-
Notifications
You must be signed in to change notification settings - Fork 118
121 lines (104 loc) · 3.9 KB
/
asm_build.yml
File metadata and controls
121 lines (104 loc) · 3.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
name: Build Release APK
on:
push:
branches: [ dev, main, indexing, release/** ]
paths-ignore:
- '**.md'
- '**.json'
- 'fastlane/**'
- '.github/workflows/crowdin_contributors.yml'
pull_request:
branches: [ dev ]
paths-ignore:
- '**.md'
- '**.json'
- 'fastlane/**'
- '.github/workflows/crowdin_contributors.yml'
workflow_dispatch:
jobs:
build_release_apk:
name: Build Release APK
runs-on: ubuntu-latest
steps:
- name: Cancel previous runs
uses: styfle/cancel-workflow-action@0.12.1
with:
access_token: ${{ github.token }}
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: recursive
fetch-depth: 0
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'
- name: Grant execute permission for gradlew
run: chmod +x ./gradlew
- name: Cache Gradle dependencies
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
# 🔐 Secure way: create local.properties from GitHub Secrets
- name: Create local.properties with signing config
run: |
echo "signing.storeFile=signing/signing-key.jks" >> local.properties
echo "signing.storePassword=${{ secrets.STORE_PASSWORD }}" >> local.properties
echo "signing.keyAlias=${{ secrets.KEY_ALIAS }}" >> local.properties
echo "signing.keyPassword=${{ secrets.KEY_PASSWORD }}" >> local.properties
# 📁 Option 1: If keystore file is already in repository (simpler)
# - name: Verify keystore file exists
# run: |
# if [ ! -f core/app/signing/signing-key.jks ]; then
# echo "::error::Keystore file not found at core/app/signing/signing-key.jks"
# exit 1
# fi
# 📦 Option 2: If keystore is stored as a base64 secret (more secure)
# - name: Create keystore from secret
# run: |
# mkdir -p core/app/signing
# echo "${{ secrets.KEYSTORE_BASE64 }}" | base64 --decode > core/app/signing/signing-key.jks
# (Optional) Debug step – check if secrets are set (remove after verification)
# - name: Debug secret lengths (should not be zero)
# run: |
# echo "STORE_PASSWORD length: ${#STORE_PASSWORD}"
# echo "KEY_ALIAS length: ${#KEY_ALIAS}"
# echo "KEY_PASSWORD length: ${#KEY_PASSWORD}"
# env:
# STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
# KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
# KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}
- name: Build release APK
run: ./gradlew :core:app:assembleRelease
- name: List generated APK files
run: ls -la core/app/build/outputs/apk/release/
- name: Upload universal release APK
uses: actions/upload-artifact@v4
with:
name: app-universal-release
path: core/app/build/outputs/apk/release/*universal*.apk
if: always()
- name: Upload arm64-v8a release APK
uses: actions/upload-artifact@v4
with:
name: app-arm64-v8a-release
path: core/app/build/outputs/apk/release/*arm64-v8a*.apk
if: always()
- name: Upload armeabi-v7a release APK
uses: actions/upload-artifact@v4
with:
name: app-armeabi-v7a-release
path: core/app/build/outputs/apk/release/*armeabi-v7a*.apk
if: always()
- name: Upload x86_64 release APK
uses: actions/upload-artifact@v4
with:
name: app-x86_64-release
path: core/app/build/outputs/apk/release/*x86_64*.apk
if: always()