name: Create release on: push: tags: - v* defaults: run: shell: bash env: APK_SHORT_NAME: Wholphin.apk jobs: publish: runs-on: ubuntu-latest permissions: contents: write steps: - name: Checkout the code uses: actions/checkout@v5 with: fetch-depth: 0 # Need the tags to build - name: Setup uses: ./.github/actions/setup - name: Native build uses: ./.github/actions/native-build with: cache: false - name: Build app id: buildapp env: KEY_ALIAS: "${{ secrets.KEY_ALIAS }}" KEY_PASSWORD: "${{ secrets.KEY_PASSWORD }}" KEY_STORE_PASSWORD: "${{ secrets.KEY_STORE_PASSWORD }}" SIGNING_KEY: "${{ secrets.SIGNING_KEY }}" run: | ./gradlew clean assembleRelease echo "apks=$(find app/build/outputs/apk -name '*.apk' | sort)" >> "$GITHUB_OUTPUT" - name: Verify signatures run: | echo "Verify APK signatures" while IFS= read -r line; do ${{env.ANDROID_SDK_ROOT}}/build-tools/${{ env.BUILD_TOOLS_VERSION }}/apksigner verify --verbose --print-certs "$line" done <<< "${{ steps.build.outputs.apks }}" - name: Copy APK to ${{ env.APK_SHORT_NAME }} id: apks run: | while IFS= read -r line; do short_name="$(echo $line | sed -E 's/-release-[0-9]+\.[0-9]+\.[0-9]+-[0-9]+-g[a-fA-F0-9]+-[0-9]+//')" echo "$line $short_name" cp "$line" "$short_name" done <<< "${{ steps.build.outputs.apks }}" echo "apks=$(find app/build/outputs/apk -name '*.apk' -print0 | tr '\0' ',' | sed 's/,$//')" >> "$GITHUB_OUTPUT" - name: Checksums run: | echo "SHA256 checksums:" find app/build/outputs/apk -name '*.apk' | xargs sha256sum - name: Create GitHub release uses: ncipollo/release-action@v1 with: artifacts: "${{ steps.apks.outputs.apks }}" makeLatest: true prerelease: false generateReleaseNotes: false