name: "Build and Publish iOS"
on: workflow_dispatch
    
jobs:
  build:
    runs-on: macos-latest
    steps:
      # Checks-out our repository under $GITHUB_WORKSPACE, so our job can access it
      - name: Checkout repository
        uses: actions/checkout@v2

      # Install the Apple certificate and provisioning profile 
      - name: Install the Apple certificate and provisioning profile
        env:
          BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
          P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
          BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
          KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
        run: |
          # create variables
          CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
          PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
          KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
          # import certificate and provisioning profile from secrets
          echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
          echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode --output $PP_PATH
          # create temporary keychain
          security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
          security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
          security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
          # import certificate to keychain
          security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
          security list-keychain -d user -s $KEYCHAIN_PATH
          # apply provisioning profile
          mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
          cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
      # Install flutter
      - name: Flutter get
        uses: subosito/flutter-action@v1
        with:
          flutter-version: '3.10.2'

      # Install your project's dependencies
      - name: Install dependencies
        run: bash fix-pub.sh

      # Build and sign the ipa using a single flutter command
      - name: Building IPA
        working-directory: refilc
        run: bash build-ipa.sh
          
      # Collect the file and upload as artifact         
      - name: collect ipa artifacts
        uses: actions/upload-artifact@v2
        with:
         name: release-ipa
         # Path to the release files
         path: refilc/build/ios/ipa/*.ipa

      # Important! Cleanup: remove the certificate and provisioning profile from the runner!
      - name: Clean up keychain and provisioning profile
        if: ${{ always() }}
        run: |
          security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
          rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision