Ajout de la compilation signée de l’apk

2025-07-09 17:29:14 +02:00
parent 7bbf9eb8d7
commit 346b0158eb
2 changed files with 44 additions and 15 deletions
--- a/.gitea/workflows/publish.yml
+++ b/.gitea/workflows/publish.yml
@ -1,5 +1,3 @@
-name: 🚀 Créer une nouvelle version
-
 on:
  workflow_dispatch:
    inputs:
@ -15,16 +13,16 @@ on:
          - oui
          - non

-
 jobs:
  release:
+    name: 🚀 Créer une nouvelle version
    runs-on: ubuntu-latest

    steps:
      - name: 📦 Cloner le dépôt
        uses: actions/checkout@v3
        with:
-          fetch-depth: 0  # important pour récupérer tout l'historique
+          fetch-depth: 0

      - name: 🔧 Préparation de Git (tags)
        run: git fetch --tags
@ -86,7 +84,7 @@ jobs:
          echo "$LOG" >> $GITHUB_OUTPUT
          echo "EOF" >> $GITHUB_OUTPUT

-      - name: 📦 Création de la version sur Gitea
+      - name: 📦 Création de la publication sur Gitea
        id: creation-release
        env:
          REGISTRY_URL: ${{ vars.REGISTRY_URL }}
@ -95,8 +93,6 @@ jobs:
          COMMITS: ${{ steps.changelog.outputs.modifications }}
        run: |
          TAG_NAME="${{ github.event.inputs.tag }}"
-          
-          # Échappement du contenu pour JSON
          DESCRIPTION="Changelog:"$'\n'"$COMMITS"
          ESCAPED_DESCRIPTION=$(printf '%s\n' "$DESCRIPTION" | jq -Rsa .)

@ -112,9 +108,12 @@ jobs:
          echo "$REPONSE"

          ID_RELEASE=$(echo "$REPONSE" | jq -r .id)
+          if [ -z "$ID_RELEASE" ] || [ "$ID_RELEASE" = "null" ]; then
+            echo "❌ Échec : impossible de récupérer l’ID de la version depuis Gitea."
+            exit 1
+          fi
          echo "id_release=$ID_RELEASE" >> $GITHUB_OUTPUT

-
      - name: 🔍️ Extraire les informations de l’application
        id: extraire-info-gradle
        if: ${{ github.event.inputs.build_apk == 'oui' }}
@ -141,9 +140,29 @@ jobs:
          api-level: ${{ steps.extraire-info-gradle.outputs.sdk }}
          build-tools-version: ${{ steps.extraire-info-gradle.outputs.sdk }}.0.3

-      - name: 🛠️ Compilation de l’application (APK)
+      - name: 🔐 Récupérer et décoder le keystore
+        id: decode-keystore
        if: ${{ github.event.inputs.build_apk == 'oui' }}
-        run: ./gradlew assembleRelease
+        env:
+          KEYSTORE_B64: ${{ secrets.KEYSTORE_B64 }}
+        run: |
+          echo "$KEYSTORE_B64" | base64 -d > app/keystore.jks
+          ls -1 app/keystore.jks
+          echo "keystore_path=$(realpath app/keystore.jks)" >> $GITHUB_OUTPUT
+
+      - name: 🛠️ Compilation signée de l’application (APK)
+        if: ${{ github.event.inputs.build_apk == 'oui' }}
+        env:
+          KEYSTORE_FILE: ${{ steps.decode-keystore.outputs.keystore_path }}
+          KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
+          KEY_ALIAS: ${{ secrets.KEYSTORE_ALIAS }}
+          KEY_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
+        run: |
+          ./gradlew assembleRelease \
+            -Pandroid.injected.signing.store.file=$KEYSTORE_FILE \
+            -Pandroid.injected.signing.store.password=$KEYSTORE_PASSWORD \
+            -Pandroid.injected.signing.key.alias=$KEY_ALIAS \
+            -Pandroid.injected.signing.key.password=$KEY_PASSWORD

      - name: 🏷️ Renommer l’APK avec le nom de l’application et le tag
        id: renommer-apk
@ -152,19 +171,19 @@ jobs:
          APP_NAME=${{ steps.extraire-info-gradle.outputs.app_name }}
          TAG=${{ github.event.inputs.tag }}
          APK_DIR="app/build/outputs/apk/release"
-          
+
          APKs=""
          for apk in "$APK_DIR"/*.apk; do
-            BASENAME=$(basename "$apk")                          # ex: app-release-unsigned.apk
-            SUFFIX=${BASENAME#app}                              # ex: -release-unsigned.apk
-            NEW_NAME="${APP_NAME}${SUFFIX%\.apk}_${TAG}.apk"   # ex: MonApp-release-unsigned_v1.2.3.apk
+            BASENAME=$(basename "$apk")
+            SUFFIX=${BASENAME#app}
+            NEW_NAME="${APP_NAME}${SUFFIX%\.apk}_${TAG}.apk"
            mv "$apk" "$APK_DIR/$NEW_NAME"
            APKs+=" $APK_DIR/$NEW_NAME"
          done
          echo "📦 Liste des apks : $APKs"
          echo "apk_files=$APKs" >> $GITHUB_OUTPUT

-      - name: 📤 Téléversement de l’APK dans la version
+      - name: 📤 Ajout de l’APK sur la publication
        if: ${{ github.event.inputs.build_apk == 'oui' }}
        env:
          REGISTRY_URL: ${{ vars.REGISTRY_URL }}
--- a/app/build.gradle
+++ b/app/build.gradle
@ -12,8 +12,18 @@ android {
        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
    }

+    signingConfigs {
+        release {
+            storeFile file(System.getenv("KEYSTORE_FILE"))
+            storePassword System.getenv("KEYSTORE_PASSWORD")
+            keyAlias System.getenv("KEY_ALIAS")
+            keyPassword System.getenv("KEY_PASSWORD")
+        }
+    }
+
    buildTypes {
        release {
+            signingConfig signingConfigs.release
            minifyEnabled true
            proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
        }