Skip to content

docs: fix inaccuracies found auditing docs against the code #27

docs: fix inaccuracies found auditing docs against the code

docs: fix inaccuracies found auditing docs against the code #27

Workflow file for this run

name: Android APK
on:
push:
branches:
- "**"
tags:
- "android-v*"
- "v*"
paths:
- ".github/workflows/android-apk.yml"
- "android_dashboard/**"
pull_request:
branches: [master, main]
types: [opened, synchronize, reopened, ready_for_review]
paths:
- ".github/workflows/android-apk.yml"
- "android_dashboard/**"
workflow_dispatch:
env:
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
jobs:
build-debug-apk:
name: Build Debug APK
runs-on: ubuntu-latest
if: ${{ !startsWith(github.ref, 'refs/tags/') }}
permissions:
contents: read
defaults:
run:
working-directory: android_dashboard
steps:
- uses: actions/checkout@v6
- name: Set up JDK
uses: actions/setup-java@v5
with:
distribution: temurin
java-version: "17"
- name: Set up Gradle
uses: gradle/actions/setup-gradle@v6
- name: Build debug APK
run: ./gradlew :app:assembleDebug --no-daemon
- name: Upload debug APK
uses: actions/upload-artifact@v7
with:
name: sandboxed-dashboard-debug-apk
path: android_dashboard/app/build/outputs/apk/debug/app-debug.apk
if-no-files-found: error
build-release-apk:
name: Build Release APK
runs-on: ubuntu-latest
if: ${{ startsWith(github.ref, 'refs/tags/') }}
permissions:
contents: read
defaults:
run:
working-directory: android_dashboard
steps:
- uses: actions/checkout@v6
- name: Set up JDK
uses: actions/setup-java@v5
with:
distribution: temurin
java-version: "17"
- name: Set up Gradle
uses: gradle/actions/setup-gradle@v6
- name: Decode release keystore
env:
ANDROID_RELEASE_KEYSTORE_BASE64: ${{ secrets.ANDROID_RELEASE_KEYSTORE_BASE64 }}
RELEASE_KEYSTORE_PASSWORD: ${{ secrets.ANDROID_RELEASE_KEYSTORE_PASSWORD }}
RELEASE_KEY_ALIAS: ${{ secrets.ANDROID_RELEASE_KEY_ALIAS }}
RELEASE_KEY_PASSWORD: ${{ secrets.ANDROID_RELEASE_KEY_PASSWORD }}
run: |
set -euo pipefail
missing=0
for name in ANDROID_RELEASE_KEYSTORE_BASE64 RELEASE_KEYSTORE_PASSWORD RELEASE_KEY_ALIAS RELEASE_KEY_PASSWORD; do
if [[ -z "${!name}" ]]; then
echo "::error title=Missing Android signing secret::${name} is required for release APK publishing."
missing=1
fi
done
if [[ "${missing}" -ne 0 ]]; then
exit 1
fi
keystore_path="${RUNNER_TEMP}/android-release.keystore"
printf '%s' "${ANDROID_RELEASE_KEYSTORE_BASE64}" | base64 --decode > "${keystore_path}"
echo "RELEASE_KEYSTORE=${keystore_path}" >> "${GITHUB_ENV}"
- name: Build release APK
env:
RELEASE_KEYSTORE_PASSWORD: ${{ secrets.ANDROID_RELEASE_KEYSTORE_PASSWORD }}
RELEASE_KEY_ALIAS: ${{ secrets.ANDROID_RELEASE_KEY_ALIAS }}
RELEASE_KEY_PASSWORD: ${{ secrets.ANDROID_RELEASE_KEY_PASSWORD }}
run: ./gradlew :app:assembleRelease --no-daemon
- name: Prepare release APK asset
run: |
set -euo pipefail
mkdir -p ../release
apk_path="$(find app/build/outputs/apk/release -maxdepth 1 -type f -name '*-release.apk' | sort | head -n 1)"
if [[ -z "${apk_path}" ]]; then
apk_path="$(find app/build/outputs/apk/release -maxdepth 1 -type f -name '*.apk' | sort | head -n 1)"
fi
if [[ -z "${apk_path}" ]]; then
echo "No release APK found."
exit 1
fi
cp "${apk_path}" "../release/sandboxed-dashboard-${GITHUB_REF_NAME}.apk"
- name: Upload release APK artifact
uses: actions/upload-artifact@v7
with:
name: sandboxed-dashboard-release-apk
path: release/*.apk
if-no-files-found: error
publish-release:
name: Publish GitHub Release
runs-on: ubuntu-latest
needs: build-release-apk
if: ${{ startsWith(github.ref, 'refs/tags/') }}
permissions:
contents: write
steps:
- name: Download release APK artifact
uses: actions/download-artifact@v8
with:
name: sandboxed-dashboard-release-apk
path: dist
- name: Publish release
env:
GH_TOKEN: ${{ github.token }}
run: |
set -euo pipefail
if gh release view "${GITHUB_REF_NAME}" --repo "${GITHUB_REPOSITORY}" >/dev/null 2>&1; then
gh release upload "${GITHUB_REF_NAME}" dist/*.apk --repo "${GITHUB_REPOSITORY}" --clobber
else
gh release create "${GITHUB_REF_NAME}" dist/*.apk \
--repo "${GITHUB_REPOSITORY}" \
--title "${GITHUB_REF_NAME}" \
--generate-notes \
--verify-tag
fi