ci: Sign manually

2025-06-21 10:44:42 +00:00 · 2024-05-24 10:19:22 +07:00 · 2024-05-24 10:19:22 +07:00 · a7117e8ce1
commit a7117e8ce1
parent 65707948a6
1 changed files with 34 additions and 8 deletions
--- a/.github/workflows/build_push.yml
+++ b/.github/workflows/build_push.yml
@ -28,6 +28,10 @@ jobs:
        with:
          fetch-depth: 0

+      - name: Setup Android SDK
+        run: |
+          ${ANDROID_SDK_ROOT}/cmdline-tools/latest/bin/sdkmanager "build-tools;29.0.3"
+
      - name: Setup Gradle
        uses: null2264/actions/gradle-setup@b697b0b95bb90ab23c1145b744dddd2fd3e3a838
        with:
@ -95,14 +99,36 @@ jobs:

      - name: Sign APK
        if: env.VERSION_TAG != ''
-        uses: ilharp/sign-android-release@v1
-        id: sign_app
-        with:
-          releaseDir: app/build/outputs/apk/standard/${{ startsWith(env.VERSION_TAG, 'v') && 'release' || 'nightly' }}
-          signingKey: ${{ secrets.SIGNING_KEY }}
-          keyAlias: ${{ secrets.ALIAS }}
-          keyStorePassword: ${{ secrets.KEY_STORE_PASSWORD }}
-          keyPassword: ${{ secrets.KEY_PASSWORD }}
+        run: |
+          APK_DIR=app/build/outputs/apk/standard/${{ startsWith(env.VERSION_TAG, 'v') && 'release' || 'nightly' }}
+
+          echo "${{ secrets.SIGNING_KEY }}" | base64 -d > /tmp/signingkey.jks
+
+          APKS=($(ls -1 $APK_DIR/app-standard-*.apk))
+
+          for i in "${APKS[@]}"; do
+                  echo "Compiling ${i}"
+                  SIGNED_NAME="$(echo $i | sed 's/.apk$/-signed.apk/g')"
+                  zipalign -p -f -v 4 $i "${i}.aligned"
+                  apksigner sign \
+                    --ks /tmp/signingkey.jks \
+                    --out $SIGNED_NAME \
+                    --ks-key-alias "${{ secrets.ALIAS }}" \
+                    --ks-pass "${{ secrets.KEY_STORE_PASSWORD }}" \
+                    --key-pass "${{ secrets.KEY_PASSWORD }}" \
+                    "${i}.aligned"
+          done
+
+#       - name: Sign APK
+#         if: env.VERSION_TAG != ''
+#         uses: ilharp/sign-android-release@v1
+#         id: sign_app
+#         with:
+#           releaseDir: app/build/outputs/apk/standard/${{ startsWith(env.VERSION_TAG, 'v') && 'release' || 'nightly' }}
+#           signingKey: ${{ secrets.SIGNING_KEY }}
+#           keyAlias: ${{ secrets.ALIAS }}
+#           keyStorePassword: ${{ secrets.KEY_STORE_PASSWORD }}
+#           keyPassword: ${{ secrets.KEY_PASSWORD }}

      - name: Clean up build artifacts
        if: env.VERSION_TAG != ''