gronod/esp32-aldl-android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

ci: add release signing configuration and tag validation to workflows
Build and Release APK / build-and-release (push) Successful in 5m16s
Details

Browse Source
This commit is contained in:
gronod
2026-06-14 11:28:14 +01:00
parent 2e94463f37
commit d40a63ec4a
3 changed files with 93 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/release.yml
+48 -10
View File
@@ -1,3 +1,8 @@
# Required Gitea secrets:
# SIGNING_KEYSTORE_BASE64 - base64-encoded Android release keystore
# SIGNING_STORE_PASSWORD - keystore password
# SIGNING_KEY_ALIAS - key alias
# SIGNING_KEY_PASSWORD - key password
name: Build and Release APK
on:
@@ -8,9 +13,16 @@ on:
jobs:
build-and-release:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Validate tag format
run: |
if [[ "${{ github.ref_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Tag ${{ github.ref_name }} is valid."
else
echo "Invalid tag format: ${{ github.ref_name }}. Expected vN.N.N"
exit 1
fi
- name: Checkout Repository
uses: actions/checkout@v4
@@ -26,14 +38,40 @@ jobs:
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Test and Build Debug APK
run: chmod +x ./gradlew && ./gradlew test && ./gradlew assembleDebug
- name: Decode keystore
run: |
echo "${{ secrets.SIGNING_KEYSTORE_BASE64 }}" | base64 -d > release.keystore
- name: Export signing environment variables
run: |
echo "SIGNING_STORE_FILE=$(pwd)/release.keystore" >> $GITHUB_ENV
echo "SIGNING_STORE_PASSWORD=${{ secrets.SIGNING_STORE_PASSWORD }}" >> $GITHUB_ENV
echo "SIGNING_KEY_ALIAS=${{ secrets.SIGNING_KEY_ALIAS }}" >> $GITHUB_ENV
echo "SIGNING_KEY_PASSWORD=${{ secrets.SIGNING_KEY_PASSWORD }}" >> $GITHUB_ENV
- name: Test and Build Release APK
run: chmod +x ./gradlew && ./gradlew test assembleRelease
- name: Rename APK
run: mv app/build/outputs/apk/debug/app-debug.apk app/build/outputs/apk/debug/esp32-aldl-dashboard-${{ github.ref_name }}.apk
run: |
mkdir -p artifacts
cp app/build/outputs/apk/release/app-release.apk artifacts/esp32-aldl-dashboard-${{ github.ref_name }}.apk
- name: Create Release and Upload APK
uses: softprops/action-gh-release@v2
with:
files: app/build/outputs/apk/debug/esp32-aldl-dashboard-${{ github.ref_name }}.apk
- name: Create Gitea Release
id: create_release
run: |
response=$(curl -s -X POST \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/json" \
-d "{\"tag_name\":\"${{ github.ref_name }}\",\"name\":\"Release ${{ github.ref_name }}\",\"body\":\"Auto-generated release for ${{ github.ref_name }}.\"}" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/releases")
echo "release_response=$response" >> $GITHUB_ENV
- name: Upload APK to Gitea Release
run: |
upload_url=$(echo "$release_response" | grep -o '"url":"[^"]*' | head -1 | cut -d'"' -f4)
curl -s -X POST \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/vnd.android.package-archive" \
--data-binary @artifacts/esp32-aldl-dashboard-${{ github.ref_name }}.apk \
"${upload_url}/assets?name=esp32-aldl-dashboard-${{ github.ref_name }}.apk"
.github/workflows/release.yml
+32 -6
View File
@@ -1,3 +1,8 @@
# Required GitHub secrets:
# SIGNING_KEYSTORE_BASE64 - base64-encoded Android release keystore
# SIGNING_STORE_PASSWORD - keystore password
# SIGNING_KEY_ALIAS - key alias
# SIGNING_KEY_PASSWORD - key password
name: Build and Release APK
on:
@@ -11,6 +16,15 @@ jobs:
permissions:
contents: write
steps:
- name: Validate tag format
run: |
if [[ "${{ github.ref_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Tag ${{ github.ref_name }} is valid."
else
echo "Invalid tag format: ${{ github.ref_name }}. Expected vN.N.N"
exit 1
fi
- name: Checkout Repository
uses: actions/checkout@v4
@@ -26,15 +40,27 @@ jobs:
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Test and Build Debug APK
run: chmod +x ./gradlew && ./gradlew test && ./gradlew assembleDebug
- name: Decode keystore
run: |
echo "${{ secrets.SIGNING_KEYSTORE_BASE64 }}" | base64 -d > release.keystore
- name: Export signing environment variables
run: |
echo "SIGNING_STORE_FILE=$(pwd)/release.keystore" >> $GITHUB_ENV
echo "SIGNING_STORE_PASSWORD=${{ secrets.SIGNING_STORE_PASSWORD }}" >> $GITHUB_ENV
echo "SIGNING_KEY_ALIAS=${{ secrets.SIGNING_KEY_ALIAS }}" >> $GITHUB_ENV
echo "SIGNING_KEY_PASSWORD=${{ secrets.SIGNING_KEY_PASSWORD }}" >> $GITHUB_ENV
- name: Test and Build Release APK
run: chmod +x ./gradlew && ./gradlew test assembleRelease
- name: Rename APK
run: mv app/build/outputs/apk/debug/app-debug.apk app/build/outputs/apk/debug/esp32-aldl-dashboard-${{ github.ref_name }}.apk
run: |
mkdir -p artifacts
cp app/build/outputs/apk/release/app-release.apk artifacts/esp32-aldl-dashboard-${{ github.ref_name }}.apk
- name: Create Release and Upload APK
uses: softprops/action-gh-release@v2
with:
files: app/build/outputs/apk/debug/esp32-aldl-dashboard-${{ github.ref_name }}.apk
generate_release_notes: true
files: artifacts/esp32-aldl-dashboard-${{ github.ref_name }}.apk
generate_release_notes: true
app/build.gradle.kts
+13
View File
@@ -16,8 +16,21 @@ android {
versionName = "1.0"
}
signingConfigs {
create("release") {
val storeFilePath = System.getenv("SIGNING_STORE_FILE")
if (storeFilePath != null) {
storeFile = file(storeFilePath)
storePassword = System.getenv("SIGNING_STORE_PASSWORD")
keyAlias = System.getenv("SIGNING_KEY_ALIAS")
keyPassword = System.getenv("SIGNING_KEY_PASSWORD")
}
}
}
buildTypes {
release {
signingConfig = signingConfigs.getByName("release")
isMinifyEnabled = false
proguardFiles(getDefaultProguardFile("proguard-android-optimize.txt"), "proguard-rules.pro")
}