Add files via upload

workflows/gen-keystore.txt

@@ -0,0 +1,47 @@
+on:
+  workflow_call:
+    inputs:
+      name:
+        required: true
+        type: string
+    secrets:
+      KEYSTORE_PASS:
+        required: true
+      KEY_PASS:
+        required: true
+
+jobs:
+  gen:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '17'
+
+      - run: |
+          keytool -genkeypair -v \
+            -keystore "${{ inputs.name }}-keystore.jks" \
+            -storepass "${{ secrets.KEYSTORE_PASS }}" \
+            -keypass "${{ secrets.KEY_PASS }}" \
+            -alias "${{ inputs.name }}" \
+            -keyalg RSA -keysize 2048 -validity 10000 -dname "CN=${{ inputs.name }}"
+
+      - run: |
+          keytool -list -v \
+            -keystore "${{ inputs.name }}-keystore.jks" \
+            -storepass "${{ secrets.KEYSTORE_PASS }}" \
+            -alias "${{ inputs.name }}" \
+            | sed -n "s/.*SHA256: //p" | head -n1 | tee "${{ inputs.name }}-keystore.sha256"
+
+      - run: base64 "${{ inputs.name }}-keystore.jks" > "${{ inputs.name }}-keystore.jks.base64"
+
+      - uses: actions/upload-artifact@v4
+        with:
+          name: ${{ inputs.name }}-keystore
+          path: |
+            ${{ inputs.name }}-keystore.jks
+            ${{ inputs.name }}-keystore.jks.base64
+            ${{ inputs.name }}-keystore.sha256

workflows/npm-build.txt

@@ -0,0 +1,23 @@
+on:
+  workflow_dispatch:
+  push:
+permissions: write-all
+jobs:
+  build-push:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+      - run: |
+          npm install
+          npm run build
+      - run: |
+          git config user.name "github-actions"
+          git config user.email "github-actions@github.com"
+          git add .
+          git commit -m "This build was committed by a bot."
+          git push

workflows/npm-publish.txt

@@ -0,0 +1,15 @@
+on:
+  workflow_dispatch:
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+          registry-url: 'https://registry.npmjs.org'
+      - run: npm ci || npm install
+      - run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

workflows/repo-mirror.txt

@@ -0,0 +1,28 @@
+on:
+  workflow_call:
+    inputs:
+      repo:
+        required: true
+        type: string
+jobs:
+  mirror:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - run: |
+          shopt -s dotglob extglob
+          rm -rf !(.git|.github)
+      - run: |
+          u='${{ inputs.repo }}'
+          curl -fsSL -o src.tgz https://codeload.github.com/$u/tar.gz/master
+          tar -xzf src.tgz
+          d=$(tar -tzf src.tgz|head -1|cut -d/ -f1)
+          shopt -s dotglob extglob
+          mv "$d"/!(".github") .
+          rm -rf "$d" src.tgz
+      - run: |
+          git config user.name "github-actions"
+          git config user.email "github-actions@github.com"
+          git add .
+          git commit -m "This build was committed by a bot."
+          git push

workflows/sign-apk.txt

@@ -0,0 +1,74 @@
+on:
+  workflow_call:
+    inputs:
+      unsigned_apk:
+        required: false
+        type: string
+        default: sune-1500-unsigned.apk
+    secrets:
+      KEY_ALIAS:
+        required: true
+      KEYSTORE_PASS:
+        required: true
+      KEY_PASS:
+        required: true
+      JKS_BASE64:
+        required: true
+jobs:
+  sign:
+    runs-on: ubuntu-latest
+    env:
+      KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
+      KEYSTORE_PASS: ${{ secrets.KEYSTORE_PASS }}
+      KEY_PASS: ${{ secrets.KEY_PASS }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '17'
+      - run: sudo apt-get update && sudo apt-get install -y unzip wget
+      - env:
+          ANDROID_SDK_ROOT: ${{ runner.temp }}/android-sdk
+        run: |
+          set -e
+          export ANDROID_SDK_ROOT="${ANDROID_SDK_ROOT}"
+          mkdir -p "$ANDROID_SDK_ROOT"
+          cd /tmp
+          curl -fsSL -o commandlinetools.zip "https://dl.google.com/android/repository/commandlinetools-linux-9477386_latest.zip"
+          unzip -q commandlinetools.zip -d "$ANDROID_SDK_ROOT/cmdline-tools"
+          mkdir -p "$ANDROID_SDK_ROOT/cmdline-tools/latest"
+          mv "$ANDROID_SDK_ROOT/cmdline-tools"/cmdline-tools/* "$ANDROID_SDK_ROOT/cmdline-tools/latest/" || true
+          export PATH="$ANDROID_SDK_ROOT/cmdline-tools/latest/bin:$PATH"
+          yes | sdkmanager --sdk_root="$ANDROID_SDK_ROOT" --licenses
+          sdkmanager --sdk_root="$ANDROID_SDK_ROOT" "platform-tools" "platforms;android-33" "build-tools;33.0.2"
+          echo "ANDROID_SDK_ROOT=$ANDROID_SDK_ROOT" >> $GITHUB_ENV
+      - run: echo "${{ secrets.JKS_BASE64 }}" | base64 --decode > sune-keystore.jks && chmod 600 sune-keystore.jks
+      - run: |
+          UNSIGNED="${{ inputs.unsigned_apk }}"
+          OUT=app-release-aligned.apk
+          SIGNED=app-release-signed.apk
+          echo "UNSIGNED=$UNSIGNED" >> $GITHUB_ENV
+          echo "OUT=$OUT" >> $GITHUB_ENV
+          echo "SIGNED=$SIGNED" >> $GITHUB_ENV
+      - run: |
+          if [ ! -f "$UNSIGNED" ]; then echo "Unsigned APK not found at $UNSIGNED" && exit 1; fi
+          ZIPALIGN=$(find "$ANDROID_SDK_ROOT" -type f -name zipalign -print -quit || true)
+          [ -z "$ZIPALIGN" ] && ZIPALIGN=$(command -v zipalign || true)
+          [ -z "$ZIPALIGN" ] && ls -la "$ANDROID_SDK_ROOT"/build-tools && exit 1
+          "$ZIPALIGN" -v -p 4 "$UNSIGNED" "$OUT"
+      - run: |
+          APKSIGNER=$(find "$ANDROID_SDK_ROOT" -type f -name apksigner -print -quit || true)
+          [ -z "$APKSIGNER" ] && APKSIGNER=$(command -v apksigner || true)
+          [ -z "$APKSIGNER" ] && ls -la "$ANDROID_SDK_ROOT"/build-tools && exit 1
+          "$APKSIGNER" sign --ks sune-keystore.jks --ks-key-alias "$KEY_ALIAS" --ks-pass "pass:${KEYSTORE_PASS}" --key-pass "pass:${KEY_PASS}" "$OUT"
+          mv "$OUT" "$SIGNED"
+      - run: |
+          APKSIGNER=$(find "$ANDROID_SDK_ROOT" -type f -name apksigner -print -quit || true)
+          [ -z "$APKSIGNER" ] && APKSIGNER=$(command -v apksigner || true)
+          [ -z "$APKSIGNER" ] && echo "apksigner not found for verify" && exit 1
+          "$APKSIGNER" verify --verbose "$SIGNED"
+      - uses: actions/upload-artifact@v4
+        with:
+          name: sune-signed-apk
+          path: app-release-signed.apk