chore: bump build numbers #54

Workflow file for this run

.github/workflows/android-action.yml at 71f948f

	name: Android CI/CD

	on:
	push:
	tags:
	- deploy/android/*
	workflow_dispatch:

	jobs:
	build-and-deploy-android-app:
	name: Build and Deploy Android App
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 20
	cache: npm

	- name: Detect selected app
	id: detect_app_early
	run: \|
	set -euo pipefail
	if [[ -f scripts/.selected-app ]]; then
	app=$(tr -d '\r\n' < scripts/.selected-app)
	else
	app="EspaceCo"
	fi
	echo "Selected app: $app"
	echo "SELECTED_APP=$app" >> "$GITHUB_ENV"

	- name: Create empty .env
	run: touch .env

	- name: Make envfile (override with secrets)
	run: \|
	set -euo pipefail
	# Set COLLAB_API_CLIENT_ID and COLLAB_API_CLIENT_SECRET based on selected app
	if [[ "$SELECTED_APP" == "NaviForest" ]]; then
	[ -n "${{ secrets.COLLAB_API_CLIENT_ID_NAVIFOREST }}" ] && echo "COLLAB_API_CLIENT_ID=${{ secrets.COLLAB_API_CLIENT_ID_NAVIFOREST }}" >> .env \|\| true
	[ -n "${{ secrets.COLLAB_API_CLIENT_SECRET_NAVIFOREST }}" ] && echo "COLLAB_API_CLIENT_SECRET=${{ secrets.COLLAB_API_CLIENT_SECRET_NAVIFOREST }}" >> .env \|\| true
	else
	[ -n "${{ secrets.COLLAB_API_CLIENT_ID_ESPACECO }}" ] && echo "COLLAB_API_CLIENT_ID=${{ secrets.COLLAB_API_CLIENT_ID_ESPACECO }}" >> .env \|\| true
	[ -n "${{ secrets.COLLAB_API_CLIENT_SECRET_ESPACECO }}" ] && echo "COLLAB_API_CLIENT_SECRET=${{ secrets.COLLAB_API_CLIENT_SECRET_ESPACECO }}" >> .env \|\| true
	fi
	# Other secrets (not app-dependent)
	[ -n "${{ secrets.BASE_AUTH_URL }}" ] && echo "BASE_AUTH_URL=${{ secrets.BASE_AUTH_URL }}" >> .env \|\| true
	[ -n "${{ secrets.QLF_COLLAB_API_CLIENT_ID }}" ] && echo "QLF_COLLAB_API_CLIENT_ID=${{ secrets.QLF_COLLAB_API_CLIENT_ID }}" >> .env \|\| true
	[ -n "${{ secrets.QLF_COLLAB_API_CLIENT_SECRET }}" ] && echo "QLF_COLLAB_API_CLIENT_SECRET=${{ secrets.QLF_COLLAB_API_CLIENT_SECRET }}" >> .env \|\| true
	[ -n "${{ secrets.QLF_BASE_AUTH_URL }}" ] && echo "QLF_BASE_AUTH_URL=${{ secrets.QLF_BASE_AUTH_URL }}" >> .env \|\| true
	[ -n "${{ secrets.BASE_API_URL }}" ] && echo "BASE_API_URL=${{ secrets.BASE_API_URL }}" >> .env \|\| true
	[ -n "${{ secrets.SECRET }}" ] && echo "SECRET=${{ secrets.SECRET }}" >> .env \|\| true
	# App selection/name identifiers (optional overrides, defined in the config.js files)
	[ -n "${{ secrets.APPLI }}" ] && echo "APPLI=${{ secrets.APPLI }}" >> .env \|\| true
	[ -n "${{ secrets.APPLI_ID }}" ] && echo "APPLI_ID=${{ secrets.APPLI_ID }}" >> .env \|\| true
	[ -n "${{ secrets.APPLI_NAME }}" ] && echo "APPLI_NAME=${{ secrets.APPLI_NAME }}" >> .env \|\| true

	- name: Verify env credentials (temporary)
	run: \|
	set -euo pipefail
	echo "Selected app: $SELECTED_APP"
	# Extract values from .env
	CLIENT_ID=$(grep "^COLLAB_API_CLIENT_ID=" .env \| cut -d'=' -f2 \|\| echo "")
	CLIENT_SECRET=$(grep "^COLLAB_API_CLIENT_SECRET=" .env \| cut -d'=' -f2 \|\| echo "")
	echo "COLLAB_API_CLIENT_ID is set: $([ -n \"$CLIENT_ID\" ] && echo 'YES' \|\| echo 'NO')"
	echo "COLLAB_API_CLIENT_ID length: ${#CLIENT_ID}"
	echo "COLLAB_API_CLIENT_SECRET is set: $([ -n \"$CLIENT_SECRET\" ] && echo 'YES' \|\| echo 'NO')"
	echo "COLLAB_API_CLIENT_SECRET length: ${#CLIENT_SECRET}"
	echo "--- Early exit for testing (remove this step when done) ---"
	exit 0

	- name: Install dependencies
	run: npm ci

	- name: Build web bundle
	run: npm run build

	- name: Generate Capacitor assets (Android)
	run: npx @capacitor/assets generate --android

	- name: Capacitor sync (Android)
	run: npx cap sync android

	- name: Set up Java
	uses: actions/setup-java@v4
	with:
	distribution: "temurin"
	java-version: 21

	- name: Check Android build-tools
	run: \|
	ls -la /usr/local/lib/android/sdk/build-tools/ \|\| true

	- name: Set Android signing params
	id: set_signing_params
	shell: bash
	run: \|
	set -euo pipefail
	# Choose alias + key password per selected app
	if [[ "$SELECTED_APP" == "NaviForest" ]]; then
	echo "SIGNING_KEY=${{ secrets.SIGNING_KEY_NAVIFOREST }}" >> "$GITHUB_ENV"
	echo "SIGNING_ALIAS=${{ secrets.ALIAS_NAVIFOREST }}" >> "$GITHUB_ENV"
	echo "SIGNING_KEY_PASSWORD=${{ secrets.KEY_PASSWORD_NAVIFOREST }}" >> "$GITHUB_ENV"
	else
	echo "SIGNING_KEY=${{ secrets.SIGNING_KEY_ESPACECO }}" >> "$GITHUB_ENV"
	echo "SIGNING_ALIAS=${{ secrets.ALIAS_ESPACECO }}" >> "$GITHUB_ENV"
	echo "SIGNING_KEY_PASSWORD=${{ secrets.KEY_PASSWORD_ESPACECO }}" >> "$GITHUB_ENV"
	fi
	# Derive package name from updated Gradle config
	pkg=$(sed -n 's/.applicationId\s"$[^"]$"./\1/p' android/app/build.gradle \| head -n1)
	if [[ -n "$pkg" ]]; then
	echo "PACKAGE_NAME=$pkg" >> "$GITHUB_ENV"
	fi

	- name: Build Android release (APK + AAB)
	run: \|
	cd android
	./gradlew --no-daemon assembleRelease bundleRelease

	- name: Sign Android App Bundle (AAB)
	id: sign_aab
	uses: r0adkll/sign-android-release@v1
	with:
	# Sign the generated AAB in the release output directory
	releaseDirectory: android/app/build/outputs/bundle/release
	signingKeyBase64: ${{ env.SIGNING_KEY }}
	alias: ${{ env.SIGNING_ALIAS }}
	keyStorePassword: ${{ secrets.KEY_STORE_PASSWORD }}
	keyPassword: ${{ env.SIGNING_KEY_PASSWORD }}
	env:
	BUILD_TOOLS_VERSION: "34.0.0"

	- name: Upload signed bundle artifact
	uses: actions/upload-artifact@v4
	with:
	name: android-signed-aab
	path: ${{ steps.sign_aab.outputs.signedReleaseFile }}
	retention-days: 3

	- name: Deploy to Play Store (internal track)
	uses: r0adkll/upload-google-play@v1
	with:
	serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
	packageName: ${{ env.PACKAGE_NAME }}
	releaseFiles: ${{ steps.sign_aab.outputs.signedReleaseFile }}
	track: internal
	status: completed
	inAppUpdatePriority: 5

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: bump build numbers #54

Workflow file

chore: bump build numbers #54

Uh oh!

Workflow file for this run