@@ -17,24 +17,24 @@ jobs:
1717
1818 steps :
1919 - name : Checkout
20- uses : actions/checkout@v5
20+ uses : actions/checkout@v6
2121 with :
2222 fetch-depth : 0
2323
2424 - name : Validate Gradle Wrapper
25- uses : gradle/actions/wrapper-validation@v4
25+ uses : gradle/actions/wrapper-validation@v5
2626
27- - name : Set up JDK 17
27+ - name : Set up JDK 21
2828 uses : actions/setup-java@v5
2929 with :
3030 distribution : temurin
31- java-version : " 17 "
31+ java-version : " 21 "
3232
3333 - name : Set up Gradle
34- uses : gradle/actions/setup-gradle@v4
34+ uses : gradle/actions/setup-gradle@v5
3535
3636 - name : Set up Android SDK
37- uses : android-actions/setup-android@v3
37+ uses : android-actions/setup-android@v4
3838
3939 - name : Install Android SDK packages
4040 run : |
@@ -70,24 +70,43 @@ jobs:
7070 - name : Sign release APK (optional)
7171 id : sign_release
7272 if : steps.detect.outputs.unsigned_exists == 'true' && steps.signing_ready.outputs.enabled == 'true'
73- uses : r0adkll/sign-android-release@v1
74- with :
75- releaseDirectory : app/build/outputs/apk/release
76- signingKeyBase64 : ${{ secrets.ANDROID_SIGNING_KEY_BASE64 }}
77- alias : ${{ secrets.ANDROID_ALIAS }}
78- keyStorePassword : ${{ secrets.ANDROID_KEYSTORE_PASSWORD }}
79- keyPassword : ${{ secrets.ANDROID_KEY_PASSWORD }}
8073 env :
81- BUILD_TOOLS_VERSION : " 36.0.0"
74+ KEY_B64 : ${{ secrets.ANDROID_SIGNING_KEY_BASE64 }}
75+ KEY_ALIAS : ${{ secrets.ANDROID_ALIAS }}
76+ STORE_PASS : ${{ secrets.ANDROID_KEYSTORE_PASSWORD }}
77+ KEY_PASS : ${{ secrets.ANDROID_KEY_PASSWORD }}
78+ run : |
79+ set -euo pipefail
80+ UNSIGNED_APK="app/build/outputs/apk/release/app-release-unsigned.apk"
81+ ALIGNED_APK="app/build/outputs/apk/release/app-release-aligned.apk"
82+ SIGNED_APK="app/build/outputs/apk/release/app-release-signed.apk"
83+ KEYSTORE_PATH="$RUNNER_TEMP/release-keystore.jks"
84+ ZIPALIGN="${ANDROID_SDK_ROOT}/build-tools/36.0.0/zipalign"
85+ APKSIGNER="${ANDROID_SDK_ROOT}/build-tools/36.0.0/apksigner"
86+
87+ echo "$KEY_B64" | base64 --decode > "$KEYSTORE_PATH"
88+
89+ "$ZIPALIGN" -f -p 4 "$UNSIGNED_APK" "$ALIGNED_APK"
90+ "$APKSIGNER" sign \
91+ --ks "$KEYSTORE_PATH" \
92+ --ks-key-alias "$KEY_ALIAS" \
93+ --ks-pass "pass:${STORE_PASS}" \
94+ --key-pass "pass:${KEY_PASS}" \
95+ --out "$SIGNED_APK" \
96+ "$ALIGNED_APK"
97+ "$APKSIGNER" verify "$SIGNED_APK"
98+
99+ rm -f "$KEYSTORE_PATH"
100+ echo "signed_release_file=$SIGNED_APK" >> "$GITHUB_OUTPUT"
82101
83102 - name : Prepare release assets
84103 run : |
85104 set -euo pipefail
86105 mkdir -p dist
87106 cp app/build/outputs/apk/debug/app-debug.apk dist/weavelet-debug.apk
88107
89- if [ -n "${{ steps.sign_release.outputs.signedReleaseFile }}" ] && [ -f "${{ steps.sign_release.outputs.signedReleaseFile }}" ]; then
90- cp "${{ steps.sign_release.outputs.signedReleaseFile }}" dist/weavelet-release-signed.apk
108+ if [ -n "${{ steps.sign_release.outputs.signed_release_file }}" ] && [ -f "${{ steps.sign_release.outputs.signed_release_file }}" ]; then
109+ cp "${{ steps.sign_release.outputs.signed_release_file }}" dist/weavelet-release-signed.apk
91110 elif [ -f "app/build/outputs/apk/release/app-release.apk" ]; then
92111 cp app/build/outputs/apk/release/app-release.apk dist/weavelet-release.apk
93112 elif [ -f "app/build/outputs/apk/release/app-release-unsigned.apk" ]; then
0 commit comments