Setup snapshot deployment (#599)

* Setup snapshot deployment

* README: Update repository links

* README: Update workflow badge link

* README: Add link to Snapshot builds

* Fix snapshot/pull-request build conflict

* Deploy from feature/deploy-snapshots as well

* Revert "Deploy from feature/deploy-snapshots as well"

Confirmed it works well

This reverts commit 06f6bc0e8c19f238643655d09ca20f83dd416283.

Signed-off-by: Harsh Shandilya <msfjarvis@gmail.com>

.github/workflows/deploy_snapshot.yml

@@ -0,0 +1,41 @@
+on:
+  push:
+    branches:
+      - master
+
+name: Deploy snapshot builds
+jobs:
+  deploy-release-snapshot:
+    runs-on: ubuntu-latest
+    if: "!contains(github.event.head_commit.message, '[ci skip]')"
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v1
+
+    - name: Decrypt secrets
+      run: release/signing-setup.sh "$ENCRYPT_KEY"
+      env:
+        ENCRYPT_KEY: ${{ secrets.ENCRYPT_KEY }}
+
+    - name: Download gradle dependencies
+      run: ./gradlew dependencies
+
+    - name: Validate codestyle with Spotless
+      run: ./gradlew spotlessCheck
+
+    - name: Build release app
+      run: ./gradlew :app:assembleRelease
+      env:
+        SNAPSHOT: "true"
+
+    - name: Clean secrets
+      run: release/signing-cleanup.sh
+
+    - name: Deploy snapshot
+      run: release/deploy-snapshot.sh
+      env:
+        ACTIONS_DEPLOY_KEY: ${{ secrets.ACTIONS_DEPLOY_KEY }}
+        SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
+        SERVER_ADDRESS: ${{ secrets.SERVER_ADDRESS }}
+        SERVER_DESTINATION: ${{ secrets.SERVER_DESTINATION }}
+        SSH_PORT: ${{ secrets.SSH_PORT }}

.github/workflows/pull_request.yml

@@ -1,7 +1,8 @@
-on: [push, pull_request]
-name: CI builds
+on: pull_request
+
+name: Check pull request
 jobs:
-  setup-android:
+  test-pr:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@master

.gitignore

@@ -38,3 +38,5 @@ project.properties
 .vscode/
 
 captures/
+
+keystore.*

README.md

@@ -1,7 +1,7 @@
 # Password Store
 
 [![Android Arsenal](https://img.shields.io/badge/Android%20Arsenal-Android--Password--Store-blue.svg?style=flat)](https://android-arsenal.com/details/1/1208)
-[![GitHub workflow](https://github.com/password-store/Android-Password-Store/workflows/CI%20builds/badge.svg)](https://github.com/password-store/Android-Password-Store/actions)
+[![GitHub workflow](https://github.com/android-password-store/Android-Password-Store/workflows/Deploy%20snapshot%20builds/badge.svg)](https://github.com/android-password-store/Android-Password-Store/actions)
 [![Backers on Open Collective](https://opencollective.com/Android-Password-Store/backers/badge.svg)](#backers) [![Sponsors on Open Collective](https://opencollective.com/Android-Password-Store/sponsors/badge.svg)](#sponsors)
 
 This application tries to be 100% compatible with [pass](http://www.passwordstore.org/)
@@ -10,8 +10,9 @@ You can install the application from:
 
 * [F-Droid](https://f-droid.org/repository/browse/?fdid=com.zeapo.pwdstore)
 * [Play Store](https://play.google.com/store/apps/details?id=com.zeapo.pwdstore)
+* [Snapshot builds](https://dl.msfjarvis.dev/APS/)
 
-Pull requests are more than welcome (see [TODO](https://github.com/zeapo/Android-Password-Store/projects/1#column-228844)).
+Pull requests are more than welcome (see [TODO](https://github.com/android-password-store/Android-Password-Store/projects/1#column-228844)).
 
 ## Features
 
@@ -25,7 +26,7 @@ Pull requests are more than welcome (see [TODO](https://github.com/zeapo/Android
 
 ## How-To
 
-See the [wiki](https://github.com/zeapo/Android-Password-Store/wiki/First-time-setup) for a newer written version of the following gif walkthrough
+See the [wiki](https://github.com/android-password-store/Android-Password-Store/wiki/First-time-setup) for a newer written version of the following gif walkthrough
 
 ## FAQ
 
@@ -49,7 +50,7 @@ See the [wiki](https://github.com/zeapo/Android-Password-Store/wiki/First-time-s
 
 Ways to get in touch:
 
-* [Github issues](https://github.com/zeapo/Android-Password-Store/issues), use it if you have a bug report, you do not understand how something works or you want to submit a feature request.
+* [Github issues](https://github.com/android-password-store/Android-Password-Store/issues), use it if you have a bug report, you do not understand how something works or you want to submit a feature request.
 
 ## Contributing Translations
 
@@ -65,9 +66,9 @@ Libraries that this project uses:
 
 ## Contributors
 
-This project exists thanks to all the people who contribute. Want to contribute? See if you can [find an issue](https://github.com/zeapo/Android-Password-Store/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc) you wanna close, then send a PR!
+This project exists thanks to all the people who contribute. Want to contribute? See if you can [find an issue](https://github.com/android-password-store/Android-Password-Store/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc) you wanna close, then send a PR!
 
-[![Opencollective](https://opencollective.com/Android-Password-Store/contributors.svg?width=890&button=false)](https://github.com/zeapo/Android-Password-Store/graphs/contributors)
+[![Opencollective](https://opencollective.com/Android-Password-Store/contributors.svg?width=890&button=false)](https://github.com/android-password-store/Android-Password-Store/graphs/contributors)
 
 ## Backers
 

app/build.gradle

@@ -12,7 +12,30 @@ repositories {
     maven { url 'https://jitpack.io' }
 }
 
+final def keystorePropertiesFile = rootProject.file 'keystore.properties'
+
+final def gitHash = { ->
+    final def stdout = new ByteArrayOutputStream()
+    exec {
+        commandLine 'git', 'describe', '--tags'
+        standardOutput = stdout
+    }
+    stdout.toString().trim()
+}
+
+static final def isSnapshot() {
+    return System.env['GITHUB_WORKFLOW'] != null && System.env['SNAPSHOT'] != null
+}
+
 android {
+    if (isSnapshot()) {
+        android.applicationVariants.all { final variant ->
+            variant.outputs.all {
+                outputFileName = "aps_${versions.versionName}.apk"
+            }
+        }
+    }
+
     defaultConfig {
         applicationId 'com.zeapo.pwdstore'
     }
@@ -40,28 +63,19 @@ android {
         }
     }
 
-    /*
-     * To sign release builds, create the file `gradle.properties` in
-     * $HOME/.gradle or in your project directory with this content:
-     *
-     * mStoreFile=/path/to/key.store
-     * mStorePassword=xxx
-     * mKeyAlias=alias
-     * mKeyPassword=xxx
-     */
-    if (project.hasProperty('mStoreFile') &&
-            project.hasProperty('mStorePassword') &&
-            project.hasProperty('mKeyAlias') &&
-            project.hasProperty('mKeyPassword')) {
+    if (keystorePropertiesFile.exists()) {
+        final def keystoreProperties = new Properties()
+        keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
         signingConfigs {
             release {
-                storeFile = file(project.properties['mStoreFile'] as String)
-                storePassword = project.properties['mStorePassword'] as String
-                keyAlias = project.properties['mKeyAlias'] as String
-                keyPassword = project.properties['mKeyPassword'] as String
+                keyAlias = keystoreProperties['keyAlias']
+                keyPassword = keystoreProperties['keyPassword']
+                storeFile = rootProject.file keystoreProperties['storeFile']
+                storePassword = keystoreProperties['storePassword']
             }
         }
         buildTypes.release.signingConfig = signingConfigs.release
+        buildTypes.debug.signingConfig = signingConfigs.release
     }
 }
 

dependencies.gradle

@@ -7,13 +7,13 @@ ext.versions = [
     targetSdk: 29,
     compileSdk: 29,
     versionCode: 10303,
-    versionName: '1.3.3',
+    versionName: '1.3.4-SNAPSHOT',
     buildTools: '29.0.2'
 ]
 
 ext.deps = [
     gradle_plugin: [
-        android: 'com.android.tools.build:gradle:3.5.2',
+        android: 'com.android.tools.build:gradle:3.5.3',
         kotlin: 'org.jetbrains.kotlin:kotlin-gradle-plugin:1.3.61',
         spotless: 'com.diffplug.spotless:spotless-plugin-gradle:3.26.1'
     ],

release/deploy-github.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+trap 'exit 1' SIGINT SIGTERM
+
+[ -z "$(command -v hub)" ] && { echo "hub not installed; aborting!"; exit 1; }
+TAG="${1}"
+hub tag -afs "${TAG:?}"
+gradle clean bundleRelease assembleRelease
+hub release create "${TAG}" -a app/build/outputs/apk/release/aps_"${TAG}".apk

release/deploy-snapshot.sh

@@ -0,0 +1,11 @@
+#!/usr/bin/env sh
+
+export SSHDIR="$HOME/.ssh"
+mkdir -p "$SSHDIR"
+echo "$ACTIONS_DEPLOY_KEY" > "$SSHDIR/key"
+chmod 600 "$SSHDIR/key"
+export SERVER_DEPLOY_STRING="$SSH_USERNAME@$SERVER_ADDRESS:$SERVER_DESTINATION"
+cd "$GITHUB_WORKSPACE/app/build/outputs/apk/release"
+rm output.json
+rsync -ahvcr --omit-dir-times --progress --delete --no-o --no-g -e "ssh -i $SSHDIR/key -o StrictHostKeyChecking=no -p $SSH_PORT" . "$SERVER_DEPLOY_STRING" || true
+exit 0

release/props.cipher

@@ -0,0 +1,2 @@
+Salted__â‚÷4º°Ó€˜~OÔj€
+‘–r&4›YߣºÕ<C2BA>u‹D~R+¥Ñs³'ô
Ÿ[À÷u‡Ó¯ã»väIÙ‡›ä ¶Ù†Ïq/ÎL4¸OÇÚF›ŒÿU¤­x4"	#.÷àìR¥ÉàÞêñWÙ!¦Çl#Ü‘´hRq(H"ǶI1ÌÌSÁ}Ä°ÒÔÒ¸c	àc½

release/signing-cleanup.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+# Delete Release key
+rm -f keystore.jks
+
+# Delete signing config
+rm -f keystore.properties

release/signing-setup.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+ENCRYPT_KEY=$1
+
+if [[ -n "$ENCRYPT_KEY" ]]; then
+    # Decrypt Release key
+    openssl enc -aes-256-cbc -md sha256 -d -in release/keystore.cipher -out keystore.jks -k "${ENCRYPT_KEY}"
+
+    # Decrypt signing config
+    openssl enc -aes-256-cbc -md sha256 -d -in release/props.cipher -out keystore.properties -k "${ENCRYPT_KEY}"
+else
+    echo "ENCRYPT_KEY is empty"
+fi