workflow

.github/workflows/main.yml

@@ -96,48 +96,59 @@ jobs:
         uses: actions/cache@v3
         with:
           path: ~/.gradle/caches
-          key: ${{ runner.os }}-gradle-21debug-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          key: ${{ runner.os }}-gradle-21release-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
           restore-keys: |
-            ${{ runner.os }}-gradle-21debug-
+            ${{ runner.os }}-gradle-21release-
 
       # Step 7: Build the APK
       - name: Build APK
         run: |
           cd app-release
-          ./gradlew assembleDebug
+          ./gradlew assembleRelease
 
       - name: Find APK Files
         run: find app-release -name "*.apk"
 
+      # Step 8: Sign
+      - name: Decode Keystore
+        env:
+          KEYSTORE_FILE: ${{ secrets.KEYSTORE_FILE }}
+        run: |
+          echo "$KEYSTORE_FILE" | base64 -d > keystore.jks
 
-      # Step 8: Upload APK as Artifact
+      # Step 9: Sign the APK
-      - name: Upload APK as Artifact
+      - name: Sign APK
+        env:
+          KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
+          KEYSTORE_ALIAS: ${{ secrets.KEYSTORE_ALIAS }}
+          KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}
+        run: |
+          jarsigner -verbose -sigalg SHA256withRSA -digestalg SHA-256 \
+            -keystore keystore.jks \
+            -storepass "$KEYSTORE_PASSWORD" \
+            -keypass "$KEY_PASSWORD" \
+            app-release/app/build/outputs/apk/release/alaskartv-androidtv-v${{ env.VERSION_NAME }}-release-unsigned.apk \
+            "$KEYSTORE_ALIAS"
+
+      # Step 9: Verify APK Signature
+      - name: Verify APK Signature
+        run: |
+          jarsigner -verify -verbose -certs \
+            app-release/app/build/outputs/apk/release/alaskartv-androidtv-v${{ env.VERSION_NAME }}-release-unsigned.apk
+
+      # Step 10: Rename Signed APK
+      - name: Rename Signed APK
+        run: |
+          mv app-release/app/build/outputs/apk/release/alaskartv-androidtv-v${{ env.VERSION_NAME }}-release-unsigned.apk \
+             app-release/app/build/outputs/apk/release/alaskartv-androidtv-v${{ env.VERSION_NAME }}-release-signed.apk
+
+      # Step 11: Upload Signed APK as Artifact
+      - name: Upload Signed APK
         uses: actions/upload-artifact@v4
         with:
-          name: unsigned-apk
+          name: signed-apk
-          path: app-release/app/build/outputs/apk/debug/alaskartv-androidtv-v${{ env.VERSION_NAME }}-debug.apk
+          path: app-release/app/build/outputs/apk/release/alaskartv-androidtv-v${{ env.VERSION_NAME }}-release-signed.apk
-
+
-      # # Step 10: Sign the APK
-      # - name: Sign APK
-      #   env:
-      #     KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
-      #     KEYSTORE_ALIAS: ${{ secrets.KEYSTORE_ALIAS }}
-      #     KEYSTORE_FILE: ${{ secrets.KEYSTORE_FILE }}
-      #   run: |
-      #     jarsigner -verbose -sigalg SHA256withRSA -digestalg SHA-256 \
-      #       -keystore $KEYSTORE_FILE \
-      #       app-release/app/build/outputs/apk/release/app-release-unsigned.apk \
-      #       $KEYSTORE_ALIAS
-
-      # # Step 11: (Optional) Upload to Play Store
-      # - name: Upload to Play Store
-      #   uses: r0adkll/upload-google-play@v1
-      #   with:
-      #     serviceAccountJson: ${{ secrets.PLAY_STORE_SERVICE_ACCOUNT }}
-      #     packageName: ${{ env.APPLICATION_ID }}
-      #     releaseFiles: app-release/app/build/outputs/apk/release/app-release.apk
-
-          # Step 10: Generate and Sign APK with Temporary Debug Keystore