diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 83c5a7ef42..307bec6783 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -9,6 +9,7 @@ jobs: setup-android: runs-on: ubuntu-latest steps: + - uses: actions/checkout@master - name: Setup middleware dependency env: @@ -17,10 +18,13 @@ jobs: amplitude_secret: ${{ secrets.ANYTYPE_AMPLITUDE_SECRET }} amplitude_secret_debug: ${{ secrets.ANYTYPE_AMPLITUDE_DEBUG_SECRET }} run: ./middleware2.sh $token_secret $user_secret $amplitude_secret $amplitude_secret_debug + - name: Compile android test sources run: ./gradlew compileDebugAndroidTestSources -q + - name: Run unit tests run: ./gradlew testDebugAll -Dpre-dex=false -q + - name: Android test report uses: asadmansr/android-test-report-action@v1.2.0 - if: ${{ always() }} # IMPORTANT: run Android Test Report regardless + if: ${{ always() }} # IMPORTANT: run Android Test Report regardless \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000000..ae15d63343 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,45 @@ +on: + workflow_dispatch: +name: Build signed release APK +jobs: + setup-android: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + - name: Setup middleware dependency + env: + token_secret: ${{ secrets.ANYTYPE_SECRET }} + user_secret: ${{ secrets.ANYTYPE_USER_SECRET }} + amplitude_secret: ${{ secrets.ANYTYPE_AMPLITUDE_SECRET }} + amplitude_secret_debug: ${{ secrets.ANYTYPE_AMPLITUDE_DEBUG_SECRET }} + run: ./middleware2.sh $token_secret $user_secret $amplitude_secret $amplitude_secret_debug + + - name: Decrypt secrets + run: ./scripts/release/decrypt-secrets.sh + env: + ENCRYPT_KEY: ${{ secrets.ENCRYPT_KEY }} + + - name: Setup keystore + env: + RELEASE_KEY_ALIAS: ${{ secrets.RELEASE_KEY_ALIAS }} + RELEASE_KEY_PWD: ${{ secrets.RELEASE_KEY_PWD }} + RELEASE_STORE_PWD: ${{ secrets.RELEASE_STORE_PWD }} + run: ./scripts/release/setup-store.sh $token_secret $RELEASE_KEY_ALIAS $RELEASE_KEY_PWD $RELEASE_STORE_PWD + + - name: Build APKS + run: ./gradlew :app:assembleRelease + + - name: Build AAB + run: ./gradlew :app:bundleRelease + + - name: Clean secrets + if: always() + run: ./scripts/release/clean-secrets.sh + + - name: Upload artifacts + uses: actions/upload-artifact@master + with: + name: APK + BUNDLE + path: | + app/build/outputs/apk/release/ + app/build/outputs/bundle/release/ \ No newline at end of file diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml index 772ce85ce0..1ec383daf4 100644 --- a/.github/workflows/workflow.yml +++ b/.github/workflows/workflow.yml @@ -6,6 +6,7 @@ jobs: setup-android: runs-on: ubuntu-latest steps: + - uses: actions/checkout@master - name: Setup middleware dependency env: @@ -14,5 +15,6 @@ jobs: amplitude_secret: ${{ secrets.ANYTYPE_AMPLITUDE_SECRET }} amplitude_secret_debug: ${{ secrets.ANYTYPE_AMPLITUDE_DEBUG_SECRET }} run: ./middleware2.sh $token_secret $user_secret $amplitude_secret $amplitude_secret_debug + - name: Run unit tests. Full mode. - run: ./gradlew build test -Dpre-dex=false -q + run: ./gradlew build test -Dpre-dex=false -q \ No newline at end of file diff --git a/.gitignore b/.gitignore index 8dfbf32039..cf89c53cea 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,7 @@ /configuration.properties /github.properties /apikeys.properties +/scripts/release/app-release.jks .DS_Store **/build /libs diff --git a/app/build.gradle b/app/build.gradle index ad0098a343..bbedf0d773 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -10,9 +10,7 @@ def apikeyPropertiesFile = rootProject.file("apikeys.properties") def apikeyProperties = new Properties() apikeyProperties.load(new FileInputStream(apikeyPropertiesFile)) -//def keystorePropertiesFile = rootProject.file("signing.properties") -//def keystoreProperties = new Properties() -//keystoreProperties.load(new FileInputStream(keystorePropertiesFile)) +def useReleaseKeystore = rootProject.file("scripts/release/app-release.jks").exists() android { def config = rootProject.ext @@ -36,32 +34,32 @@ android { } -// signingConfigs { -// //For proper signing, use debuggable false for a build. -// release { -// keyAlias keystoreProperties['RELEASE_KEY_ALIAS'] -// keyPassword keystoreProperties['RELEASE_KEY_PASSWORD'] -// storeFile file(keystoreProperties['RELEASE_STORE_FILE']) -// storePassword keystoreProperties['RELEASE_STORE_PASSWORD'] -// v1SigningEnabled true -// v2SigningEnabled true -// } -// debug { -// keyAlias keystoreProperties['DEBUG_KEY_ALIAS'] -// keyPassword keystoreProperties['DEBUG_KEY_PASSWORD'] -// storeFile file(keystoreProperties['DEBUG_STORE_FILE']) -// storePassword keystoreProperties['DEBUG_STORE_PASSWORD'] -// v1SigningEnabled true -// v2SigningEnabled true -// } -// } + signingConfigs { + release { + if (useReleaseKeystore) { + def keystorePropertiesFile = rootProject.file("signing.properties") + def keystoreProperties = new Properties() + keystoreProperties.load(new FileInputStream(keystorePropertiesFile)) + + storeFile rootProject.file("scripts/release/app-release.jks") + keyAlias keystoreProperties['RELEASE_KEY_ALIAS'] + keyPassword keystoreProperties['RELEASE_KEY_PASSWORD'] + storePassword keystoreProperties['RELEASE_STORE_PASSWORD'] + v1SigningEnabled true + v2SigningEnabled true + } + } + } buildTypes { release { minifyEnabled false + debuggable false proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' buildConfigField("String", "AMPLITUDE_KEY", apikeyProperties['amplitude.release']) - //signingConfig signingConfigs.release + if (useReleaseKeystore) { + signingConfig signingConfigs.release + } } debug { diff --git a/scripts/release/app-release.gpg b/scripts/release/app-release.gpg new file mode 100644 index 0000000000..a081977054 Binary files /dev/null and b/scripts/release/app-release.gpg differ diff --git a/scripts/release/clean-secrets.sh b/scripts/release/clean-secrets.sh new file mode 100755 index 0000000000..8595ea045a --- /dev/null +++ b/scripts/release/clean-secrets.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash + +# Delete release key store settings +rm -f signing.properties + +# Delete release key store +rm -f scripts/release/app-release.jks \ No newline at end of file diff --git a/scripts/release/decrypt-secrets.sh b/scripts/release/decrypt-secrets.sh new file mode 100755 index 0000000000..c838bb81b7 --- /dev/null +++ b/scripts/release/decrypt-secrets.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +decrypt() { + PASSPHRASE=$1 + INPUT=$2 + OUTPUT=$3 + gpg --quiet --batch --yes --decrypt --passphrase="$PASSPHRASE" --output $OUTPUT $INPUT +} + +if [[ ! -z "$ENCRYPT_KEY" ]]; then + decrypt ${ENCRYPT_KEY} scripts/release/app-release.gpg scripts/release/app-release.jks +else + echo "ENCRYPT_KEY is empty" +fi diff --git a/scripts/release/encrypt-secrets.sh b/scripts/release/encrypt-secrets.sh new file mode 100755 index 0000000000..c04e5fd210 --- /dev/null +++ b/scripts/release/encrypt-secrets.sh @@ -0,0 +1,14 @@ +#!/usr/bin/env bash + +encrypt() { + PASSPHRASE=$1 + INPUT=$2 + OUTPUT=$3 + gpg --batch --yes --passphrase="$PASSPHRASE" --cipher-algo AES256 --symmetric --output $OUTPUT $INPUT +} + +if [[ ! -z "$ENCRYPT_KEY" ]]; then + encrypt ${ENCRYPT_KEY} scripts/release/app-release.jks scripts/release/app-release.gpg +else + echo "ENCRYPT_KEY is empty" +fi \ No newline at end of file diff --git a/scripts/release/setup-store.sh b/scripts/release/setup-store.sh new file mode 100755 index 0000000000..99357fda9f --- /dev/null +++ b/scripts/release/setup-store.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +KEY_ALIAS=$1 +KEY_PWD=$2 +STORE_PWD=$3 + +rm -rf signing.properties +touch signing.properties + +echo "RELEASE_KEY_ALIAS=$KEY_ALIAS" >> signing.properties +echo "RELEASE_KEY_PASSWORD=$KEY_PWD" >> signing.properties +echo "RELEASE_STORE_PASSWORD=$STORE_PWD" >> signing.properties \ No newline at end of file