name: Android CI with Release Signing on: push: branches: [ "main" ] pull_request: branches: [ "main" ] jobs: build-and-sign: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Set up JDK 17 uses: actions/setup-java@v4 with: java-version: '17' distribution: 'temurin' cache: gradle - name: Grant execute permission for gradlew run: chmod +x gradlew - name: Create signing properties file run: | cat > app/signing.properties << EOF storeFile=../keystore.jks storePassword=${{ secrets.KEYSTORE_PASSWORD }} keyAlias=${{ secrets.ALIAS }} keyPassword=${{ secrets.KEY_PASSWORD }} EOF - name: Restore signing key run: | echo "${{ secrets.SIGNING_KEY }}" | base64 --decode > keystore.jks ls -la keystore.jks - name: Set up signing environment run: | echo "KEYSTORE_PATH=../keystore.jks" >> $GITHUB_ENV echo "KEYSTORE_PASSWORD=${{ secrets.KEYSTORE_PASSWORD }}" >> $GITHUB_ENV echo "ALIAS=${{ secrets.ALIAS }}" >> $GITHUB_ENV echo "KEY_PASSWORD=${{ secrets.KEY_PASSWORD }}" >> $GITHUB_ENV echo "Signing environment variables set" - name: Build release APK run: ./gradlew assembleRelease - name: Sign APK (alternative method) uses: r0adkll/sign-android-release@v1 with: releaseDirectory: app/build/outputs/apk/release signingKeyBase64: ${{ secrets.SIGNING_KEY }} alias: ${{ secrets.ALIAS }} keyStorePassword: ${{ secrets.KEYSTORE_PASSWORD }} keyPassword: ${{ secrets.KEY_PASSWORD }} - name: Upload signed APK uses: actions/upload-artifact@v4 with: name: app-release-signed path: app/build/outputs/apk/release/app-release-signed.apk - name: Upload debug APK as fallback if: always() uses: actions/upload-artifact@v4 with: name: app-debug path: app/build/outputs/apk/debug/app-debug.apk