Automated CocoaPod releases with GitHub Actions
In this article we are going to quickly cover a trivial GitHub Actions setup I use for my open source Metal library Alloy to automatically publish new versions into CocoaPods trunk register.
First, we will need to grab a registration token from CocoaPods. You can get it by using the pod trunk register
command.
pod trunk register your@email.com -- description "GitHub Actions Token"
You will receive an e-mail with a confirmation link to confirm you are the owner of that e-mail. Once you’ve confirmed the token you can obtain it from private files using the following command:
grep -A2 'trunk.cocoapods.org' ~/.netrc
You will see something like this:
machine trunk.cocoapods.org
login <your@email.com>
password <TOKEN>
Copy the token you’ve got and then go to Settings of your repo:
Next, open Secrets in the side menu:
Press “Add a new secret” and create a new secret named COCOAPODS_TRUNK_TOKEN with the value of token you’ve just copied.
Setting up a GitHub Action
Okay, once you’ve done with the CocoaPods you are ready to proceed onto writing your first GitHub Action. Go to Actions of your repo and press “Set up a workflow yourself”:
And then replace the script with the following:
name: CIon:
push:
branches:
- master
jobs:
build: runs-on: macOS-latest
steps:
- uses: actions/checkout@v1
- name: Publish to CocoaPod register
env:
COCOAPODS_TRUNK_TOKEN: ${{ secrets.COCOAPODS_TRUNK_TOKEN }}
run: |
pod trunk push <YOURLIBRARY>.podspec
What this means is pretty clear:
- Our script will run on every push into master branch of a repo
- We will have only one build job which will run on latest macOS (you can specify macOS-10.14 for example
- At first we will checkout our repo using another built-in action called actions/checkout@v1
- We are declaring a COCOAPODS_TRUNK_TOKEN that is initialized with a secret value that we specified earlier so that nobody can access publishing even though your library and actions may be open-sourced
- Finally, we call our command to push library into CocoaPods register
I use this 3 steps process to publish my libs:
- Create a tag in the branch you are going to merge
- Bump a version number inside a podspec to match the latest tag you’ve created
- Merge branch into master and action will be triggered
Final words
We’ve just created a minimal example on how to automatically publish your libraries safely and securely. Of course you shouldn’t stop there: you can add automatic unit-test launches or more complex release pipelines into that.
If you have any questions please hit me up on Twitter.