release-android #151
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release-android | |
| on: | |
| schedule: | |
| - cron: "4 3 * * *" | |
| workflow_dispatch: | |
| inputs: | |
| track: | |
| type: choice | |
| description: "Google play release track" | |
| options: | |
| - none | |
| - internal | |
| - alpha | |
| - beta | |
| - production | |
| default: none | |
| required: true | |
| release_type: | |
| type: choice | |
| description: "GitHub release type" | |
| options: | |
| - none | |
| - prerelease | |
| - nightly | |
| - release | |
| default: release | |
| required: true | |
| tag_name: | |
| description: "Tag name for release" | |
| required: false | |
| default: nightly | |
| workflow_call: | |
| jobs: | |
| check_date: | |
| runs-on: ubuntu-latest | |
| name: Check latest commit | |
| outputs: | |
| should_run: ${{ steps.should_run.outputs.should_run }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: print latest_commit | |
| run: echo ${{ github.sha }} | |
| - id: should_run | |
| continue-on-error: true | |
| name: check latest commit is less than a day | |
| if: ${{ github.event_name == 'schedule' }} | |
| run: test -z $(git rev-list --after="23 hours" ${{ github.sha }}) && echo "::set-output name=should_run::false" | |
| build: | |
| needs: check_date | |
| if: | | |
| github.event_name != 'schedule' || | |
| (needs.check_date.outputs.should_run == 'true' && github.event_name == 'schedule') | |
| name: Build Signed APK | |
| runs-on: ubuntu-latest | |
| env: | |
| SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }} | |
| SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }} | |
| SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }} | |
| KEY_STORE_FILE: 'android_keystore.jks' | |
| KEY_STORE_LOCATION: ${{ github.workspace }}/app/keystore/ | |
| GH_USER: ${{ secrets.GH_USER }} | |
| # GH needed for gh cli | |
| GH_TOKEN: ${{ secrets.GH_TOKEN }} | |
| GH_REPO: ${{ github.repository }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| cache: gradle | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Install system dependencies | |
| run: | | |
| sudo apt update && sudo apt install -y gh apksigner | |
| # Here we need to decode keystore.jks from base64 string and place it | |
| # in the folder specified in the release signing configuration | |
| - name: Decode Keystore | |
| id: decode_keystore | |
| uses: timheuer/[email protected] | |
| with: | |
| fileName: ${{ env.KEY_STORE_FILE }} | |
| fileDir: ${{ env.KEY_STORE_LOCATION }} | |
| encodedString: ${{ secrets.KEYSTORE }} | |
| # create keystore path for gradle to read | |
| - name: Create keystore path env var | |
| run: | | |
| store_path=${{ env.KEY_STORE_LOCATION }}${{ env.KEY_STORE_FILE }} | |
| echo "KEY_STORE_PATH=$store_path" >> $GITHUB_ENV | |
| - name: Create service_account.json | |
| id: createServiceAccount | |
| run: echo '${{ secrets.SERVICE_ACCOUNT_JSON }}' > service_account.json | |
| # Build and sign APK ("-x test" argument is used to skip tests) | |
| # add fdroid flavor for apk upload | |
| - name: Build Fdroid Release APK | |
| if: ${{ inputs.release_type != '' && inputs.release_type == 'release' }} | |
| run: ./gradlew :app:assembleFdroidRelease -x test | |
| - name: Build Fdroid Prerelease APK | |
| if: ${{ inputs.release_type != '' && inputs.release_type == 'prerelease' }} | |
| run: ./gradlew :app:assembleFdroidPrerelease -x test | |
| - name: Build Fdroid Nightly APK | |
| if: ${{ inputs.release_type == '' || inputs.release_type == 'nightly' }} | |
| run: ./gradlew :app:assembleFdroidNightly -x test | |
| - if: ${{ inputs.release_type == '' || inputs.release_type == 'nightly' }} | |
| run: echo "APK_PATH=$(find . -regex '^.*/build/outputs/apk/fdroid/nightly/.*\.apk$' -type f | head -1)" >> $GITHUB_ENV | |
| - if: ${{ inputs.release_type != '' && inputs.release_type == 'release' }} | |
| run: echo "APK_PATH=$(find . -regex '^.*/build/outputs/apk/fdroid/release/.*\.apk$' -type f | head -1)" >> $GITHUB_ENV | |
| - if: ${{ inputs.release_type != '' && inputs.release_type == 'prerelease' }} | |
| run: echo "APK_PATH=$(find . -regex '^.*/build/outputs/apk/fdroid/prerelease/.*\.apk$' -type f | head -1)" >> $GITHUB_ENV | |
| - name: Get version code | |
| if: ${{ inputs.release_type == 'release' }} | |
| run: | | |
| version_code=$(grep "VERSION_CODE" buildSrc/src/main/kotlin/Constants.kt | awk '{print $5}' | tr -d '\n') | |
| echo "VERSION_CODE=$version_code" >> $GITHUB_ENV | |
| - name: Commit and push versionCode changes | |
| if: ${{ inputs.release_type == '' || inputs.release_type == 'nightly' || inputs.release_type == 'prerelease' }} | |
| run: | | |
| git config --global user.name 'GitHub Actions' | |
| git config --global user.email '[email protected]' | |
| git add versionCode.txt | |
| git commit -m "Automated build update" | |
| - name: Push changes | |
| if: ${{ inputs.release_type == '' || inputs.release_type == 'nightly' || inputs.release_type == 'prerelease' }} | |
| uses: ad-m/github-push-action@master | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| branch: ${{ github.ref }} | |
| # Save the APK after the Build job is complete to publish it as a Github release in the next job | |
| - name: Upload APK | |
| uses: actions/[email protected] | |
| with: | |
| name: wgtunnel | |
| path: ${{ env.APK_PATH }} | |
| - name: Download APK from build | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: wgtunnel | |
| - name: Repository Dispatch for my F-Droid repo | |
| uses: peter-evans/repository-dispatch@v3 | |
| if: ${{ inputs.release_type == 'release' }} | |
| with: | |
| token: ${{ secrets.PAT }} | |
| repository: zaneschepke/fdroid | |
| event-type: fdroid-update | |
| # Setup TAG_NAME, which is used as a general "name" | |
| - if: github.event_name == 'workflow_dispatch' | |
| run: echo "TAG_NAME=${{ github.event.inputs.tag_name }}" >> $GITHUB_ENV | |
| - if: github.event_name == 'schedule' | |
| run: echo "TAG_NAME=nightly" >> $GITHUB_ENV | |
| - name: Set version release notes | |
| if: ${{ inputs.release_type == 'release' }} | |
| run: | | |
| RELEASE_NOTES="$(cat ${{ github.workspace }}/fastlane/metadata/android/en-US/changelogs/${{ env.VERSION_CODE }}.txt)" | |
| echo "RELEASE_NOTES<<EOF" >> $GITHUB_ENV | |
| echo "$RELEASE_NOTES" >> $GITHUB_ENV | |
| echo "EOF" >> $GITHUB_ENV | |
| - name: On nightly release notes | |
| if: ${{ contains(env.TAG_NAME, 'nightly') }} | |
| run: | | |
| echo "RELEASE_NOTES=Nightly build for the latest development version of the app." >> $GITHUB_ENV | |
| gh release delete nightly --yes || true | |
| git push origin :nightly || true | |
| - name: On prerelease release notes | |
| if: ${{ inputs.release_type == 'prerelease' }} | |
| run: | | |
| echo "RELEASE_NOTES=Testing version of app for specific feature." >> $GITHUB_ENV | |
| gh release delete ${{ github.event.inputs.tag_name }} --yes || true | |
| - name: Get checksum | |
| id: checksum | |
| run: echo "checksum=$(apksigner verify -print-certs ${{ env.APK_PATH }} | grep -Po "(?<=SHA-256 digest:) .*" | tr -d "[:blank:]")" >> $GITHUB_OUTPUT | |
| - name: Create Release with Fastlane changelog notes | |
| id: create_release | |
| uses: softprops/action-gh-release@v2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| body: | | |
| ${{ env.RELEASE_NOTES }} | |
| SHA256 fingerprint: | |
| ```${{ steps.checksum.outputs.checksum }}``` | |
| tag_name: ${{ env.TAG_NAME }} | |
| name: ${{ env.TAG_NAME }} | |
| draft: false | |
| prerelease: ${{ inputs.release_type == 'prerelease' || inputs.release_type == '' || inputs.release_type == 'nightly' }} | |
| make_latest: ${{ inputs.release_type == 'release' }} | |
| files: ${{ github.workspace }}/${{ env.APK_PATH }} | |
| publish-play: | |
| if: ${{ inputs.track != 'none' && inputs.track != '' }} | |
| name: Publish to Google Play | |
| runs-on: ubuntu-latest | |
| env: | |
| SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }} | |
| SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }} | |
| SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }} | |
| KEY_STORE_FILE: 'android_keystore.jks' | |
| KEY_STORE_LOCATION: ${{ github.workspace }}/app/keystore/ | |
| GH_USER: ${{ secrets.GH_USER }} | |
| GH_TOKEN: ${{ secrets.GH_TOKEN }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| cache: gradle | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| # Here we need to decode keystore.jks from base64 string and place it | |
| # in the folder specified in the release signing configuration | |
| - name: Decode Keystore | |
| id: decode_keystore | |
| uses: timheuer/[email protected] | |
| with: | |
| fileName: ${{ env.KEY_STORE_FILE }} | |
| fileDir: ${{ env.KEY_STORE_LOCATION }} | |
| encodedString: ${{ secrets.KEYSTORE }} | |
| # create keystore path for gradle to read | |
| - name: Create keystore path env var | |
| run: | | |
| store_path=${{ env.KEY_STORE_LOCATION }}${{ env.KEY_STORE_FILE }} | |
| echo "KEY_STORE_PATH=$store_path" >> $GITHUB_ENV | |
| - name: Create service_account.json | |
| id: createServiceAccount | |
| run: echo '${{ secrets.SERVICE_ACCOUNT_JSON }}' > service_account.json | |
| - name: Deploy with fastlane | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: '3.2' # Not needed with a .ruby-version file | |
| bundler-cache: true | |
| - name: Distribute app to Prod track 🚀 | |
| run: (cd ${{ github.workspace }} && bundle install && bundle exec fastlane ${{ inputs.track }}) | |