Skip to content

Commit

Permalink
Assemble, sign, upload and publish release builds
Browse files Browse the repository at this point in the history
  • Loading branch information
SaintPatrck committed Apr 22, 2024
1 parent e2db6ef commit d3e5a5a
Show file tree
Hide file tree
Showing 7 changed files with 257 additions and 17 deletions.
134 changes: 132 additions & 2 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@ env:
RUBY_VERSION: 3.2.2

jobs:
build:
name: Build
check:
name: Check
runs-on: ubuntu-22.04
steps:
- name: Checkout
Expand Down Expand Up @@ -62,3 +62,133 @@ jobs:
- name: Check
run: bundle exec fastlane check

build:
name: Build
needs:
- check
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
# Allow subsequent steps to trigger GitHub Actions via git push
# https://github.community/t/push-from-action-even-with-pat-does-not-trigger-action/17622
persist-credentials: false

- name: Validate Gradle Wrapper
uses: gradle/wrapper-validation-action@b5418f5a58f5fd2eb486dd7efb368fe7be7eae45 # v2.1.3

- name: Cache Gradle Files
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
${{ github.workspace }}/build-cache
key: ${{ runner.os }}-gradle-v2-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties', '**/libs.versions.toml') }}
restore-keys: |
${{ runner.os }}-gradle-v2-
- name: Configure JDK
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
with:
distribution: 'temurin'
java-version: ${{ env.JAVA_VERSION }}

- name: Configure Ruby
uses: ruby/setup-ruby@5f19ec79cedfadb78ab837f95b87734d0003c899 # v1.173.0
with:
bundler-cache: true
ruby-version: ${{ env.RUBY_VERSION }}

- name: Install Fastlane
run: |
gem install bundler:2.2.27
bundle config path vendor/bundle
bundle install --jobs 4 --retry 3
- name: Login to Azure - CI Subscription
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}

- name: Download secrets
env:
ACCOUNT_NAME: bitwardenci
CONTAINER_NAME: mobile
run: |
mkdir -p ${{ github.workspace }}/secrets
mkdir -p ${{ github.workspace }}/keystores
az storage blob download \
--account-name $ACCOUNT_NAME \
--container-name $CONTAINER_NAME \
--name authenticator_apk-keystore.jks \
--file ${{ github.workspace }}/keystores/authenticator_apk-keystore.jks \
--output none
az storage blob download \
--account-name $ACCOUNT_NAME \
--container-name $CONTAINER_NAME \
--name authenticator_aab-keystore.jks \
--file ${{ github.workspace }}/keystores/authenticator_aab-keystore.jks \
--output none
az storage blob download \
--account-name $ACCOUNT_NAME \
--container-name $CONTAINER_NAME \
--name authenticator_play_firebase-creds.json \
--file ${{ github.workspace }}/secrets/authenticator_play_firebase-creds.json \
--output none
shell: bash

- name: Set build version
env:
FIREBASE_CREDS_PATH: ${{ github.workspace }}/secrets/authenticator_play_firebase-creds.json
run: |
bundle exec fastlane setBuildVersionInfo \
serviceCredentialsFile:${{ env.FIREBASE_CREDS_PATH }}
shell: bash

- name: Assemble Release APK
run: |
bundle exec fastlane buildRelease \
storeFile:${{ github.workspace }}/keystores/authenticator_apk-keystore.jks \
storePassword:'${{ secrets.APK_KEYSTORE_STORE_PASSWORD }}' \
keyAlias:bitwardenauthenticator \
keyPassword:'${{ secrets.APK_KEYSTORE_KEY_PASSWORD }}'
shell: bash

- name: Create checksum file for Release APK
run: |
sha256sum "app/build/outputs/apk/release/com.bitwarden.authenticator-release.apk" \
> ./authenticator-android-apk-sha256.txt
- name: Upload release APK to GitHub
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: com.bitwarden.authenticator.apk
path: app/build/outputs/apk/release/com.bitwarden.authenticator-release.apk
if-no-files-found: error

- name: Upload checksum file for Release .apk
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: authenticator-android-apk-sha256.txt
path: ./authenticator-android-apk-sha256.txt
if-no-files-found: error

- name: Install Firebase App Distribution plugin
# if: ${{ github.ref_name == 'main' }}
run: bundle exec fastlane add_plugin firebase_app_distribution

- name: Publish release APK to Firebase
# if: ${{ github.ref_name == 'main' }}
env:
FIREBASE_CREDS_PATH: ${{ github.workspace }}/secrets/authenticator_play_firebase-creds.json
run: |
bundle exec fastlane distributeReleaseToFirebase \
serviceCredentialsFile:${{ env.FIREBASE_CREDS_PATH }}
shell: bash
5 changes: 4 additions & 1 deletion Gemfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
source "https://rubygems.org"

ruby '3.2.2'
gem "fastlane", "2.219.0"
gem "fastlane"

plugins_path = File.join(File.dirname(__FILE__), 'fastlane', 'Pluginfile')
eval_gemfile(plugins_path) if File.exist?(plugins_path)
26 changes: 17 additions & 9 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -10,17 +10,17 @@ GEM
artifactory (3.0.17)
atomos (0.1.3)
aws-eventstream (1.3.0)
aws-partitions (1.905.0)
aws-sdk-core (3.191.5)
aws-partitions (1.915.0)
aws-sdk-core (3.192.0)
aws-eventstream (~> 1, >= 1.3.0)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.8)
jmespath (~> 1, >= 1.6.1)
aws-sdk-kms (1.78.0)
aws-sdk-kms (1.79.0)
aws-sdk-core (~> 3, >= 3.191.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.146.1)
aws-sdk-core (~> 3, >= 3.191.0)
aws-sdk-s3 (1.147.0)
aws-sdk-core (~> 3, >= 3.192.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.8)
aws-sigv4 (1.8.0)
Expand Down Expand Up @@ -109,6 +109,9 @@ GEM
xcodeproj (>= 1.13.0, < 2.0.0)
xcpretty (~> 0.3.0)
xcpretty-travis-formatter (>= 0.0.3)
fastlane-plugin-firebase_app_distribution (0.9.0)
google-apis-firebaseappdistribution_v1 (~> 0.3.0)
google-apis-firebaseappdistribution_v1alpha (~> 0.2.0)
gh_inspector (1.1.3)
google-apis-androidpublisher_v3 (0.54.0)
google-apis-core (>= 0.11.0, < 2.a)
Expand All @@ -120,6 +123,10 @@ GEM
representable (~> 3.0)
retriable (>= 2.0, < 4.a)
rexml
google-apis-firebaseappdistribution_v1 (0.3.0)
google-apis-core (>= 0.11.0, < 2.a)
google-apis-firebaseappdistribution_v1alpha (0.2.0)
google-apis-core (>= 0.11.0, < 2.a)
google-apis-iamcredentials_v1 (0.17.0)
google-apis-core (>= 0.11.0, < 2.a)
google-apis-playcustomapp_v1 (0.13.0)
Expand Down Expand Up @@ -151,7 +158,7 @@ GEM
domain_name (~> 0.5)
httpclient (2.8.3)
jmespath (1.6.2)
json (2.7.1)
json (2.7.2)
jwt (2.8.1)
base64
mini_magick (4.12.0)
Expand All @@ -161,11 +168,11 @@ GEM
nanaimo (0.3.0)
naturally (2.2.1)
nkf (0.2.0)
optparse (0.4.0)
optparse (0.5.0)
os (1.1.4)
plist (3.7.1)
public_suffix (5.0.5)
rake (13.2.0)
rake (13.2.1)
representable (3.2.0)
declarative (< 0.1.0)
trailblazer-option (>= 0.1.1, < 0.2.0)
Expand Down Expand Up @@ -212,7 +219,8 @@ PLATFORMS
x86_64-linux

DEPENDENCIES
fastlane (= 2.219.0)
fastlane
fastlane-plugin-firebase_app_distribution

RUBY VERSION
ruby 3.2.2p53
Expand Down
6 changes: 4 additions & 2 deletions app/build.gradle.kts
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
plugins {
alias(libs.plugins.android.application)
alias(libs.plugins.crashlytics)
// alias(libs.plugins.crashlytics)
alias(libs.plugins.hilt)
alias(libs.plugins.kotlin.android)
alias(libs.plugins.kotlin.parcelize)
Expand All @@ -23,6 +23,8 @@ android {

testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"

setProperty("archivesBaseName", "com.bitwarden.authenticator")

ksp {
// The location in which the generated Room Database Schemas will be stored in the repo.
arg("room.schemaLocation", "$projectDir/schemas")
Expand All @@ -36,7 +38,7 @@ android {

buildTypes {
release {
isMinifyEnabled = false
isMinifyEnabled = true
proguardFiles(
getDefaultProguardFile("proguard-android-optimize.txt"),
"proguard-rules.pro"
Expand Down
4 changes: 2 additions & 2 deletions fastlane/Appfile
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
json_key_file("") # Path to the json secret file - Follow https://docs.fastlane.tools/actions/supply/#setup to get one
package_name("com.bitwarden.authenticator") # e.g. com.krausefx.app
json_key_file("secrets/authenticator_play_firebase-creds.json") # Path to the json secret file
package_name("com.bitwarden.authenticator")
94 changes: 93 additions & 1 deletion fastlane/Fastfile
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,100 @@
default_platform(:android)

platform :android do
desc "Runs all the tests"

desc "Runs tests"
lane :check do
gradle(task: "check")
end

desc "Apply build version information"
fastlane_require "time"
lane :setBuildVersionInfo do |options|

latestRelease = firebase_app_distribution_get_latest_release(
app: "1:867301491091:android:50b626dba42a361651e866",
service_credentials_file:options[:serviceCredentialsFile]
)

currentVersionName = latestRelease[:displayVersion]

# Gather current version information
versionParts = currentVersionName.split(".")
currentMajor = versionParts[0]
currentMinor = versionParts[1]
currentRevision = versionParts[2]

# Current date used to derive next version name.
currentDate = Time.new
major = currentDate.year.to_s
minor = currentDate.strftime "%m"

# Determine the next revision number to apply.
revision = 0
if currentMajor == major and currentMinor == minor
revision = currentRevision.to_i + 1
end

# Cache next version information
nextVersionName = major.to_s + "." + minor.to_s + "." + revision.to_s
nextVersionCode = latestRelease[:buildVersion].to_i + 1

# Read in app build config file.
buildConfigPath = "../app/build.gradle.kts"
buildConfigFile = File.open(buildConfigPath)
buildConfigText = buildConfigFile.read
buildConfigFile.close

# Replace version information.
puts "Setting version code to #{nextVersionCode}."
buildConfigText.gsub!("versionCode = 1", "versionCode = #{nextVersionCode}")
puts "Setting version name to #{nextVersionName}."
buildConfigText.gsub!("versionName = \"#{currentVersionName}\"", "versionName = \"#{nextVersionName}\"")

# Save changes
File.open(buildConfigPath, "w") { |buildConfigFile| buildConfigFile << buildConfigText }
end

desc "Assemble debug variants"
lane :buildDebug do
gradle(
task: "assemble",
build_type: "Debug",
print_command: false,
)
end

desc "Assemble and sign release APK"
lane :buildRelease do |options|
gradle(
task: "assemble",
build_type: "Release",
properties: {
"android.injected.signing.store.file" => options[:storeFile],
"android.injected.signing.store.password" => options[:storePassword],
"android.injected.signing.key.alias" => options[:keyAlias],
"android.injected.signing.key.password" => options[:keyPassword]
},
print_command: false,
)
end

desc "Publish release to Firebase"
lane :distributeReleaseToFirebase do |options|
release_notes = changelog_from_git_commits(
commits_count: 7,
pretty: "- %s"
)

puts "Release notes #{release_notes}"

firebase_app_distribution(
app: "1:867301491091:android:50b626dba42a361651e866",
android_artifact_type: "APK",
android_artifact_path: "app/build/outputs/apk/release/com.bitwarden.authenticator-release.apk",
service_credentials_file: options[:serviceCredentialsFile],
groups: "internal-prod-group",
release_notes: release_notes,
)
end
end
5 changes: 5 additions & 0 deletions fastlane/Pluginfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# Autogenerated by fastlane
#
# Ensure this file is checked in to source control!

gem 'fastlane-plugin-firebase_app_distribution'

0 comments on commit d3e5a5a

Please sign in to comment.