diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 4c86e0dee5a2d9a9fbafc0bd202dbb5814378103..8e1425c3c2212c4c28bd806f9d4957db457db66f 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,53 +1,64 @@ -image: registry.gitlab.e.foundation/e/os/docker-android-apps-cicd:java21 +image: registry.gitlab.e.foundation/e/os/docker-android-apps-cicd:latest variables: SENTRY_DSN: $SENTRY_DSN - PROJECT_ID: "355" # under Settings -> General - APK_PATH: "apks" + APK_PATH: "app/build/outputs/apk/release" UNSIGNED_APK: "AppLounge_release.apk" COMMUNITY_APK: "AppLounge_release_community.apk" OFFICIAL_APK: "AppLounge_release_official.apk" TEST_APK: "AppLounge_release_test.apk" stages: - - debug - - release + - build + - test-coverage - publish - - gitlab_release - -.default_before_script: &default_before_script - - export GRADLE_USER_HOME=$(pwd)/.gradle - - chmod +x ./gradlew - - echo user_agent=$USER_AGENT > local.properties before_script: - - *default_before_script + - export JAVA_HOME=/usr/lib/jvm/java-21-openjdk-amd64 + - echo user_agent=$USER_AGENT > local.properties -cache: - key: ${CI_PROJECT_ID} - paths: - - .gradle/ +.rules_merge_request_ref: + rules: &rules_merge_request_ref + - if: "$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS" + when: never + - when: always -# Debug build related jobs -buildDebug: - stage: debug - script: - - ./gradlew assembleDebug - artifacts: - paths: - - app/build/outputs/apk/debug/ +.rules_protected_ref: + rules: &rules_protected_ref + - if: '$CI_COMMIT_REF_PROTECTED == "true"' + when: always + - if: "$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS" + when: never + - when: manual -test: - stage: release - rules: - - if: $CI_MERGE_REQUEST_ID +.rules_protected_tag: + rules: &rules_protected_tag + - if: '$CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED == "true"' when: always - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + - when: never + +.rules_protected_tag_manual: + rules: &rules_protected_tag_manual + - if: '$CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED == "true"' + when: manual + - when: never + +.rules_publish: + rules: &rules_publish + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + when: manual + - if: '$CI_COMMIT_TAG !~ "/^$/"' when: always + +test: + stage: test-coverage + rules: *rules_merge_request_ref + needs: + - job: build script: - ./gradlew testReleaseUnitTest jacocoReleaseReport -PtestAccountName="$testAccountName" -PtestAccountPwd="$testAccountPwd" -PtestServerUrl="$testServerUrl" - python3 scripts/print_instruction_coverage.py app/build/reports/jacoco/jacocoReleaseReport/jacocoReleaseReport.xml - coverage: '/Total.*?([0-9]{1,3})%/' + coverage: "/Total.*?([0-9]{1,3})%/" artifacts: when: always paths: @@ -60,252 +71,68 @@ test: coverage_format: jacoco path: app/build/reports/jacoco/jacocoReleaseReport/jacocoReleaseReport.xml -# Default lint configuration for debug builds -# Manual as we don't want to run them generally for debug builds -.lintDebugDefault: - stage: debug - when: manual - allow_failure: true - -lintDebug: - extends: .lintDebugDefault - script: - - ./gradlew lintDebug - artifacts: - paths: - - app/build/reports/ - -# Release build related jobs - -# Default configuration for release builds -# Only on "master", "merge_request_event" and protected branches -buildRelease: - stage: release +build: + stage: build allow_failure: false - rules: - - if: $CI_MERGE_REQUEST_ID - when: always - - if: '$CI_COMMIT_REF_PROTECTED == "true"' - when: always - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' - when: always - - if: '$CI_COMMIT_TAG !~ "/^$/"' - when: always - script: - - ./gradlew assembleRelease - artifacts: - paths: - - app/build/outputs/apk/release/ - -# Release jobs to generate signed artifacts -.releaseSigned: - stage: release - allow_failure: false - before_script: - - *default_before_script - - echo "${KEYSTORE}" | base64 -d > keystore/proprietary.keystore - rules: - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' - when: always - - if: '$CI_COMMIT_REF_PROTECTED == "true"' - when: always - -.releaseSignedRules: - rules: &releaseSignedRules - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_REF_PROTECTED == "true"' - when: always - - when: manual - -buildReleaseTest: - extends: .releaseSigned - script: - - ./gradlew assembleReleaseTest - artifacts: - paths: - - app/build/outputs/apk/releaseTest/ - -buildReleaseCommunity: - extends: .releaseSigned - allow_failure: true - rules: *releaseSignedRules - script: - - ./gradlew assembleReleaseCommunity - artifacts: - paths: - - app/build/outputs/apk/releaseCommunity/ - -buildReleaseOfficial: - extends: .releaseSigned - allow_failure: true - rules: *releaseSignedRules - script: - - ./gradlew assembleReleaseOfficial - artifacts: - paths: - - app/build/outputs/apk/releaseOfficial/ - -# Default lint configuration for release jobs -.lintReleaseDefault: - stage: release - when: always - allow_failure: false - -lintRelease: - extends: .lintReleaseDefault - rules: - - if: $CI_MERGE_REQUEST_ID - when: always + rules: *rules_merge_request_ref script: - - ./gradlew lintRelease - - ./gradlew detekt + - ./gradlew lint detekt assemble --parallel artifacts: paths: + - app/build/outputs/apk/ - app/build/reports/ - build/reports/ - -publish-authdatalib: - stage: publish - needs: ["buildRelease"] - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - when: manual - - if: '$CI_COMMIT_TAG !~ "/^$/"' - when: always - script: - - ./gradlew :auth-data-lib:build - - ./gradlew :auth-data-lib:publish - allow_failure: true - - -pushToPrebuilt: - stage: publish - needs: ["buildRelease"] - rules: - - if: '$CI_COMMIT_TAG !~ "/^$/"' - when: manual - - when: never - variables: - NEW_APK_PATH: "app/build/outputs/apk/release/" - before_script: - - eval $(ssh-agent -s) - - echo "$SSH_E_ROBOT_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null - - mkdir -p ~/.ssh - - chmod 700 ~/.ssh - - echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts - - chmod 644 ~/.ssh/known_hosts - - git config --global user.email "gitlab@e.foundation" - - git config --global user.name "gitlab" - script: - - NEW_APK_NAME=$(basename ${NEW_APK_PATH}*-release.apk) - - NEW_APK_VERSION=$(awk -F '-' '{print $2}' <<< "$NEW_APK_NAME") - - echo $NEW_APK_NAME - - echo $NEW_APK_VERSION - - git lfs clone git@gitlab.e.foundation:e/os/android_prebuilts_prebuiltapks_lfs.git - - cd android_prebuilts_prebuiltapks_lfs - - rm Apps/*-release.apk - - mv ../${NEW_APK_PATH}/${NEW_APK_NAME} Apps/ - # todo: improve to replace sed command, by a new one based on REGEXP (instead of using line number) - - sed -i "6s/.*/LOCAL_SRC_FILES := ${NEW_APK_NAME}/" Apps/Android.mk - - git add Apps - - git status - - git commit -m "App Lounge - ${NEW_APK_VERSION}, ${CI_COMMIT_TAG}" -m "From ${CI_COMMIT_SHA}, pipeline ${CI_PIPELINE_ID}" - - git push - # Sometimes a single push doesn't do all the job, so we have to push twice - - git push - allow_failure: true - -publish-contracts: - stage: publish - needs: ["buildRelease"] - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - when: manual - - if: '$CI_COMMIT_TAG !~ "/^$/"' - when: always - script: - - ./gradlew :parental-control-data:build - - ./gradlew :parental-control-data:publish - allow_failure: true - -init-submodules: - stage: gitlab_release - needs: [] - rules: - - if: '$CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED == "true"' - when: on_success +init_submodules: + stage: build + rules: *rules_protected_ref script: - - git clone https://gitlab.e.foundation/e/os/system-apps-update-info.git systemAppsUpdateInfo + - | + git clone https://gitlab.e.foundation/e/os/system-apps-update-info.git systemAppsUpdateInfo artifacts: paths: - systemAppsUpdateInfo/scripts/ generate-apks: - stage: gitlab_release - rules: - - if: '$CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED == "true"' - when: on_success + stage: build + rules: *rules_merge_request_ref needs: - - init-submodules - - buildRelease - - buildReleaseTest - - buildReleaseCommunity - - buildReleaseOfficial - dependencies: - - init-submodules - - buildRelease - - buildReleaseTest - - buildReleaseCommunity - - buildReleaseOfficial + - job: build + - job: init_submodules script: - - mkdir -p $APK_PATH - - unsignedApk=$(ls app/build/outputs/apk/release/*.apk | grep "release") - - testApk=$(ls app/build/outputs/apk/releaseTest/*.apk | grep "releaseTest") - - communityApk=$(ls app/build/outputs/apk/releaseCommunity/*.apk | grep "releaseCommunity") - - officialApk=$(ls app/build/outputs/apk/releaseOfficial/*.apk | grep "releaseOfficial") - - cp "$unsignedApk" "$APK_PATH/$UNSIGNED_APK" - - cp "$testApk" "$APK_PATH/$TEST_APK" - - cp "$communityApk" "$APK_PATH/$COMMUNITY_APK" - - cp "$officialApk" "$APK_PATH/$OFFICIAL_APK" + - | + ./systemAppsUpdateInfo/scripts/generate-apks.sh \ + "$APK_PATH" "$UNSIGNED_APK" "$COMMUNITY_APK" "$OFFICIAL_APK" "$TEST_APK" artifacts: paths: - $APK_PATH/$UNSIGNED_APK - - $APK_PATH/$TEST_APK - $APK_PATH/$COMMUNITY_APK - $APK_PATH/$OFFICIAL_APK + - $APK_PATH/$TEST_APK create-json-files: - stage: gitlab_release - dependencies: - - init-submodules - - generate-apks + stage: publish + rules: *rules_protected_tag needs: - - init-submodules - - generate-apks - rules: - - if: '$CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED == "true"' - when: on_success + - job: init_submodules + - job: generate-apks script: - | ./systemAppsUpdateInfo/scripts/create-json-files.sh \ "$APK_PATH" "$UNSIGNED_APK" "$COMMUNITY_APK" "$OFFICIAL_APK" "$TEST_APK" artifacts: paths: - - test.json - community.json - official.json + - test.json create-test-release: - stage: gitlab_release - dependencies: - - init-submodules + stage: publish + rules: *rules_protected_tag_manual needs: - - init-submodules - - create-json-files - - generate-apks - rules: - - if: '$CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED == "true"' - when: manual + - job: init_submodules + - job: create-json-files + artifacts: false script: - | ./systemAppsUpdateInfo/scripts/create-test-release.sh \ @@ -313,18 +140,34 @@ create-test-release: allow_failure: true create-release: - stage: gitlab_release - dependencies: - - init-submodules + stage: publish + rules: *rules_protected_tag_manual needs: - - init-submodules - - create-json-files - - generate-apks - rules: - - if: '$CI_COMMIT_TAG && $CI_COMMIT_REF_PROTECTED == "true"' - when: manual + - job: init_submodules + - job: create-json-files + artifacts: false script: - | ./systemAppsUpdateInfo/scripts/create-release.sh \ "$APK_PATH" "$UNSIGNED_APK" "$COMMUNITY_APK" "$OFFICIAL_APK" allow_failure: true + +publish-authdatalib: + stage: publish + needs: + - job: build + rules: *rules_publish + script: + - ./gradlew :auth-data-lib:build + - ./gradlew :auth-data-lib:publish + allow_failure: true + +publish-contracts: + stage: publish + needs: + - job: build + rules: *rules_publish + script: + - ./gradlew :parental-control-data:build + - ./gradlew :parental-control-data:publish + allow_failure: true diff --git a/README.md b/README.md index aa6ed5a152b2631a87ac0f020096e132144509bc..8c111574126cba9060e085586ee53ebf8ce5561e 100644 --- a/README.md +++ b/README.md @@ -151,26 +151,11 @@ generate-apks: when: on_success needs: - init-submodules - - buildRelease - - buildReleaseTest - - buildReleaseCommunity - - buildReleaseOfficial - dependencies: - - init-submodules - - buildRelease - - buildReleaseTest - - buildReleaseCommunity - - buildReleaseOfficial + - build script: - - mkdir -p $APK_PATH - - unsignedApk=$(ls app/build/outputs/apk/release/*.apk | grep "release") - - testApk=$(ls app/build/outputs/apk/releaseTest/*.apk | grep "releaseTest") - - communityApk=$(ls app/build/outputs/apk/releaseCommunity/*.apk | grep "releaseCommunity") - - officialApk=$(ls app/build/outputs/apk/releaseOfficial/*.apk | grep "releaseOfficial") - - cp "$unsignedApk" "$APK_PATH/$UNSIGNED_APK" - - cp "$testApk" "$APK_PATH/$TEST_APK" - - cp "$communityApk" "$APK_PATH/$COMMUNITY_APK" - - cp "$officialApk" "$APK_PATH/$OFFICIAL_APK" + - | + ./systemAppsUpdateInfo/scripts/generate-apks.sh \ + "$APK_PATH" "$UNSIGNED_APK" "$COMMUNITY_APK" "$OFFICIAL_APK" "$TEST_APK" artifacts: paths: - $APK_PATH/$UNSIGNED_APK @@ -249,4 +234,4 @@ Thanks to that, when you will create a tag like `v14.55.8` it will be protected In the end, you will need to add the ID of new app's project, package name & any other property you want in [this json file](https://gitlab.e.foundation/e/os/system-apps-update-info/-/blob/main/updatable_system_apps_test.json?ref_type=heads) to make it visible by no-releasable build (beta, rc & test). And if you want to release for User, just do the same in [this json file](https://gitlab.e.foundation/e/os/system-apps-update-info/-/blob/main/updatable_system_apps.json?ref_type=heads) -**note:** `dependsOnAndroidVersion": true` this option is used only in BlissLaunche 3 at the moment, to let App lounge know that this project has build depending on Android version; So with specific branch (v1-t, v1-s, etc.). Thanks to it, App lounge can filter release for the Android version of the OS which prevent installation of the update for android T on OS with android S by example. \ No newline at end of file +**note:** `dependsOnAndroidVersion": true` this option is used only in BlissLaunche 3 at the moment, to let App lounge know that this project has build depending on Android version; So with specific branch (v1-t, v1-s, etc.). Thanks to it, App lounge can filter release for the Android version of the OS which prevent installation of the update for android T on OS with android S by example. diff --git a/app/build.gradle b/app/build.gradle index 89e7d30db88c0dc0b3ab48116f7523d935bacc84..d71def50182fc017ae60fd19f11cf2458c22f91f 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -97,82 +97,28 @@ android { } signingConfigs { - def keystore_password = System.getenv('KEYSTORE_PASSWORD') - debugConfig { + platformConfig { storeFile file("keystore/platform.jks") storePassword "platform" keyAlias "platform" keyPassword "platform" } - releaseTestConfig { - storeFile = file("../keystore/proprietary.keystore") - storePassword = keystore_password - keyAlias = 'platform.test' - keyPassword = keystore_password - } - releaseCommunityConfig { - storeFile = file("../keystore/proprietary.keystore") - storePassword = keystore_password - keyAlias = 'platform.dev' - keyPassword = keystore_password - } - releaseOfficialConfig { - storeFile = file("../keystore/proprietary.keystore") - storePassword = keystore_password - keyAlias = 'platform.stable' - keyPassword = keystore_password - } - } - - sourceSets { - debug { - manifest.srcFile 'src/debug/AndroidManifest.xml' - } - releaseTest { - manifest.srcFile 'src/release/AndroidManifest.xml' - java.srcDirs = ['src/release/java'] - } - releaseCommunity { - manifest.srcFile 'src/release/AndroidManifest.xml' - java.srcDirs = ['src/release/java'] - } - releaseOfficial { - manifest.srcFile 'src/release/AndroidManifest.xml' - java.srcDirs = ['src/release/java'] - } } buildTypes { debug { - signingConfig = signingConfigs.debugConfig + signingConfig = signingConfigs.platformConfig proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' } release { minifyEnabled = false - signingConfig = signingConfigs.debugConfig - proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' - } - releaseTest { - minifyEnabled = false - signingConfig = signingConfigs.releaseTestConfig - sourceSets - proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' - } - releaseCommunity { - minifyEnabled = false - signingConfig = signingConfigs.releaseCommunityConfig - sourceSets - proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' - } - releaseOfficial { - minifyEnabled = false - signingConfig = signingConfigs.releaseOfficialConfig + signingConfig = signingConfigs.platformConfig proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' } applicationVariants.all { variant -> variant.outputs.all { output -> - outputFileName = "AppLounge-${variant.versionName}-${variant.buildType.name}.apk" + outputFileName = "AppLounge_${variant.buildType.name}.apk" } } }