Skip to content
Android CI

feat: 添加【在打开应用时启动】和【广播启动】 #27

Sign in to view logs

feat: 添加【在打开应用时启动】和【广播启动】

feat: 添加【在打开应用时启动】和【广播启动】 #27

Workflow file for this run

.github/workflows/android.yml at 841b44d
name: Android CI
on:
push:
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
cache: gradle
- name: Setup Android SDK
uses: android-actions/setup-android@v3
with:
packages: 'build-tools;36.1.0'
- name: Add build-tools to PATH
run: echo "$ANDROID_HOME/build-tools/36.1.0" >> "$GITHUB_PATH"
# https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#storing-base64-binary-blobs-as-secrets
- name: Retrieve the secret and decode it to a file
env:
STORE_FILE: ${{ secrets.STORE_FILE }}
run: |
echo $STORE_FILE | base64 --decode > keystore.jks
- name: Retrieve the key rotation files and decode them to files
id: key-rotation-files
env:
NEW_STORE_FILE: ${{ secrets.NEW_STORE_FILE }}
LINEAGE: ${{ secrets.LINEAGE }}
if: env.NEW_STORE_FILE != null && env.LINEAGE != null
run: |
echo $NEW_STORE_FILE | base64 --decode > new_keystore.jks
echo $LINEAGE | base64 --decode > lineage
- name: Generate blank keystore.properties to bypass gradle check
run: touch keystore.properties
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Install runtime dependencies
run: |
# Ensure jq and tar are available for the frp download script
sudo apt-get update && sudo apt-get install -y jq tar
- name: Grant execute permission for update script
run: chmod +x scripts/update_frp_binaries.sh
- name: Update frp binaries (download latest)
run: ./scripts/update_frp_binaries.sh
- name: Build with Gradle
run: ./gradlew assembleRelease
env:
KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}
STORE_FILE: ${{ secrets.STORE_FILE }}
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
- name: Sign APKs with apksigner (key rotation)
if: steps.key-rotation-files.outcome == 'success'
env:
KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
run: |
set -euo pipefail
echo "Signing apks in app/build/outputs/apk/release/ with key rotation"
ls -la app/build/outputs/apk/release/
# Sanity checks:
if [ ! -f keystore.jks ]; then
echo "keystore.jks not found" >&2
exit 1
fi
if [ ! -f new_keystore.jks ]; then
echo "new_keystore.jks not found" >&2
exit 1
fi
if [ ! -f lineage ]; then
echo "lineage file not found" >&2
exit 1
fi
# Print apksigner version and path so debugging is easier
apksigner --version || echo "apksigner didn't output a version"
# Make for-loop not expand unmatched globs to literal value (bash only)
shopt -s nullglob
for apk in app/build/outputs/apk/release/*.apk; do
if [ -z "$apk" ]; then
echo "No APKs found to sign, skipping"
break
fi
echo "Signing $apk"
apksigner sign \
--ks keystore.jks \
--ks-key-alias "$KEY_ALIAS" \
--ks-pass env:STORE_PASSWORD \
--key-pass env:KEY_PASSWORD \
--next-signer \
--ks new_keystore.jks \
--ks-key-alias "$KEY_ALIAS" \
--ks-pass env:STORE_PASSWORD \
--key-pass env:KEY_PASSWORD \
--lineage lineage \
"$apk"
done
- name: Upload arm64-v8a APK
uses: actions/upload-artifact@v4
with:
name: frp-Android-arm64-v8a
path: app/build/outputs/apk/release/*arm64-v8a*.apk
- name: Upload armeabi-v7a APK
uses: actions/upload-artifact@v4
with:
name: frp-Android-armeabi-v7a
path: app/build/outputs/apk/release/*armeabi-v7a*.apk
- name: Upload x86_64 APK
uses: actions/upload-artifact@v4
with:
name: frp-Android-x86_64
path: app/build/outputs/apk/release/*x86_64*.apk
- name: Upload universal APK
uses: actions/upload-artifact@v4
with:
name: frp-Android-universal
path: app/build/outputs/apk/release/*universal*.apk
- name: Create Release
if: startsWith(github.ref, 'refs/tags/')
uses: softprops/action-gh-release@v2
with:
files: app/build/outputs/apk/release/*.apk
generate_release_notes: true