Skip to content
Tuist

Continuous Integration (CI)

Continuous Integration (CI) {#continuous-integration-ci}

Section titled “Continuous Integration (CI) {#continuous-integration-ci}”

To run Tuist commands in your continuous integration workflows, you’ll need to install it in your CI environment.

Authentication is optional but required if you want to use server-side features like cache.

The following sections provide examples of how to do this on different CI platforms.

Examples {#examples}

Section titled “Examples {#examples}”

GitHub Actions {#github-actions}

Section titled “GitHub Actions {#github-actions}”

On GitHub Actions you can use OIDC authentication for secure, secretless authentication:

::: code-group

name: Build Application
on:
  pull_request:
    branches:
      - main
  push:
    branches:
      - main


permissions:
  id-token: write
  contents: read


jobs:
  build:
    runs-on: macos-latest
    steps:
      - uses: actions/checkout@v4
      - uses: jdx/mise-action@v2
      - run: tuist auth login
      - run: tuist setup cache
name: Build Application
on:
  pull_request:
    branches:
      - main
  push:
    branches:
      - main


permissions:
  id-token: write
  contents: read


jobs:
  build:
    runs-on: macos-latest
    steps:
      - uses: actions/checkout@v4
      - run: brew install --formula [email protected]
      - run: tuist auth login
      - run: tuist setup cache
name: Build Application
on:
  pull_request:
    branches:
      - main
  push:
    branches:
      - main


env:
  TUIST_TOKEN: ${{ secrets.TUIST_TOKEN }}


jobs:
  build:
    runs-on: macos-latest
    steps:
      - uses: actions/checkout@v4
      - uses: jdx/mise-action@v2
      - run: tuist setup cache
name: Build Application
on:
  pull_request:
    branches:
      - main
  push:
    branches:
      - main


env:
  TUIST_TOKEN: ${{ secrets.TUIST_TOKEN }}


jobs:
  build:
    runs-on: macos-latest
    steps:
      - uses: actions/checkout@v4
      - run: brew install --formula [email protected]
      - run: tuist setup cache

:::

::: info OIDC SETUP

Before using OIDC authentication, you need to connect your GitHub repository to your Tuist project. The permissions: id-token: write is required for OIDC to work. Alternatively, you can use an account token with the TUIST_TOKEN secret.

:::

::: tip

We recommend using mise use --pin in your Tuist projects to pin the version of Tuist across environments. The command will create a .tool-versions file containing the version of Tuist.

:::

Xcode Cloud {#xcode-cloud}

Section titled “Xcode Cloud {#xcode-cloud}”

In Xcode Cloud, which uses Xcode projects as the source of truth, you’ll need to add a post-clone script to install Tuist and run the commands you need, for example tuist generate:

::: code-group

#!/bin/sh


# Mise installation taken from https://mise.jdx.dev/continuous-integration.html#xcode-cloud
curl https://mise.run | sh # Install Mise
export PATH="$HOME/.local/bin:$PATH"


mise install # Installs the version from .mise.toml


# Runs the version of Tuist indicated in the .mise.toml file {#runs-the-version-of-tuist-indicated-in-the-misetoml-file}
mise exec -- tuist install --path ../ # `--path` needed as this is run from within the `ci_scripts` directory
mise exec -- tuist generate -p ../ --no-open # `-p` needed as this is run from within the `ci_scripts` directory
#!/bin/sh
brew install --formula [email protected]


tuist generate

:::

::: info AUTHENTICATION

Use an account token by setting the TUIST_TOKEN environment variable in your Xcode Cloud workflow settings.

:::

CircleCI {#circleci}

Section titled “CircleCI {#circleci}”

On CircleCI you can use OIDC authentication for secure, secretless authentication:

::: code-group

version: 2.1
jobs:
  build:
    macos:
      xcode: "15.0.1"
    steps:
      - checkout
      - run:
          name: Install Mise
          command: |
            curl https://mise.jdx.dev/install.sh | sh
            echo 'export PATH="$HOME/.local/bin:$PATH"' >> $BASH_ENV
      - run:
          name: Install Tuist
          command: mise install
      - run:
          name: Authenticate
          command: mise exec -- tuist auth login
      - run:
          name: Build
          command: mise exec -- tuist setup cache
version: 2.1
jobs:
  build:
    macos:
      xcode: "15.0.1"
    environment:
      TUIST_TOKEN: $TUIST_TOKEN
    steps:
      - checkout
      - run:
          name: Install Mise
          command: |
            curl https://mise.jdx.dev/install.sh | sh
            echo 'export PATH="$HOME/.local/bin:$PATH"' >> $BASH_ENV
      - run:
          name: Install Tuist
          command: mise install
      - run:
          name: Build
          command: mise exec -- tuist setup cache

:::

::: info AUTHENTICATION

Before using OIDC authentication, you need to connect your GitHub repository to your Tuist project. CircleCI OIDC tokens include your connected GitHub repository, which Tuist uses to authorize access to your projects. Alternatively, you can use an account token with the TUIST_TOKEN environment variable.

:::

Bitrise {#bitrise}

Section titled “Bitrise {#bitrise}”

On Bitrise you can use OIDC authentication for secure, secretless authentication:

::: code-group

workflows:
  build:
    steps:
      - git-clone@8: {}
      - script@1:
          title: Install Mise
          inputs:
            - content: |
                curl https://mise.jdx.dev/install.sh | sh
                echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.bashrc
      - script@1:
          title: Install Tuist
          inputs:
            - content: mise install
      - get-identity-token@0:
          inputs:
          - audience: tuist
      - script@1:
          title: Authenticate
          inputs:
            - content: mise exec -- tuist auth login
      - script@1:
          title: Build
          inputs:
            - content: mise exec -- tuist setup cache
workflows:
  build:
    steps:
      - git-clone@8: {}
      - script@1:
          title: Install Mise
          inputs:
            - content: |
                curl https://mise.jdx.dev/install.sh | sh
                echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.bashrc
      - script@1:
          title: Install Tuist
          inputs:
            - content: mise install
      - script@1:
          title: Build
          inputs:
            - content: mise exec -- tuist setup cache

:::

::: info AUTHENTICATION

Before using OIDC authentication, you need to connect your GitHub repository to your Tuist project. Bitrise OIDC tokens include your connected GitHub repository, which Tuist uses to authorize access to your projects. Alternatively, you can use an account token with the TUIST_TOKEN environment variable.

:::

Codemagic {#codemagic}

Section titled “Codemagic {#codemagic}”

In Codemagic, you can add an additional step to your workflow to install Tuist:

::: code-group

workflows:
  build:
    name: Build
    max_build_duration: 30
    environment:
      xcode: 15.0.1
      vars:
        TUIST_TOKEN: ${{ secrets.TUIST_TOKEN }}
    scripts:
      - name: Install Mise
        script: |
          curl https://mise.jdx.dev/install.sh | sh
          mise install # Installs the version from .mise.toml
      - name: Build
        script: mise exec -- tuist setup cache
workflows:
  build:
    name: Build
    max_build_duration: 30
    environment:
      xcode: 15.0.1
      vars:
        TUIST_TOKEN: ${{ secrets.TUIST_TOKEN }}
    scripts:
      - name: Install Tuist
        script: |
          brew install --formula [email protected]
      - name: Build
        script: tuist setup cache

:::

::: info AUTHENTICATION

Create an account token and add it as a secret environment variable named TUIST_TOKEN.

:::