name: Release on: push: branches: - dev env: JAVA_VERSION: "17" ANDROID_SDK_ROOT: "${{ github.workspace }}/android-sdk" FLUTTER_VERSION: "3.38.5" BUILD_WINDOWS: "false" # Windows build disabled (no runner available) GITEA_BASE_URL: https://git.tgj.services WEB_IMAGE: "git.tgj.services/petegregoryy/mileograph-web" REGISTRY: git.tgj.services jobs: meta: runs-on: - tgj-arc outputs: base_version: ${{ steps.meta.outputs.base }} release_tag: ${{ steps.meta.outputs.release_tag }} dev_suffix: ${{ steps.meta.outputs.dev_suffix }} steps: - name: Checkout uses: actions/checkout@v4 - name: Determine version id: meta run: | RAW_VERSION=$(awk '/^version:/{print $2}' pubspec.yaml) BASE_VERSION=${RAW_VERSION%%+*} VERSION="${BASE_VERSION}" TAG="v${VERSION}" DEV_SUFFIX="" if [ "${GITHUB_REF}" = "refs/heads/dev" ]; then DEV_ITER="${GITHUB_RUN_NUMBER:-}" if [ -z "$DEV_ITER" ]; then DEV_ITER=$(git rev-list --count HEAD) fi DEV_SUFFIX="-dev.${DEV_ITER}" VERSION="${BASE_VERSION}${DEV_SUFFIX}" TAG="v${VERSION}" fi echo "base=${BASE_VERSION}" >> "$GITHUB_OUTPUT" echo "release_tag=${TAG}" >> "$GITHUB_OUTPUT" echo "dev_suffix=${DEV_SUFFIX}" >> "$GITHUB_OUTPUT" - name: Fail if release already exists env: TAG: ${{ steps.meta.outputs.release_tag }} run: | set -euo pipefail if ! command -v curl >/dev/null 2>&1; then if command -v sudo >/dev/null 2>&1; then SUDO="sudo" else SUDO="" fi $SUDO apt-get update $SUDO apt-get install -y curl ca-certificates fi URL="${GITEA_BASE_URL}/api/v1/repos/${{ github.repository }}/releases/tags/${TAG}" CODE="$(curl -sS -o /dev/null -w "%{http_code}" -H "Authorization: token ${{ secrets.GITEA_TOKEN }}" "$URL" || true)" if [ "$CODE" = "200" ]; then echo "Release already exists for tag ${TAG}; refusing to re-release." exit 1 fi if [ "$CODE" != "404" ]; then echo "Unexpected response checking existing release (${CODE}) at ${URL}" exit 1 fi android-build: runs-on: - tgj-arc needs: meta steps: - name: Checkout uses: actions/checkout@v4 # # - name: Install OS deps (Android) # run: | # if command -v sudo >/dev/null 2>&1; then # SUDO="sudo" # else # SUDO="" # fi # $SUDO apt-get update # $SUDO apt-get install -y unzip xz-utils zip libstdc++6 liblzma-dev curl jq - name: Setup Java uses: actions/setup-java@v4 with: distribution: temurin java-version: ${{ env.JAVA_VERSION }} - name: Install Android SDK run: | mkdir -p "$ANDROID_SDK_ROOT"/cmdline-tools curl -fsSL https://dl.google.com/android/repository/commandlinetools-linux-11076708_latest.zip -o /tmp/cli-tools.zip unzip -q /tmp/cli-tools.zip -d "$ANDROID_SDK_ROOT"/cmdline-tools mv "$ANDROID_SDK_ROOT"/cmdline-tools/cmdline-tools "$ANDROID_SDK_ROOT"/cmdline-tools/latest # Accept licences (ignore SIGPIPE exit 141) yes | "$ANDROID_SDK_ROOT"/cmdline-tools/latest/bin/sdkmanager --sdk_root="$ANDROID_SDK_ROOT" --licenses || true # Install required packages (also ignore SIGPIPE) yes | "$ANDROID_SDK_ROOT"/cmdline-tools/latest/bin/sdkmanager --sdk_root="$ANDROID_SDK_ROOT" \ "platform-tools" "platforms;android-33" "build-tools;33.0.2" || true echo "ANDROID_SDK_ROOT=$ANDROID_SDK_ROOT" >> "$GITHUB_ENV" echo "$ANDROID_SDK_ROOT/platform-tools" >> "$GITHUB_PATH" echo "$ANDROID_SDK_ROOT/build-tools/33.0.2" >> "$GITHUB_PATH" # - name: Install Flutter SDK # run: | # set -euo pipefail # FLUTTER_HOME="$HOME/flutter" # # Avoid git ownership issues when Flutter checks out deps. # git config --global --add safe.directory "$FLUTTER_HOME" || true # if [ ! -x "$FLUTTER_HOME/bin/flutter" ]; then # rm -rf "$FLUTTER_HOME" # curl -fsSL -o /tmp/flutter.tar.xz "https://storage.googleapis.com/flutter_infra_release/releases/stable/linux/flutter_linux_${FLUTTER_VERSION}-stable.tar.xz" # tar -C "$HOME" -xf /tmp/flutter.tar.xz # fi # echo "$FLUTTER_HOME/bin" >> "$GITHUB_PATH" # "$FLUTTER_HOME/bin/flutter" --version - name: Allow all git directories (CI) run: git config --global --add safe.directory '*' - name: Set pub cache path run: echo "PUB_CACHE=${GITHUB_WORKSPACE}/.pub-cache" >> "$GITHUB_ENV" - name: Flutter dependencies run: flutter pub get - name: Prepare Android keystore (optional) if: ${{ secrets.ANDROID_KEYSTORE_BASE64 != '' }} run: | echo "${{ secrets.ANDROID_KEYSTORE_BASE64 }}" | base64 -d > android-release-key.jks echo "ANDROID_KEYSTORE_PATH=$PWD/android-release-key.jks" >> "$GITHUB_ENV" echo "ANDROID_KEYSTORE_PASSWORD=${{ secrets.ANDROID_KEYSTORE_PASSWORD }}" >> "$GITHUB_ENV" echo "ANDROID_KEY_ALIAS=${{ secrets.ANDROID_KEY_ALIAS }}" >> "$GITHUB_ENV" echo "ANDROID_KEY_PASSWORD=${{ secrets.ANDROID_KEY_PASSWORD }}" >> "$GITHUB_ENV" - name: Build Android App Bundle (release) run: flutter build appbundle --release - name: Archive Android App Bundle env: BASE_VERSION: ${{ needs.meta.outputs.base_version }} run: | set -euo pipefail BUNDLE_SRC="build/app/outputs/bundle/release/app-release.aab" if [ ! -f "$BUNDLE_SRC" ]; then echo "Bundle not found at $BUNDLE_SRC" exit 1 fi cp "$BUNDLE_SRC" "mileograph-${BASE_VERSION}.aab" - name: Download bundletool run: | BUNDLETOOL_VERSION=1.15.6 curl -fsSL -o bundletool.jar "https://github.com/google/bundletool/releases/download/${BUNDLETOOL_VERSION}/bundletool-all-${BUNDLETOOL_VERSION}.jar" - name: Extract universal APK from bundle env: BASE_VERSION: ${{ needs.meta.outputs.base_version }} run: | set -euo pipefail BUNDLE="build/app/outputs/bundle/release/app-release.aab" OUTPUT_APKS="app-release.apks" APK_NAME="mileograph-${BASE_VERSION}.apk" if [ ! -f "$BUNDLE" ]; then echo "Bundle not found at $BUNDLE" exit 1 fi SIGNING_ARGS=() if [ -n "${ANDROID_KEYSTORE_PATH:-}" ] && [ -f "$ANDROID_KEYSTORE_PATH" ]; then SIGNING_ARGS+=(--ks="$ANDROID_KEYSTORE_PATH") SIGNING_ARGS+=(--ks-pass="pass:${ANDROID_KEYSTORE_PASSWORD}") SIGNING_ARGS+=(--ks-key-alias="${ANDROID_KEY_ALIAS}") KEY_PASS="${ANDROID_KEY_PASSWORD:-$ANDROID_KEYSTORE_PASSWORD}" SIGNING_ARGS+=(--key-pass="pass:${KEY_PASS}") else echo "No release keystore provided; bundletool will sign with the debug keystore." fi java -jar bundletool.jar build-apks \ --bundle="$BUNDLE" \ --output="$OUTPUT_APKS" \ --mode=universal \ "${SIGNING_ARGS[@]}" unzip -p "$OUTPUT_APKS" universal.apk > "$APK_NAME" ls -lh "$APK_NAME" - name: Upload Android APK artifact uses: actions/upload-artifact@v3 with: name: android-apk path: mileograph-${{ needs.meta.outputs.base_version }}.apk - name: Upload Android AAB artifact uses: actions/upload-artifact@v3 with: name: android-aab path: mileograph-${{ needs.meta.outputs.base_version }}.aab linux-build: runs-on: - tgj-arc needs: meta steps: - name: Checkout uses: actions/checkout@v4 - name: Allow all git directories (CI) run: git config --global --add safe.directory '*' - name: Set pub cache path run: echo "PUB_CACHE=${GITHUB_WORKSPACE}/.pub-cache" >> "$GITHUB_ENV" - name: Flutter dependencies run: flutter pub get - name: Enable Linux desktop run: flutter config --enable-linux-desktop - name: Build Linux binary (release) run: | flutter build linux --release tar -C build/linux/x64/release/bundle -czf app-linux-x64.tar.gz . - name: Upload Linux artifact uses: actions/upload-artifact@v3 with: name: linux-bundle path: app-linux-x64.tar.gz web-build: runs-on: - tgj-arc needs: meta steps: - name: Checkout uses: actions/checkout@v4 - name: Allow all git directories (CI) run: git config --global --add safe.directory '*' - name: Set pub cache path run: echo "PUB_CACHE=${GITHUB_WORKSPACE}/.pub-cache" >> "$GITHUB_ENV" - name: Flutter dependencies run: flutter pub get - name: Enable Flutter web run: flutter config --enable-web - name: Build Flutter web (release) run: | flutter build web --release --base-href=/ tar -C build/web -czf app-web.tar.gz . - name: Upload Web artifact uses: actions/upload-artifact@v3 with: name: web-build path: app-web.tar.gz - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/petegregoryy/railframe-web flavor: latest=false tags: | type=sha,prefix= type=raw,value=${{ needs.meta.outputs.dev_suffix }}-${{ needs.meta.outputs.base_version }} type=raw,value=${{ needs.meta.outputs.dev_suffix }} - name: Login to the docker registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: petegregoryy password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push id: docker_build uses: docker/build-push-action@v6 with: file: Dockerfile push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=registry,ref=${{ env.REGISTRY }}/petegregoryy/railframe-web:${{ needs.meta.outputs.dev_suffix }}-buildcache cache-to: type=registry,ref=${{ env.REGISTRY }}/petegregoryy/railframe-web:${{ needs.meta.outputs.dev_suffix }}-buildcache,mode=max release-dev: runs-on: - tgj-arc needs: - meta - android-build - linux-build - web-build steps: - name: Download Android APK if: ${{ github.ref == 'refs/heads/dev' }} uses: actions/download-artifact@v3 with: name: android-apk path: artifacts - name: Download Android AAB if: ${{ github.ref == 'refs/heads/dev' }} uses: actions/download-artifact@v3 with: name: android-aab path: artifacts - name: Prepare APK and tag if: ${{ github.ref == 'refs/heads/dev' }} id: bundle run: | BASE="${{ needs.meta.outputs.base_version }}" TAG="${{ needs.meta.outputs.release_tag }}" DEV_SUFFIX="${{ needs.meta.outputs.dev_suffix }}" if [ -z "$DEV_SUFFIX" ]; then echo "dev_suffix is empty; expected '-dev.'" exit 1 fi VERSION="${BASE}${DEV_SUFFIX}" APK_NAME="mileograph-${VERSION}.apk" AAB_NAME="mileograph-${VERSION}.aab" mv "artifacts/mileograph-${BASE}.apk" "artifacts/${APK_NAME}" mv "artifacts/mileograph-${BASE}.aab" "artifacts/${AAB_NAME}" echo "tag=${TAG}" >> "$GITHUB_OUTPUT" echo "apk=artifacts/${APK_NAME}" >> "$GITHUB_OUTPUT" echo "aab=artifacts/${AAB_NAME}" >> "$GITHUB_OUTPUT" - name: Create prerelease on Gitea if: ${{ github.ref == 'refs/heads/dev' }} uses: ncipollo/release-action@v1 with: tag: ${{ steps.bundle.outputs.tag }} name: ${{ steps.bundle.outputs.tag }} prerelease: true commit: ${{ github.sha }} token: ${{ secrets.GITEA_TOKEN }} # NOTE: no `artifacts:` here - name: Attach APK to Gitea release if: ${{ github.ref == 'refs/heads/dev' }} run: | set -euo pipefail TAG="${{ steps.bundle.outputs.tag }}" APK="${{ steps.bundle.outputs.apk }}" # 1. Find release ID by tag RELEASE_JSON=$(curl -sS \ -H "Authorization: token ${{ secrets.GITEA_TOKEN }}" \ "${GITEA_BASE_URL}/api/v1/repos/${{ github.repository }}/releases/tags/${TAG}") RELEASE_ID=$(echo "$RELEASE_JSON" | jq -r '.id') echo "Release ID: $RELEASE_ID" # 2. Upload APK with multipart/form-data NAME=$(basename "$APK") echo "Uploading $NAME" curl -sS -X POST \ -H "Authorization: token ${{ secrets.GITEA_TOKEN }}" \ -F "attachment=@${APK}" \ -F "name=${NAME}" \ "${GITEA_BASE_URL}/api/v1/repos/${{ github.repository }}/releases/${RELEASE_ID}/assets" \ >/dev/null # Attach AAB AAB="${{ steps.bundle.outputs.aab }}" NAME_AAB=$(basename "$AAB") echo "Uploading $NAME_AAB" curl -sS -X POST \ -H "Authorization: token ${{ secrets.GITEA_TOKEN }}" \ -F "attachment=@${AAB}" \ -F "name=${NAME_AAB}" \ "${GITEA_BASE_URL}/api/v1/repos/${{ github.repository }}/releases/${RELEASE_ID}/assets" \ >/dev/null