Loading .gitlab-ci.yml +74 −0 Original line number Diff line number Diff line Loading @@ -2,6 +2,7 @@ image: "registry.gitlab.e.foundation/e/os/docker-android-apps-cicd:latest" stages: - build - sign - publish - update-from-upstream Loading Loading @@ -30,6 +31,48 @@ before_script: - ./gradlew assembleMapboxDefaultDebug assembleDefaultDebug - ./gradlew assembleMapboxDefaultRelease assembleDefaultRelease .sign_release_apks: &sign_release_apks - | : "${KEYSTORE:?KEYSTORE CI variable is required}" : "${KEYSTORE_PASSWORD:?KEYSTORE_PASSWORD CI variable is required}" : "${KEYSTORE_ALIAS:?KEYSTORE alias CI variable is required}" echo "${KEYSTORE}" | base64 -d > ~/proprietary.keystore.jks apk_list="$(mktemp)" for apk_dir in play-services-core/build/outputs/apk vending-app/build/outputs/apk; do if [ -d "${apk_dir}" ]; then find "${apk_dir}" -type f -path '*/release/*.apk' -name '*.apk' >> "${apk_list}" fi done sort -o "${apk_list}" "${apk_list}" if [ ! -s "${apk_list}" ]; then echo "No release APKs found in build artifacts" rm -f "${apk_list}" ~/proprietary.keystore.jks exit 1 fi while IFS= read -r apk; do relative_dir="$(dirname "${apk}")" output_dir="signed-apk/${SIGNATURE_LABEL}/${relative_dir}" output_name="$(basename "${apk}" .apk)-${SIGNATURE_LABEL}.apk" output_path="${output_dir}/${output_name}" mkdir -p "${output_dir}" cp "${apk}" "${output_path}" /usr/bin/apksigner sign \ --ks ~/proprietary.keystore.jks \ --ks-key-alias "${KEYSTORE_ALIAS}" \ --ks-pass env:KEYSTORE_PASSWORD \ "${output_path}" echo "Signed ${output_path}" done < "${apk_list}" rm -f "${apk_list}" ~/proprietary.keystore.jks .build_template: stage: build before_script: Loading Loading @@ -58,6 +101,37 @@ build-nearby: - *protected_tag_rule - when: never .signed_build_template: stage: sign needs: - job: build artifacts: true rules: - when: manual allow_failure: true script: - *sign_release_apks buildOfficial: extends: .signed_build_template variables: SIGNATURE_LABEL: official before_script: - export KEYSTORE_ALIAS="$KEYSTORE_ALIAS_OFFICIAL" artifacts: paths: - signed-apk/official/ buildCommunity: extends: .signed_build_template variables: SIGNATURE_LABEL: community before_script: - export KEYSTORE_ALIAS="$KEYSTORE_ALIAS_COMMUNITY" artifacts: paths: - signed-apk/community/ publish: stage: publish rules: Loading Loading
.gitlab-ci.yml +74 −0 Original line number Diff line number Diff line Loading @@ -2,6 +2,7 @@ image: "registry.gitlab.e.foundation/e/os/docker-android-apps-cicd:latest" stages: - build - sign - publish - update-from-upstream Loading Loading @@ -30,6 +31,48 @@ before_script: - ./gradlew assembleMapboxDefaultDebug assembleDefaultDebug - ./gradlew assembleMapboxDefaultRelease assembleDefaultRelease .sign_release_apks: &sign_release_apks - | : "${KEYSTORE:?KEYSTORE CI variable is required}" : "${KEYSTORE_PASSWORD:?KEYSTORE_PASSWORD CI variable is required}" : "${KEYSTORE_ALIAS:?KEYSTORE alias CI variable is required}" echo "${KEYSTORE}" | base64 -d > ~/proprietary.keystore.jks apk_list="$(mktemp)" for apk_dir in play-services-core/build/outputs/apk vending-app/build/outputs/apk; do if [ -d "${apk_dir}" ]; then find "${apk_dir}" -type f -path '*/release/*.apk' -name '*.apk' >> "${apk_list}" fi done sort -o "${apk_list}" "${apk_list}" if [ ! -s "${apk_list}" ]; then echo "No release APKs found in build artifacts" rm -f "${apk_list}" ~/proprietary.keystore.jks exit 1 fi while IFS= read -r apk; do relative_dir="$(dirname "${apk}")" output_dir="signed-apk/${SIGNATURE_LABEL}/${relative_dir}" output_name="$(basename "${apk}" .apk)-${SIGNATURE_LABEL}.apk" output_path="${output_dir}/${output_name}" mkdir -p "${output_dir}" cp "${apk}" "${output_path}" /usr/bin/apksigner sign \ --ks ~/proprietary.keystore.jks \ --ks-key-alias "${KEYSTORE_ALIAS}" \ --ks-pass env:KEYSTORE_PASSWORD \ "${output_path}" echo "Signed ${output_path}" done < "${apk_list}" rm -f "${apk_list}" ~/proprietary.keystore.jks .build_template: stage: build before_script: Loading Loading @@ -58,6 +101,37 @@ build-nearby: - *protected_tag_rule - when: never .signed_build_template: stage: sign needs: - job: build artifacts: true rules: - when: manual allow_failure: true script: - *sign_release_apks buildOfficial: extends: .signed_build_template variables: SIGNATURE_LABEL: official before_script: - export KEYSTORE_ALIAS="$KEYSTORE_ALIAS_OFFICIAL" artifacts: paths: - signed-apk/official/ buildCommunity: extends: .signed_build_template variables: SIGNATURE_LABEL: community before_script: - export KEYSTORE_ALIAS="$KEYSTORE_ALIAS_COMMUNITY" artifacts: paths: - signed-apk/community/ publish: stage: publish rules: Loading
