Make workflows friendly for forks

[valldrac]

The following commits are intended to make this repository fork-friendly by refactoring the workflows of GitHub Actions.

This CI setup allows to create a Molly release every time a new tag is pushed to the repository. To trigger a final build, push the tag to the main branch. To trigger a pre-release build, push to any other branch. Tags can be lightweight or annotated, although the latter are preferred for stable releases.

A draft containing the built APKs will be created in GitHub Releases after running the workflow. Once the draft is reviewed and published, the APKs are recompiled and reproducible builds are tested automatically.

The build configuration is read from app/gradle.properties and overridden by either reproducible-builds/ci/release.env or reproducible-builds/ci/prerelease.env.

Pre-releases have different app name ("Molly Insider") and package ID so they can be installed side-by-side with final releases.

To optionally sign the APKs, store the KeyStore into GitHub Secrets:

• For final releases:
  • RELEASE_KEYSTORE containing the KeyStore file encoded in base64, key alias: release
  • RELEASE_KEYSTORE_PASSWORD with the password
• For pre-releases:
  • TEST_KEYSTORE containing the KeyStore file encoded in base64, key alias: test
  • TEST_KEYSTORE_PASSWORD with the password

To use your own Google Maps API Key create a secret MAPS_API_KEY.

If the PUBLISH_PAT secret exists, it takes preference over GITHUB_TOKEN. This is useful in case the default token has read-only permissions.