Skip to content
Build Debug APK

fdroid icon upd #440

Sign in to view logs

fdroid icon upd

fdroid icon upd #440

Workflow file for this run

.github/workflows/CI.yml at afac9eb
name: Build Debug APK
on:
push:
branches: [ "master" ]
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
env:
HAS_SIGNING_KEY: ${{ secrets.SIGNING_KEY != '' }}
HAS_VT_KEY: ${{ secrets.VIRUS_TOTAL_API_KEY != '' }}
steps:
- name: Checkout Code
uses: actions/checkout@v6
with:
submodules: recursive
- name: Set up JDK 17
uses: actions/setup-java@v5
with:
java-version: '17'
distribution: 'temurin'
cache: 'gradle'
- name: Update Version Name
id: get_version
run: |
# Keep the original code to make the nightly and original builds interchangeable
sed -i "s/versionName \"\(.*\)\"/versionName \"\1-nightly-${{ github.run_number }}\"/" smarttubetv/build.gradle
echo "VERSION_NAME=$(grep "versionName" smarttubetv/build.gradle | head -n 1 | awk -F'"' '{print $2}')" >> $GITHUB_OUTPUT
- name: Configure Build Signing
if: ${{ env.HAS_SIGNING_KEY == 'true' }}
run: |
echo "storePassword=${{ secrets.KEY_STORE_PASSWORD }}" > keystore.properties
echo "keyAlias=${{ secrets.ALIAS }}" >> keystore.properties
echo "keyPassword=${{ secrets.KEY_PASSWORD }}" >> keystore.properties
echo "storeFile=${{ github.workspace }}/key.jks" >> keystore.properties
echo "${{ secrets.SIGNING_KEY }}" | base64 --decode > ${{ github.workspace }}/key.jks
- name: Grant Gradle permissions
run: chmod +x gradlew
- name: Lint with Gradle
run: ./gradlew lintStbetaRelease
continue-on-error: true # Remove once we fixes all errors
- name: Upload Lint Report
uses: actions/upload-artifact@v7
if: always()
with:
name: lint-report
path: '**/build/reports/lint-results-*.html'
if-no-files-found: warn
- name: Build with Gradle
run: ./gradlew clean assembleStbetaRelease
- name: VirusTotal Scan
if: ${{ env.HAS_VT_KEY == 'true' }}
id: vt
uses: crazy-max/ghaction-virustotal@v5
with:
vt_api_key: ${{ secrets.VIRUS_TOTAL_API_KEY }}
files: |
./smarttubetv/build/outputs/apk/stbeta/release/*.apk
request_rate: 4
- name: VirusTotal Summary
if: steps.vt.outcome == 'success'
run: |
echo "Waiting 150s for VirusTotal engines to report..."
sleep 150
echo "### Security Scan Results" >> $GITHUB_STEP_SUMMARY
echo "| Artifact Name | VirusTotal Status | Detailed Report |" >> $GITHUB_STEP_SUMMARY
echo "| :--- | :--- | :--- |" >> $GITHUB_STEP_SUMMARY
for apk in ./smarttubetv/build/outputs/apk/stbeta/release/*.apk; do
filename=$(basename "$apk")
sha256=$(sha256sum "$apk" | awk '{print $1}')
# Construct the dynamic badge URL using the hash
badge_url="https://badges.cssnr.com/vt/id/$sha256?start=green&end=red&n=8"
vt_link="https://www.virustotal.com/gui/file/$sha256"
echo "| $filename | [![$filename]($badge_url)]($vt_link) | [View Report]($vt_link) |" >> $GITHUB_STEP_SUMMARY
done
- name: Upload ARM64 APK
uses: actions/upload-artifact@v7
with:
name: SmartTube_${{ steps.get_version.outputs.VERSION_NAME }}_arm64
path: ./smarttubetv/build/outputs/apk/stbeta/release/*_arm64-v8a.apk
if-no-files-found: error
- name: Upload ARMv7 APK
uses: actions/upload-artifact@v7
with:
name: SmartTube_${{ steps.get_version.outputs.VERSION_NAME }}_armeabi-v7a
path: ./smarttubetv/build/outputs/apk/stbeta/release/*_armeabi-v7a.apk
if-no-files-found: error
- name: Upload Universal APK
uses: actions/upload-artifact@v7
with:
name: SmartTube_${{ steps.get_version.outputs.VERSION_NAME }}_universal
path: ./smarttubetv/build/outputs/apk/stbeta/release/*_universal.apk
if-no-files-found: error
- name: Upload x86 APK
uses: actions/upload-artifact@v7
with:
name: SmartTube_${{ steps.get_version.outputs.VERSION_NAME }}_x86
path: ./smarttubetv/build/outputs/apk/stbeta/release/*_x86.apk
if-no-files-found: error