Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Various changes to workflow files #1156

Merged
merged 1 commit into from
Jul 12, 2024
Merged

Various changes to workflow files #1156

merged 1 commit into from
Jul 12, 2024

Conversation

sn-o-w
Copy link
Contributor

@sn-o-w sn-o-w commented Jul 1, 2024
edited
Loading

The Release CI workflow is currently failing, likely due to the minimum required Android SDK Build-tools version for macos-latest GitHub-hosted runners being updated to 33.0.2, while the version used in https://github.com/kevin-david/zipalign-sign-android-release is 32.0.0.

Changes made in this PR include:

  • Upgraded Java version from 17 to 21.
  • Utilized kevin-david/zipalign-sign-android-release@main in both workflows.
    (Updated to noriban/sign-android-release in both workflows, seems to be more updated recently)
  • Manually enabled zipaligning option of signed files in the Release CI workflow, too.
    (Enabled by default in noriban/sign-android-release)
  • Automatically determined and utilized the latest installed Build Tools version for APK signing.
  • Utilized ${{steps.sign_app.outputs.signedReleaseFile}} to point to the signed APK files.
  • Utilized ${GITHUB_SHA::7} to obtain the short Git version hash in Debug CI
  • Removed the 'Git branch name' step in Debug CI (no longer used, I guess?!)
  • Removed the 'Delete unsigned file' step (redundant in Release CI since we can directly upload ${{steps.sign_app.outputs.signedReleaseFile}}).
  • In Debug CI delete unsigned files right before renaming the signed ones.
  • In Release CI switch to softprops/action-gh-release since marvinpinto/action-automatic-releases is no longer maintained.
  • Added Dependabot to automatically submit a PR when a new version of an action is published.

@sn-o-w sn-o-w marked this pull request as draft July 6, 2024 17:03
@sn-o-w sn-o-w force-pushed the dev branch 3 times, most recently from 59922fd to 0549efa Compare July 6, 2024 17:20
@sn-o-w sn-o-w marked this pull request as ready for review July 6, 2024 17:21
@authorisation
Copy link
Collaborator

Looks good to me.

@sn-o-w sn-o-w marked this pull request as draft July 6, 2024 19:37
@sn-o-w
Copy link
Contributor Author

sn-o-w commented Jul 6, 2024

Looks good to me.

Great! ❤️

By the way, should I add the APK signing step for job_manager in the Debug CI as well? It looks like the manager is signed in the release builds. I can ensure consistency in the Debug CI, too. 🤔

EDIT: Perhaps APK signing for job_core too in Debug CI?!

@authorisation
Copy link
Collaborator

Looks good to me.

Great! ❤️

By the way, should I add the APK signing step for job_manager in the Debug CI as well? It looks like the manager is signed in the release builds. I can ensure consistency in the Debug CI, too. 🤔

EDIT: Perhaps APK signing for job_core too in Debug CI?!

No, you can leave those out.

@sn-o-w sn-o-w marked this pull request as ready for review July 6, 2024 20:54
@sn-o-w
Copy link
Contributor Author

sn-o-w commented Jul 6, 2024

Looks good to me.

Great! ❤️
By the way, should I add the APK signing step for job_manager in the Debug CI as well? It looks like the manager is signed in the release builds. I can ensure consistency in the Debug CI, too. 🤔
EDIT: Perhaps APK signing for job_core too in Debug CI?!

No, you can leave those out.

OK. 👍

@sn-o-w sn-o-w force-pushed the dev branch 2 times, most recently from 06ba13f to 52860ed Compare July 7, 2024 10:07
@sn-o-w sn-o-w changed the title Various changes to workflow files Various changes to workflow files + add Dependabot Jul 7, 2024
@sn-o-w
Copy link
Contributor Author

sn-o-w commented Jul 7, 2024

I've also added Dependabot to check weekly for new versions of any actions. If a new version is available, Dependabot will automatically submit a pull request.
After this is merged, you will need to enable Dependabot from here: https://github.com/rhunk/SnapEnhance/network/updates

Other changes I made in the meanwhile:

  • Switched from kevin-david/zipalign-sign-android-release to noriban/sign-android-release
  • Removed zipAlign: true (zipalign is enabled by default in noriban/sign-android-release)
  • Switched from marvinpinto/action-automatic-releases to softprops/action-gh-release (because marvinpinto/action-automatic-releases is now archived)

@CanerKaraca23
Copy link
Contributor

I suggested Dependabot before ( #479 ) but didn't accepted, anyway if Dependabot gonna be activated, you should also add Gradle and maybe gitsubmodules.

@sn-o-w
Copy link
Contributor Author

sn-o-w commented Jul 7, 2024
edited
Loading

I suggested Dependabot before ( #479 ) but didn't accepted, anyway if Dependabot gonna be activated, you should also add Gradle and maybe gitsubmodules.

In this case, I only added Dependabot for workflows, so it will update actions and nothing else. 🤔

As @authorisation mentioned, it could cause potential issues. I think he meant especially with Gradle.

@authorisation
Copy link
Collaborator

Please remove dependabot.

@sn-o-w sn-o-w changed the title Various changes to workflow files + add Dependabot Various changes to workflow files Jul 7, 2024
@sn-o-w
Copy link
Contributor Author

sn-o-w commented Jul 7, 2024

Please remove dependabot.

Done. 👍

@sn-o-w sn-o-w marked this pull request as draft July 7, 2024 15:14
@sn-o-w sn-o-w marked this pull request as ready for review July 7, 2024 15:23
@sn-o-w
Copy link
Contributor Author

sn-o-w commented Jul 7, 2024

I forgot to take care of pull_request.yml, too.

Now everything should be fine.

@sn-o-w
Copy link
Contributor Author

sn-o-w commented Jul 8, 2024

So... Do I need to do anything else? 🤔

@authorisation
Copy link
Collaborator

So... Do I need to do anything else? 🤔

No

@authorisation
Copy link
Collaborator

I'm kind of unsure about using noriban/sign-android-release for this as it could be a possible attack vector for malicious purposes and that repository does not seem really trusted.

As an alternative you could use this https://github.com/SnapEnhance/sign-android-release which is just a fork, it should work just fine.

@sn-o-w
Copy link
Contributor Author

sn-o-w commented Jul 11, 2024

I'm kind of unsure about using noriban/sign-android-release for this as it could be a possible attack vector for malicious purposes and that repository does not seem really trusted.

As an alternative you could use this https://github.com/SnapEnhance/sign-android-release which is just a fork, it should work just fine.

OK. 👍

I made the last change you requested.

@authorisation
Copy link
Collaborator

Alright,
I see you haven't added yourself to the contributors list yet, feel free to do so.

Have you tested everything including releases?

@sn-o-w
Copy link
Contributor Author

sn-o-w commented Jul 11, 2024

Alright, I see you haven't added yourself to the contributors list yet, feel free to do so.

Have you tested everything including releases?

Yes, I did test everything, including releases.

In case you are curious, here you can see a Release workflow run: https://github.com/sn-o-w/SnapEnhance/actions/runs/9899627470

@authorisation authorisation merged commit ed42ed4 into rhunk:dev Jul 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sn-o-w @authorisation @CanerKaraca23