Skip to content

Add support for keystore file input #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
thymikee merged 4 commits into from
Sep 25, 2025
Merged

Add support for keystore file input #9

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
03ff7e3
feat: add support for keystore-file directly for signed builds
rinej Sep 24, 2025
6f42100
docs: add info about keystore-file support
rinej Sep 24, 2025
cbd6f0b
add additional input validation
rinej Sep 24, 2025
f377973
add working-directory for remaining steps for consistency
rinej Sep 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,9 @@ jobs:
github-token: ${{ secrets.GITHUB_TOKEN }}
# For release builds, add these:
# sign: true
# Option 1: Use keystore file directly
# keystore-file: 'path/to/your-keystore.jks'
# Option 2: Use base64 encoded keystore (alternative to keystore-file)
# keystore-base64: ${{ secrets.KEYSTORE_BASE64 }}
# keystore-store-file: 'your-keystore.jks'
# keystore-store-password: ${{ secrets.KEYSTORE_STORE_PASSWORD }}
Expand All @@ -53,6 +56,7 @@ jobs:
| `variant` | Build variant (debug/release) | No | `debug` |
| `sign` | Whether to sign the build with keystore | No | - |
| `re-sign` | Re-sign the APK with new JS bundle | No | `false` |
| `keystore-file` | Path to the keystore file | No | - |
| `keystore-base64` | Base64 encoded keystore file | No | - |
| `keystore-store-file` | Keystore store file name | No | - |
| `keystore-store-password` | Keystore store password | No | - |
Expand Down
26 changes: 18 additions & 8 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,9 @@ inputs:
keystore-base64:
description: 'Base64 version of the release keystore'
required: false
keystore-file:
description: 'Path to the keystore file'
required: false
keystore-store-file:
description: 'Keystore store file name'
required: false
Expand Down Expand Up @@ -68,8 +71,14 @@ runs:
- name: Validate Inputs
run: |
if [ "${{ inputs.sign }}" == "true" ]; then
if [ -z "${{ inputs.keystore-base64 }}" ]; then
echo "Input 'keystore-base64' is required for signed builds."
if [ -z "${{ inputs.keystore-file }}" ] && [ -z "${{ inputs.keystore-base64 }}" ]; then
echo "Either 'keystore-file' or 'keystore-base64' is required for signed builds."
exit 1
fi

# Validate keystore file actually exists if provided
if [ -n "${{ inputs.keystore-file }}" ] && [ ! -f "${{ inputs.keystore-file }}" ]; then
echo "Keystore file '${{ inputs.keystore-file }}' does not exist."
Copy link
Copy Markdown

@cursor cursor Bot Sep 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Keystore Path Validation Ignores Working Directory

The keystore file validation and copy operations don't respect the working-directory input. This means relative paths for keystore-file are resolved from the repository root, leading to validation and copy failures when a working-directory is specified.

Additional Locations (1)

Fix in Cursor Fix in Web

exit 1
fi

Expand Down Expand Up @@ -116,7 +125,6 @@ runs:
mkdir -p .rock/cache
echo "{\"githubToken\": \"${{ inputs.github-token }}\"}" > .rock/cache/project.json
shell: bash

# We create PR-related artifacts to avoid overwriting the main artifact with new JS bundle
- name: Check if PR-related artifact exists
if: ${{ github.event_name == 'pull_request' && inputs.re-sign == 'true' }}
Expand All @@ -131,7 +139,7 @@ runs:
echo "ARTIFACT_NAME=$(echo "$OUTPUT" | jq -r '.name')" >> $GITHUB_ENV
fi
shell: bash

- name: Check if regular artifact exists
if: ${{ !env.ARTIFACT_NAME }}
run: |
Expand All @@ -145,7 +153,6 @@ runs:
echo "ARTIFACT_NAME=$(echo "$OUTPUT" | jq -r '.name')" >> $GITHUB_ENV
fi
shell: bash

- name: Set Artifact Name (if not set)
if: ${{ !env.ARTIFACT_NAME }}
run: |
Expand Down Expand Up @@ -193,7 +200,11 @@ runs:
- name: Decode and store keystore file
if: ${{ !env.ARTIFACT_URL && inputs.sign }}
run: |
echo "${{ inputs.keystore-base64 }}" | base64 --decode > $ANDROID_SOURCE_DIR/$APP_NAME/release.keystore
if [ -n "${{ inputs.keystore-file }}" ]; then
cp "${{ inputs.keystore-file }}" $ANDROID_SOURCE_DIR/$APP_NAME/release.keystore
else
echo "${{ inputs.keystore-base64 }}" | base64 --decode > $ANDROID_SOURCE_DIR/$APP_NAME/release.keystore
fi
shell: bash
Copy link
Copy Markdown
Member

@thymikee thymikee Sep 25, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the ANDROID_SOURCE_DIR is absolute path, but let's add working-directory here for consistency here and in "Clean Up Keystore and gradle properties (signed builds only)" step

Copy link
Copy Markdown
Collaborator Author

@rinej rinej Sep 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, updated 👍


- name: Build Android
Expand All @@ -212,7 +223,7 @@ runs:
echo APK_PATH $APK_PATH
echo "ARTIFACT_PATH=$APK_PATH" >> $GITHUB_ENV
shell: bash

- name: Download and Unpack APK
if: ${{ env.ARTIFACT_URL && inputs.re-sign == 'true' && github.event_name == 'pull_request' }}
run: |
Expand Down Expand Up @@ -240,7 +251,6 @@ runs:
echo "ARTIFACT_ID=$(echo "$OUTPUT" | jq -r '.id')" >> $GITHUB_ENV
fi
shell: bash

# Special case for GitHub, as it doesn't support uploading through the API
- name: Upload Artifact to GitHub
id: upload-artifact
Expand Down