Introduce CI build signing

We've done no signing of any Skyline APKs to date which causes issues regarding authenticity of any APKs as they could be entirely unofficial builds which have not been vetted by the team. Additionally, the different keys remove the ability to reinstall a different build successively as Android checks for matching signatures before installing an APK.
This commit is contained in:
PixelyIon 2022-05-30 20:53:17 +05:30
parent e1cc8676cf
commit b91ce939a2
2 changed files with 20 additions and 1 deletions

View File

@ -45,7 +45,16 @@ jobs:
name: lint-result.html
path: app/build/reports/lint-results-debug.html
- name: Decode Keystore
env:
KEYSTORE_ENCODED: ${{ secrets.KEYSTORE }}
run: echo $KEYSTORE_ENCODED | base64 --decode > "$HOME/keystore.jks"
- name: Android Assemble
env:
SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }}
SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }}
run: ./gradlew --stacktrace assemble
- name: Upload Debug APK

View File

@ -34,6 +34,15 @@ android {
jvmTarget = javaVersion.toString()
}
signingConfigs {
ci {
storeFile file("${System.getProperty("user.home")}/keystore.jks")
storePassword System.getenv("SIGNING_STORE_PASSWORD")
keyAlias System.getenv("SIGNING_KEY_ALIAS")
keyPassword System.getenv("SIGNING_KEY_PASSWORD")
}
}
buildTypes {
release {
debuggable true
@ -45,13 +54,14 @@ android {
minifyEnabled true
shrinkResources true
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.debug
signingConfig = System.getenv("CI") ? signingConfigs.ci : signingConfigs.debug
}
debug {
debuggable true
minifyEnabled false
shrinkResources false
signingConfig = System.getenv("CI") ? signingConfigs.ci : signingConfigs.debug
}
}