mobile-wallet/.github/workflows/multi-platform-build-and-publish.yml

# GitHub Actions Workflow for Kotlin Multi-Platform Application Deployment
#
# OVERVIEW:
# This workflow supports building and publishing applications across multiple platforms:
# - Android (APK/AAB)
# - iOS (IPA)
# - Desktop (EXE, MSI, DMG, DEB)
# - Web (GitHub Pages)
#
# PREREQUISITES:
# Ensure your project is configured with:
#  - Gradle build system
#  - Kotlin Multiplatform Project with Android, iOS, Desktop, and Web modules
#  - Fastlane for deployment automation
#  - Separate modules/package names for each platform
#
# REQUIRED SECRETS:
# Configure the following secrets in GitHub repository settings:
# - ORIGINAL_KEYSTORE_FILE: Base64 encoded Android release keystore
# - ORIGINAL_KEYSTORE_FILE_PASSWORD: Keystore password
# - ORIGINAL_KEYSTORE_ALIAS: Keystore alias
# - ORIGINAL_KEYSTORE_ALIAS_PASSWORD: Keystore alias password

# - UPLOAD_KEYSTORE_FILE: Base64 encoded Android release keystore
# - UPLOAD_KEYSTORE_FILE_PASSWORD: Keystore password
# - UPLOAD_KEYSTORE_ALIAS: Keystore alias
# - UPLOAD_KEYSTORE_ALIAS_PASSWORD: Keystore alias password

# - GOOGLESERVICES: Google Services configuration JSON
# - PLAYSTORECREDS: Play Store service account credentials
# - FIREBASECREDS: Firebase distribution credentials

# - NOTARIZATION_APPLE_ID: Apple ID for macOS app notarization
# - NOTARIZATION_PASSWORD: Notarization password
# - NOTARIZATION_TEAM_ID: Apple developer team ID

# WORKFLOW INPUTS:
# - release_type: 'internal' (default) or 'beta'
# - target_branch: Branch to use for release (default: 'dev')
# - android_package_name: Name of Android module
# - ios_package_name: Name of iOS module
# - desktop_package_name: Name of desktop module
# - web_package_name: Name of web module
# - publish_android: Enable/disable Android Play Store publishing
# - build_ios: Enable/disable iOS build
# - publish_ios: Enable/disable iOS App Store publishing

# USAGE:
# 1. Ensure all required secrets are configured
# 2. Customize package names in workflow inputs
# 3. Toggle platform-specific publishing flags
# 4. Trigger workflow manually or via GitHub Actions UI

# https://github.com/openMF/mifos-x-actionhub/blob/main/.github/workflows/multi-platform-build-and-publish.yaml

# ##############################################################################
#                 DON'T EDIT THIS FILE UNLESS NECESSARY                        #
# ##############################################################################
name: Multi-Platform Build and Publish

on:
  workflow_dispatch:
    inputs:
      release_type:
        type: choice
        options:
          - internal
          - beta
        default: internal
        description: Release Type

      target_branch:
        type: string
        default: 'development'
        description: 'Target branch for release'

      distribute_ios_firebase:
        type: boolean
        default: false
        description: Distribute iOS App via Firebase App Distribution

      distribute_ios_testflight:
        type: boolean
        default: false
        description: Distribute iOS App via TestFlight (App Store Connect)

      distribute_ios_appstore:
        type: boolean
        default: false
        description: Distribute iOS App to Appstore

      distribute_macos_testflight:
        type: boolean
        default: false
        description: Distribute macOS App via TestFlight (App Store Connect)

      distribute_macos_appstore:
        type: boolean
        default: false
        description: Distribute macOS App to Appstore

permissions:
  contents: write
  id-token: write
  pages: write

concurrency:
  group: "reusable"
  cancel-in-progress: false

jobs:
  multi_platform_build_and_publish:
    name: Multi-Platform Build and Publish
    uses: openMF/mifos-x-actionhub/.github/workflows/multi-platform-build-and-publish.yaml@v1.0.7
    with:
      java-version: 21
      release_type: ${{ inputs.release_type }}
      target_branch: ${{ inputs.target_branch }}
      android_package_name: 'cmp-android'
      ios_package_name: 'cmp-ios'
      desktop_package_name: 'cmp-desktop'
      web_package_name: 'cmp-web'
      tester_groups: 'mifos-mobile-apps'
      app_identifier: 'org.mifospay'
      git_url: 'git@github.com:openMF/ios-provisioning-profile.git'
      git_branch: 'mifospay'
      match_type: 'adhoc'
      provisioning_profile_name: 'match AdHoc org.mifospay'
      firebase_app_id: '1:728434912738:ios:86a7badfaed88b841a1dbb'
      metadata_path: './fastlane/metadata/ios'
      use_cocoapods: true         # <-- Set to true if using CocoaPods integration for KMP
      shared_module: ':cmp-shared' # <-- Gradle path to your shared KMP module (e.g., :shared)
      cmp_desktop_dir: 'cmp-desktop'
      keychain_name: signing.keychain-db # optional
      distribute_ios_firebase: ${{ inputs.distribute_ios_firebase }}
      distribute_ios_testflight: ${{ inputs.distribute_ios_testflight }}
      distribute_ios_appstore: ${{ inputs.distribute_ios_appstore }}
      distribute_macos_testflight: ${{ inputs.distribute_macos_testflight }}
      distribute_macos_appstore: ${{ inputs.distribute_macos_appstore }}
    secrets:
      original_keystore_file: ${{ secrets.ORIGINAL_KEYSTORE_FILE }}
      original_keystore_file_password: ${{ secrets.ORIGINAL_KEYSTORE_FILE_PASSWORD }}
      original_keystore_alias: ${{ secrets.ORIGINAL_KEYSTORE_ALIAS }}
      original_keystore_alias_password: ${{ secrets.ORIGINAL_KEYSTORE_ALIAS_PASSWORD }}

      upload_keystore_file: ${{ secrets.UPLOAD_KEYSTORE_FILE }}
      upload_keystore_file_password: ${{ secrets.UPLOAD_KEYSTORE_FILE_PASSWORD }}
      upload_keystore_alias: ${{ secrets.UPLOAD_KEYSTORE_ALIAS }}
      upload_keystore_alias_password: ${{ secrets.UPLOAD_KEYSTORE_ALIAS_PASSWORD }}

      notarization_apple_id: ${{ secrets.NOTARIZATION_APPLE_ID }}
      notarization_password: ${{ secrets.NOTARIZATION_PASSWORD }}
      notarization_team_id: ${{ secrets.NOTARIZATION_TEAM_ID }}
      keychain_password: ${{ secrets.KEYCHAIN_PASSWORD }}
      certificates_password: ${{ secrets.CERTIFICATES_PASSWORD }}
      mac_app_distribution_certificate_b64: ${{ secrets.MAC_APP_DISTRIBUTION_CERTIFICATE_B64 }}
      mac_installer_distribution_certificate_b64: ${{ secrets.MAC_INSTALLER_DISTRIBUTION_CERTIFICATE_B64 }}
      mac_embedded_provision_b64: ${{ secrets.MAC_EMBEDDED_PROVISION_B64 }}
      mac_runtime_provision_b64: ${{ secrets.MAC_RUNTIME_PROVISION_B64 }}
      appstore_key_id: ${{ secrets.APPSTORE_KEY_ID }}
      appstore_issuer_id: ${{ secrets.APPSTORE_ISSUER_ID }}
      appstore_auth_key: ${{ secrets.APPSTORE_AUTH_KEY }}
      match_password: ${{ secrets.MATCH_PASSWORD }}
      match_ssh_private_key: ${{ secrets.MATCH_SSH_PRIVATE_KEY }}

      windows_signing_key: ${{ secrets.WINDOWS_SIGNING_KEY }}
      windows_signing_password: ${{ secrets.WINDOWS_SIGNING_PASSWORD }}
      windows_signing_certificate: ${{ secrets.WINDOWS_SIGNING_CERTIFICATE }}

      macos_signing_key: ${{ secrets.MACOS_SIGNING_KEY }}
      macos_signing_password: ${{ secrets.MACOS_SIGNING_PASSWORD }}
      macos_signing_certificate: ${{ secrets.MACOS_SIGNING_CERTIFICATE }}

      linux_signing_key: ${{ secrets.LINUX_SIGNING_KEY }}
      linux_signing_password: ${{ secrets.LINUX_SIGNING_PASSWORD }}
      linux_signing_certificate: ${{ secrets.LINUX_SIGNING_CERTIFICATE }}

      google_services: ${{ secrets.GOOGLESERVICES }}
      firebase_creds: ${{ secrets.FIREBASECREDS }}
      playstore_creds: ${{ secrets.PLAYSTORECREDS }}
      token: ${{ secrets.GITHUB_TOKEN }}