Catroid Release Pipeline #34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Catroid Release Pipeline | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| RELEASE_CATROID: | |
| description: "Release a new version of Catroid" | |
| type: boolean | |
| default: true | |
| RELEASE_EMBROIDERY: | |
| description: "Release a new version of Embroidery Designer" | |
| type: boolean | |
| default: true | |
| TRACK: | |
| description: "Google Play track to release to" | |
| type: choice | |
| options: | |
| - alpha | |
| - beta | |
| - qa | |
| - production | |
| default: "alpha" | |
| env: | |
| JAVA_VERSION: 21 | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.sha }} | |
| cancel-in-progress: false | |
| jobs: | |
| check_release_config: | |
| name: Check Release Configuration | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check Release Configuration | |
| run: | | |
| if [ "${{ inputs.RELEASE_CATROID }}" = 'false' ] && [ "${{ inputs.RELEASE_EMBROIDERY }}" = 'false' ]; then | |
| echo "At least one release build must be selected for release" | |
| exit 1 | |
| fi | |
| release: | |
| name: Build and Release | |
| runs-on: ubuntu-latest | |
| environment: production | |
| needs: check_release_config | |
| # Required for attestations | |
| permissions: | |
| id-token: write | |
| contents: read | |
| attestations: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| build: | |
| - name: "Catroid" | |
| enabled: ${{ inputs.RELEASE_CATROID }} | |
| packageName: "org.catrobat.catroid" | |
| buildPath: "catroid/build/outputs/bundle/catroidSignedRelease/catroid-catroid-signedRelease.aab" | |
| buildName: Catroid | |
| - name: "Embroidery Designer" | |
| enabled: ${{ inputs.RELEASE_EMBROIDERY }} | |
| packageName: "org.catrobat.catroid.embroiderydesigner" | |
| buildPath: "catroid/build/outputs/bundle/embroideryDesignerSignedRelease/catroid-embroideryDesigner-signedRelease.aab" | |
| buildName: EmbroideryDesigner | |
| steps: | |
| - name: Skip Disabled Builds | |
| if: ${{ !matrix.build.enabled }} | |
| run: echo "Skipping build for ${{ matrix.build.name }}" && exit 0 | |
| - uses: actions/checkout@v4 | |
| - name: Setup JDK ${{ env.JAVA_VERSION }} | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: "temurin" | |
| java-version: ${{ env.JAVA_VERSION }} | |
| cache: gradle | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| - name: Prepare Signing Key | |
| run: | | |
| echo "${{ secrets.SIGNING_KEYSTORE }}" | base64 -d > $RUNNER_TEMP/signing-key.jks | |
| - name: Build ${{ matrix.build.name }} AAB | |
| run: ./gradlew copyAndroidNatives bundle${{ matrix.build.buildName }} | |
| env: | |
| SIGNING_KEYSTORE: ${{ runner.temp }}/signing-key.jks | |
| SIGNING_KEYSTORE_PASSWORD: ${{ secrets.SIGNING_KEYSTORE_PASSWORD }} | |
| SIGNING_KEY_ALIAS: ${{ vars.SIGNING_KEY_ALIAS }} | |
| SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }} | |
| - name: Clean Up Signing Key | |
| run: shred -u $RUNNER_TEMP/signing-key.jks | |
| - name: Upload ${{ matrix.build.name }} AAB | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ matrix.build.buildName }}-AAB | |
| path: ${{ matrix.build.buildPath }} | |
| retention-days: 90 | |
| - name: Generate artifact attestation for ${{ matrix.build.name }} | |
| uses: actions/attest-build-provenance@v3 | |
| with: | |
| subject-path: ${{ matrix.build.buildPath }} | |
| - name: Upload ${{ matrix.build.name }} to Google Play | |
| uses: r0adkll/upload-google-play@v1 | |
| with: | |
| releaseFiles: ${{ matrix.build.buildPath }} | |
| serviceAccountJsonPlainText: ${{ secrets.GOOGLE_PLAY_SERVICE_ACCOUNT }} | |
| packageName: ${{ matrix.build.packageName }} | |
| track: ${{ inputs.TRACK }} |