name: release-android on: schedule: - cron: "4 3 * * *" workflow_dispatch: inputs: track: type: choice description: "Google play release track" options: - none - internal - alpha - beta - production default: none required: true release_type: type: choice description: "GitHub release type" options: - none - prerelease - nightly - release default: release required: true tag_name: description: "Tag name for release" required: false default: nightly workflow_call: jobs: check_commits: name: Check for New Commits runs-on: ubuntu-latest outputs: has_new_commits: ${{ steps.check.outputs.new_commits }} steps: - name: Checkout Repository uses: actions/checkout@v3 with: fetch-depth: 0 # This fetches all history so we can check commits - name: Check for new commits id: check env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | # This script checks for commits newer than 23 hours ago NEW_COMMITS=$(git rev-list --count --after="$(date -Iseconds -d '23 hours ago')" ${{ github.sha }}) echo "new_commits=$NEW_COMMITS" >> $GITHUB_OUTPUT build: needs: check_commits if: ${{ needs.check_commits.outputs.has_new_commits > 0 && inputs.release_type != 'none' }} name: Build Signed APK runs-on: ubuntu-latest env: SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }} SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }} SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }} KEY_STORE_FILE: 'android_keystore.jks' KEY_STORE_LOCATION: ${{ github.workspace }}/app/keystore/ GH_USER: ${{ secrets.GH_USER }} # GH needed for gh cli GH_TOKEN: ${{ secrets.GH_TOKEN }} GH_REPO: ${{ github.repository }} steps: - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v4 with: distribution: 'temurin' java-version: '17' cache: gradle - name: Grant execute permission for gradlew run: chmod +x gradlew - name: Install system dependencies run: | sudo apt update && sudo apt install -y gh apksigner # Here we need to decode keystore.jks from base64 string and place it # in the folder specified in the release signing configuration - name: Decode Keystore id: decode_keystore uses: timheuer/base64-to-file@v1.2 with: fileName: ${{ env.KEY_STORE_FILE }} fileDir: ${{ env.KEY_STORE_LOCATION }} encodedString: ${{ secrets.KEYSTORE }} # update latest tag - name: Set latest tag uses: rickstaa/action-create-tag@v1 id: tag_creation with: tag: "latest" # or any tag name you wish to use message: "Automated tag for HEAD commit" force_push_tag: true tag_exists_error: false - name: Get latest release id: latest_release uses: kaliber5/action-get-release@v1 with: token: ${{ secrets.GITHUB_TOKEN }} latest: true - name: Generate Changelog id: changelog uses: requarks/changelog-action@v1 with: token: ${{ secrets.GITHUB_TOKEN }} toTag: ${{ github.event_name == 'schedule' && 'nightly' || steps.latest_release.outputs.tag_name }} fromTag: "latest" writeToFile: false # we won't write to file, just output # create keystore path for gradle to read - name: Create keystore path env var run: | store_path=${{ env.KEY_STORE_LOCATION }}${{ env.KEY_STORE_FILE }} echo "KEY_STORE_PATH=$store_path" >> $GITHUB_ENV - name: Create service_account.json id: createServiceAccount run: echo '${{ secrets.SERVICE_ACCOUNT_JSON }}' > service_account.json # Build and sign APK ("-x test" argument is used to skip tests) # add fdroid flavor for apk upload - name: Build Fdroid Release APK if: ${{ inputs.release_type != '' && inputs.release_type == 'release' }} run: ./gradlew :app:assembleFdroidRelease -x test - name: Build Fdroid Prerelease APK if: ${{ inputs.release_type != '' && inputs.release_type == 'prerelease' }} run: ./gradlew :app:assembleFdroidPrerelease -x test - name: Build Fdroid Nightly APK if: ${{ inputs.release_type == '' || inputs.release_type == 'nightly' }} run: ./gradlew :app:assembleFdroidNightly -x test - if: ${{ inputs.release_type == '' || inputs.release_type == 'nightly' }} run: echo "APK_PATH=$(find . -regex '^.*/build/outputs/apk/fdroid/nightly/.*\.apk$' -type f | head -1)" >> $GITHUB_ENV - if: ${{ inputs.release_type != '' && inputs.release_type == 'release' }} run: echo "APK_PATH=$(find . -regex '^.*/build/outputs/apk/fdroid/release/.*\.apk$' -type f | head -1)" >> $GITHUB_ENV - if: ${{ inputs.release_type != '' && inputs.release_type == 'prerelease' }} run: echo "APK_PATH=$(find . -regex '^.*/build/outputs/apk/fdroid/prerelease/.*\.apk$' -type f | head -1)" >> $GITHUB_ENV - name: Get version code if: ${{ inputs.release_type == 'release' }} run: | version_code=$(grep "VERSION_CODE" buildSrc/src/main/kotlin/Constants.kt | awk '{print $5}' | tr -d '\n') echo "VERSION_CODE=$version_code" >> $GITHUB_ENV - name: Commit and push versionCode changes if: ${{ inputs.release_type == '' || inputs.release_type == 'nightly' || inputs.release_type == 'prerelease' }} run: | git config --global user.name 'GitHub Actions' git config --global user.email 'actions@github.com' git add versionCode.txt git commit -m "Automated build update" - name: Push changes if: ${{ inputs.release_type == '' || inputs.release_type == 'nightly' || inputs.release_type == 'prerelease' }} uses: ad-m/github-push-action@master with: github_token: ${{ secrets.GITHUB_TOKEN }} branch: ${{ github.ref }} # Save the APK after the Build job is complete to publish it as a Github release in the next job - name: Upload APK uses: actions/upload-artifact@v4.4.3 with: name: wgtunnel path: ${{ env.APK_PATH }} - name: Download APK from build uses: actions/download-artifact@v4 with: name: wgtunnel - name: Repository Dispatch for my F-Droid repo uses: peter-evans/repository-dispatch@v3 if: ${{ inputs.release_type == 'release' }} with: token: ${{ secrets.PAT }} repository: zaneschepke/fdroid event-type: fdroid-update # Setup TAG_NAME, which is used as a general "name" - if: github.event_name == 'workflow_dispatch' run: echo "TAG_NAME=${{ github.event.inputs.tag_name }}" >> $GITHUB_ENV - if: github.event_name == 'schedule' run: echo "TAG_NAME=nightly" >> $GITHUB_ENV - name: Set version release notes if: ${{ inputs.release_type == 'release' }} run: | RELEASE_NOTES="$(cat ${{ github.workspace }}/fastlane/metadata/android/en-US/changelogs/${{ env.VERSION_CODE }}.txt)" echo "RELEASE_NOTES<> $GITHUB_ENV echo "$RELEASE_NOTES" >> $GITHUB_ENV echo "EOF" >> $GITHUB_ENV - name: On nightly release notes if: ${{ contains(env.TAG_NAME, 'nightly') }} run: | echo "RELEASE_NOTES=Nightly build for the latest development version of the app." >> $GITHUB_ENV gh release delete nightly --yes || true git push origin :nightly || true - name: On prerelease release notes if: ${{ inputs.release_type == 'prerelease' }} run: | echo "RELEASE_NOTES=Testing version of app for specific feature." >> $GITHUB_ENV gh release delete ${{ github.event.inputs.tag_name }} --yes || true - name: Get checksum id: checksum run: echo "checksum=$(apksigner verify -print-certs ${{ env.APK_PATH }} | grep -Po "(?<=SHA-256 digest:) .*" | tr -d "[:blank:]")" >> $GITHUB_OUTPUT - name: Create Release with Fastlane changelog notes id: create_release uses: softprops/action-gh-release@v2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: body: | ${{ env.RELEASE_NOTES }} SHA256 fingerprint: ```${{ steps.checksum.outputs.checksum }}``` ### Changelog ${{ steps.changelog.outputs.changes }} tag_name: ${{ env.TAG_NAME }} name: ${{ env.TAG_NAME }} draft: false prerelease: ${{ inputs.release_type == 'prerelease' || inputs.release_type == '' || inputs.release_type == 'nightly' }} make_latest: ${{ inputs.release_type == 'release' }} files: ${{ github.workspace }}/${{ env.APK_PATH }} publish-play: if: ${{ inputs.track != 'none' && inputs.track != '' }} name: Publish to Google Play runs-on: ubuntu-latest env: SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }} SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }} SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }} KEY_STORE_FILE: 'android_keystore.jks' KEY_STORE_LOCATION: ${{ github.workspace }}/app/keystore/ GH_USER: ${{ secrets.GH_USER }} GH_TOKEN: ${{ secrets.GH_TOKEN }} steps: - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v4 with: distribution: 'temurin' java-version: '17' cache: gradle - name: Grant execute permission for gradlew run: chmod +x gradlew # Here we need to decode keystore.jks from base64 string and place it # in the folder specified in the release signing configuration - name: Decode Keystore id: decode_keystore uses: timheuer/base64-to-file@v1.2 with: fileName: ${{ env.KEY_STORE_FILE }} fileDir: ${{ env.KEY_STORE_LOCATION }} encodedString: ${{ secrets.KEYSTORE }} # create keystore path for gradle to read - name: Create keystore path env var run: | store_path=${{ env.KEY_STORE_LOCATION }}${{ env.KEY_STORE_FILE }} echo "KEY_STORE_PATH=$store_path" >> $GITHUB_ENV - name: Create service_account.json id: createServiceAccount run: echo '${{ secrets.SERVICE_ACCOUNT_JSON }}' > service_account.json - name: Deploy with fastlane uses: ruby/setup-ruby@v1 with: ruby-version: '3.2' # Not needed with a .ruby-version file bundler-cache: true - name: Distribute app to Prod track 🚀 run: (cd ${{ github.workspace }} && bundle install && bundle exec fastlane ${{ inputs.track }})