diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 42eed1b7..a40b737d 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -32,11 +32,32 @@ jobs: working-directory: ./dgca-verifier-app-android run: |- ./gradlew --no-daemon build + - name: sign + working-directory: ./dgca-verifier-app-android + run: |- + echo "${KEY_STORE_BASE64}" | base64 --decode > ./key.jks + ZIPALIGN=${ANDROID_HOME}/build-tools/${BUILD_TOOLS_VERSION}/zipalign + APKSIGNER=${ANDROID_HOME}/build-tools/${BUILD_TOOLS_VERSION}/apksigner + ${ZIPALIGN} -c -v 4 ./app/build/outputs/apk/release/app-release-unsigned.apk + ${APKSIGNER} sign \ + --ks ./key.jks \ + --ks-pass pass:${KEY_STORE_PASSWORD} \ + --ks-key-alias ${KEY_ALIAS} \ + --key-pass pass:${KEY_PASSWORD} \ + --out ./app/build/outputs/apk/release/app-release-signed.apk \ + ./app/build/outputs/apk/release/app-release-unsigned.apk + ${APKSIGNER} verify ./app/build/outputs/apk/release/app-release-signed.apk + env: + BUILD_TOOLS_VERSION: 29.0.3 + KEY_ALIAS: ${{ secrets.KEY_ALIAS }} + KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }} + KEY_STORE_BASE64: ${{ secrets.KEY_STORE_BASE64 }} + KEY_STORE_PASSWORD: ${{ secrets.KEY_STORE_PASSWORD }} - name: assets working-directory: ./dgca-verifier-app-android run: |- gh release upload ${APP_VERSION} \ --clobber \ - ./app/build/outputs/apk/release/app-release-unsigned.apk#app-release-unsigned-${APP_VERSION}.apk + ./app/build/outputs/apk/release/app-release-signed.apk#app-release-signed-${APP_VERSION}.apk env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.idea/vcs.xml b/.idea/vcs.xml index 94a25f7f..af739d14 100644 --- a/.idea/vcs.xml +++ b/.idea/vcs.xml @@ -1,5 +1,12 @@ + + +