feat(ios): automate App Store release build, signing, and upload#1165
Merged
Conversation
Fixes the release pipeline so it produces an App-Store-valid artifact once the Apple account secrets are configured: - Device build: release now builds --ios_multi_cpus=arm64 when signing is available; the previous pipeline shipped an arm64 *simulator* app (bazel-out/ios_sim_arm64-...), which App Store Connect rejects. - Code signing scaffolding: the workflow imports the distribution cert (IOS_DISTRIBUTION_CERT_P12/_PASSWORD) into a throwaway keychain and decodes IOS_PROVISIONING_PROFILE next to the BUILD file, where a new :provisioning_profile filegroup picks it up behind --define=ios_release_signing=true. Without secrets it falls back to the unsigned simulator build with a warning, so releases stay green pre-setup. *.mobileprovision is gitignored. - Use the signed IPA that rules_apple emits instead of hand-zipping the .app into a Payload (which broke the code signature). - Upload via fastlane pilot (preinstalled on GitHub macOS runners) using an App Store Connect API key JSON assembled from the existing secrets; altool --upload-app is deprecated. - Refresh docs/RELEASE.md: Bazel 9 is supported now (no more USE_BAZEL_VERSION=8.2.1), document the real reason for the manual tags, the signing wiring, and the TestFlight flow. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01Jw99o89a2UYe9NKLE9zGUx
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
1d4-web | b1c6cef | Commit Preview URL Branch Preview URL |
Jul 04 2026, 07:29 PM |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Follow-up to #1164. Makes the wordchains-ios release pipeline produce an App-Store-valid artifact the moment the Apple account secrets are configured — until then everything degrades gracefully with warnings.
bazel-out/ios_sim_arm64-...) zipped as an "IPA", which App Store Connect would reject. With signing available, the build now uses--ios_multi_cpus=arm64.IOS_DISTRIBUTION_CERT_P12/IOS_DISTRIBUTION_CERT_PASSWORD/IOS_PROVISIONING_PROFILEare set, the workflow imports the cert into a throwaway keychain (cleaned up in analways()step) and decodes the profile towordchains_ios/WordChains.mobileprovision, where a new:provisioning_profilefilegroup feedsios_applicationbehind--define=ios_release_signing=true.*.mobileprovisionis gitignored. Without the secrets, the workflow falls back to the previous unsigned simulator build so releases stay green pre-setup.WordChains.ipathat rules_apple emits, replacing the hand-zippedPayload/(which broke the code signature).xcrun altool --upload-app(deprecated) →fastlane pilot upload(preinstalled on GitHub macOS runners), with the App Store Connect API key JSON assembled from the existing three secrets. Uploads land in TestFlight; review submission stays manual for now.docs/RELEASE.mdrefreshed — Bazel 9 supported (noUSE_BAZEL_VERSION=8.2.1), the real reason for themanualtags, the signing wiring, and the TestFlight flow.What still needs a human
Apple Developer enrollment, the App Store Connect app record + metadata + icon, and generating the certificates/API key (RELEASE.md TODOs 1–5). Once those secrets exist, the pipeline is end-to-end automatic through TestFlight.
Testing
CI exercises the simulator path (test-ios builds/tests the same targets). The signed device path can't be exercised until the secrets exist — flagged in RELEASE.md as a first-release check, including possible explicit
entitlementsif profile-derived entitlements aren't enough.🤖 Generated with Claude Code
https://claude.ai/code/session_01Jw99o89a2UYe9NKLE9zGUx
Generated by Claude Code