-
Notifications
You must be signed in to change notification settings - Fork 45
107 lines (104 loc) · 4.41 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# NOTE: This name appears in GitHub's Checks API and in workflow's status badge.
name: release
# Trigger the workflow when:
on:
# A push occurs to one of the matched tags.
push:
tags:
# Pattern that roughly matches Oasis Core's version tags.
# For more details on GitHub Actions' pattern match syntax, see:
# https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#patterns-to-match-branches-and-tags.
- 'v[0-9]+.[0-9]+*'
# Disable secrets.GITHUB_TOKEN permissions.
permissions: {}
jobs:
release:
# NOTE: This name appears in GitHub's Checks API.
name: prepare-release
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up OpenJDK 17
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
- name: Set up Node.js 18
uses: actions/setup-node@v4
with:
node-version: '18.x'
cache: yarn
- name: Install dependencies
run: yarn install --frozen-lockfile
- name: Build web ROSE Wallet
run: yarn build
- name: Build extension ROSE Wallet
run: yarn build:ext
- name: Sync Capacitor for Android
run: yarn cap sync android
- name: Accept SDK licenses
run: yes | "$ANDROID_SDK_ROOT/cmdline-tools/latest/bin/sdkmanager" --licenses
# Capacitor v6 sets a deployment target of Android 14 (SDK 34)
- name: Install SDK components
run: |
"$ANDROID_SDK_ROOT/cmdline-tools/latest/bin/sdkmanager" "platform-tools" "platforms;android-34" "build-tools;34.0.0"
- name: Build Android ROSE Wallet
run: ./gradlew bundleRelease
working-directory: android
- name: Decode and Save Keystore File
run: |
echo "${{ secrets.KEYSTORE_FILE }}" | base64 --decode > android/release.jks
- name: Sign Android bundle
run: |
jarsigner -verbose -keystore "android/release.jks" -storepass "${{ secrets.KEYSTORE_PASSWORD }}" -keypass "${{ secrets.KEYSTORE_PASSWORD }}" -signedjar "android/app/build/outputs/bundle/release/app-release-signed.aab" "android/app/build/outputs/bundle/release/app-release.aab" "${{ secrets.KEY_ALIAS }}"
- name: Set workflow variables
# Id is needed to access output in a next step.
id: vars
env:
# There's no support for escaping this for use in a shell command.
# GitHub's recommendation is to pass it through the environment.
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
REF_NAME: ${{ github.ref_name }}
# We want to show version without the leading 'v'
# and use short SHA of the commit for file name.
run: |
echo "VERSION=$(echo "$REF_NAME" | sed 's/^v//')" >> "$GITHUB_OUTPUT"
- name: Copy and rename Android bundle
env:
# Need to escape again
VERSION: ${{ steps.vars.outputs.VERSION }}
run: |
cp "android/app/build/outputs/bundle/release/app-release-signed.aab" "rose-wallet-android-$VERSION.aab"
- name: Create web ROSE Wallet zip file
env:
VERSION: ${{ steps.vars.outputs.VERSION }}
run: |
cd build/
zip -r "../rose-wallet-web-$VERSION.zip" .
- name: Create extension ROSE Wallet zip file
env:
VERSION: ${{ steps.vars.outputs.VERSION }}
run: |
cd build-ext/
zip -r "../rose-wallet-ext-$VERSION.zip" .
- name: Parse CHANGELOG.md file and extract changes for the given version
uses: buberdds/extract-changelog-action@v1
id: changelog
with:
version: ${{ steps.vars.outputs.VERSION }}
- name: Release
uses: softprops/action-gh-release@v1
with:
files: |
rose-wallet-android-${{ steps.vars.outputs.VERSION }}.aab
rose-wallet-web-${{ steps.vars.outputs.VERSION }}.zip
rose-wallet-ext-${{ steps.vars.outputs.VERSION }}.zip
build/Content-Security-Policy.txt
build/Permissions-Policy.txt
name: ROSE Wallet ${{ steps.vars.outputs.VERSION }}
body: ${{ steps.changelog.outputs.content }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}