GitHub/skyline
2
0
Fork 0
mirror of https://github.com/skyline-emu/skyline.git synced 2024-10-16 19:26:49 +03:00
Code Issues Packages Projects Releases Wiki Activity

Introduce CI build signing

Browse Source 
We've done no signing of any Skyline APKs to date which causes issues regarding authenticity of any APKs as they could be entirely unofficial builds which have not been vetted by the team. Additionally, the different keys remove the ability to reinstall a different build successively as Android checks for matching signatures before installing an APK.
This commit is contained in:
PixelyIon 2022-05-30 20:53:17 +05:30
parent e1cc8676cf
commit b91ce939a2
2 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.github/workflows/ci.yml vendored
View File

@ -45,7 +45,16 @@ jobs:
name: lint-result.html name: lint-result.html
path: app/build/reports/lint-results-debug.html path: app/build/reports/lint-results-debug.html
- name: Decode Keystore
env:
KEYSTORE_ENCODED: ${{ secrets.KEYSTORE }}
run: echo $KEYSTORE_ENCODED | base64 --decode > "$HOME/keystore.jks"
- name: Android Assemble - name: Android Assemble
env:
SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }}
SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }}
run: ./gradlew --stacktrace assemble run: ./gradlew --stacktrace assemble
- name: Upload Debug APK - name: Upload Debug APK

12
app/build.gradle
View File

@ -34,6 +34,15 @@ android {
jvmTarget = javaVersion.toString() jvmTarget = javaVersion.toString()
} }
signingConfigs {
ci {
storeFile file("${System.getProperty("user.home")}/keystore.jks")
storePassword System.getenv("SIGNING_STORE_PASSWORD")
keyAlias System.getenv("SIGNING_KEY_ALIAS")
keyPassword System.getenv("SIGNING_KEY_PASSWORD")
}
}
buildTypes { buildTypes {
release { release {
debuggable true debuggable true
@ -45,13 +54,14 @@ android {
minifyEnabled true minifyEnabled true
shrinkResources true shrinkResources true
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.debug signingConfig = System.getenv("CI") ? signingConfigs.ci : signingConfigs.debug
} }
debug { debug {
debuggable true debuggable true
minifyEnabled false minifyEnabled false
shrinkResources false shrinkResources false
signingConfig = System.getenv("CI") ? signingConfigs.ci : signingConfigs.debug
} }
} }