Skip to content

Overview

Configure your CI/CD pipeline to automatically build your app after each commit. We support GitHub Actions, Bitbucket Pipelines, and Azure DevOps — with step-by-step guides for each.

Generating variables

[ .NET MAUI ]

iOS

To generate the values for the secrets required in the iOS workflow, you will need to access your Apple Developer account:

  • Go to https://developer.apple.com/account
  • Under Certificates, Identifiers & Profiles, you can:
  • Export a valid distribution certificate as a .p12 file
  • Download the appropriate provisioning profile (.mobileprovision file) Once you have these files, follow the instructions below to convert and store them in GitHub Secrets. This section outlines how to generate the necessary values for repository secrets and variables, organized by platform.

IOS_PROVISIONING_PROFILE_BASE64

Required: A valid provisioning profile (.mobileprovision file)

base64 -i provision.mobileprovision > provision_base64.txt

cat provision_base64.txt

Copy the complete output and paste it into the IOS_PROVISIONING_PROFILE_BASE64 repository secret or variable.

IOS_P12_CERTIFICATE_BASE64

Required: A valid .p12 distribution certificate

base64 -i FileCertificate.p12 -o certificate_base64.txt

cat certificate_base64.txt

Copy the entire output and paste it into the IOS_P12_CERTIFICATE_BASE64 repository secret or variable.

IOS_APPLE_P12_PASSWORD

Required: Password used when exporting the .p12 certificate from Keychain Access. Store this password in the secret or repository variable called IOS_APPLE_P12_PASSWORD

Android

  1. Generate the Keystore File from Android Studio
  2. Open Android Studio and go to: Build > Generate Signed Bundle / APK
  3. Select APK and click Next.
  4. On the “Key store path” screen, click “Create new...”.
  5. Fill in the form with the following:
    • Key store path: Choose where to save the file (e.g., testapp.keystore)
    • Password: ANDROID_KEYSTORE_PASSWORD
    • Alias: Internal key name (e.g., my-key-alias)
    • Key password: ANDROID_KEYSTORE_PASSWORD_ALIAS
    • Validity (years): Usually 25 or more
    • Other fields: Fill in your personal or company info (used as metadata)
  6. Click OK to generate the .keystore file. Then follow the GPG encryption instructions (as explained in the Android documentation) to convert it to .asc and create these secrets:
    • ANDROID_KEYSTORE_FILE
    • ANDROID_KEYSTORE_PASSWORD
    • ANDROID_KEYSTORE_PASSWORD_ALIAS
    • ANDROID_KEYSTORE_PASSWORD_GPG

Note

You must have GPG (GnuPG) installed on your system. If the gpg command is not recognized, install it from gpg page.

Creating keystore file from the console

  • To generate a keystore file, you need to have the keytool utility installed.
  • This tool is typically included with the Android Studio Command Line Tools or the Java Development Kit (JDK).
  • Change my-release-key to the name you want and also the alias_name (keep both very safe since they are your encrypted keys)
  • keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000

[ Android ]

  1. Generate the Keystore File from Android Studio
  2. Open Android Studio and go to: Build > Generate Signed Bundle / APK
  3. Select APK and click Next.
  4. On the “Key store path” screen, click “Create new...”.
  5. Fill in the form with the following:
    • Key store path: Choose where to save the file (e.g., testapp.keystore, your path will be the variable SIGNING_KEY_STORE_PATH)
    • Password: SIGNING_KEY_PASSWORD
    • Alias: Internal key name (e.g., my-key-alias, (this is the variable SIGNING_KEY_ALIAS))
    • Key password: SIGNING_STORE_PASSWORD
    • Validity (years): Usually 25 or more
    • Other fields: Fill in your personal or company info (used as metadata)

  6. Click OK to generate the .keystore file. Then follow the GPG encryption instructions (as explained in the Android documentation) to convert it to .asc and create these secrets:

    • SIGNING_KEY_STORE_PATH
    • SIGNING_KEY_ALIAS
    • SIGNING_KEY_PASSWORD
    • SIGNING_STORE_PASSWORD
    • SIGNING_KEY_STORE_BASE64

You can get this variable SIGNING_KEY_STORE_BASE64with the following command
cat <your-keystore-file-name>.keystore | base64

Note

You must have GPG (GnuPG) installed on your system. If the gpg command is not recognized, install it from gpg page.

[ iOS ]

To generate the values for the secrets required in the iOS workflow, you will need to access your Apple Developer account:

  • Go to https://developer.apple.com/account
  • Under Certificates, Identifiers & Profiles, you can:
  • Export a valid distribution certificate as a .p12 file
  • Download the appropriate provisioning profile (.mobileprovision file) Once you have these files, follow the instructions below to convert and store them in GitHub Secrets. This section outlines how to generate the necessary values for repository secrets and variables, organized by platform.

IOS_PROVISIONING_PROFILE_BASE64

Required: A valid provisioning profile (.mobileprovision file)

base64 -i provision.mobileprovision > provision_base64.txt

cat provision_base64.txt

Copy the complete output and paste it into the IOS_PROVISIONING_PROFILE_BASE64 repository secret or variable.

IOS_P12_CERTIFICATE_BASE64

Required: A valid .p12 distribution certificate

base64 -i FileCertificate.p12 -o certificate_base64.txt

cat certificate_base64.txt

Copy the entire output and paste it into the IOS_P12_CERTIFICATE_BASE64 repository secret or variable.

IOS_APPLE_P12_PASSWORD

Required: Password used when exporting the .p12 certificate from Keychain Access. Store this password in the secret or repository variable called IOS_APPLE_P12_PASSWORD

To know your ADHOC and your APPLE TEAM ID you need to have installed the certificates previously created in these same steps. With this command you can know both.

security find-identity -v -p codesigning

You will see something similar to this:

567A0796AF884F91C618C9623C5B16DE513E0322 "iPhone Distribution: john doe (KZ39PZ7BBB)"

IOS_ADHOC_PROFILE

This will be your ADHOC PROFILE

iPhone Distribution: john doe (KZ39PZ7BBB)

IOS_APPLE_TEAM_ID

This will be your APPLE TEAM ID

KZ39PZ7BBB

Ready!

Now that you have your credentials you can continue with the configuration of the different workflows

[ Flutter ]

iOS

To generate the values for the secrets required in the iOS workflow, you will need to access your Apple Developer account:

  • Go to https://developer.apple.com/account
  • Under Certificates, Identifiers & Profiles, you can:
  • Export a valid distribution certificate as a .p12 file
  • Download the appropriate provisioning profile (.mobileprovision file) Once you have these files, follow the instructions below to convert and store them in GitHub Secrets. This section outlines how to generate the necessary values for repository secrets and variables, organized by platform.

IOS_PROVISIONING_PROFILE_BASE64

Required: A valid provisioning profile (.mobileprovision file)

base64 -i provision.mobileprovision > provision_base64.txt

cat provision_base64.txt

Copy the complete output and paste it into the IOS_PROVISIONING_PROFILE_BASE64 repository secret.

IOS_P12_CERTIFICATE_BASE64

Required: A valid .p12 distribution certificate

base64 -i FileCertificate.p12 -o certificate_base64.txt

cat certificate_base64.txt

Copy the entire output and paste it into the IOS_P12_CERTIFICATE_BASE64 repository secret.

IOS_APPLE_P12_PASSWORD

Required: Password used when exporting the .p12 certificate from Keychain Access. Store this password in the secret or repository variable called IOS_APPLE_P12_PASSWORD

IOS_ADHOC_PROFILE

Required: Is used in the .plist file created in CICD workflows

IOS_APPLE_TEAM_ID

Required: You can find it using security find-identity -v -p codesigning (Install the certificate if you don't see it)

IOS_KEYCHAIN_PASSWORD

Required: Password used when using for keychain (usually the same password for the .p12 file).

Android

  1. Generate the Keystore File from Android Studio
  2. Open Android Studio and go to: Build > Generate Signed Bundle / APK
  3. Select APK and click Next.
  4. On the “Key store path” screen, click “Create new...”.
  5. Fill in the form with the following:
    • Key store path: Choose where to save the file (e.g., testapp.keystore)
    • Password: KEYSTORE_PASSWORD
    • Alias: Internal key name (e.g., my-key-alias)
    • Key password: KEY_ALIAS
    • Validity (years): Usually 25 or more
    • Other fields: Fill in your personal or company info (used as metadata)
  6. Click OK to generate the .keystore file. Then follow the GPG encryption instructions (as explained in the Android documentation) to convert it to .asc and create these secrets:
    • KEYSTORE_BASE64
    • KEYSTORE_PASSWORD
    • KEY_ALIAS
    • KEY_PASSWORD

Note

You must have GPG (GnuPG) installed on your system. If the gpg command is not recognized, install it from gpg page.

Creating keystore file from the console

  • To generate a keystore file, you need to have the keytool utility installed.
  • This tool is typically included with the Android Studio Command Line Tools or the Java Development Kit (JDK).
  • Change my-release-key to the name you want and also the alias_name (keep both very safe since they are your encrypted keys)

keytool -genkey -v -keystore `my-release-key.keystore` -alias `alias_name` -keyalg RSA -keysize 2048 -validity 10000