Sign all builds that are built from pushes to main #64
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This requires the addition of 4 secrets: ANDROID_KEYSTORE_BASE64 -- the output of `base64 -i foo.keystore` ANDROID_KEYSTORE_PASS -- the password for the keystore ANDROID_KEYALIAS_NAME -- the name of the alias ANDROID_KEYALIAS_PASS -- should match KEYSTORE_PASS in our case Because it uses Github secrets, it won't run on a fork, so we won't do this for PRs. But anything coming from the main tree can use this. We do still keep the github name in the package name, to differentiate between a formal release and an unreleased candidate.
|
Thanks! I've added the secrets. |
|
Thank you! Let’s get our first signed Android build :-) |
|
Looks great |
|
Thanks! |
andybak
pushed a commit
to IxxyXR/open-brush
that referenced
this pull request
Apr 9, 2021
* Icosa/main: Document the secrets used in the CI (icosa-foundation#82) Packaging improvements (icosa-foundation#85) Build on PRs, push to main, or commits with [CI BUILD] somewhere in the message (icosa-foundation#75) Add Linux (regular + experimental) builds to the releases (icosa-foundation#76) Use secrets.UNITY_EMAIL/_PASSWORD/_SERIAL if present, otherwise use hardcoded free license (icosa-foundation#74) Create release upon each build and standardize version numbers (icosa-foundation#71) Change SketchFab uploads to upload as OpenBrush Don't request microphone permissions, no matter what (icosa-foundation#72) Add fly tool to advanced tools panel (icosa-foundation#63) Re-enable builds on all forks, but only sign if the secrets are present (icosa-foundation#69) Only run CI builds on icosa-gallery/open-brush (icosa-foundation#68) Enable Experimental builds for Android/Oculus and StandaloneWindows64/SteamVR (icosa-foundation#66) Improve and Document CI builds (icosa-foundation#65) Sign all builds that are built from pushes to main (icosa-foundation#64) Add CI Builds to PRs and pushes to main (icosa-foundation#43)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This requires the addition of 4 secrets:
ANDROID_KEYSTORE_BASE64 -- the output of
base64 -i foo.keystoreANDROID_KEYSTORE_PASS -- the password for the keystore
ANDROID_KEYALIAS_NAME -- the name of the alias
ANDROID_KEYALIAS_PASS -- should match KEYSTORE_PASS in our case
Because it uses Github secrets, it won't run on a fork, so we won't do
this for PRs. But anything coming from the main tree can use this.
We do still keep the github name in the package name, to differentiate
between a formal release and an unreleased candidate.