peter/Obtainium
1
0
Fork 0
mirror of https://github.com/ImranR98/Obtainium.git synced 2025-07-12 21:06:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

Build online but do not sign

Browse Source
This commit is contained in:
Imran Remtulla
2024-11-01 11:24:51 -04:00
parent 6bd821985f
commit 8cab348eed
3 changed files with 46 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
.github/workflows/release.yml vendored
View File

@ -6,9 +6,6 @@ on:
beta: beta:
type: boolean type: boolean
description: Is beta? description: Is beta?
draft:
type: boolean
description: Is draft?
jobs: jobs:
build: build:
@ -27,13 +24,6 @@ jobs:
id: flutter_doctor id: flutter_doctor
run: | run: |
flutter doctor -v flutter doctor -v
- name: Import GPG key
id: import_pgp_key
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.PGP_KEY_BASE64 }}
passphrase: ${{ secrets.PGP_PASSPHRASE }}
- name: Check submodule - name: Check submodule
id: check_submodule id: check_submodule
@ -57,24 +47,13 @@ jobs:
for file in build/app/outputs/flutter-apk/app-*normal*.apk*; do mv "$file" "${file//-normal/}"; done for file in build/app/outputs/flutter-apk/app-*normal*.apk*; do mv "$file" "${file//-normal/}"; done
flutter build apk --flavor fdroid -t lib/main_fdroid.dart && flutter build apk --split-per-abi --flavor fdroid -t lib/main_fdroid.dart flutter build apk --flavor fdroid -t lib/main_fdroid.dart && flutter build apk --split-per-abi --flavor fdroid -t lib/main_fdroid.dart
rm ./build/app/outputs/flutter-apk/*.sha1 rm ./build/app/outputs/flutter-apk/*.sha1
cp ./sign.sh ./build/app/outputs/flutter-apk/
ls -l ./build/app/outputs/flutter-apk/ ls -l ./build/app/outputs/flutter-apk/
- name: Sign APKs - name: Save Unsigned APKs as Action Artifacts
env: uses: actions/upload-artifact@v4
KEYSTORE_BASE64: ${{ secrets.KEYSTORE_BASE64 }} with:
KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }} path: build/app/outputs/flutter-apk/*
PGP_PASSPHRASE: ${{ secrets.PGP_PASSPHRASE }}
run: |
echo "${KEYSTORE_BASE64}" | base64 -d > apksign.keystore
for apk in ./build/app/outputs/flutter-apk/*-release*.apk; do
unsignedFn=${apk/-release/-unsigned}
mv "$apk" "$unsignedFn"
${ANDROID_HOME}/build-tools/$(ls ${ANDROID_HOME}/build-tools/ | tail -1)/apksigner sign --ks apksign.keystore --ks-pass pass:"${KEYSTORE_PASSWORD}" --out "${apk}" "${unsignedFn}"
sha256sum ${apk} | cut -d " " -f 1 > "$apk".sha256
gpg --batch --pinentry-mode loopback --passphrase "${PGP_PASSPHRASE}" --sign --detach-sig "$apk".sha256
done
rm apksign.keystore
PGP_KEY_FINGERPRINT="${{ steps.import_pgp_key.outputs.fingerprint }}"
- name: Create Tag - name: Create Tag
uses: mathieudutour/github-tag-action@v6.1 uses: mathieudutour/github-tag-action@v6.1
@ -83,12 +62,11 @@ jobs:
custom_tag: "${{ steps.extract_version.outputs.tag }}" custom_tag: "${{ steps.extract_version.outputs.tag }}"
tag_prefix: "" tag_prefix: ""
- name: Create Release And Upload APKs - name: Create Draft Release
uses: ncipollo/release-action@v1 uses: ncipollo/release-action@v1
with: with:
token: ${{ secrets.GH_ACCESS_TOKEN }} token: ${{ secrets.GH_ACCESS_TOKEN }}
tag: "${{ steps.extract_version.outputs.tag }}" tag: "${{ steps.extract_version.outputs.tag }}"
prerelease: "${{ steps.extract_version.outputs.beta }}" prerelease: "${{ steps.extract_version.outputs.beta }}"
draft: "${{ inputs.draft }}" draft: "true"
artifacts: ./build/app/outputs/flutter-apk/*-release*.apk*
generateReleaseNotes: true generateReleaseNotes: true

71
.github/workflows/temp.yml vendored
View File

@ -1,71 +0,0 @@
name: Playing around (temp)
on:
workflow_dispatch:
inputs:
beta:
type: boolean
description: Is beta?
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: subosito/flutter-action@v2
- uses: actions/setup-java@v4
with:
distribution: 'temurin' # See 'Supported distributions' for available options
java-version: '17'
- name: Flutter Doctor
id: flutter_doctor
run: |
flutter doctor -v
- name: Check submodule
id: check_submodule
run: |
git checkout ${{ inputs.checkout }}
- name: Extract Version
id: extract_version
run: |
VERSION=$(grep -oP "^version: [^\+]+" pubspec.yaml | tail -c +10)
echo "version=$VERSION" >> $GITHUB_OUTPUT
if [ ${{ inputs.beta }} == true ]; then BETA=true; else BETA=false; fi
echo "beta=$BETA" >> $GITHUB_OUTPUT
TAG="v$VERSION"
echo "tag=$TAG" >> $GITHUB_OUTPUT
- name: Build APKs
run: |
sed -i 's/signingConfig signingConfigs.release//g' android/app/build.gradle
flutter build apk --flavor normal && flutter build apk --split-per-abi --flavor normal
for file in build/app/outputs/flutter-apk/app-*normal*.apk*; do mv "$file" "${file//-normal/}"; done
flutter build apk --flavor fdroid -t lib/main_fdroid.dart && flutter build apk --split-per-abi --flavor fdroid -t lib/main_fdroid.dart
rm ./build/app/outputs/flutter-apk/*.sha1
ls -l ./build/app/outputs/flutter-apk/
- name: Save Unsigned APKs as Action Artifacts
uses: actions/upload-artifact@v4
with:
path: build/app/outputs/flutter-apk/*
#- name: Create Tag
# uses: mathieudutour/github-tag-action@v6.1
# with:
# github_token: ${{ secrets.GH_ACCESS_TOKEN }}
# custom_tag: "${{ steps.extract_version.outputs.tag }}"
# tag_prefix: ""
#- name: Create Draft Release
# uses: ncipollo/release-action@v1
# with:
# token: ${{ secrets.GH_ACCESS_TOKEN }}
# tag: "${{ steps.extract_version.outputs.tag }}"
# prerelease: "${{ steps.extract_version.outputs.beta }}"
# draft: "true"
# generateReleaseNotes: true

38
sign.sh Executable file
View File

@ -0,0 +1,38 @@
#!/bin/bash
set -e
# Script to sign unsigned APKs
# Assumptions:
# 1. Your PGP key is already imported on the locally running agent
# 2. An Android SDK is located at $ANDROID_HOME (or ~/Android/Sdk as fallback)
usage() {
echo "sign.sh <PATH_TO_KEYSTORE> <PATH_TO_BUILD_DIR>"
exit 1
}
if [ -z "$1" ] || [ -z "$2" ] || [ ! -f "$1" ] || [ ! -d "$2" ]; then
usage
fi
KEYSTORE_LOCATION="$1"
BUILD_DIR="$2"
read -s -p "Enter your keystore password: " KEYSTORE_PASSWORD
if [ -z "$ANDROID_HOME" ]; then
ANDROID_HOME=~/Android/Sdk
fi
if [ ! -d "$ANDROID_HOME" ]; then
echo "Could not find Android SDK!" >&2
exit 1
fi
for apk in "$BUILD_DIR"/*-release*.apk; do
unsignedApk=${apk/-release/-unsigned}
mv "$apk" "$unsignedApk"
${ANDROID_HOME}/build-tools/$(ls ${ANDROID_HOME}/build-tools/ | tail -1)/apksigner sign --ks "$KEYSTORE_LOCATION" --ks-pass pass:"${KEYSTORE_PASSWORD}" --out "${apk}" "${unsignedApk}"
sha256sum ${apk} | cut -d " " -f 1 >"$apk".sha256
gpg --batch --sign --detach-sig "$apk".sha256
rm "$unsignedApk"
done