diff --git a/.drone.yml b/.drone.yml index d031c9c5..8b392b5a 100644 --- a/.drone.yml +++ b/.drone.yml @@ -23,6 +23,10 @@ steps: commands: - ./ci.py --ci-build-apk + - name: Build Bundle Target + commands: + - ./ci.py --ci-build-bundle + trigger: event: - push @@ -45,59 +49,70 @@ steps: - git config user.email "builder@selfprivacy.org" - git config user.name "Builder" - - name: Build Intermediate Linux Release Artifact (Binary) +# - name: Build Intermediate Linux Release Artifact (Binary) +# commands: +# - ./ci.py --build-linux +# environment: +# STANDALONE_KEYSTORE_PASS: +# from_secret: STANDALONE_KEYSTORE_PASS +# FDROID_KEYSTORE_PASS: +# from_secret: FDROID_KEYSTORE_PASS + +# - name: Build Intermediate Android Release Artifact (.APK) +# commands: +# - ./ci.py --build-apk +# environment: +# STANDALONE_KEYSTORE_PASS: +# from_secret: STANDALONE_KEYSTORE_PASS +# FDROID_KEYSTORE_PASS: +# from_secret: FDROID_KEYSTORE_PASS + + - name: Build and Sign Android Release Artifact (Bundle) commands: - - ./ci.py --build-linux + - ./ci.py --build-bundle environment: STANDALONE_KEYSTORE_PASS: from_secret: STANDALONE_KEYSTORE_PASS FDROID_KEYSTORE_PASS: from_secret: FDROID_KEYSTORE_PASS + GOOGLE_KEYSTORE_CONF: + from_secret: GOOGLE_KEYSTORE_CONF - - name: Build Intermediate Android Release Artifact (.APK) - commands: - - ./ci.py --build-apk - environment: - STANDALONE_KEYSTORE_PASS: - from_secret: STANDALONE_KEYSTORE_PASS - FDROID_KEYSTORE_PASS: - from_secret: FDROID_KEYSTORE_PASS +# - name: Sign Android Release Artifact (.APK) for Standalone Use +# commands: +# - ./ci.py --sign-apk-standalone +# environment: +# STANDALONE_KEYSTORE_PASS: +# from_secret: STANDALONE_KEYSTORE_PASS +# FDROID_KEYSTORE_PASS: +# from_secret: FDROID_KEYSTORE_PASS - - name: Sign Android Release Artifact (.APK) for Standalone Use - commands: - - ./ci.py --sign-apk-standalone - environment: - STANDALONE_KEYSTORE_PASS: - from_secret: STANDALONE_KEYSTORE_PASS - FDROID_KEYSTORE_PASS: - from_secret: FDROID_KEYSTORE_PASS +# - name: Sign Android Release Artifact (.APK) for F-Droid Repository +# commands: +# - ./ci.py --sign-apk-fdroid +# environment: +# STANDALONE_KEYSTORE_PASS: +# from_secret: STANDALONE_KEYSTORE_PASS +# FDROID_KEYSTORE_PASS: +# from_secret: FDROID_KEYSTORE_PASS - - name: Sign Android Release Artifact (.APK) for F-Droid Repository - commands: - - ./ci.py --sign-apk-fdroid - environment: - STANDALONE_KEYSTORE_PASS: - from_secret: STANDALONE_KEYSTORE_PASS - FDROID_KEYSTORE_PASS: - from_secret: FDROID_KEYSTORE_PASS +# - name: Package Linux AppImage Artifact +# commands: +# - ./ci.py --package-linux-appimage - - name: Package Linux AppImage Artifact - commands: - - ./ci.py --package-linux-appimage +# - name: Package Linux Flatpak Artifact +# commands: +# - ./ci.py --package-linux-flatpak - - name: Package Linux Flatpak Artifact - commands: - - ./ci.py --package-linux-flatpak +# - name: Package Linux Archive Artifact +# commands: +# - ./ci.py --package-linux-archive - - name: Package Linux Archive Artifact - commands: - - ./ci.py --package-linux-archive - - - name: Push Artifacts to the Release Volume - commands: - - git add -v *.AppImage *.AppImage.zsync *.flatpak *.apk *.apk.idsig *.tar.zstd - - git commit -m Release - - git archive --format=tar HEAD | podman volume import release - +# - name: Push Artifacts to the Release Volume +# commands: +# - git add -v *.AppImage *.AppImage.zsync *.flatpak *.apk *.apk.idsig *.tar.zstd +# - git commit -m Release +# - git archive --format=tar HEAD | podman volume import release - trigger: event: diff --git a/android/app/build.gradle b/android/app/build.gradle index 0963724e..d5a704a9 100644 --- a/android/app/build.gradle +++ b/android/app/build.gradle @@ -21,6 +21,12 @@ if (flutterVersionName == null) { flutterVersionName = '1.0' } +def keystoreProperties = new Properties() +def keystorePropertiesFile = rootProject.file('key.properties') +if (keystorePropertiesFile.exists()) { + keystoreProperties.load(new FileInputStream(keystorePropertiesFile)) +} + apply plugin: 'com.android.application' apply plugin: 'kotlin-android' apply from: "$flutterRoot/packages/flutter_tools/gradle/flutter.gradle" @@ -55,11 +61,18 @@ android { versionName flutterVersionName } + signingConfigs { + release { + keyAlias keystoreProperties['keyAlias'] + keyPassword keystoreProperties['keyPassword'] + storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : null + storePassword keystoreProperties['storePassword'] + } + } + buildTypes { release { - // TODO: Add your own signing config for the release build. - // Signing with the debug keys for now, so `flutter run --release` works. - signingConfig signingConfigs.debug + signingConfig signingConfigs.release } } } diff --git a/ci.py b/ci.py index 41285194..f2ef720b 100755 --- a/ci.py +++ b/ci.py @@ -22,10 +22,12 @@ def podman_offline(dir, *args): subprocess.run(["podman", "run", "--rm", "--network=none", "--cap-add=CHOWN", f"--workdir={dir}", "-v", os.getcwd() + f":{CONTAINER_HOME}/src", "-v", f"{HOST_HOME}/fdroid:{CONTAINER_HOME}/fdroid", - "-v", f"{HOST_HOME}/fdroid-keystore:{CONTAINER_HOME}/fdroid/fdroid-keystore", - "-v", f"{HOST_HOME}/standalone-keystore:{CONTAINER_HOME}/fdroid/standalone-keystore", + "-v", f"{HOST_HOME}/fdroid-keystore:{CONTAINER_HOME}/fdroid-keystore", + "-v", f"{HOST_HOME}/standalone-keystore:{CONTAINER_HOME}/standalone-keystore", + "-v", f"{HOST_HOME}/google-keystore:{CONTAINER_HOME}/google-keystore", "--env", "FDROID_KEYSTORE_PASS=" + os.environ.get('FDROID_KEYSTORE_PASS'), "--env", "STANDALONE_KEYSTORE_PASS=" + os.environ.get('STANDALONE_KEYSTORE_PASS'), + "--env", "GOOGLE_KEYSTORE_CONF=" + os.environ.get('GOOGLE_KEYSTORE_CONF'), "--user", os.getuid().__str__() + ":" + os.getgid().__str__(), "--userns=keep-id", CONTAINER_IMAGE, "bash", "-c", ' '.join(args) ], check=True) @@ -48,13 +50,18 @@ def build_apk(): podman_offline(f"{CONTAINER_HOME}/src", "chown -R $(id -u):$(id -g) /tmp/gradle /tmp/flutter_pub_cache", "&& flutter pub get --offline", "&& flutter build apk --flavor production") +def build_bundle(): + podman_offline(f"{CONTAINER_HOME}/src", "chown -R $(id -u):$(id -g) /tmp/gradle /tmp/flutter_pub_cache", + "&& echo $GOOGLE_KEYSTORE_CONF > android/key.properties", + "&& flutter pub get --offline", + "&& flutter build appbundle --flavor production") def sign_apk_standalone(): podman_offline(f"{CONTAINER_HOME}/src", "zipalign -f -v 4 build/app/outputs/flutter-apk/app-production-release.apk", f"standalone_{APP_NAME}-{APP_SEMVER}.apk") podman_offline(f"{CONTAINER_HOME}/src", - "apksigner sign --ks ../fdroid/standalone-keystore --ks-key-alias standalone --ks-pass", + f"apksigner sign --ks {CONTAINER_HOME}/standalone-keystore --ks-key-alias standalone --ks-pass", f"env:STANDALONE_KEYSTORE_PASS standalone_{APP_NAME}-{APP_SEMVER}.apk") def sign_apk_fdroid(): @@ -113,6 +120,7 @@ if __name__ == "__main__": group = parser.add_mutually_exclusive_group() group.add_argument("--build-linux", action="store_true") group.add_argument("--build-apk", action="store_true") + group.add_argument("--build-bundle", action="store_true", help="depends on $GOOGLE_KEYSTORE_CONF") group.add_argument("--sign-apk-standalone", action="store_true", help="depends on $STANDALONE_KEYSTORE_PASS") group.add_argument("--sign-apk-fdroid", action="store_true", help="depends on $FDROID_KEYSTORE_PASS") group.add_argument("--package-linux-appimage", action="store_true")