From a649daf38742a88d40bf886aac8a4521b6ffbc81 Mon Sep 17 00:00:00 2001 From: Michachatz <121869403+Michatec@users.noreply.github.com> Date: Mon, 9 Jun 2025 12:19:29 +0200 Subject: [PATCH] Update gradle-publish.yml --- .github/workflows/gradle-publish.yml | 108 ++++++++++++++++++--------- 1 file changed, 74 insertions(+), 34 deletions(-) diff --git a/.github/workflows/gradle-publish.yml b/.github/workflows/gradle-publish.yml index 20d17dc..0f295d2 100644 --- a/.github/workflows/gradle-publish.yml +++ b/.github/workflows/gradle-publish.yml @@ -1,44 +1,84 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. -# This workflow will build a package using Gradle and then publish it to GitHub packages when a release is created -# For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#Publishing-using-gradle +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: Build and publish APK +on: [workflow_dispatch] -name: Gradle Package - -on: - release: - types: [created] +env: + ANDROID_HOME: /usr/local/lib/android/sdk/ + APK_PATH: app/build/outputs/apk/release/app-release-unsigned.apk + APKSIGNER: /usr/local/lib/android/sdk/build-tools/34.0.0/apksigner jobs: build: - runs-on: ubuntu-latest permissions: - contents: read - packages: write - + contents: write steps: - - uses: actions/checkout@v4 - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - java-version: '17' - distribution: 'temurin' - server-id: github # Value of the distributionManagement/repository/id field of the pom.xml - settings-path: ${{ github.workspace }} # location for the settings.xml file + - name: Checkout + uses: actions/checkout@v3 - - name: Setup Gradle - uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 + - name: Setup JDK + uses: actions/setup-java@v4 + with: + java-version: 17 + distribution: adopt + cache: gradle - - name: Build with Gradle - run: ./gradlew build + - name: Cache Android SDK + #id: cache-android-sdk + uses: actions/cache@v4 + with: + path: ${{ env.ANDROID_HOME }} + key: ${{ runner.os }}-android-sdk - # The USERNAME and TOKEN need to correspond to the credentials environment variables used in - # the publishing section of your build.gradle - - name: Publish to GitHub Packages - run: ./gradlew publish - env: - USERNAME: ${{ github.actor }} - TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Setup Android SDK + ## It is not necessary to check for cache hit as it + ## will not download Android SDK again + #if: steps.cache-android-sdk.outputs.cache-hit != 'true' + uses: android-actions/setup-android@v3 + with: + packages: '' + + - name: Build unsigned APK + run: ./gradlew --no-daemon assembleRelease + + - name: Sign APK + env: + SIGN_CERT: ${{ secrets.SIGN_CERT }} + SIGN_KEY: ${{ secrets.SIGN_KEY }} + run: | + # Copy APK file to app-release.apk + mv ${{ env.APK_PATH }} app-release.apk + # Decode certificate + echo -e $SIGN_CERT > cert.b64 + base64 -d cert.b64 | tr -d '\n' > cert.der + # Decode key + echo -e $SIGN_KEY > key.b64 + base64 -d key.b64 | tr -d '\n' > key.der + # Sign APK file with private key + ${{ env.APKSIGNER }} sign --key key.der --cert cert.der app-release.apk + # Remove key files + rm cert.b64 key.b64 cert.der key.der + + - name: Upload artifact + uses: actions/upload-artifact@v4 + with: + name: app-release + path: app-release.apk + + publish: + runs-on: ubuntu-latest + needs: build + permissions: + contents: write + steps: + - name: Download artifact + uses: actions/download-artifact@v4 + with: + name: app-release + path: app-release.apk + + - name: Create release + uses: ncipollo/release-action@v1 + with: + artifacts: "app-release.apk" + draft: true