This repository has been archived by the owner on Jul 11, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
167 lines (148 loc) · 5.8 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
# name of the workflow
name: Android CI Tag Deployment - Release
on:
push:
tags:
- 'v*.*.*'
- '!v*.*.*-**'
jobs:
build:
runs-on: ubuntu-latest
env:
SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }}
SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
KEY_STORE_FILE: 'android_keystore.jks'
KEY_STORE_LOCATION: ${{ github.workspace }}/app/keystore/
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
cache: gradle
- name: Grant execute permission for gradlew
run: chmod +x gradlew
# Native build dependencies
- name: Setup Go
uses: actions/setup-go@v5
- name: Add rust stable toolchain
uses: dtolnay/rust-toolchain@stable
- name: Add all targets
run: |
rustup target add \
aarch64-linux-android \
armv7-linux-androideabi \
x86_64-linux-android \
i686-linux-android
- name: Setup Android SDK
uses: nttld/setup-ndk@v1
with:
ndk-version: r25c
- name: Add cargo-ndk
run: |
cargo install cargo-ndk
- name: Install Protoc
uses: arduino/setup-protoc@v3
# Here we need to decode keystore.jks from base64 string and place it
# in the folder specified in the release signing configuration
- name: Decode Keystore
id: decode_keystore
uses: timheuer/[email protected]
with:
fileName: ${{ env.KEY_STORE_FILE }}
fileDir: ${{ env.KEY_STORE_LOCATION }}
encodedString: ${{ secrets.KEYSTORE }}
# create keystore path for gradle to read
- name: Create keystore path env var
run: |
store_path=${{ env.KEY_STORE_LOCATION }}${{ env.KEY_STORE_FILE }}
echo "KEY_STORE_PATH=$store_path" >> $GITHUB_ENV
- name: Create service_account.json
id: createServiceAccount
run: echo '${{ secrets.SERVICE_ACCOUNT_JSON }}' > service_account.json
# Build and sign APK ("-x test" argument is used to skip tests)
- name: Build Release APK
run: ./gradlew :app:assembleRelease -x test --stacktrace
env:
ANDROID_NDK_HOME: ${{ steps.setup-ndk.outputs.ndk-path }}
# get release apk path
# general or fdroid
- name: Get universal apk path
id: universal-path
run: echo "path=$(find . -regex '^.*/build/outputs/apk/fdroid/release/.*\universal.apk$' -type f | head -1)" >> $GITHUB_OUTPUT
- name: Get armeabi-v7a apk path
id: armv7-path
run: echo "path=$(find . -regex '^.*/build/outputs/apk/fdroid/release/.*\armeabi-v7a.apk$' -type f | head -1)" >> $GITHUB_OUTPUT
- name: Get arm-v8a apk path
id: armv8-path
run: echo "path=$(find . -regex '^.*/build/outputs/apk/fdroid/release/.*\arm64-v8a.apk$' -type f | head -1)" >> $GITHUB_OUTPUT
- name: Get version code
run: |
version_code=$(grep "VERSION_CODE" buildSrc/src/main/kotlin/Constants.kt | awk '{print $5}' | tr -d '\n')
echo "VERSION_CODE=$version_code" >> $GITHUB_ENV
# Save the APK after the Build job is complete to publish it as a Github release in the next job
- name: Upload universal APK
uses: actions/[email protected]
with:
name: nymvpn-universal
path: ${{ steps.universal-path.outputs.path }}
- name: Upload armv7 APK
uses: actions/[email protected]
with:
name: nymvpn-armv7
path: ${{ steps.armv7-path.outputs.path }}
- name: Upload armv8 APK
uses: actions/[email protected]
with:
name: nymvpn-armv8
path: ${{ steps.armv8-path.outputs.path }}
- name: Create Release with Fastlane changelog notes
id: create_release
uses: softprops/action-gh-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
body_path: ${{ github.workspace }}/fastlane/metadata/android/en-US/changelogs/${{ env.VERSION_CODE }}.txt
tag_name: ${{ github.ref_name }}
name: ${{ github.ref_name }}
draft: false
make_latest: true
prerelease: false
files: |
${{ github.workspace }}/${{ steps.universal-path.outputs.path }}
${{ github.workspace }}/${{ steps.armv8-path.outputs.path }}
${{ github.workspace }}/${{ steps.armv7-path.outputs.path }}
- name: Install apksigner
run: |
sudo apt-get update
sudo apt-get install -y apksigner
- name: Get checksum
id: checksum
run: echo "checksum=$(apksigner verify -print-certs ${{ steps.armv8-path.outputs.path }} | grep -Po "(?<=SHA-256 digest:) .*" | tr -d "[:blank:]")" >> $GITHUB_OUTPUT
- name: Append checksum
id: append_checksum
uses: softprops/action-gh-release@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
body: |
SHA256 fingerprint:
```${{ steps.checksum.outputs.checksum }}```
tag_name: ${{ github.ref_name }}
name: ${{ github.ref_name }}
draft: false
prerelease: false
append_body: true
- name: Deploy with fastlane
uses: ruby/setup-ruby@v1
with:
ruby-version: '3.2' # Not needed with a .ruby-version file
bundler-cache: true
# deploy to google internal track
- name: Distribute app to Alpha track 🚀
run: (cd ${{ github.workspace }} && bundle install && bundle exec fastlane alpha)