super-productivity/.github/workflows/build-android.yml
dependabot[bot] 1b8616ca89
chore(deps)(deps): bump the github-actions-minor group across 1 directory with 8 updates (#7289)
Bumps the github-actions-minor group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.17.0` | `2.19.0` |
| [actions/setup-node](https://github.com/actions/setup-node) | `6.3.0` | `6.4.0` |
| [actions/cache](https://github.com/actions/cache) | `5.0.4` | `5.0.5` |
| [KSXGitHub/github-actions-deploy-aur](https://github.com/ksxgithub/github-actions-deploy-aur) | `4.1.2` | `4.1.3` |
| [signpath/github-action-submit-signing-request](https://github.com/signpath/github-action-submit-signing-request) | `2.1` | `2.2` |
| [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.93` | `1.0.101` |
| [github/codeql-action](https://github.com/github/codeql-action) | `4.35.1` | `4.35.2` |
| [cloudflare/wrangler-action](https://github.com/cloudflare/wrangler-action) | `3.14.1` | `3.15.0` |



Updates `step-security/harden-runner` from 2.17.0 to 2.19.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](f808768d15...8d3c67de8e)

Updates `actions/setup-node` from 6.3.0 to 6.4.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](53b83947a5...48b55a011b)

Updates `actions/cache` from 5.0.4 to 5.0.5
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](668228422a...27d5ce7f10)

Updates `KSXGitHub/github-actions-deploy-aur` from 4.1.2 to 4.1.3
- [Release notes](https://github.com/ksxgithub/github-actions-deploy-aur/releases)
- [Commits](abe8ac26b5...da03e16036)

Updates `signpath/github-action-submit-signing-request` from 2.1 to 2.2
- [Release notes](https://github.com/signpath/github-action-submit-signing-request/releases)
- [Commits](bc66d86b01...b9d91eadd3)

Updates `anthropics/claude-code-action` from 1.0.93 to 1.0.101
- [Release notes](https://github.com/anthropics/claude-code-action/releases)
- [Commits](b47fd721da...38ec876110)

Updates `github/codeql-action` from 4.35.1 to 4.35.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](c10b8064de...95e58e9a2c)

Updates `cloudflare/wrangler-action` from 3.14.1 to 3.15.0
- [Release notes](https://github.com/cloudflare/wrangler-action/releases)
- [Changelog](https://github.com/cloudflare/wrangler-action/blob/main/CHANGELOG.md)
- [Commits](da0e0dfe58...9acf94ace1)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: actions/setup-node
  dependency-version: 6.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: actions/cache
  dependency-version: 5.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: KSXGitHub/github-actions-deploy-aur
  dependency-version: 4.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: signpath/github-action-submit-signing-request
  dependency-version: '2.2'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
- dependency-name: anthropics/claude-code-action
  dependency-version: 1.0.101
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: github/codeql-action
  dependency-version: 4.35.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-minor
- dependency-name: cloudflare/wrangler-action
  dependency-version: 3.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-20 13:41:16 +02:00

127 lines
4.8 KiB
YAML

name: Create android Play Store APK
on:
push:
branches: [master, release/*, test/git-actions]
tags:
- v*
workflow_dispatch:
inputs: {}
permissions:
contents: write
jobs:
build-android:
runs-on: ubuntu-latest
env:
UNSPLASH_KEY: ${{ secrets.UNSPLASH_KEY }}
UNSPLASH_CLIENT_ID: ${{ secrets.UNSPLASH_CLIENT_ID }}
steps:
- name: Checkout sources
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: 22
- name: Setup Java
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5
with:
distribution: 'temurin'
java-version: 21
- name: Setup Gradle
uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0
# - name: Build with Gradle
# run: ./gradlew build
- name: Setup android-sdk
uses: android-actions/setup-android@40fd30fb8d7440372e1316f5d1809ec01dcd3699 # v4.0.1
with:
accept-android-sdk-licenses: true
log-accepted-android-sdk-licenses: true #make accepting the android sdk license verbose
- name: Get npm cache directory
id: npm-cache-dir
run: |
echo "dir=$(npm config get cache)" >> $GITHUB_OUTPUT
- uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5
id: npm-cache # use this to check for `cache-hit` ==> if: steps.npm-cache.outputs.cache-hit != 'true'
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: ${{ runner.os }}-node22-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node22-
- name: Install npm Packages
# if: steps.npm-cache.outputs.cache-hit != 'true'
run: npm i
- name: Decode Keystore
env:
RELEASE_KEYSTORE_PASSWORD: ${{ secrets.DROID_KEYSTORE_PASSWORD }}
RELEASE_KEYSTORE_ALIAS: ${{ secrets.DROID_KEYSTORE_ALIAS }}
RELEASE_KEY_PASSWORD: ${{ secrets.DROID_KEY_PASSWORD }}
run: |
echo "${{ secrets.DROID_KEYSTORE_BASE_64 }}" | base64 --decode > keystore.jks
- name: Build
run: npm run dist:android:prod
env:
RELEASE_KEYSTORE_PASSWORD: ${{ secrets.DROID_KEYSTORE_PASSWORD }}
RELEASE_KEYSTORE_ALIAS: ${{ secrets.DROID_KEYSTORE_ALIAS }}
RELEASE_KEY_PASSWORD: ${{ secrets.DROID_KEY_PASSWORD }}
- name: DEBUG
run: |
ls -la android/app/build/outputs
ls -la android/app/build/outputs/apk
ls -la android/app/build/outputs/apk/play
ls -la android/app/build/outputs/apk/play/release
# APK is now signed automatically by Gradle using signingConfig
- name: 'Upload APK files'
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: sup-android-release
path: android/app/build/outputs/apk/**/*.apk
- name: Wait for main release to be created
if: startsWith(github.ref, 'refs/tags/v')
run: |
echo "Waiting for main release to be created..."
for i in {1..40}; do
if gh release view ${{ github.ref_name }} --repo ${{ github.repository }} >/dev/null 2>&1; then
echo "Release found!"
break
fi
echo "Waiting for release... (attempt $i/40)"
sleep 30
done
# Fail if release still doesn't exist
if ! gh release view ${{ github.ref_name }} --repo ${{ github.repository }} >/dev/null 2>&1; then
echo "ERROR: Release ${{ github.ref_name }} was not created after 20 minutes"
exit 1
fi
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload APK to existing GitHub Release
if: startsWith(github.ref, 'refs/tags/v')
run: |
for apk in android/app/build/outputs/apk/play/release/*.apk; do
if [ -f "$apk" ]; then
echo "Uploading $apk to release ${{ github.ref_name }}"
gh release upload ${{ github.ref_name }} "$apk" --repo ${{ github.repository }}
fi
done
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload to Google Play Console
if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-')
uses: r0adkll/upload-google-play@935ef9c68bb393a8e6116b1575626a7f5be3a7fb # v1.1.3
with:
serviceAccountJsonPlainText: ${{ secrets.GOOGLE_PLAY_SERVICE_ACCOUNT_JSON }}
packageName: com.superproductivity.superproductivity
releaseFiles: android/app/build/outputs/apk/play/release/*.apk
track: internal
status: completed
inAppUpdatePriority: 2