add standalone signing

This commit is contained in:
Alya Sirko 2022-09-02 03:24:14 +03:00
parent 6ddd5cf7c4
commit 014d584721

View file

@ -39,21 +39,45 @@ steps:
SSH_PRIVATE_KEY:
from_secret: SSH_PRIVATE_KEY
- name: Build and Sign Release Artifact for F-Droid Repository
- name: Build Intermediate Release Artifact
commands:
# Prepare SSH keys
- eval `ssh-agent -s`
- echo "$SSH_PRIVATE_KEY" | ssh-add -
# Build release artifact
# Build intermediate release artifact
- ssh builder@isolated "cd src && flutter build apk --release"
# Fetch the release artifact
- scp builder@isolated:/var/lib/builder/src/build/app/outputs/flutter-apk/app-release.apk `pwd`
# Rename the artifact in a more informative way
environment:
SSH_PRIVATE_KEY:
from_secret: SSH_PRIVATE_KEY
- name: Sign Release Artifact for Standalone Use
commands:
# Get app build ID
- export APP_BUILD_ID=`yq '.version' pubspec.yaml | cut -d "+" -f2`
- mv app-release.apk "pro.kherel.selfprivacy_$APP_BUILD_ID.apk"
# Prepare SSH keys
- eval `ssh-agent -s`
- echo "$SSH_PRIVATE_KEY" | ssh-add -
# Upload and sign the artifact
- scp "pro.kherel.selfprivacy_$APP_BUILD_ID.apk" fdroid@isolated:/var/lib/fdroid/unsigned
- ssh fdroid@isolated "export FDROID_KEY_STORE_PASS=`cat .store-key` FDROID_KEY_PASS=`cat .repo-key` && fdroid publish && fdroid update"
- scp app-release.apk builder@isolated:/var/lib/builder
- ssh builder@isolated "zipalign -f -v 4 app-release.apk standalone_app-release.apk && apksigner sign --ks /run/secrets/standalone-keystore --ks-key-alias standalone --ks-pass file:/run/secrets/standalone-keystore-pass standalone_app-release.apk"
# Fetch the signed artifact
- scp builder@isolated:/var/lib/builder/standalone_app-release.apk `pwd`/"standalone_pro.kherel.selfprivacy_$APP_BUILD_ID.apk"
- scp builder@isolated:/var/lib/builder/standalone_app-release.apk `pwd`/"standalone_pro.kherel.selfprivacy_$APP_BUILD_ID.apk.idsig"
environment:
SSH_PRIVATE_KEY:
from_secret: SSH_PRIVATE_KEY
- name: Sign Release Artifact for F-Droid Repository
# Get app build ID
- export APP_BUILD_ID=`yq '.version' pubspec.yaml | cut -d "+" -f2`
# Prepare SSH keys
- eval `ssh-agent -s`
- echo "$SSH_PRIVATE_KEY" | ssh-add -
# Upload and sign the artifact
- scp app-release.apk fdroid@isolated:/var/lib/fdroid/unsigned/"standalone_pro.kherel.selfprivacy_$APP_BUILD_ID.apk"
- ssh fdroid@isolated "fdroid publish && fdroid update"
- scp -r fdroid@isolated:/var/lib/fdroid/repo `pwd`
environment:
SSH_PRIVATE_KEY:
@ -65,6 +89,7 @@ steps:
- eval `ssh-agent -s`
- echo "$SSH_PRIVATE_KEY" | ssh-add -
# Copy the artifacts to the F-Droid repository
- ls
- ls repo/
environment:
SSH_PRIVATE_KEY: