release-android #101

Workflow file for this run

.github/workflows/release.yml at 688fad7

	name: release-android

	on:
	schedule:
	- cron: "4 3 * * *"
	workflow_dispatch:
	inputs:
	track:
	type: choice
	description: "Google play release track"
	options:
	- none
	- internal
	- alpha
	- beta
	- production
	default: alpha
	required: true
	release_type:
	type: choice
	description: "GitHub release type"
	options:
	- none
	- prerelease
	- nightly
	- release
	default: release
	required: true
	tag_name:
	description: "Tag name for release"
	required: false
	default: nightly

	jobs:
	build:
	name: Build Signed APK
	if: ${{ inputs.release_type != 'none' }}
	runs-on: ubuntu-latest

	env:
	SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
	SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }}
	SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }}
	KEY_STORE_FILE: 'android_keystore.jks'
	KEY_STORE_LOCATION: ${{ github.workspace }}/app/keystore/
	GH_USER: ${{ secrets.GH_USER }}
	# GH needed for gh cli
	GH_TOKEN: ${{ secrets.GH_TOKEN }}
	GH_REPO: ${{ github.repository }}

	steps:
	- uses: actions/checkout@v4
	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	distribution: 'temurin'
	java-version: '17'
	cache: gradle
	- name: Grant execute permission for gradlew
	run: chmod +x gradlew

	- name: Install system dependencies
	run: \|
	sudo apt update && sudo apt install -y gh apksigner

	# Here we need to decode keystore.jks from base64 string and place it
	# in the folder specified in the release signing configuration
	- name: Decode Keystore
	id: decode_keystore
	uses: timheuer/base64-to-file@v1.2
	with:
	fileName: ${{ env.KEY_STORE_FILE }}
	fileDir: ${{ env.KEY_STORE_LOCATION }}
	encodedString: ${{ secrets.KEYSTORE }}

	# create keystore path for gradle to read
	- name: Create keystore path env var
	run: \|
	store_path=${{ env.KEY_STORE_LOCATION }}${{ env.KEY_STORE_FILE }}
	echo "KEY_STORE_PATH=$store_path" >> $GITHUB_ENV

	- name: Create service_account.json
	id: createServiceAccount
	run: echo '${{ secrets.SERVICE_ACCOUNT_JSON }}' > service_account.json

	# Build and sign APK ("-x test" argument is used to skip tests)
	# add fdroid flavor for apk upload
	- name: Build Fdroid Release APK
	if: ${{ inputs.release_type != '' && inputs.release_type == 'release' }}
	run: ./gradlew :app:assembleFdroidRelease -x test

	- name: Build Fdroid Prerelease APK
	if: ${{ inputs.release_type != '' && inputs.release_type == 'prerelease' }}
	run: ./gradlew :app:assembleFdroidPrerelease -x test

	- name: Build Fdroid Nightly APK
	if: ${{ inputs.release_type == '' \|\| inputs.release_type == 'nightly' }}
	run: ./gradlew :app:assembleFdroidNightly -x test

	- if: ${{ inputs.release_type == '' \|\| inputs.release_type == 'nightly' }}
	run: echo "APK_PATH=$(find . -regex '^./build/outputs/apk/fdroid/nightly/.\.apk$' -type f \| head -1)" >> $GITHUB_ENV
	- if: ${{ inputs.release_type != '' && inputs.release_type == 'release' }}
	run: echo "APK_PATH=$(find . -regex '^./build/outputs/apk/fdroid/release/.\.apk$' -type f \| head -1)" >> $GITHUB_ENV
	- if: ${{ inputs.release_type != '' && inputs.release_type == 'prerelease' }}
	run: echo "APK_PATH=$(find . -regex '^./build/outputs/apk/fdroid/prerelease/.\.apk$' -type f \| head -1)" >> $GITHUB_ENV

	- name: Get version code
	if: ${{ inputs.release_type == 'release' }}
	run: \|
	version_code=$(grep "VERSION_CODE" buildSrc/src/main/kotlin/Constants.kt \| awk '{print $5}' \| tr -d '\n')
	echo "VERSION_CODE=$version_code" >> $GITHUB_ENV

	# Save the APK after the Build job is complete to publish it as a Github release in the next job
	- name: Upload APK
	uses: actions/upload-artifact@v4.3.6
	with:
	name: wgtunnel
	path: ${{ env.APK_PATH }}

	- name: Download APK from build
	uses: actions/download-artifact@v4
	with:
	name: wgtunnel

	- name: Repository Dispatch for my F-Droid repo
	uses: peter-evans/repository-dispatch@v3
	if: ${{ inputs.release_type == 'release' }}
	with:
	token: ${{ secrets.PAT }}
	repository: zaneschepke/fdroid
	event-type: fdroid-update

	# Setup TAG_NAME, which is used as a general "name"
	- if: github.event_name == 'workflow_dispatch'
	run: echo "TAG_NAME=${{ github.event.inputs.tag_name }}" >> $GITHUB_ENV
	- if: github.event_name == 'schedule'
	run: echo "TAG_NAME=nightly" >> $GITHUB_ENV

	- name: Set version release notes
	if: ${{ inputs.release_type == 'release' }}
	run: \|
	RELEASE_NOTES="$(cat ${{ github.workspace }}/fastlane/metadata/android/en-US/changelogs/${{ env.VERSION_CODE }}.txt)"
	echo "RELEASE_NOTES<<EOF" >> $GITHUB_ENV
	echo "$RELEASE_NOTES" >> $GITHUB_ENV
	echo "EOF" >> $GITHUB_ENV

	- name: On nightly release notes
	if: ${{ contains(env.TAG_NAME, 'nightly') }}
	run: \|
	echo "RELEASE_NOTES=Nightly build for the latest development version of the app." >> $GITHUB_ENV
	gh release delete nightly --yes \|\| true

	- name: On prerelease release notes
	if: ${{ inputs.release_type == 'prerelease' }}
	run: \|
	echo "RELEASE_NOTES=Testing version of app for specific feature." >> $GITHUB_ENV
	gh release delete ${{ github.event.inputs.tag_name }} --yes \|\| true

	- name: Get checksum
	id: checksum
	run: echo "checksum=$(apksigner verify -print-certs ${{ env.APK_PATH }} \| grep -Po "(?<=SHA-256 digest:) .*" \| tr -d "[:blank:]")" >> $GITHUB_OUTPUT


	- name: Create Release with Fastlane changelog notes
	id: create_release
	uses: softprops/action-gh-release@v2
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	body: \|
	${{ env.RELEASE_NOTES }}

	SHA256 fingerprint:
	```${{ steps.checksum.outputs.checksum }}```
	tag_name: ${{ env.TAG_NAME }}
	name: ${{ env.TAG_NAME }}
	draft: false
	prerelease: ${{ inputs.release_type == 'prerelease' \|\| inputs.release_type == '' \|\| inputs.release_type == 'nightly' }}
	make_latest: ${{ inputs.release_type == 'release' }}
	files: ${{ github.workspace }}/${{ env.APK_PATH }}

	publish-play:
	if: ${{ inputs.track != 'none' && inputs.track != '' }}
	name: Publish to Google Play
	runs-on: ubuntu-latest

	env:
	SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
	SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }}
	SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }}
	KEY_STORE_FILE: 'android_keystore.jks'
	KEY_STORE_LOCATION: ${{ github.workspace }}/app/keystore/
	GH_USER: ${{ secrets.GH_USER }}
	GH_TOKEN: ${{ secrets.GH_TOKEN }}

	steps:
	- uses: actions/checkout@v4
	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	distribution: 'temurin'
	java-version: '17'
	cache: gradle

	- name: Grant execute permission for gradlew
	run: chmod +x gradlew

	# Here we need to decode keystore.jks from base64 string and place it
	# in the folder specified in the release signing configuration
	- name: Decode Keystore
	id: decode_keystore
	uses: timheuer/base64-to-file@v1.2
	with:
	fileName: ${{ env.KEY_STORE_FILE }}
	fileDir: ${{ env.KEY_STORE_LOCATION }}
	encodedString: ${{ secrets.KEYSTORE }}

	# create keystore path for gradle to read
	- name: Create keystore path env var
	run: \|
	store_path=${{ env.KEY_STORE_LOCATION }}${{ env.KEY_STORE_FILE }}
	echo "KEY_STORE_PATH=$store_path" >> $GITHUB_ENV

	- name: Create service_account.json
	id: createServiceAccount
	run: echo '${{ secrets.SERVICE_ACCOUNT_JSON }}' > service_account.json

	- name: Deploy with fastlane
	uses: ruby/setup-ruby@v1
	with:
	ruby-version: '3.2' # Not needed with a .ruby-version file
	bundler-cache: true

	- name: Distribute app to Prod track 🚀
	run: (cd ${{ github.workspace }} && bundle install && bundle exec fastlane ${{ inputs.track }})

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

release-android #101

Workflow file

release-android #101

Jobs

Run details

Workflow file for this run