multipleof4/appsune
1
0
Fork 0
mirror of https://github.com/multipleof4/appsune.git synced 2026-01-13 23:57:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update sign.yml

Browse Source
This commit is contained in:
multipleof4
2025-08-18 00:21:32 -07:00
committed by GitHub
parent ad54efe51d
commit e13febf643
1 changed files with 17 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
.github/workflows/sign.yml vendored
View File

@@ -16,21 +16,19 @@ jobs:
KEY_PASS: ${{ secrets.KEY_PASS }} KEY_PASS: ${{ secrets.KEY_PASS }}
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Setup Java 17 - name: Setup Java 17
uses: actions/setup-java@v4 uses: actions/setup-java@v4
with: with:
distribution: temurin distribution: temurin
java-version: '17' java-version: '17'
- name: Install prerequisites - name: Install prerequisites
run: sudo apt-get update && sudo apt-get install -y unzip wget zipalign || true run: sudo apt-get update && sudo apt-get install -y unzip wget
- name: Install Android commandline tools and SDK
- name: Install Android commandline tools + build-tools
env: env:
ANDROID_SDK_ROOT: ${{ runner.temp }}/android-sdk ANDROID_SDK_ROOT: ${{ runner.temp }}/android-sdk
run: | run: |
set -e set -e
export ANDROID_SDK_ROOT="${ANDROID_SDK_ROOT}"
mkdir -p "$ANDROID_SDK_ROOT" mkdir -p "$ANDROID_SDK_ROOT"
cd /tmp cd /tmp
curl -fsSL -o commandlinetools.zip "https://dl.google.com/android/repository/commandlinetools-linux-9477386_latest.zip" curl -fsSL -o commandlinetools.zip "https://dl.google.com/android/repository/commandlinetools-linux-9477386_latest.zip"
@@ -39,44 +37,40 @@ jobs:
mv "$ANDROID_SDK_ROOT/cmdline-tools"/cmdline-tools/* "$ANDROID_SDK_ROOT/cmdline-tools/latest/" || true mv "$ANDROID_SDK_ROOT/cmdline-tools"/cmdline-tools/* "$ANDROID_SDK_ROOT/cmdline-tools/latest/" || true
export PATH="$ANDROID_SDK_ROOT/cmdline-tools/latest/bin:$PATH" export PATH="$ANDROID_SDK_ROOT/cmdline-tools/latest/bin:$PATH"
yes | sdkmanager --sdk_root="$ANDROID_SDK_ROOT" --licenses yes | sdkmanager --sdk_root="$ANDROID_SDK_ROOT" --licenses
sdkmanager --sdk_root="$ANDROID_SDK_ROOT" "platform-tools" "build-tools;33.0.2" sdkmanager --sdk_root="$ANDROID_SDK_ROOT" "platform-tools" "platforms;android-33" "build-tools;33.0.2"
echo "ANDROID_SDK_ROOT=$ANDROID_SDK_ROOT" >> $GITHUB_ENV echo "ANDROID_SDK_ROOT=$ANDROID_SDK_ROOT" >> $GITHUB_ENV
echo "$ANDROID_SDK_ROOT/platform-tools" >> $GITHUB_PATH
echo "$ANDROID_SDK_ROOT/cmdline-tools/latest/bin" >> $GITHUB_PATH
- name: Decode keystore - name: Decode keystore
run: | run: |
echo "${{ secrets.JKS_BASE64 }}" | base64 --decode > sune-keystore.jks echo "${{ secrets.JKS_BASE64 }}" | base64 --decode > sune-keystore.jks
chmod 600 sune-keystore.jks chmod 600 sune-keystore.jks
- name: Prepare paths - name: Prepare paths
run: | run: |
UNSIGNED="${{ github.event.inputs.unsigned_apk || 'app-release-unsigned.apk' }}" UNSIGNED="${{ github.event.inputs.unsigned_apk || 'Sune-unsigned.apk' }}"
OUT="app-release-aligned.apk" OUT="app-release-aligned.apk"
SIGNED="app-release-signed.apk" SIGNED="app-release-signed.apk"
echo "UNSIGNED=$UNSIGNED" >> $GITHUB_ENV echo "UNSIGNED=$UNSIGNED" >> $GITHUB_ENV
echo "OUT=$OUT" >> $GITHUB_ENV echo "OUT=$OUT" >> $GITHUB_ENV
echo "SIGNED=$SIGNED" >> $GITHUB_ENV echo "SIGNED=$SIGNED" >> $GITHUB_ENV
- name: Zipalign unsigned APK - name: Zipalign unsigned APK
run: | run: |
if [ ! -f "$UNSIGNED" ]; then echo "Unsigned APK not found at $UNSIGNED" && exit 1; fi if [ ! -f "$UNSIGNED" ]; then echo "Unsigned APK not found at $UNSIGNED" && exit 1; fi
zipalign -v -p 4 "$UNSIGNED" "$OUT" ZIPALIGN=""
for f in "$ANDROID_SDK_ROOT"/build-tools/*/zipalign; do [ -x "$f" ] && ZIPALIGN="$f" && break; done
if [ -z "$ZIPALIGN" ]; then if command -v zipalign >/dev/null 2>&1; then ZIPALIGN=$(command -v zipalign); else echo "zipalign not found" && ls -la "$ANDROID_SDK_ROOT"/build-tools || exit 1; fi; fi
"$ZIPALIGN" -v -p 4 "$UNSIGNED" "$OUT"
- name: Sign APK with apksigner - name: Sign APK with apksigner
run: | run: |
apksigner sign \ APKSIGNER=""
--ks sune-keystore.jks \ for f in "$ANDROID_SDK_ROOT"/build-tools/*/apksigner; do [ -x "$f" ] && APKSIGNER="$f" && break; done
--ks-key-alias "$KEY_ALIAS" \ if [ -z "$APKSIGNER" ]; then if command -v apksigner >/dev/null 2>&1; then APKSIGNER=$(command -v apksigner); else echo "apksigner not found" && ls -la "$ANDROID_SDK_ROOT"/build-tools || exit 1; fi; fi
--ks-pass "pass:${KEYSTORE_PASS}" \ "$APKSIGNER" sign --ks sune-keystore.jks --ks-key-alias "$KEY_ALIAS" --ks-pass "pass:${KEYSTORE_PASS}" --key-pass "pass:${KEY_PASS}" "$OUT"
--key-pass "pass:${KEY_PASS}" \
"$OUT"
mv "$OUT" "$SIGNED" mv "$OUT" "$SIGNED"
- name: Verify signature - name: Verify signature
run: | run: |
apksigner verify --verbose "$SIGNED" APKSIGNER=""
for f in "$ANDROID_SDK_ROOT"/build-tools/*/apksigner; do [ -x "$f" ] && APKSIGNER="$f" && break; done
if [ -z "$APKSIGNER" ]; then if command -v apksigner >/dev/null 2>&1; then APKSIGNER=$(command -v apksigner); else echo "apksigner not found for verify" && exit 1; fi; fi
"$APKSIGNER" verify --verbose "$SIGNED"
- name: Upload signed APK - name: Upload signed APK
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v4
with: with: