Upgrade to Pro — share decks privately, control downloads, hide ads and more …

iOSアプリ開発でGitHub Actionsのself-hosted runnerを使う

yorifuji
June 20, 2023
Programming
1
660

iOSアプリ開発でGitHub Actionsのself-hosted runnerを使う

potatotips #82

yorifuji

June 20, 2023
Tweet

Other Decks in Programming

See All in Programming
ノーコードE2Eテストで実現する高速開発
nozomiito
0
230
たのしいドメイン駆動設計: 序 / Enjoy domain driven design : ZYO
jpt_corp_official
9
4.3k
Domain-Driven Design (Tutorial)
hschwentner
13
18k
ZOZOTOWNアプリでのフルCompos実装取り組み事例
umsys
0
210
Jakarta EE 10 - Simplicity for Modern and Lightweight Cloud
ivargrimstad
0
690
Next.js × AWS App Runner × AWS AppSyncで進めるクライアントファーストのWEB開発
okaharuna
6
3.1k
Context Window のお話
schroneko
1
160
EbitengineでGUIツール作ってみた
aethiopicuschan
0
380
Jetpack Compose の Side-effect を使いこなす / DroidKaigi 2023
star_zero
2
840
Node-RED in Industrial IoT
kazuhitoyokoi
0
560
Help Collisions, Isolate the Worlds
tagomoris
0
100
Construindo APIs resilientes: práticas de versionamento e documentação
monicaribeiro
0
130

Featured

See All Featured
Facilitating Awesome Meetings
lara
37
5.1k
Fontdeck: Realign not Redesign
paulrobertlloyd
74
4.6k
[RailsConf 2023] Rails as a piece of cake
palkan
15
2.8k
GraphQLとの向き合い方2022年版
quramy
25
11k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
0
2.4k
Thoughts on Productivity
jonyablonski
55
3.1k
A better future with KSS
kneath
230
16k
How STYLIGHT went responsive
nonsquared
89
4.4k
Building Better People: How to give real-time feedback that sticks.
wjessup
349
18k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
Fireside Chat
paigeccino
18
2.2k
Fantastic passwords and where to find them - at NoRuKo
philnash
34
2.2k

Transcript

  1. iOSΞϓϦ։ൃͰGitHub Actionsͷ
    self-hosted runnerΛ࢖͏
    YORIFUJI MITSUNORI


    potatotips #82

    View Slide

  2. ࣗݾ঺հ
    • ໊લ


    • YORIFUJI MITSUNORI


    • Twitter/GitHub/Zenn @yorifuji


    • ܦྺ


    • SIerͰγεςϜΤϯδχΞ -> ࡢ೥4݄͔ΒFOLIOͰiOSΤϯδχΞʢ2೥໨ʣ


    • Swift, FlutterΞϓϦ։ൃ


    • ࠷ۙڵຯͷ͋Δ͜ͱ


    • CI/CD

    View Slide

  3. About GitHub Actions
    • GitHubʹ౷߹͞ΕͨCIػೳɺGitHubΛར༻͍ͯ͠Ε͹௚͙ʹར༻Ͱ͖Δ


    • ଞࣾ੡ͷCI/CDαʔϏεͷαΠϯΞοϓ΍GitHub࿈ܞͳͲ͕ෆཁ


    • GitHub্Ͱൃੜ͢ΔΠϕϯτΛτϦΨʔʹϫʔΫϑϩʔʢδϣϒʣΛ࣮ߦͰ͖Δ


    • ϑΝΠϧͷมߋʢίʔυͷϓογϡʣɺϒϥϯνɺTagɺͳͲͷGitͷΠϕϯτ


    • Issueͷ࡞੒ɺPRͷApproveɺϦϙδτϦΛforkͨ͠ɺͳͲͷGitHubͷΠϕϯτ

    View Slide

  4. Work
    fl
    ow
    name: sample workflow
    run-name: Hello GitHub Actions
    on: [push]
    jobs:
    job1:
    runs-on: macos-latest
    steps:
    - run: uname -a
    - run: echo Hello, job1
    job2:
    runs-on: ubuntu-latest
    steps:
    - run: uname -a
    - run: echo Hello, job2
    δϣϒͷ಺༰Λهड़ͨ͠YAMLϑΝΠϧ
    ΛϦϙδτϦͷ .github/work
    fl
    ows
    ϑΥϧμʹ௥Ճ͢Δ

    View Slide

  5. GitHub-hosted runner
    • GitHub͕ఏڙ͢ΔϫʔΫϑϩʔͷ࣮ߦ؀ڥʢVMʣ


    • Windows, Linux, macOS


    • ϫʔΫϑϩʔͰLabelΛ࢖ͬͯࢦఆ͢Δ


    • ͦͷ౎౓ΫϦʔϯͳ؀ڥׂ͕Γ౰ͯΒΕΔ


    • Xcode΍Android SDKͳͲͷ୅දతͳ։ൃπʔϧ͕ΠϯετʔϧࡁΈ
    runs-on: macos-latest

    View Slide

  6. GitHub-hosted runnerͷߏ੒
    • https://github.com/actions/runner-images Ͱެ։͞Ε͍ͯΔ

    View Slide

  7. https://github.com/actions/runner-images/blob/main/images/macos/macos-13-Readme.md


    (2023.6.18࣌఺)

    View Slide

  8. Example
    .github/work
    fl
    ows/sample.yml

    View Slide

  9. Example
    .github/work
    fl
    ows/sample.yml

    View Slide

  10. ྉۚ
    • ύϒϦοΫϦϙδτϦͰͷར༻͸ແྉʂ


    • ϓϥΠϕʔτϦϙδτϦ


    • GitHub-hosted runnerͷར༻࣌ؒͱετϨʔδʹରͯ͠՝ۚ


    • ແྉ࿮͋Γ

    View Slide

  11. GitHub Actions(GitHub-hosted runnerʣͷᙱ͍ͱ͜Ζ
    • macOSΠϯελϯεͷεϖοΫ


    • 3-Core Intel mac


    • Xcodeͷߋ৽ʹλΠϜϥά͕͋Δ


    • Xcode14.3.1͕࠷৽ɺXcode15.0(beta)͸·ͩ࢖͑ͳ͍ʢ6.18࣌఺ʣ


    • PR͕Approve͞Ε͍ͯΔͷͰ΋͏௚͙࢖͑ͦ͏ʢʁʣ


    • https://github.com/actions/runner-images/pull/7707


    • ഑෍༻ূ໌ॻɺProvisioning Pro
    fi
    leͳͲͷѻ͍ʹҰख͔͔ؒΔ


    • GitHub ActionsʹϑΝΠϧΞοϓϩʔμʔ͸ఏڙ͞Ε͍ͯͳ͍


    • ϓϥΠϕʔτϦϙδτϦͰͷ՝ۚ

    View Slide

  12. About self-hosted runner
    • self-hosted runner=ॴ༗͍ͯ͠ΔϚγϯͰϫʔΫϑϩʔ࣮ߦ͢ΔγεςϜɾϗετ


    • ϩʔΧϧϚγϯͰϫʔΫϑϩʔΛ࣮ߦ͢ΔͨΊͷrunnerʢagentʣ͕ఏڙ͞Ε͍ͯΔ


    • ಛ௃


    • ೚ҙͷϚγϯΛϫʔΫϑϩʔͷ࣮ߦʹར༻Ͱ͖Δ


    • ։ൃπʔϧ΋ඞཁʹԠͯࣗ͡༝ʹΠϯετʔϧͰ͖Δ


    • ϓϥΠϕʔτϦϙδτϦͰͷϫʔΫϑϩʔͷ࣮ߦ࣌ؒʹର͢Δྉ͕ۚൃੜ͠ͳ͍


    • ੍໿


    • Ϛγϯͷ؅ཧɾӡ༻ίετʢOSͷΞοϓσʔτ΍ιϑτ΢ΣΞͳͲʣ͸ࣗ෼΋ͪ


    • VMͷػೳ͸ఏڙ͞Ε͍ͯͳ͍ͷͰΰϛ͕࢒ͬͨΓ͢Δ


    • GitHub-hosted runnerͱself-hosted runnerͷ࢓༷ࠩҟ΁ͷରԠ


    -

    View Slide

  13. Setup self-hostd runner
    name: self hosted sample workflow
    run-name: Hello self-hosted runner
    on: [push]
    jobs:
    job1:
    runs-on: self-hosted
    steps:
    - run: uname -a
    - run: echo Hello, job1
    • CIαʔόʔ༻ͷϚγϯΛ༻ҙ͢Δ


    • iOS։ൃͳΒmacOS୺຤͕ඞཁ


    • ։ൃπʔϧΛΠϯετʔϧ


    • XcodeͳͲ


    • self-hosted runnerΛΠϯετʔϧ


    • ϫʔΫϑϩʔͰself-hosted runnerΛࢦఆ

    View Slide

  14. CIαʔόͷϚγϯΛ༻ҙ͢Δ🤔

    View Slide

  15. 💸

    View Slide

  16. GitHub-hostedͱself-hostedͷϫʔΫϑϩʔڞ௨Խ
    • GitHub-hostedͱself-hostedͷϫʔΫϑϩʔͷେ෦෼͸ڞ௨


    • VariablesΛ࢖࣮ͬͯߦ؀ڥΛ੾Γସ͑Δ


    • ϦϙδτϦʹରͯ͠ϫʔΫϑϩʔ͔ΒࢀরͰ͖Δม਺ΛઃఆͰ͖Δ


    • ύϒϦοΫϦϙδτϦͳΒGitHub-hostedΛɺϓϥΠϕʔτ͸self-hostedΛ࢖͏

    View Slide

  17. Xcodeόʔδϣϯͷ੾Γସ͑
    • Xcodeͷόʔδϣϯͷ੾Γସ͑͸ϫʔΫϑϩʔͰ env: Λఆٛͯ͠DEVELOPER_DIR؀ڥม
    ਺Λઃఆ͢Δ


    • export DEVELOPER_DIR=/Applications/Xcode... ͱಉ͡ޮՌΛൃش


    • VariablesʹόʔδϣϯΛఆٛ͢Δͱ੾Γସ͕͑؆୯

    View Slide

  18. iOSϏϧυͷূ໌ॻ؅ཧ
    • ipaͷϏϧυ͸഑෍༻ূ໌ॻʢApple DistributionʣͱProvisioning Pro
    fi
    le͕ඞཁ


    • ূ໌ॻ؅ཧύλʔϯ


    • ϗετϚγϯʹ௚઀ΠϯετʔϧʢKeychainʹొ࿥ʣ


    • self-hosted runnerͰͷར༻&ಛఆͷTeamͷॺ໊ͷΈͰ͋Ε͹બ୒Մೳͳํ๏


    • GitHub Actions͕ఏڙ͢ΔSecretsʢKey-Value storeʣΛ࢖ͬͯϦϙδτϦʹొ࿥


    • ϑΝΠϧΛbase64Ͱencodeͯ͠ొ࿥ -> ࣮ߦ࣌ʹdecodeͯ͠ϑΝΠϧʹॻ͖ग़͢


    • Cloud signingʢApp Store Connect APIʣ

    View Slide

  19. Cloud signing(App Store Connect API)
    • Xcode13 Ҏ߱Ͱར༻ՄೳͳɺAppleͷαʔόʔ্Ͱipaʹॺ໊͢Δػೳ


    • https://developer.apple.com/videos/play/wwdc2021/10204/


    • XcodeͰ͸AppleIDΛར༻ɺCI؀ڥʢxcodebuildʣͰ͸App Store Connect APIͷೝূ৘ใ͕ඞཁ


    • ϝϦοτ


    • ഑৴ূ໌ॻʢApple Distributionʣ΍Provisioning Pro
    fi
    leͷ࡞੒ɾ഑ஔ͕ෆཁ


    • App Store Connect APIͷೝূ৘ใ͸ແظݶͷͨΊߋ৽ͷඞཁ͕ͳ͍


    • σϝϦοτ


    • App Store Connect APIͷೝূ৘ใΛAdminݖݶͰ෷͍ग़͢ඞཁ͕͋Δ

    View Slide

  20. Cloud signingͷར༻खॱ
    • ϓϩδΣΫτϑΝΠϧͷAutomatically manage signing͕༗ޮͰ͋Δ͜ͱ

    View Slide

  21. Cloud signingͷར༻खॱ
    • App Store ConnectͰAPIΩʔΛ෷͍ग़͢


    • Issue ID


    • Key ID


    • .p8ϑΝΠϧ

    View Slide

  22. ExportOptions.plist




    ...
    method
    app-store
    signingStyle
    automatic
    destination
    export
    teamID
    {͝ར༻ͷTeamID}
    ...


    9DPEF͔Β"SDIJWFΛ࣮ߦͨ͠ޙʹ0SHBOJ[FSͷ%JTUSJCVUF"QQͰ&YQPSUͯ͠ੜ੒

    View Slide

  23. xcodebuild with Cloud signing
    xcodebuild archive CODE_SIGNING_ALLOWED=NO ...
    xcodebuild -exportArchive ... \
    -exportOptionsPlist ./ExportOptions.plist \
    -allowProvisioningUpdates \
    -authenticationKeyIssuerID $ISSUER_ID \
    -authenticationKeyID $KEY_ID \
    -authenticationKeyPath `pwd`/private_keys/AuthKey_$KEY_ID.p8
    • xcodebuild archiveʹCODE_SIGNING_ALLOWED=NOΛ෇༩͢Δ͜ͱͰarchiveͰͷॺ໊ΛແޮԽ͢Δ


    • xcodebuild -exportArchiveʹCloud signingʹඞཁͳύϥϝʔλΛࢦఆ͢Δ

    View Slide

  24. xcodebuild with Cloud signing(for Flutter iOS)
    flutter build ios --no-codesign
    xcodebuild archive CODE_SIGNING_ALLOWED=NO ...
    xcodebuild -exportArchive ... \
    -exportOptionsPlist ./ExportOptions.plist \
    -allowProvisioningUpdates \
    -authenticationKeyIssuerID $APPLE_API_ISSUER_ID \
    -authenticationKeyID $APPLE_API_KEY_ID \
    -authenticationKeyPath `pwd`/private_keys/AuthKey_$APPLE_API_KEY_ID.p8

    fl
    utter build ios --no-codesign Ҏ֎͸ڞ௨



    fl
    utter build ipa ʹ͸ରԠ͍ͯ͠ͳ͍໛༷

    View Slide

  25. self-hosted runnerͰͷCacheͷར༻
    • ϫʔΫϑϩʔߴ଎ԽʢCIΛૣ͘ऴΘΒͤΔʣͷͨΊʹதؒੜ੒෺΍
    ύοέʔδϚωʔδϟͷґଘؔ܎͸Cacheͷར༻͕ਪ঑͞Ε͍ͯΔ


    • CocoaPods, Pub.devͳͲͷϩʔΧϧΩϟογϡͯ͠ॲཧΛεΩοϓ


    • ඪ४ͷΩϟογϡػೳʢCache actionʣΛ࢖͏ͱGitHub͕ఏڙ͢Δ
    ΩϟογϡαʔόΛ֤ϦϙδτϦ࠷େ10GB·Ͱར༻Ͱ͖Δ

    View Slide

  26. self-hosted runnerͰCache͕஗͍
    • GitHub-hosted runner


    • Cacheͷupload/download͕଎͍ʢover 1Gbpsʣ


    • 1GBఔ౓ͷΩϟογϡͰ͋Ε͹10ඵ΄ͲͰల։Ͱ͖Δ


    • self-hosted runner


    • ΊͪΌͪ͘Ό஗͍ʢ20Mbpsఔ౓ʣ


    • CacheΛ࢖Θͳ͍࣌ΑΓ΋஗͘ͳΔ😰

    View Slide

  27. self-hosted runnerͰΩϟογϡ͕஗͍ͷ͸ͳ͔ͥ
    • GitHub ActionsͷΠϯϑϥͷ࣮ଶ͸Azure PipelinesʢͱݴΘΕ͍ͯΔʣ


    • GitHub-hosted runnerͷϩέʔγϣϯ


    • ʮmacOS ΠϝʔδΛ࣮ߦ͢ΔΤʔδΣϯτ͸ɺ3 ίΞͷ CPUɺ14 GB ͷ RAMɺ14 GB ͷ SSD σΟ
    εΫྖҬΛඋ͑ͨ Mac Pro ʹϓϩϏδϣχϯά͞Ε·͢ɻ ͜ΕΒͷΤʔδΣϯτ͸ɺAzure
    DevOps ૊৫ͷ৔ॴʹؔ܎ͳ͘ɺৗʹถࠃͰ࣮ߦ͞Ε·͢ɻʯʢAzure PipelineΑΓʣ


    • GitHubͷΩϟογϡαʔόʢΞϝϦΧʣͱࣗ୐ʢ೔ຊʣͷself-hostedϚγϯؒͷ௨৴͕஗͍ͨΊʢͨͿ
    Μʣ


    • GitHub-hosted runnerͰͷΩϟογϡ͕ര଎ͳͷ͸ར༻͍ͯ͠ΔΩϟογϡαʔόʢAzure Blob
    Storageʣ͕෺ཧతʹ͍ۙϩέʔγϣϯʹ͋Δ͔Β

    View Slide

  28. ηΩϡϦςΟ
    • ηΩϡϦςΟେࣄ


    • https://docs.github.com/ja/actions/security-guides/security-hardening-for-
    github-actions


    • self-hosted runner͸ύϒϦοΫϦϙδτϦͰ͸࢖Θͳ͍


    • https://docs.github.com/ja/actions/hosting-your-own-runners/managing-self-
    hosted-runners/about-self-hosted-runners#self-hosted-runner-security


    • ٕज़هࣄͳͲ΋ࢀߟʹͳΓ·͢


    • https://engineering.mercari.com/blog/entry/20230609-github-actions-guideline/

    View Slide

  29. GitHub-hosted runner vs self-hosted runner
    • ΄ͱΜͲͷϢʔεέʔεͰ͸GitHub-hosted runner͕ద͍ͯ͠Δ


    • ඞཁͳ࣌ʹ͙͢ʹ࢖͑ͯೖ໳͔Β࣮ӡ༻·ͰΧόʔ


    • ϗετ؀ڥͷӡ༻ɾ؅ཧίετ͕͔͔Βͳ͍


    • ύϒϦοΫϦϙδτϦ͸ແྉ


    • Self-hosted runnerͷ࢖͍ॴ


    • GitHub hostedͰ͸ఏڙ͞Εͳ͍؀ڥΛ࢖͍͍ͨ

    View Slide

  30. ͋Γ͕ͱ͏͍͟͝·ͨ͠

    View Slide