更新体外 Activity 策略文档 #35

Workflow file for this run

.github/workflows/android-build.yml at 34d18f3

	name: Android CI/CD

	on:
	push:
	branches: [main, develop, 'release/*']
	tags: ['v*']
	pull_request:
	branches: [main, develop]
	workflow_dispatch:
	inputs:
	build_type:
	description: '构建类型'
	required: true
	default: 'release'
	type: choice
	options: [debug, release]

	env:
	JAVA_VERSION: '21'
	JAVA_DISTRIBUTION: 'temurin'

	jobs:
	build:
	name: Build AAB & APK
	runs-on: ubuntu-latest
	outputs:
	signing_enabled: ${{ steps.signing.outputs.enabled }}
	build_mode: ${{ steps.build_mode.outputs.mode }}

	steps:
	- name: Checkout
	uses: actions/checkout@v6
	with:
	fetch-depth: 0

	- name: Setup JDK
	uses: actions/setup-java@v5
	with:
	java-version: ${{ env.JAVA_VERSION }}
	distribution: ${{ env.JAVA_DISTRIBUTION }}
	cache: gradle

	- name: Cache Gradle
	uses: actions/cache@v5
	with:
	path: \|
	~/.gradle/caches
	~/.gradle/wrapper
	~/.android/build-cache
	key: gradle-${{ runner.os }}-${{ hashFiles('*/.gradle', '*/gradle-wrapper.properties') }}
	restore-keys: gradle-${{ runner.os }}-

	- name: Grant execute permission
	run: chmod +x gradlew

	- name: Run Tests
	run: ./gradlew testDebugUnitTest

	- name: Run Lint
	run: ./gradlew lint

	- name: Check release signing secrets
	id: signing
	env:
	KEYSTORE_BASE64: ${{ secrets.KEYSTORE_BASE64 }}
	KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
	KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
	KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}
	run: \|
	if [[ -n "$KEYSTORE_BASE64" && -n "$KEYSTORE_PASSWORD" && -n "$KEY_ALIAS" && -n "$KEY_PASSWORD" ]]; then
	echo "enabled=true" >> "$GITHUB_OUTPUT"
	else
	echo "enabled=false" >> "$GITHUB_OUTPUT"
	fi

	- name: Resolve build mode
	id: build_mode
	run: \|
	if [[ "${{ github.event_name }}" == "pull_request" ]]; then
	echo "mode=debug" >> "$GITHUB_OUTPUT"
	elif [[ "${{ github.event_name }}" == "workflow_dispatch" && "${{ github.event.inputs.build_type }}" == "debug" ]]; then
	echo "mode=debug" >> "$GITHUB_OUTPUT"
	elif [[ "${{ steps.signing.outputs.enabled }}" == "true" ]]; then
	echo "mode=release" >> "$GITHUB_OUTPUT"
	else
	echo "mode=debug" >> "$GITHUB_OUTPUT"
	fi

	- name: Validate release signing secrets
	if: (startsWith(github.ref, 'refs/tags/v') \|\| (github.event_name == 'workflow_dispatch' && github.event.inputs.build_type == 'release')) && steps.signing.outputs.enabled != 'true'
	run: \|
	echo "::error::Release builds require KEYSTORE_BASE64, KEYSTORE_PASSWORD, KEY_ALIAS and KEY_PASSWORD secrets."
	exit 1

	- name: Build Debug AAB
	if: steps.build_mode.outputs.mode == 'debug'
	run: ./gradlew bundleDebug

	- name: Build Debug APK
	if: steps.build_mode.outputs.mode == 'debug'
	run: ./gradlew assembleDebug

	- name: Decode Keystore
	if: steps.build_mode.outputs.mode == 'release'
	run: \|
	echo "${{ secrets.KEYSTORE_BASE64 }}" \| base64 -d > app/keystore.jks

	- name: Build Release AAB
	if: steps.build_mode.outputs.mode == 'release'
	run: ./gradlew bundleRelease
	env:
	KEYSTORE_FILE: ${{ github.workspace }}/app/keystore.jks
	KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
	KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
	KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}

	- name: Build Release APK
	if: steps.build_mode.outputs.mode == 'release'
	run: ./gradlew assembleRelease
	env:
	KEYSTORE_FILE: ${{ github.workspace }}/app/keystore.jks
	KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
	KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
	KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}

	- name: Upload AAB
	uses: actions/upload-artifact@v7
	with:
	name: app-bundle-${{ steps.build_mode.outputs.mode }}
	path: app/build/outputs/bundle/*/.aab
	retention-days: 30
	if: always()

	- name: Upload APK
	uses: actions/upload-artifact@v7
	with:
	name: app-apk-${{ steps.build_mode.outputs.mode }}
	path: app/build/outputs/apk/*/.apk
	retention-days: 14
	if: always()

	- name: Upload Lint Report
	if: always()
	uses: actions/upload-artifact@v7
	with:
	name: lint-report
	path: \|
	app/build/reports/lint-results*.html
	framework/build/reports/lint-results*.html
	continue-on-error: true

	deploy-play-store:
	name: Deploy to Play Store
	needs: build
	runs-on: ubuntu-latest
	if: startsWith(github.ref, 'refs/tags/v') && needs.build.outputs.signing_enabled == 'true'

	steps:
	- name: Download AAB
	uses: actions/download-artifact@v8
	with:
	name: app-bundle-release
	path: release

	- name: Validate Play Store secrets
	env:
	PLAY_STORE_SERVICE_ACCOUNT: ${{ secrets.PLAY_STORE_SERVICE_ACCOUNT }}
	PACKAGE_NAME: ${{ secrets.PACKAGE_NAME }}
	run: \|
	if [[ -z "$PLAY_STORE_SERVICE_ACCOUNT" \|\| -z "$PACKAGE_NAME" ]]; then
	echo "::error::Play Store deployment requires PLAY_STORE_SERVICE_ACCOUNT and PACKAGE_NAME secrets."
	exit 1
	fi

	- name: Validate release AAB
	run: \|
	find release -name '*.aab' -print
	if ! find release -name '*.aab' -print -quit \| grep -q .; then
	echo "::error::No release AAB found in downloaded artifact."
	exit 1
	fi

	- name: Deploy to Play Store
	uses: r0adkll/upload-google-play@v1
	with:
	serviceAccountJsonPlainText: ${{ secrets.PLAY_STORE_SERVICE_ACCOUNT }}
	packageName: ${{ secrets.PACKAGE_NAME }}
	releaseFiles: release/*/.aab
	track: internal
	status: completed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

更新体外 Activity 策略文档 #35

Workflow file

更新体外 Activity 策略文档 #35

Uh oh!

Workflow file for this run