feat: Use keystore for pushes

Pull request app will not be signed
Push to repository bransh will only sign apk

.github/workflows/android.yml

@@ -6,29 +6,6 @@ name: Android CI
 
 on:
   push:
-    branches:
-      - main
-    paths:
-      - '.github/**'
-      - 'app/**'
-      - 'editor/**'
-      - 'gradle/**'
-      - 'gradle.properties'
-      - 'gradlew'
-      - 'settings.gradle'
-  pull_request:
-    branches:
-      - main
-    paths:
-      - '.github/**'
-      - 'app/**'
-      - 'editor/**'
-      - 'gradle/**'
-      - 'build.gradle'
-      - 'gradle.properties'
-      - 'gradlew'
-      - 'settings.gradle'
-  workflow_dispatch:
 
 jobs:
   buildApkFile:
@@ -45,6 +22,13 @@ jobs:
 
       - name: Allow gradlew permission
         run: chmod +x ./gradlew
+
+      - name: Set environmental variables
+        shell: bash
+        env:
+          JSON_CONTENT: ${{ secrets.KEYSTOREPASSWORD }}
+        run: |
+          printf 'KEYSTOREPASSWORD<<EOF\n%s\nEOF\n' "$JSON_CONTENT" >> $GITHUB_ENV
 
       - name: Build debug APK
         run: ./gradlew assembleDebug --warning-mode all
@@ -58,4 +42,4 @@ jobs:
         uses: actions/upload-artifact@v3
         with:
           name: Editor Debug Aar
-          path: editor/build/outputs/aar/editor-debug.aar
+          path: editor/build/outputs/aar/editor-debug.aar

.github/workflows/android_pull_req.yml

@@ -0,0 +1,38 @@
+# SPDX-License-Identifier: GPL-3.0-only
+# Original at https://github.com/tyron12233/CodeAssist/blob/main/.github/workflows/build-apk.yml
+# Changes: Minor adjustments, removal of Cancel previous runs step, but every change can be found with a simple diff.
+
+name: Android CI[PR]
+
+on:
+  pull_request:
+
+jobs:
+  buildApkFile:
+    name: Build Debug APK
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: 17
+          distribution: temurin
+
+      - name: Allow gradlew permission
+        run: chmod +x ./gradlew
+
+      - name: Build debug APK
+        run: ./gradlew assembleDebug --warning-mode all
+
+      - name: Upload debug APK
+        uses: actions/upload-artifact@v3
+        with:
+          name: Android Code Editor Debug Apk
+          path: app/build/outputs/apk/debug
+      - name: Upload editor aar debug
+        uses: actions/upload-artifact@v3
+        with:
+          name: Editor Debug Aar
+          path: editor/build/outputs/aar/editor-debug.aar

.gitignore

@@ -2,5 +2,6 @@
 .gradle
 app/build
 editor/build
+secrets.properties
 treeview/build
 app/src/main/java/android/code/editor/SketchLogger.java

app/build.gradle

@@ -2,6 +2,27 @@ plugins {
     id 'com.android.application'
 }
 
+def KEYSTOREPASSWORD = System.getenv('KEYSTOREPASSWORD')
+def secretsPropertiesFile = file('../secrets.properties')
+def secretsProperties = new Properties()
+
+if (secretsPropertiesFile.exists()) {
+    secretsProperties.load(new FileInputStream(secretsPropertiesFile))
+}
+
+def signingEnabled = false
+def password = ""
+
+if (KEYSTOREPASSWORD != "") {
+    password = KEYSTOREPASSWORD
+    signingEnabled = true
+} else if (secretsPropertiesFile.exists()) {
+    if (secretsProperties.getProperty('keyStorePassword') != null) {
+        password = secretsProperties.getProperty('keyStorePassword')
+        signingEnabled = true
+    }
+}
+
 android {
     compileSdk 32
     buildToolsVersion "33.0.2"
@@ -40,6 +61,25 @@ android {
     buildFeatures {
         viewBinding true
     }
+
+    signingConfigs {
+        release {
+            if (signingEnabled) {
+                storeFile file("../keystore.jks")
+                storePassword password
+                keyAlias "AndroidCodeEditor"
+                keyPassword password
+            }
+        }
+        debug {
+            if (signingEnabled) {
+                storeFile file("../keystore.jks")
+                storePassword password
+                keyAlias "AndroidCodeEditor"
+                keyPassword password
+            }
+        }
+    }
 }
 
 dependencies {