Co-authored-by: qwerty287 <ndev@web.de>
Reviewed-on: https://codeberg.org/gitnex/GitNex/pulls/1135
Reviewed-by: M M Arif <mmarif@noreply.codeberg.org>
Co-authored-by: qwerty287 <qwerty287@noreply.codeberg.org>
Co-committed-by: qwerty287 <qwerty287@noreply.codeberg.org>
This commit is contained in:
qwerty287 2022-05-15 19:37:34 +02:00 committed by M M Arif
parent 8d2776666b
commit e4b15e0228
2 changed files with 16 additions and 4 deletions

View file

@ -13,10 +13,7 @@ pipeline:
INSTANCE: "https://codeberg.org"
KS_FILE: "gitnex_ci_keystore.jks"
commands:
- >
KEYFILE=$(mktemp)
curl -X GET "${INSTANCE}/api/v1/repos/${KS_REPO}/contents/${KS_FILE}?token=${BOT_TOKEN}" -H "accept: application/json" | sed 's|"content":"|#|g' | cut -d '#' -f 2 | cut -d '"' -f 1 | base64 -d > ${KEYFILE}
apksigner sign -v --ks-pass pass:$KS_PASS --key-pass pass:$KEY_PASS --ks-key-alias GitNexBot --ks ${KEYFILE} --out signed.apk $(find . -name "*release*.apk")
- ./scripts/sign-build.sh
secrets: [ BOT_TOKEN, KS_PASS, KEY_PASS, KS_REPO ]
when:
event: [ push, tag ]

15
scripts/sign-build.sh Executable file
View file

@ -0,0 +1,15 @@
#!/usr/bin/env bash
# Make sure needed var's are here
[ -z "${BOT_TOKEN}" ] && { echo "Token is missing (BOT_TOKEN)"; exit 1; }
[ -z "${KS_PASS}" ] && { echo "Missing keystore password (KS_PASS)"; exit 1; }
[ -z "${KEY_PASS}" ] && { echo "Missing KEY_PASS"; exit 1; }
[ -z "${INSTANCE}" ] && { echo "Instance url is missing (INSTANCE)"; exit 1; }
[ -z "${KS_REPO}" ] && { echo "Missing repo of keystore (KS_REPO)"; exit 1; }
[ -z "${KS_FILE}" ] && { echo "Filename of keystore is missing (KS_FILE)"; exit 1; }
[ -z "${OUTPUT}" ] && { echo "Missing filename of signed output (OUTPUT)"; exit 1; }
KEYFILE=$(mktemp)
curl -X GET "${INSTANCE}/api/v1/repos/${KS_REPO}/contents/${KS_FILE}?token=${BOT_TOKEN}" -H "accept: application/json" | sed 's|"content":"|#|g' | cut -d '#' -f 2 | cut -d '"' -f 1 | base64 -d > ${KEYFILE}
apksigner sign -v --ks-pass pass:$KS_PASS --key-pass pass:$KEY_PASS --ks-key-alias GitNexBot --ks ${KEYFILE} --out signed.apk $(find . -name "*release*.apk")