Merge pull request #11 from Kshitij09/enhancement/build-configurations

* Added launcher icon (separate for debug & release)
* Added secret files required for debug & release variants
* Configured workflow to use GitHub secrets to decrypt and use secret files
* Prepared separate workflows Build/Test & Release

.github/workflows/tazabazar.yml → .github/workflows/build.yml

@@ -1,4 +1,4 @@
-name: build
+name: Build & Test
 on:
   push:
     branches: [ main ]
@@ -9,6 +9,9 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 30
 
+    env:
+      ORG_GRADLE_PROJECT_TAZABAZAR_RELEASE_PWD: ${{ secrets.ORG_GRADLE_PROJECT_TAZABAZAR_RELEASE_PWD }}
+
     steps:
       - name: Checkout
         uses: actions/checkout@v2
@@ -21,6 +24,11 @@ jobs:
         with:
           java-version: 11
 
+      - name: Decrypt Release Keystore
+        env:
+          ENCRYPT_KEY: ${{ secrets.ENCRYPT_KEY }}
+        run: ./scripts/decrypt_secrets.sh
+
       - name: Generate Cache key
         run: ./scripts/checksum.sh checksum.txt
 
@@ -33,11 +41,14 @@ jobs:
           key: gradle-${{ hashFiles('checksum.txt') }}
 
       - name: Build Project
-        run: ./gradlew assembleDebug --stacktrace
+        run: ./gradlew assembleDebug assembleRelease --stacktrace
 
       - name: Run Unit tests
         run: ./gradlew test -Pprod --stacktrace
 
+      - name: Clean Secrets
+        run: ./scripts/clean_secrets.sh
+
       - name: Upload build outputs (APKs)
         uses: actions/upload-artifact@v2
         with:
@@ -49,4 +60,5 @@ jobs:
         uses: actions/upload-artifact@v2
         with:
           name: build-reports
-          path: app/build/reports
+          path: app/build/reports
+

.github/workflows/release.yml

@@ -0,0 +1,60 @@
+name: Draft Release
+on:
+ push:
+  tags:
+    - "v*"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    env:
+      ORG_GRADLE_PROJECT_TAZABAZAR_RELEASE_PWD: ${{ secrets.ORG_GRADLE_PROJECT_TAZABAZAR_RELEASE_PWD }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Copy CI gradle.properties
+        run: mkdir -p ~/.gradle ; cp .github/ci-gradle.properties ~/.gradle/gradle.properties
+
+      - name: Set up JDK 11
+        uses: actions/setup-java@v1
+        with:
+          java-version: 11
+
+      - name: Decrypt Release Keystore
+        env:
+          ENCRYPT_KEY: ${{ secrets.ENCRYPT_KEY }}
+        run: ./scripts/decrypt_secrets.sh
+
+      - name: Generate Cache key
+        run: ./scripts/checksum.sh checksum.txt
+
+      - uses: actions/cache@v2
+        with:
+          path: |
+            ~/.gradle/caches/modules-*
+            ~/.gradle/caches/jars-*
+            ~/.gradle/caches/build-cache-*
+          key: gradle-${{ hashFiles('checksum.txt') }}
+
+      - name: Build Project
+        run: ./gradlew assembleDebug assembleRelease --stacktrace
+
+      - name: Run Unit tests
+        run: ./gradlew test -Pprod --stacktrace
+
+      - name: Clean Secrets
+        run: ./scripts/clean_secrets.sh
+
+      - name: Create Release
+        uses: softprops/action-gh-release@v1
+        if: startsWith(github.ref, 'refs/tags/v')
+        with:
+          draft: true
+          files: |
+            app/build/outputs/apk/release/app-release.apk
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

app/build.gradle

@@ -5,6 +5,8 @@ plugins {
     id 'androidx.navigation.safeargs.kotlin'
 }
 
+def useReleaseKeystore = rootProject.file("signing/app-release.jks").exists()
+
 android {
     compileSdk buildConfig.compileSdk
 
@@ -13,7 +15,7 @@ android {
         minSdk buildConfig.minSdk
         targetSdk buildConfig.targetSdk
         versionCode 1
-        versionName "0.1"
+        versionName "1.0.0-rc01"
 
         testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
         // The following argument makes the Android Test Orchestrator run its
@@ -30,10 +32,40 @@ android {
             }
         }
     }
+    signingConfigs {
+        debug {
+            storeFile rootProject.file("signing/app-debug.jks")
+            storePassword "kotlin"
+            keyAlias "tazabazar-debug"
+            keyPassword "kotlin"
+        }
+
+        release {
+            if (useReleaseKeystore) {
+                storeFile rootProject.file("signing/app-release.jks")
+                storePassword propOrDef('TAZABAZAR_RELEASE_PWD', "")
+                keyAlias "tazabazar-release"
+                keyPassword propOrDef('TAZABAZAR_RELEASE_PWD', "")
+            }
+        }
+    }
 
     buildTypes {
+        debug {
+            signingConfig signingConfigs.debug
+            versionNameSuffix "-dev"
+            applicationIdSuffix ".debug"
+        }
+
         release {
-            minifyEnabled false
+            if (useReleaseKeystore) {
+                signingConfig signingConfigs.release
+            } else {
+                // Otherwise just use the debug keystore (this is mainly for PR CI builds)
+                signingConfig signingConfigs.debug
+            }
+            shrinkResources true
+            minifyEnabled true
             proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
         }
     }

app/proguard-rules.pro

@@ -1,21 +1,89 @@
-# Add project specific ProGuard rules here.
-# You can control the set of applied configuration files using the
-# proguardFiles setting in build.gradle.
-#
-# For more details, see
-#   http://developer.android.com/guide/developing/tools/proguard.html
-
-# If your project uses WebView with JS, uncomment the following
-# and specify the fully qualified class name to the JavaScript interface
-# class:
-#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
-#   public *;
-#}
-
-# Uncomment this to preserve the line number information for
-# debugging stack traces.
-#-keepattributes SourceFile,LineNumberTable
-
-# If you keep the line number information, uncomment this to
-# hide the original source file name.
-#-renamesourcefileattribute SourceFile
+-dontwarn kotlin.reflect.jvm.internal.**
+
+-keep class kotlin.reflect.jvm.internal.** { *; }
+
+-keep interface javax.annotation.Nullable
+
+# For enumeration classes
+-keepclassmembers enum * {
+    public static **[] values();
+    public static ** valueOf(java.lang.String);
+}
+
+# AndroidX + support library contains references to newer platform versions.
+# Don't warn about those in case this app is linking against an older
+# platform version.  We know about them, and they are safe.
+-dontwarn android.support.**
+-dontwarn androidx.**
+
+-keepattributes SourceFile,LineNumberTable
+-renamesourcefileattribute SourceFile
+
+# Retain the generic signature of retrofit2.Call until added to Retrofit.
+# Issue: https://github.com/square/retrofit/issues/3580.
+# Pull request: https://github.com/square/retrofit/pull/3579.
+-keep,allowobfuscation,allowshrinking class retrofit2.Call
+
+#### OkHttp, Retrofit and Moshi
+-dontwarn okhttp3.**
+-dontwarn retrofit2.Platform$Java8
+-dontwarn okio.**
+-dontwarn javax.annotation.**
+-keepclasseswithmembers class * {
+    @com.squareup.moshi.* <methods>;
+}
+-keep @com.squareup.moshi.JsonQualifier interface *
+-dontwarn org.jetbrains.annotations.**
+-keep class kotlin.Metadata { *; }
+-keepclassmembers class kotlin.Metadata {
+    public <methods>;
+}
+
+-keepclassmembers class * {
+    @com.squareup.moshi.FromJson <methods>;
+    @com.squareup.moshi.ToJson <methods>;
+}
+
+# ref: https://stackoverflow.com/a/69149384/6738702
+# Keep helper method to avoid R8 optimisation that would keep all Kotlin Metadata when unwanted
+-keepclassmembers class com.squareup.moshi.internal.Util {
+    private static java.lang.String getKotlinMetadataClassName();
+}
+
+# Retrofit does reflection on generic parameters. InnerClasses is required to use Signature and
+# EnclosingMethod is required to use InnerClasses.
+-keepattributes Signature, InnerClasses, EnclosingMethod
+
+# Retrofit does reflection on method and parameter annotations.
+-keepattributes RuntimeVisibleAnnotations,
+                RuntimeVisibleParameterAnnotations,
+                RuntimeVisibleTypeAnnotations
+
+# Keep annotation default values (e.g., retrofit2.http.Field.encoded).
+-keepattributes AnnotationDefault
+
+# Retain service method parameters when optimizing.
+-keepclassmembers,allowshrinking,allowobfuscation interface * {
+    @retrofit2.http.* <methods>;
+}
+
+# Guarded by a NoClassDefFoundError try/catch and only used when on the classpath.
+-dontwarn kotlin.Unit
+
+# Top-level functions that can only be used by Kotlin.
+-dontwarn retrofit2.KotlinExtensions
+-dontwarn retrofit2.KotlinExtensions.*
+
+# With R8 full mode, it sees no subtypes of Retrofit interfaces since they are created with a Proxy
+# and replaces all potential values with null. Explicitly keeping the interfaces prevents this.
+-if interface * { @retrofit2.http.* <methods>; }
+-keep,allowobfuscation interface <1>
+
+# Keep generic signature of Call, Response (R8 full mode strips signatures from non-kept items).
+-keep,allowobfuscation,allowshrinking interface retrofit2.Call
+-keep,allowobfuscation,allowshrinking class retrofit2.Response
+
+# With R8 full mode generic signatures are stripped for classes that are not
+# kept. Suspend functions are wrapped in continuations where the type argument
+# is used.
+-keep,allowobfuscation,allowshrinking class kotlin.coroutines.Continuation