_NAME
          echo "$API_KEY" | base64 --decode -o "$API_KEY_PATH"
          
          xcrun altool --validate-app -f "$IPA_PATH" -t ios --apiKey "$APP_STORE_KEY_ID" --apiIssuer "$ISSUER_ID"
          xcrun altool --upload-app -f "$IPA_PATH" -t ios --apiKey "$APP_STORE_KEY_ID" --apiIssuer "$ISSUER_ID"