ACCESS_GRANTED check for the JWT #285
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Continuous Integration & Deployment | |
# | |
# This file is inspired by | |
# https://www.raywenderlich.com/19407406-continuous-delivery-for-android-using-github-actions | |
name: CI/CD | |
on: [ pull_request, push ] | |
jobs: | |
## Run generic tests on source code | |
test: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: REUSE Compliance Check | |
uses: fsfe/reuse-action@v1 | |
## Build the app and run unit tests | |
unit_tests: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Java setup | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'temurin' # See 'Supported distributions' for available options | |
java-version: '17' | |
- name: Inject google-services.json | |
env: | |
GOOGLE_SERVICES_JSON: ${{ secrets.GOOGLE_SERVICES_JSON }} | |
run: echo "$GOOGLE_SERVICES_JSON" > app/google-services.json | |
- name: Test the app | |
# If you want to test a specific variant, use one of the following: | |
# testDevelopmentDebugUnitTest - Run unit tests for the developmentDebug build. | |
# testDevelopmentReleaseUnitTest - Run unit tests for the developmentRelease build. | |
# testProductionDebugUnitTest - Run unit tests for the productionDebug build. | |
# testProductionReleaseUnitTest - Run unit tests for the productionRelease build. | |
run: ./gradlew test | |
## Run tests on an Android Simulator | |
## We use macos as it has hardware acceleration for that | |
android_tests: | |
runs-on: macos-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Java setup | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'temurin' # See 'Supported distributions' for available options | |
java-version: '17' | |
- name: Inject google-services.json | |
env: | |
GOOGLE_SERVICES_JSON: ${{ secrets.GOOGLE_SERVICES_JSON }} | |
run: echo "$GOOGLE_SERVICES_JSON" > app/google-services.json | |
- name: Instrumentation Tests | |
uses: reactivecircus/android-emulator-runner@v2 | |
with: | |
api-level: 33 | |
arch: x86_64 | |
# If you want to test only a specific variant, use one of the following: | |
# connectedDevelopmentDebugAndroidTest - Installs and runs the tests for developmentDebug on connected devices. | |
# connectedProductionDebugAndroidTest - Installs and runs the tests for productionDebug on connected devices. | |
script: ./gradlew connectedAndroidTest | |
## Build and sign the app, and upload it as Github Artifact | |
build_and_deploy_to_play_store: | |
needs: [ test, unit_tests, android_tests ] | |
if: github.ref == 'refs/heads/main' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
- name: Inject google-services.json | |
env: | |
GOOGLE_SERVICES_JSON: ${{ secrets.GOOGLE_SERVICES_JSON }} | |
run: echo "$GOOGLE_SERVICES_JSON" > app/google-services.json | |
- name: Increment build number | |
run: | | |
set -eo pipefail | |
BUILD_NUMBER=$(date "+%s") | |
echo "VERSION_CODE=$BUILD_NUMBER" > app/version.properties | |
cat app/version.properties | |
- name: Generate Release AAB | |
run: ./gradlew bundleProductionRelease | |
# For TESTING USE --> run: ./gradlew bundleDevelopmentRelease | |
- name: Sign AAB | |
uses: r0adkll/sign-android-release@v1 | |
# ID used to access action output | |
id: sign_app | |
with: | |
releaseDirectory: app/build/outputs/bundle/productionRelease | |
# For TESTING USE --> releaseDirectory: app/build/outputs/bundle/developmentRelease | |
signingKeyBase64: ${{ secrets.KEYSTORE_SIGNING_KEY }} | |
alias: ${{ secrets.KEYSTORE_ALIAS }} | |
keyStorePassword: ${{ secrets.KEYSTORE_PASSWORD }} | |
keyPassword: ${{ secrets.KEYSTORE_PASSWORD_FOR_KEY }} | |
- name: Publish to Play Store closed alpha track | |
uses: r0adkll/upload-google-play@v1 | |
with: | |
serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }} | |
packageName: it.bz.noi.community | |
releaseFiles: ${{ steps.sign_app.outputs.signedReleaseFile }} | |
track: alpha | |
status: completed |