How to include Mapbox secret token in Github Actions CI pipeline - android

I need to include Mapbox secret token to my CI pipeline. At the moment it is stored as a secret in Github and locally in ~/.gradle/gradle.properties. At the moment it just returns
Could not GET 'https://api.mapbox.com/downloads/v2/releases/maven/com/mapbox/maps/android/10.9.0/android-10.9.0.pom'. Received status code 401 from server: Unauthorized
name: Check PR
on: push
# Allows you to run this workflow manually from the Actions tab
#workflow_dispatch:
env:
SECRET: ${{ secrets.SECRET }}
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- uses: actions/cache#v2
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache#v2
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install node dependencies
run: yarn install --frozen-lockfile
- name: Load API Token from secrets
env:
SECRET: ${{ secrets.SECRET }}
run: echo SECRET=\"$SECRET\" > ./local.properties
- name: Build the app
run: yarn run build-android-staging-release
- name: Upload apk
uses: actions/upload-artifact#v2
with:
name: debug apk
path: app/build/outputs/apk/debug/app-debug.apk
I have tried more or less similar approaches what is in the CI snippet. I am expecting that Mapbox doesn't return 401.

Related

Github Action packages Flutter APK, prompting inconsistent app signatures

I use Github Action to automatically package the Android APK file (same signature file), but when installing to the phone, it prompts: "The signature of the app is inconsistent with the signature of the installed app". Does anyone know how to deal with it? Thank you!
My process configuration:
# This is a basic workflow to help you get started with Actions
name: build
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the "main" branch
push:
branches: [ "main" ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build_android:
# The type of runner that the job will run on
runs-on: ubuntu-latest
env:
KEY_JKS: ${{ secrets.KEY_JKS }}
KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout#v3
- uses: subosito/flutter-action#v2
with:
flutter-version: '3.0.5'
channel: 'stable'
cache: true
cache-key: flutter-:os:-:channel:-:version:-:arch:-:hash
cache-path: /Users/runner/hostedtoolcache/flutter/:channel:-:version:-:arch
- name: Flutter action
# You may pin to the exact commit or the version.
uses: subosito/flutter-action#v2.7.0
- name: Create Key File
run: echo $KEY_JKS | base64 -di > android/app/release.jks
# build apk
- uses: actions/checkout#v3
- uses: actions/setup-java#v2
with:
distribution: 'zulu'
java-version: '11'
- uses: subosito/flutter-action#v2
with:
flutter-version: '3.0.5'
- run: flutter pub get
- run: flutter build apk
- uses: actions/upload-artifact#v1
with:
name: app-release.apk
path: build/app/outputs/apk/release/app-release.apk
token: ${{ secrets.GITHUB_TOKEN }}
I have solved this problem.The problem that appeared before, seems to be the cause of the cache.
The steps are as follows:
It mainly includes the modification of the following two lines:
- run: flutter clean
- run: echo $KEY_JKS | base64 -di > android/app/release.jks
Now my process file is like this:
# This is a basic workflow to help you get started with Actions
name: build
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the "main" branch
push:
branches: [ "main" ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build_android:
# The type of runner that the job will run on
runs-on: ubuntu-latest
env:
KEY_JKS: ${{ secrets.KEY_JKS }}
KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}
STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout#v3
- uses: subosito/flutter-action#v2
with:
flutter-version: '3.0.5'
channel: 'stable'
cache: true
cache-key: flutter-:os:-:channel:-:version:-:arch:-:hash
cache-path: /home/runner/hostedtoolcache/flutter/:channel:-:version:-:arch
- name: Flutter action
uses: subosito/flutter-action#v2.7.0
# build apk
- uses: actions/checkout#v3
- uses: actions/setup-java#v2
with:
distribution: 'zulu'
java-version: '11'
- uses: subosito/flutter-action#v2
with:
flutter-version: '3.0.5'
- run: flutter clean
- run: echo $KEY_JKS | base64 -di > android/app/release.jks
- run: flutter pub get
- run: flutter build apk
- uses: actions/upload-artifact#v1
with:
name: app-release.apk
path: build/app/outputs/apk/release/app-release.apk
token: ${{ secrets.GITHUB_TOKEN }}
build_windows:
runs-on: windows-latest
steps:
- uses: actions/checkout#v3
- uses: subosito/flutter-action#v2
with:
channel: 'beta'
- run: flutter config --enable-windows-desktop
- run: flutter build windows
- uses: actions/upload-artifact#v1
with:
name: windows-build
path: "build/windows/runner/Release"
token: ${{ secrets.GITHUB_TOKEN }}

Github Actions: output variable is empty

I created an action that publishes my app apk.
Now im tying to handle version naming on release, but im stuck bc output variable is empty .
The action.yml is:
name: Android CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
apk:
name: Generate the apk file
runs-on: ubuntu-latest
outputs:
version: ${{ steps.getVersion.outputs.version }}
steps:
- uses: actions/checkout#v3
- name: set up JDK 11
uses: actions/setup-java#v3
with:
java-version: '11'
distribution: 'temurin'
cache: gradle
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Build with Gradle
run: ./gradlew build
- name : Upload APK file
uses: actions/upload-artifact#v1
with:
name: apk
path: app/build/outputs/apk/debug/app-debug.apk
- name: Get app version
id: getVersion
run: |
echo "::set-output name=version::$(./gradlew printVersionName)"
release:
name: Release the apk
needs: apk
runs-on: ubuntu-latest
steps:
- name: Download APK from build
uses: actions/download-artifact#v1
with:
name: apk
- name: Create Release
id: create_release
uses: actions/create-release#v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: Release${{ needs.apk.outputs.version }}
release_name: Release ${{ needs.apk.outputs.version }}
- name: Upload Release APK
id: upload_release_asset
uses: actions/upload-release-asset#v1.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: apk/app-debug.apk
asset_name: takeThatProduct.apk
asset_content_type: application/zip
The step to get version works well, is defined in my build.gradle:
But when i get the output variable in the release job, its empty:
So, the release gets created buy with no version number. New releases fail because the name already exists.
Changed my action using this action: apk-info-action
name: Android CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
apk:
name: Generate the apk file
runs-on: ubuntu-latest
outputs:
version: ${{ steps.getVersion.outputs.version }}
steps:
- uses: actions/checkout#v3
- name: set up JDK 11
uses: actions/setup-java#v3
with:
java-version: '11'
distribution: 'temurin'
cache: gradle
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Build with Gradle
run: ./gradlew build
- name : Upload APK file
uses: actions/upload-artifact#v1
with:
name: apk
path: app/build/outputs/apk/debug/app-debug.apk
- name: Get apk info
id: apk-info
uses: hkusu/apk-info-action#v1
with:
apk-path: app/build/outputs/apk/debug/app-debug.apk
- name: Export apk info
id: getVersion
run: |
echo "::set-output name=version::${{ steps.apk-info.outputs.version-name }}"
release:
name: Release the apk
needs: apk
runs-on: ubuntu-latest
steps:
- name: Download APK from build
uses: actions/download-artifact#v1
with:
name: apk
- name: Create Release
id: create_release
uses: actions/create-release#v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: Release${{ needs.apk.outputs.version }}
release_name: Release ${{ needs.apk.outputs.version }}
- name: Upload Release APK
id: upload_release_asset
uses: actions/upload-release-asset#v1.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: apk/app-debug.apk
asset_name: takeThatProduct.apk
asset_content_type: application/zip

github actions flutter gives error 'Artifact pattern :build/app/outputs/apk/release/*.apk did not match any files'

I created GitHub actions to run to build apk on macOS. but it gives me warning that Artifact pattern :build/app/outputs/apk/release/*.apk did not match any files.
This is a public repo, can someone please help me here. in official docs it says the same path and locally i can build apk successfully (on windows machine).
I used MacOS to generate iOs App which i'll do later.
Link of repo.
magento-mobile-oss
workflow-
name: Magento Mobile
on:
push:
branches: [ oss ]
pull_request:
branches: [ oss ]
jobs:
build:
runs-on: macos-latest
steps:
- uses: actions/checkout#v1
- uses: actions/setup-java#v1
with:
java-version: '12.x'
- uses: subosito/flutter-action#v1
with:
channel: stable
env:
KEY_JKS: ${{ secrets.KEY_JKS }}
KEY_PASSWORD: ${{ secrets.ALIAS_PASSWORD }}
ALIAS_PASSWORD: ${{ secrets.KEY_PASSWORD }}
run: echo $KEY_JKS > key.jks && flutter pub get && flutter test && flutter build apk --split-per-abi --verbose
- name: Create a Release APK
uses: ncipollo/release-action#v1
with:
artifacts: "build/app/outputs/apk/release/*.apk"
token: ${{ secrets.OSS_TOKEN }}
commit: oss
tag: v1.0.${{ github.run_number }}
Your workflow doesn't build the APK, and therefore, there's no build/app/outputs/apk/release/*.apk file. So the release action doesn't find the location of the artifacts. Here is the workflow you can use to modify yours and tweak it as you wish:
# This is a basic workflow to help you get started with Actions
name: Build Flutter APK
# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the "develop" branch
push:
branches: ["develop"]
tags:
- "v*"
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
permissions:
contents: write
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/checkout#v3
- uses: actions/setup-java#v1
with:
java-version: "12.x"
- name: Setup Flutter
uses: subosito/flutter-action#v1
with:
channel: "beta"
- name: Decode android/neumodore_key.jks
run: echo "${{ secrets.KEYSTORE_JKS_PROD }}" | base64 --decode > android/keystore.jks
- name: Decode android/key.properties
run: echo "${{ secrets.KEY_PROPERTIES_PROD }}" | base64 --decode > android/key.properties
- name: Pub Get Packages
run: flutter pub get
- name: Build APK
run: flutter build apk
- name: Create Release
uses: ncipollo/release-action#v1.10.0
with:
artifacts: "build/app/outputs/apk/release/*.apk"

Unable to sign jar, invalid entry compressed size

I have a React-native application. I am preparing Android continuous deployment through github-actions to Google Play Store.
I am using this library for signing the application: https://github.com/r0adkll/sign-android-release
I have the following yaml configuration file for github-action of release:
on: workflow_dispatch
name: Release to Google Play Store
jobs:
beta-distribution:
runs-on: ubuntu-latest
name: Beta Distribution
steps:
- name: Checkout
uses: actions/checkout#v2
- uses: actions/setup-node#master
- uses: c-hive/gha-yarn-cache#v1
- name: Install node modules
run: |
yarn install
- name: Cache Gradle Wrapper
uses: actions/cache#v2
with:
path: ~/.gradle/wrapper
key: ${{ runner.os }}-gradle-wrapper-${{ hashFiles('gradle/wrapper/gradle-wrapper.properties') }}
- name: Cache Gradle Dependencies
uses: actions/cache#v2
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-caches-${{ hashFiles('gradle/wrapper/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-caches-
- name: Make Gradlew Executable
run: cd android && chmod +x ./gradlew
- name: Build Android App Bundle
run: |
cd android && ./gradlew bundleRelease --no-daemon
- name: Sign App Bundle
id: sign_app
uses: r0adkll/sign-android-release#v1
with:
releaseDirectory: android/app/build/outputs/bundle/release
signingKeyBase64: ${{ secrets.ANDROID_SIGNING_KEY }}
alias: ${{ secrets.ANDROID_SIGNING_ALIAS }}
keyStorePassword: ${{ secrets.ANDROID_SIGNING_STORE_PASSWORD }}
keyPassword: ${{ secrets.ANDROID_SIGNING_KEY_PASSWORD }}
- name: Upload Artifact
uses: actions/upload-artifact#v2
with:
name: Signed App Bundle
path: ${{steps.sign_app.outputs.signedReleaseFile}}
- name: Deploy to Play Store (BETA)
uses: r0adkll/upload-google-play#v1
with:
serviceAccountJsonPlainText: ${{ secrets.ANDROID_SERVICE_ACCOUNT }}
packageName: com.wmsappbare
releaseFile: a${{steps.sign_app.outputs.signedReleaseFile}}
track: beta
inAppUpdatePriority: 3
userFraction: 0.5
whatsNewDirectory: android/release-notes/
# mappingFile: android/app/build/outputs/mapping/release/mapping.txt
I get an error in my github actions:
Preparing to sign key # android/app/build/outputs/bundle/release with
signing key /usr/bin/jarsigner -keystore
android/app/build/outputs/bundle/release/signingKey.jks -storepass ***
-keypass *** android/app/build/outputs/bundle/release/app-release.aab *** jarsigner: unable to sign jar: java.util.zip.ZipException: invalid entry compressed size (expected 54105 but got 55476 bytes)
Looks exactly the same as in answer:
jarsigner: unable to sign jar: java.util.zip.ZipException: invalid entry compressed size (expected 463 but got 465 bytes)
But it does not make any sense to me. How can it be already signed?
https://github.com/r0adkll/sign-android-release/issues/31 In this issue I commented and a fellow developer said that I have my application already signed with "keystone" details.
I tried the steps he offered for my to try that are described in the issue as comments, however every step failed with a different error.
In my android/app folder I have the following files:
build.gradle
debug.keystore
your_key_name.keystore
build.gradle:
https://pastebin.com/sNtZrVwD
I believe my build.gradle might have wrong signingConfigs sections but I am fully sure I understand how that works.
You need to remove the below line from from buildTypes { release {}} in build.gradle:
signingConfig signingConfigs.debug

Fastlane + Github Actions: Couldn't find gradlew at path

I'm trying to implement a CI/CD workflow for Flutter using Github Actions and Fastlane. But, when the lane is executing throws the following error:
I create the Fastlane folder inside the android folder. Like the image
This is the content of my Fastfile:
update_fastlane
default_platform(:android)
platform :android do
desc "Deploy to closed beta track"
lane :closed_beta do
begin
gradle(task: "clean")
gradle(
task: "bundle",
build_type: 'Release'
)
upload_to_play_store(
track: 'Closed beta',
aab: '../build/app/outputs/bundle/release/app-release.aab',
skip_upload_metadata: true,
skip_upload_images: true,
skip_upload_screenshots: true,
release_status: "draft",
version_code: flutter_version()["version_code"],
)
end
end
end
And my GitHub action workflow that allows to make the build and deployment is like below. The Run Fastlane step is the error point
name: Continuous Delivery to Play Store
on:
push:
branches:
- "v*"
jobs:
# Continuous integration
build_android:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout#v2
- name: Setup Java
uses: actions/setup-java#v1
with:
java-version: 12.x
- name: Decrypt Android keys
run: sh ./.github/scripts/decrypt_android_keys.sh
env:
ANDROID_KEYS_SECRET_PASSPHRASE: ${{ secrets.ANDROID_KEYS_SECRET_PASSPHRASE }}
- name: Setup Flutter
uses: subosito/flutter-action#v1
with:
flutter-version: 1.22.5
- name: Install Flutter dependencies
run: flutter pub get
# Add build runner commands here if you have any
- name: Format files
run: flutter format --set-exit-if-changed .
- name: Analyze files
run: flutter analyze .
- name: Run the tests
run: flutter test
- name: Build the APK
run: flutter build apk
- name: Upload artifact to Github
uses: actions/upload-artifact#v1
with:
name: release-apk
path: build/app/outputs/apk/release/app-release.apk
# Continuous delivery
deploy_android:
runs-on: ubuntu-latest
needs: [build_android]
steps:
- name: Checkout code
uses: actions/checkout#v2
- name: Setup Java
uses: actions/setup-java#v1
with:
java-version: 12.x
- name: Decrypt Android keys
run: sh ./.github/scripts/decrypt_android_keys.sh
env:
ANDROID_KEYS_SECRET_PASSPHRASE: ${{ secrets.ANDROID_KEYS_SECRET_PASSPHRASE }}
- name: Setup Flutter
uses: subosito/flutter-action#v1
with:
flutter-version: 1.22.5
- name: Install Flutter dependencies
run: flutter pub get
- name: Build app bundle
run: flutter build appbundle
- uses: actions/checkout#v2
- uses: ruby/setup-ruby#v1
with:
ruby-version: 2.6
bundler-cache: true
- name: Check file existence
run: echo find . -name "gradlew"
- uses: maierj/fastlane-action#v2.0.0
with:
lane: closed_beta
subdirectory: android
Run flutter build appbundle -v before other tasks in a lane like this
lane :beta do
sh "flutter build appbundle -v" <- Add this
upload_to_play_store(
track: 'beta',
aab: '../build/app/outputs/bundle/release/app-release.aab',
json_key_data: ENV['PLAY_STORE_CONFIG_JSON'],
)
end```
I have the same issue and what I found that gradlew is excluded in .gitignore inside /android folder of your flutter project.
While following runs on your local machine, it won't run Github runner:
gradle(task: "clean")
gradle(
task: "bundle",
build_type: 'Release'
)
Consider deleting lines above from Fastfile as you already do build on Github
behalf here:
name: Build the APK
run: flutter build apk

Categories

Resources