diff --git a/.github/workflows/releases-android-binary.yml b/.github/workflows/releases-android-binary.yml index b9af03994..fde1e4d4f 100644 --- a/.github/workflows/releases-android-binary.yml +++ b/.github/workflows/releases-android-binary.yml @@ -170,11 +170,30 @@ jobs: sudo dpkg -i qemu-user-static_*.deb # required by mbedtls build sudo apt-get install -y python3-jsonschema python3-jinja2 + - name: Install the Release certificate + if: ${{ github.event_name == 'release' }} + env: + SIGNING_STORE_BASE64: ${{ secrets.SIGNING_STORE_BASE64 }} + SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }} + SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }} + SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }} + run: | + echo -n "$SIGNING_STORE_BASE64" | base64 --decode > $RUNNER_TEMP/release.jks + echo "SIGNING_STORE_PATH=$RUNNER_TEMP/release.jks" >> $GITHUB_ENV + echo "SIGNING_STORE_PASSWORD=$SIGNING_STORE_PASSWORD" >> $GITHUB_ENV + echo "SIGNING_KEY_ALIAS=$SIGNING_KEY_ALIAS" >> $GITHUB_ENV + echo "SIGNING_KEY_PASSWORD=$SIGNING_KEY_PASSWORD" >> $GITHUB_ENV - name: Build TGZ packages run: | ./tools/build --variant gui --arch ${{ matrix.arch }} --system android --cmake-build-type MinSizeRel \ -build-benchmark -build-test \ -android-sdk-dir "${ANDROID_HOME}" -android-ndk-dir "${ANDROID_NDK_HOME}" + - name: Clean up keychain and provisioning profile + if: ${{ always() }} + run: | + if [ ! -z $SIGNING_STORE_PATH ]; then + rm -f $SIGNING_STORE_PATH + fi - name: "Install dependency: android sysroot (test purpose)" if: ${{ steps.sysroot-cache.outputs.cache-hit != 'true' }} run: | diff --git a/android/keystore/.gitignore b/android/keystore/.gitignore new file mode 100644 index 000000000..0e5d940e8 --- /dev/null +++ b/android/keystore/.gitignore @@ -0,0 +1 @@ +keystore.jks diff --git a/android/keystore/debug_keystore.jks b/android/keystore/debug_keystore.jks new file mode 100644 index 000000000..1a7b84b3b Binary files /dev/null and b/android/keystore/debug_keystore.jks differ diff --git a/android/yass/build.gradle b/android/yass/build.gradle index 1f1bb91e1..9e56af3ff 100644 --- a/android/yass/build.gradle +++ b/android/yass/build.gradle @@ -16,8 +16,30 @@ android { jniLibs.srcDirs = ['libs'] // add your jni .so file path } } + signingConfigs { + release { + def keystorePath = System.getenv("SIGNING_STORE_PATH") + + if (keystorePath == null) { + keystorePath = "../keystore/debug_keystore.jks" + storePassword = "abc123" + keyAlias = "key0" + keyPassword = "abc123" + } else { + storePassword = System.getenv("SIGNING_STORE_PASSWORD") + keyAlias = System.getenv("SIGNING_KEY_ALIAS") + keyPassword = System.getenv("SIGNING_KEY_PASSWORD") + } + + storeFile = file(keystorePath) + storePassword storePassword + keyAlias keyAlias + keyPassword keyPassword + } + } buildTypes { release { + signingConfig signingConfigs.release minifyEnabled false proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' } diff --git a/tools/build.go b/tools/build.go index 235245e22..2640af3c9 100644 --- a/tools/build.go +++ b/tools/build.go @@ -1911,7 +1911,7 @@ func archiveMainFile(output string, prefix string, paths []string, dllPaths []st _, abi := getAndroidTargetAndAppAbi(archFlag) if cmakeBuildTypeFlag == "Release" || cmakeBuildTypeFlag == "MinSizeRel" { cmdRun([]string{"./gradlew", "yass:assembleRelease", "--info"}, true) - err = os.Rename(fmt.Sprintf("./yass/build/outputs/apk/release/yass-%s-release-unsigned.apk", abi), output) + err = os.Rename(fmt.Sprintf("./yass/build/outputs/apk/release/yass-%s-release.apk", abi), output) if err != nil { glog.Fatalf("%v", err) }