chore: bump Android build number #41
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Android CI/CD | |
| on: | |
| push: | |
| tags: | |
| - deploy/android/* | |
| workflow_dispatch: | |
| jobs: | |
| build-and-deploy-android-app: | |
| name: Build and Deploy Android App | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: npm | |
| - name: Create empty .env | |
| run: touch .env | |
| - name: Make envfile (override with secrets) | |
| run: | | |
| set -euo pipefail | |
| # Only append keys that are set as secrets; later lines override earlier ones | |
| [ -n "${{ secrets.COLLAB_API_CLIENT_ID }}" ] && echo "COLLAB_API_CLIENT_ID=${{ secrets.COLLAB_API_CLIENT_ID }}" >> .env || true | |
| [ -n "${{ secrets.COLLAB_API_CLIENT_SECRET }}" ] && echo "COLLAB_API_CLIENT_SECRET=${{ secrets.COLLAB_API_CLIENT_SECRET }}" >> .env || true | |
| [ -n "${{ secrets.BASE_AUTH_URL }}" ] && echo "BASE_AUTH_URL=${{ secrets.BASE_AUTH_URL }}" >> .env || true | |
| [ -n "${{ secrets.QLF_COLLAB_API_CLIENT_ID }}" ] && echo "QLF_COLLAB_API_CLIENT_ID=${{ secrets.QLF_COLLAB_API_CLIENT_ID }}" >> .env || true | |
| [ -n "${{ secrets.QLF_COLLAB_API_CLIENT_SECRET }}" ] && echo "QLF_COLLAB_API_CLIENT_SECRET=${{ secrets.QLF_COLLAB_API_CLIENT_SECRET }}" >> .env || true | |
| [ -n "${{ secrets.QLF_BASE_AUTH_URL }}" ] && echo "QLF_BASE_AUTH_URL=${{ secrets.QLF_BASE_AUTH_URL }}" >> .env || true | |
| [ -n "${{ secrets.BASE_API_URL }}" ] && echo "BASE_API_URL=${{ secrets.BASE_API_URL }}" >> .env || true | |
| [ -n "${{ secrets.SECRET }}" ] && echo "SECRET=${{ secrets.SECRET }}" >> .env || true | |
| # App selection/name identifiers (optional overrides, defined in the config.js files) | |
| [ -n "${{ secrets.APPLI }}" ] && echo "APPLI=${{ secrets.APPLI }}" >> .env || true | |
| [ -n "${{ secrets.APPLI_ID }}" ] && echo "APPLI_ID=${{ secrets.APPLI_ID }}" >> .env || true | |
| [ -n "${{ secrets.APPLI_NAME }}" ] && echo "APPLI_NAME=${{ secrets.APPLI_NAME }}" >> .env || true | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build web bundle | |
| run: npm run build | |
| - name: Generate Capacitor assets (Android) | |
| run: npx @capacitor/assets generate --android | |
| - name: Capacitor sync (Android) | |
| run: npx cap sync android | |
| - name: Set up Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: "temurin" | |
| java-version: 21 | |
| - name: Check Android build-tools | |
| run: | | |
| ls -la /usr/local/lib/android/sdk/build-tools/ || true | |
| - name: Sanity check Android resources | |
| run: | | |
| echo "Listing android/app/src/main/res folders:" && | |
| ls -la android/app/src/main/res || true && | |
| echo "values:" && ls -la android/app/src/main/res/values || true && | |
| echo "xml:" && ls -la android/app/src/main/res/xml || true && | |
| echo "layout:" && ls -la android/app/src/main/res/layout || true | |
| - name: Detect selected app and signing params | |
| id: detect_app | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| if [[ -f scripts/.selected-app ]]; then | |
| app=$(tr -d '\r\n' < scripts/.selected-app) | |
| else | |
| # Default to EspaceCo | |
| app="EspaceCo" | |
| fi | |
| echo "Selected app: $app" | |
| # Choose alias + key password per selected app | |
| if [[ "$app" == "NaviForest" ]]; then | |
| echo "SIGNING_ALIAS=${{ secrets.ALIAS_NAVIFOREST }}" >> "$GITHUB_ENV" | |
| echo "SIGNING_KEY_PASSWORD=${{ secrets.KEY_PASSWORD_NAVIFOREST }}" >> "$GITHUB_ENV" | |
| else | |
| # Default to EspaceCo | |
| echo "SIGNING_ALIAS=${{ secrets.ALIAS_ESPACECO }}" >> "$GITHUB_ENV" | |
| echo "SIGNING_KEY_PASSWORD=${{ secrets.KEY_PASSWORD_ESPACECO }}" >> "$GITHUB_ENV" | |
| fi | |
| # Derive package name from updated Gradle config | |
| pkg=$(sed -n 's/.*applicationId\s*"\([^"]*\)".*/\1/p' android/app/build.gradle | head -n1) | |
| if [[ -n "$pkg" ]]; then | |
| echo "PACKAGE_NAME=$pkg" >> "$GITHUB_ENV" | |
| fi | |
| - name: Build Android release (APK + AAB) | |
| run: | | |
| cd android | |
| ./gradlew --no-daemon assembleRelease bundleRelease | |
| - name: Sign Android App Bundle (AAB) | |
| id: sign_aab | |
| uses: r0adkll/sign-android-release@v1 | |
| with: | |
| # Sign the generated AAB in the release output directory | |
| releaseDirectory: android/app/build/outputs/bundle/release | |
| signingKeyBase64: ${{ secrets.SIGNING_KEY }} | |
| alias: ${{ env.SIGNING_ALIAS }} | |
| keyStorePassword: ${{ secrets.KEY_STORE_PASSWORD }} | |
| # keyPassword is optional; set if your keystore uses a distinct key password | |
| keyPassword: ${{ env.SIGNING_KEY_PASSWORD }} | |
| env: | |
| BUILD_TOOLS_VERSION: "34.0.0" | |
| - name: Upload signed bundle artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: android-signed-aab | |
| path: ${{ steps.sign_aab.outputs.signedReleaseFile }} | |
| retention-days: 3 | |
| # NEED GOOGLE DEVELOPER ACCESS TO DO THE FOLLOWING | |
| - name: Deploy to Play Store (internal track) | |
| uses: r0adkll/upload-google-play@v1 | |
| with: | |
| serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }} | |
| packageName: ${{ env.PACKAGE_NAME }} | |
| releaseFiles: ${{ steps.sign_aab.outputs.signedReleaseFile }} | |
| track: internal | |
| status: completed | |
| inAppUpdatePriority: 5 |