Jackenmen/generate_apk.yaml

## generate_apk.yaml
# NOTE: This workflow needs to be adjusted in places marked with '# TODO: ' comments
#
# Use this command to generate a keystore and a key if you don't already have one:
# $ keytool -genkey -v -keystore my-key.p12 -alias my-key -keyalg RSA -keysize 4096 -validity 50000 -keypass android -storepass android
#
# You can use this command to create base64 string of the file for later use in KEYSTORE_BASE64:
# $ base64 my-key.p12 > my-key.p12.base64
name: Build signed Android APK

on:
  workflow_dispatch:
    inputs:
      perform_release:
        description: "Generate a release with built artifacts"
        required: false
        default: true
        type: boolean

jobs:
  build:
    runs-on: ubuntu-latest

    outputs:
      build_commit: ${{ steps.git_commit.outputs.BUILD_COMMIT }}

    steps:
    - name: Checkout the repository
      uses: actions/checkout@v3
      with:
        # TODO: replace with the branch to build from or add and use workflow's input
        # You can skip this if you're not using a separate orphan branch for the workflow
        ref: main

    - name: Set current git commit as job output.
      id: git_commit
      run: |
        echo "BUILD_COMMIT=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT

    - name: Set up JDK 11
      uses: actions/setup-java@v3
      # TODO: replace with the required Java Development Kit version, if necessary
      with:
        java-version: '11'
        distribution: 'temurin'
        cache: gradle

    - name: Create keystore file from KEYSTORE_BASE64
      run: |
        echo "$KEYSTORE_BASE64" | base64 --decode > "$HOME/keystore.p12"
      env:
        # TODO: Create a repository secret for this
        KEYSTORE_BASE64: ${{ secrets.KEYSTORE_BASE64 }}

    - name: Grant execute permission for gradlew
      run: chmod +x gradlew
    - name: Build with Gradle
      # TODO: replace 'assembleRelease' with the proper build target, if necessary
      run: >
        ./gradlew assembleRelease
        "-Pandroid.injected.signing.store.file=$HOME/keystore.p12"
        "-Pandroid.injected.signing.store.password=$STORE_PASSWORD"
        "-Pandroid.injected.signing.key.alias=$KEY_ALIAS"
        "-Pandroid.injected.signing.key.password=$KEY_PASSWORD"
      env:
        # TODO: Create repository secrets for these
        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
        KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
        KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}

    - name: Upload release artifacts
      uses: actions/upload-artifact@v3
      with:
        name: build-output
        # TODO: replace with the actual output directory since it varies between projects
        path: app/build/outputs/apk/release

  release:
    needs: build
    permissions:
      contents: write
    if: ${{ inputs.perform_release }}
    runs-on: ubuntu-latest
    steps:
      - name: Download release artifacts
        uses: actions/download-artifact@v3
        with:
          name: build-output

      - name: Get version name
        id: version_info
        run: |
          # TODO: if possible, replace this with the constant apk name, e.g.: "app-prod-release.apk"
          APK_NAME="$(find -name '*.apk' | head -n 1)"
          APKANALYZER="$ANDROID_SDK_ROOT/cmdline-tools/latest/bin/apkanalyzer"
          echo "VERSION_CODE=$($APKANALYZER manifest version-code $APK_NAME)" >> $GITHUB_OUTPUT
          echo "VERSION_NAME=$($APKANALYZER manifest version-name $APK_NAME)" >> $GITHUB_OUTPUT

      - name: Create a release
        uses: softprops/action-gh-release@v1
        with:
          tag_name: ${{ steps.version_info.outputs.VERSION_NAME }}
          target_commitish: ${{ needs.build.outputs.build_commit }}
          files: '*.apk'
	# NOTE: This workflow needs to be adjusted in places marked with '# TODO: ' comments
	#
	# Use this command to generate a keystore and a key if you don't already have one:
	# $ keytool -genkey -v -keystore my-key.p12 -alias my-key -keyalg RSA -keysize 4096 -validity 50000 -keypass android -storepass android
	#
	# You can use this command to create base64 string of the file for later use in KEYSTORE_BASE64:
	# $ base64 my-key.p12 > my-key.p12.base64
	name: Build signed Android APK

	on:
	workflow_dispatch:
	inputs:
	perform_release:
	description: "Generate a release with built artifacts"
	required: false
	default: true
	type: boolean

	jobs:
	build:
	runs-on: ubuntu-latest

	outputs:
	build_commit: ${{ steps.git_commit.outputs.BUILD_COMMIT }}

	steps:
	- name: Checkout the repository
	uses: actions/checkout@v3
	with:
	# TODO: replace with the branch to build from or add and use workflow's input
	# You can skip this if you're not using a separate orphan branch for the workflow
	ref: main

	- name: Set current git commit as job output.
	id: git_commit
	run: \|
	echo "BUILD_COMMIT=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT

	- name: Set up JDK 11
	uses: actions/setup-java@v3
	# TODO: replace with the required Java Development Kit version, if necessary
	with:
	java-version: '11'
	distribution: 'temurin'
	cache: gradle

	- name: Create keystore file from KEYSTORE_BASE64
	run: \|
	echo "$KEYSTORE_BASE64" \| base64 --decode > "$HOME/keystore.p12"
	env:
	# TODO: Create a repository secret for this
	KEYSTORE_BASE64: ${{ secrets.KEYSTORE_BASE64 }}

	- name: Grant execute permission for gradlew
	run: chmod +x gradlew
	- name: Build with Gradle
	# TODO: replace 'assembleRelease' with the proper build target, if necessary
	run: >
	./gradlew assembleRelease
	"-Pandroid.injected.signing.store.file=$HOME/keystore.p12"
	"-Pandroid.injected.signing.store.password=$STORE_PASSWORD"
	"-Pandroid.injected.signing.key.alias=$KEY_ALIAS"
	"-Pandroid.injected.signing.key.password=$KEY_PASSWORD"
	env:
	# TODO: Create repository secrets for these
	STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
	KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
	KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}

	- name: Upload release artifacts
	uses: actions/upload-artifact@v3
	with:
	name: build-output
	# TODO: replace with the actual output directory since it varies between projects
	path: app/build/outputs/apk/release

	release:
	needs: build
	permissions:
	contents: write
	if: ${{ inputs.perform_release }}
	runs-on: ubuntu-latest
	steps:
	- name: Download release artifacts
	uses: actions/download-artifact@v3
	with:
	name: build-output

	- name: Get version name
	id: version_info
	run: \|
	# TODO: if possible, replace this with the constant apk name, e.g.: "app-prod-release.apk"
	APK_NAME="$(find -name '*.apk' \| head -n 1)"
	APKANALYZER="$ANDROID_SDK_ROOT/cmdline-tools/latest/bin/apkanalyzer"
	echo "VERSION_CODE=$($APKANALYZER manifest version-code $APK_NAME)" >> $GITHUB_OUTPUT
	echo "VERSION_NAME=$($APKANALYZER manifest version-name $APK_NAME)" >> $GITHUB_OUTPUT

	- name: Create a release
	uses: softprops/action-gh-release@v1
	with:
	tag_name: ${{ steps.version_info.outputs.VERSION_NAME }}
	target_commitish: ${{ needs.build.outputs.build_commit }}
	files: '*.apk'