diff --git a/.github/workflows/ballfield.yml b/.github/workflows/ballfield.yml index 2f4d83350..12b2b90fd 100644 --- a/.github/workflows/ballfield.yml +++ b/.github/workflows/ballfield.yml @@ -110,13 +110,34 @@ jobs: export PATH=$ANDROID_NDK_LATEST_HOME:$ANDROID_SDK_ROOT/build-tools/31.0.0:$PATH ./build.sh + - name: App signing keys + run: | + echo "$ANDROID_KEYSTORE_B64" | base64 -d > keystore.jks || true + echo "$ANDROID_UPLOAD_KEYSTORE_B64" | base64 -d > upload_keystore.jks || true + find keystore.jks -empty -delete || true + find upload_keystore.jks -empty -delete || true + env: + ANDROID_KEYSTORE_B64: "${{secrets.ANDROID_KEYSTORE_B64}}" + ANDROID_UPLOAD_KEYSTORE_B64: "${{secrets.ANDROID_UPLOAD_KEYSTORE_B64}}" + - name: Package run: | + if [ -e keystore.jks ]; then + export ANDROID_KEYSTORE_FILE=`pwd`/keystore.jks + fi + if [ -e upload_keystore.jks ]; then + export ANDROID_UPLOAD_KEYSTORE_FILE=`pwd`/upload_keystore.jks + fi mkdir -p upload/ - mv project/app/build/outputs/apk/release/app-release.apk upload/${APP_NAME}.apk - cd project - ./gradlew bundleReleaseWithDebugInfo - mv app/build/outputs/bundle/releaseWithDebugInfo/app-releaseWithDebugInfo.aab ../upload/${APP_NAME}.aab + ./sign.sh + mv *.apk upload/ + ./signBundle.sh + mv *.aab upload/ + env: + ANDROID_KEYSTORE_PASS: "${{secrets.ANDROID_KEYSTORE_PASS}}" + ANDROID_KEYSTORE_ALIAS: "${{secrets.ANDROID_KEYSTORE_ALIAS}}" + ANDROID_UPLOAD_KEYSTORE_PASS: "${{secrets.ANDROID_UPLOAD_KEYSTORE_PASS}}" + ANDROID_UPLOAD_KEYSTORE_ALIAS: "${{secrets.ANDROID_UPLOAD_KEYSTORE_ALIAS}}" # Github actions is dumb and won't let you download single files from artifacts, so break up the artifacts instead - uses: actions/upload-artifact@v2 diff --git a/.github/workflows/sdl2-demo.yml b/.github/workflows/sdl2-demo.yml index 2a6127adb..7a9bded62 100644 --- a/.github/workflows/sdl2-demo.yml +++ b/.github/workflows/sdl2-demo.yml @@ -110,13 +110,34 @@ jobs: export PATH=$ANDROID_NDK_LATEST_HOME:$ANDROID_SDK_ROOT/build-tools/31.0.0:$PATH ./build.sh + - name: App signing keys + run: | + echo "$ANDROID_KEYSTORE_B64" | base64 -d > keystore.jks || true + echo "$ANDROID_UPLOAD_KEYSTORE_B64" | base64 -d > upload_keystore.jks || true + find keystore.jks -empty -delete || true + find upload_keystore.jks -empty -delete || true + env: + ANDROID_KEYSTORE_B64: "${{secrets.ANDROID_KEYSTORE_B64}}" + ANDROID_UPLOAD_KEYSTORE_B64: "${{secrets.ANDROID_UPLOAD_KEYSTORE_B64}}" + - name: Package run: | + if [ -e keystore.jks ]; then + export ANDROID_KEYSTORE_FILE=`pwd`/keystore.jks + fi + if [ -e upload_keystore.jks ]; then + export ANDROID_UPLOAD_KEYSTORE_FILE=`pwd`/upload_keystore.jks + fi mkdir -p upload/ - mv project/app/build/outputs/apk/release/app-release.apk upload/${APP_NAME}.apk - cd project - ./gradlew bundleReleaseWithDebugInfo - mv app/build/outputs/bundle/releaseWithDebugInfo/app-releaseWithDebugInfo.aab ../upload/${APP_NAME}.aab + ./sign.sh + mv *.apk upload/ + ./signBundle.sh + mv *.aab upload/ + env: + ANDROID_KEYSTORE_PASS: "${{secrets.ANDROID_KEYSTORE_PASS}}" + ANDROID_KEYSTORE_ALIAS: "${{secrets.ANDROID_KEYSTORE_ALIAS}}" + ANDROID_UPLOAD_KEYSTORE_PASS: "${{secrets.ANDROID_UPLOAD_KEYSTORE_PASS}}" + ANDROID_UPLOAD_KEYSTORE_ALIAS: "${{secrets.ANDROID_UPLOAD_KEYSTORE_ALIAS}}" # Github actions is dumb and won't let you download single files from artifacts, so break up the artifacts instead - uses: actions/upload-artifact@v2 diff --git a/project/jni/application/supertux/supertux b/project/jni/application/supertux/supertux index 63642b248..16b736179 160000 --- a/project/jni/application/supertux/supertux +++ b/project/jni/application/supertux/supertux @@ -1 +1 @@ -Subproject commit 63642b2488131c36e46524757a43c58812a5bf54 +Subproject commit 16b736179a42ec7483eadca8ee0e8b1a2acb0c33 diff --git a/sign.sh b/sign.sh index 1796e0ac6..75a0d73d3 100755 --- a/sign.sh +++ b/sign.sh @@ -1,8 +1,8 @@ #!/bin/sh # Set path to your Android keystore and your keystore alias here, or put them in your environment -[ -z "$ANDROID_KEYSTORE_FILE" ] && ANDROID_KEYSTORE_FILE=~/.android/debug.keystore +[ -z "$ANDROID_KEYSTORE_FILE" ] && ANDROID_KEYSTORE_FILE=$HOME/.android/debug.keystore [ -z "$ANDROID_KEYSTORE_ALIAS" ] && ANDROID_KEYSTORE_ALIAS=androiddebugkey -PASS= +PASS="--ks-pass pass:android" [ -n "$ANDROID_KEYSTORE_PASS" ] && PASS="--ks-pass env:ANDROID_KEYSTORE_PASS" [ -n "$ANDROID_KEYSTORE_PASS_FILE" ] && PASS="--ks-pass file:$ANDROID_KEYSTORE_PASS_FILE" @@ -19,7 +19,7 @@ cp -f app-release.apk Signed.apk rm -f ../../../../../../$APPNAME-$APPVER.apk zipalign 4 Signed.apk ../../../../../../$APPNAME-$APPVER.apk rm -f Signed.apk -echo Using keystore $ANDROID_KEYSTORE_FILE and alias $ANDROID_KEYSTORE_ALIAS +echo Using keystore $ANDROID_KEYSTORE_FILE stty -echo apksigner sign --ks $ANDROID_KEYSTORE_FILE --ks-key-alias $ANDROID_KEYSTORE_ALIAS $PASS ../../../../../../$APPNAME-$APPVER.apk || exit 1 stty echo diff --git a/signBundle.sh b/signBundle.sh index 140dae663..800abf7e9 100755 --- a/signBundle.sh +++ b/signBundle.sh @@ -1,6 +1,8 @@ #!/bin/sh # Set path to your Android keystore and your keystore alias here, or put them in your environment -PASS= +[ -z "$ANDROID_UPLOAD_KEYSTORE_FILE" ] && ANDROID_UPLOAD_KEYSTORE_FILE=$HOME/.android/debug.keystore +[ -z "$ANDROID_UPLOAD_KEYSTORE_ALIAS" ] && ANDROID_UPLOAD_KEYSTORE_ALIAS=androiddebugkey +PASS="-storepass android" [ -n "$ANDROID_UPLOAD_KEYSTORE_PASS" ] && PASS="-storepass:env ANDROID_UPLOAD_KEYSTORE_PASS" [ -n "$ANDROID_UPLOAD_KEYSTORE_PASS_FILE" ] && PASS="-storepass:file $ANDROID_UPLOAD_KEYSTORE_PASS_FILE" @@ -21,7 +23,7 @@ cd app/build/outputs/bundle/releaseWithDebugInfo || exit 1 # Remove old certificate cp -f app-releaseWithDebugInfo.aab ../../../../../../$APPNAME-$APPVER.aab || exit 1 # Sign with the new certificate -echo Using keystore $ANDROID_UPLOAD_KEYSTORE_FILE and alias $ANDROID_UPLOAD_KEYSTORE_ALIAS +echo Using keystore $ANDROID_UPLOAD_KEYSTORE_FILE stty -echo jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore $ANDROID_UPLOAD_KEYSTORE_FILE $PASS ../../../../../../$APPNAME-$APPVER.aab $ANDROID_UPLOAD_KEYSTORE_ALIAS || exit 1 stty echo