chore: bump Android build number #61
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Android CI/CD | |
| on: | |
| push: | |
| tags: | |
| - deploy/android/* | |
| workflow_dispatch: | |
| jobs: | |
| build-and-deploy-android-app: | |
| name: Build and Deploy Android App | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: npm | |
| - name: Detect selected app | |
| id: detect_app_early | |
| run: | | |
| set -euo pipefail | |
| if [[ -f scripts/.selected-app ]]; then | |
| app=$(tr -d '\r\n' < scripts/.selected-app) | |
| else | |
| app="EspaceCo" | |
| fi | |
| echo "Selected app: $app" | |
| echo "SELECTED_APP=$app" >> "$GITHUB_ENV" | |
| - name: Create empty .env | |
| run: touch .env | |
| - name: Make envfile (override with secrets) | |
| run: | | |
| set -euo pipefail | |
| # Set COLLAB_API_CLIENT_ID and COLLAB_API_CLIENT_SECRET based on selected app | |
| if [[ "$SELECTED_APP" == "NaviForest" ]]; then | |
| [ -n "${{ secrets.COLLAB_API_CLIENT_ID_NAVIFOREST }}" ] && echo "COLLAB_API_CLIENT_ID=${{ secrets.COLLAB_API_CLIENT_ID_NAVIFOREST }}" >> .env || true | |
| [ -n "${{ secrets.COLLAB_API_CLIENT_SECRET_NAVIFOREST }}" ] && echo "COLLAB_API_CLIENT_SECRET=${{ secrets.COLLAB_API_CLIENT_SECRET_NAVIFOREST }}" >> .env || true | |
| else | |
| [ -n "${{ secrets.COLLAB_API_CLIENT_ID_ESPACECO }}" ] && echo "COLLAB_API_CLIENT_ID=${{ secrets.COLLAB_API_CLIENT_ID_ESPACECO }}" >> .env || true | |
| [ -n "${{ secrets.COLLAB_API_CLIENT_SECRET_ESPACECO }}" ] && echo "COLLAB_API_CLIENT_SECRET=${{ secrets.COLLAB_API_CLIENT_SECRET_ESPACECO }}" >> .env || true | |
| fi | |
| # Other secrets (not app-dependent) | |
| [ -n "${{ secrets.BASE_AUTH_URL }}" ] && echo "BASE_AUTH_URL=${{ secrets.BASE_AUTH_URL }}" >> .env || true | |
| [ -n "${{ secrets.QLF_COLLAB_API_CLIENT_ID }}" ] && echo "QLF_COLLAB_API_CLIENT_ID=${{ secrets.QLF_COLLAB_API_CLIENT_ID }}" >> .env || true | |
| [ -n "${{ secrets.QLF_COLLAB_API_CLIENT_SECRET }}" ] && echo "QLF_COLLAB_API_CLIENT_SECRET=${{ secrets.QLF_COLLAB_API_CLIENT_SECRET }}" >> .env || true | |
| [ -n "${{ secrets.QLF_BASE_AUTH_URL }}" ] && echo "QLF_BASE_AUTH_URL=${{ secrets.QLF_BASE_AUTH_URL }}" >> .env || true | |
| [ -n "${{ secrets.BASE_API_URL }}" ] && echo "BASE_API_URL=${{ secrets.BASE_API_URL }}" >> .env || true | |
| [ -n "${{ secrets.SECRET }}" ] && echo "SECRET=${{ secrets.SECRET }}" >> .env || true | |
| # App selection/name identifiers (optional overrides, defined in the config.js files) | |
| [ -n "${{ secrets.APPLI }}" ] && echo "APPLI=${{ secrets.APPLI }}" >> .env || true | |
| [ -n "${{ secrets.APPLI_ID }}" ] && echo "APPLI_ID=${{ secrets.APPLI_ID }}" >> .env || true | |
| [ -n "${{ secrets.APPLI_NAME }}" ] && echo "APPLI_NAME=${{ secrets.APPLI_NAME }}" >> .env || true | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build web bundle | |
| run: npm run build | |
| - name: Generate Capacitor assets (Android) | |
| run: npx @capacitor/assets generate --android | |
| - name: Capacitor sync (Android) | |
| run: npx cap sync android | |
| - name: Set up Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: "temurin" | |
| java-version: 21 | |
| - name: Check Android build-tools | |
| run: | | |
| ls -la /usr/local/lib/android/sdk/build-tools/ || true | |
| - name: Set Android signing params | |
| id: set_signing_params | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| # Choose alias + key password per selected app | |
| if [[ "$SELECTED_APP" == "NaviForest" ]]; then | |
| echo "SIGNING_KEY=${{ secrets.SIGNING_KEY_NAVIFOREST }}" >> "$GITHUB_ENV" | |
| echo "SIGNING_ALIAS=${{ secrets.ALIAS_NAVIFOREST }}" >> "$GITHUB_ENV" | |
| echo "SIGNING_KEY_PASSWORD=${{ secrets.KEY_PASSWORD_NAVIFOREST }}" >> "$GITHUB_ENV" | |
| else | |
| echo "SIGNING_KEY=${{ secrets.SIGNING_KEY_ESPACECO }}" >> "$GITHUB_ENV" | |
| echo "SIGNING_ALIAS=${{ secrets.ALIAS_ESPACECO }}" >> "$GITHUB_ENV" | |
| echo "SIGNING_KEY_PASSWORD=${{ secrets.KEY_PASSWORD_ESPACECO }}" >> "$GITHUB_ENV" | |
| fi | |
| # Derive package name from updated Gradle config | |
| pkg=$(sed -n 's/.*applicationId\s*"\([^"]*\)".*/\1/p' android/app/build.gradle | head -n1) | |
| if [[ -n "$pkg" ]]; then | |
| echo "PACKAGE_NAME=$pkg" >> "$GITHUB_ENV" | |
| fi | |
| - name: Build Android release (APK + AAB) | |
| run: | | |
| cd android | |
| ./gradlew --no-daemon assembleRelease bundleRelease | |
| - name: Sign Android App Bundle (AAB) | |
| id: sign_aab | |
| uses: r0adkll/sign-android-release@v1 | |
| with: | |
| # Sign the generated AAB in the release output directory | |
| releaseDirectory: android/app/build/outputs/bundle/release | |
| signingKeyBase64: ${{ env.SIGNING_KEY }} | |
| alias: ${{ env.SIGNING_ALIAS }} | |
| keyStorePassword: ${{ secrets.KEY_STORE_PASSWORD }} | |
| keyPassword: ${{ env.SIGNING_KEY_PASSWORD }} | |
| env: | |
| BUILD_TOOLS_VERSION: "34.0.0" | |
| - name: Upload signed bundle artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: android-signed-aab | |
| path: ${{ steps.sign_aab.outputs.signedReleaseFile }} | |
| retention-days: 3 | |
| - name: Deploy to Play Store (internal track) | |
| uses: r0adkll/upload-google-play@v1 | |
| with: | |
| serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }} | |
| packageName: ${{ env.PACKAGE_NAME }} | |
| releaseFiles: ${{ steps.sign_aab.outputs.signedReleaseFile }} | |
| track: internal | |
| status: completed | |
| inAppUpdatePriority: 5 |