From 651983f006867c99157057e813f28c4dc7fcbdba Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 28 Nov 2025 14:19:27 +0000 Subject: [PATCH 1/7] Initial plan From 8629f41651b574626bf922bba750c8d1f7fa2c41 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 28 Nov 2025 14:22:43 +0000 Subject: [PATCH 2/7] Add GitHub Actions workflow for Play Store Internal Track deployment Co-authored-by: ninovanhooff <10351007+ninovanhooff@users.noreply.github.com> --- .github/workflows/playstore-internal.yml | 54 ++++++++++++++++++++++++ README.MD | 18 ++++++++ 2 files changed, 72 insertions(+) create mode 100644 .github/workflows/playstore-internal.yml diff --git a/.github/workflows/playstore-internal.yml b/.github/workflows/playstore-internal.yml new file mode 100644 index 0000000..48fc3ef --- /dev/null +++ b/.github/workflows/playstore-internal.yml @@ -0,0 +1,54 @@ +name: Publish to Play Store Internal Track + +on: + workflow_dispatch: + push: + branches: [ 'release' ] + +# Cancel any in-progress runs of this workflow if a new run is triggered within the same branch or PR +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} + cancel-in-progress: true + +jobs: + build: + runs-on: macos-latest # use [ self-hosted, macOS ] to host on our own mac mini, which is twice as fast and cheaper than hosting on a github runner. See README for more info. + steps: + - uses: actions/checkout@v4 + - name: Prepare Release + uses: ./.github/actions/prepare-release + + # This will decode the keystore from base 64 text representation that we have stored in secrets + # and generates and keystore file and gets stored in /android-app path + - name: Decode Keystore + env: + ENCODED_STRING: ${{ secrets.KEYSTORE_BASE_64 }} + shell: bash + run: | + echo $ENCODED_STRING > keystore-b64.txt + base64 -d upload-keystore.jks + # The secrets.gradle file that is stored as text, does not need to be decoded + # and can be directly written to a file + # This file is used by the gradle build to sign the APK + - name: Create secrets.gradle + run: echo "${{ secrets.SECRETS_GRADLE }}" > secrets.gradle + + - name: Build Prod Release Bundle + run: ./gradlew bundleProdRelease --stacktrace + + - name: Upload Release Bundle to Artifacts + uses: actions/upload-artifact@v4 + with: + name: ${{ github.event.repository.name }}-${{ github.run_number }}-prod-release-bundle + path: | + ${{ github.workspace }}/app/build/outputs/bundle/prodRelease/app-prod-release.aab + + - name: Upload to Play Store Internal Track + uses: r0adkll/upload-google-play@v1 + with: + serviceAccountJsonPlainText: ${{ secrets.PLAYSTORE_SERVICE_ACCOUNT_JSON }} + packageName: nl.q42.template + releaseFiles: ${{ github.workspace }}/app/build/outputs/bundle/prodRelease/app-prod-release.aab + track: internal + status: completed + inAppUpdatePriority: 2 diff --git a/README.MD b/README.MD index 1c17512..ce597cb 100644 --- a/README.MD +++ b/README.MD @@ -81,6 +81,8 @@ This project uses Github Actions for CI. We have added these workflows for now: - _debug.yml_: any commit on any branch triggers a `devDebug` apk and a `prodDebug` apk build - _release.yml_: any PR triggers signed release builds (`prodRelease` bundle and `prodRelease` apk) +- _firebase-app-distribution.yml_: any PR to develop triggers a release build that is uploaded to Firebase App Distribution +- _playstore-internal.yml_: any push to the release branch triggers a release build that is uploaded to Play Store Internal Test track #### Adding your own keystore's details on Github Actions @@ -124,6 +126,22 @@ With the default configuration, all commits on develop will be pushed to Firebas To also make these available to a test group, you can enable the `groups` parameter in the [firebase yml](.github/workflows/firebase-app-distribution.yml) file. +#### Play Store deployment + +We use the [upload-google-play github action](https://github.com/r0adkll/upload-google-play) ( +in our github actions setup) to automatically upload release builds to the Play Store Internal Test track. + +To enable this for your own app, you need to: + +1. Create a service account in Google Cloud Console with access to the Google Play Developer API +2. Download the service account JSON key file +3. Add the content of the JSON file to your Github repository secrets as `PLAYSTORE_SERVICE_ACCOUNT_JSON` +4. Update the `packageName` in the [playstore-internal.yml](.github/workflows/playstore-internal.yml) file to match your app's package name + +More details on creating a service account can be found in the [Google Play Android Developer API documentation](https://developers.google.com/android-publisher/getting_started). + +With the default configuration, all commits to the release branch will be pushed to the Play Store Internal Test track. + #### Self-hosted runner You can run the worlkflows on our self-hosted runner (a mac mini). This is: From 4ee7ff1f840a23fa79e84d9045276a8661919879 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 28 Nov 2025 14:24:16 +0000 Subject: [PATCH 3/7] Add TODO comment for package name in Play Store workflow Co-authored-by: ninovanhooff <10351007+ninovanhooff@users.noreply.github.com> --- .github/workflows/playstore-internal.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/playstore-internal.yml b/.github/workflows/playstore-internal.yml index 48fc3ef..b2939bf 100644 --- a/.github/workflows/playstore-internal.yml +++ b/.github/workflows/playstore-internal.yml @@ -47,7 +47,7 @@ jobs: uses: r0adkll/upload-google-play@v1 with: serviceAccountJsonPlainText: ${{ secrets.PLAYSTORE_SERVICE_ACCOUNT_JSON }} - packageName: nl.q42.template + packageName: nl.q42.template # TODO: Update this to match your app's package name releaseFiles: ${{ github.workspace }}/app/build/outputs/bundle/prodRelease/app-prod-release.aab track: internal status: completed From b5cf0b3becd89389239dcfa88befae737f993ac8 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 28 Nov 2025 14:25:18 +0000 Subject: [PATCH 4/7] Improve README wording for Play Store deployment section Co-authored-by: ninovanhooff <10351007+ninovanhooff@users.noreply.github.com> --- README.MD | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.MD b/README.MD index ce597cb..f757f4d 100644 --- a/README.MD +++ b/README.MD @@ -128,8 +128,7 @@ To also make these available to a test group, you can enable the `groups` parame #### Play Store deployment -We use the [upload-google-play github action](https://github.com/r0adkll/upload-google-play) ( -in our github actions setup) to automatically upload release builds to the Play Store Internal Test track. +We use the [upload-google-play github action](https://github.com/r0adkll/upload-google-play) in our github actions setup to automatically upload release builds to the Play Store Internal Test track. To enable this for your own app, you need to: From f5b2d7c6d3058c58c849d4db014a810c8b6d62ed Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 28 Nov 2025 14:26:23 +0000 Subject: [PATCH 5/7] Add explicit permissions block to Play Store workflow for security Co-authored-by: ninovanhooff <10351007+ninovanhooff@users.noreply.github.com> --- .github/workflows/playstore-internal.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/playstore-internal.yml b/.github/workflows/playstore-internal.yml index b2939bf..4f629c7 100644 --- a/.github/workflows/playstore-internal.yml +++ b/.github/workflows/playstore-internal.yml @@ -10,6 +10,9 @@ concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} cancel-in-progress: true +permissions: + contents: read + jobs: build: runs-on: macos-latest # use [ self-hosted, macOS ] to host on our own mac mini, which is twice as fast and cheaper than hosting on a github runner. See README for more info. From 7d57bf3443db2d52df1afcbad214694d3252084e Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 28 Nov 2025 14:27:48 +0000 Subject: [PATCH 6/7] Update workflow to trigger on release/* branch pattern Co-authored-by: ninovanhooff <10351007+ninovanhooff@users.noreply.github.com> --- .github/workflows/playstore-internal.yml | 2 +- README.MD | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/playstore-internal.yml b/.github/workflows/playstore-internal.yml index 4f629c7..939dd26 100644 --- a/.github/workflows/playstore-internal.yml +++ b/.github/workflows/playstore-internal.yml @@ -3,7 +3,7 @@ name: Publish to Play Store Internal Track on: workflow_dispatch: push: - branches: [ 'release' ] + branches: [ 'release/*' ] # Cancel any in-progress runs of this workflow if a new run is triggered within the same branch or PR concurrency: diff --git a/README.MD b/README.MD index f757f4d..0396195 100644 --- a/README.MD +++ b/README.MD @@ -82,7 +82,7 @@ This project uses Github Actions for CI. We have added these workflows for now: - _debug.yml_: any commit on any branch triggers a `devDebug` apk and a `prodDebug` apk build - _release.yml_: any PR triggers signed release builds (`prodRelease` bundle and `prodRelease` apk) - _firebase-app-distribution.yml_: any PR to develop triggers a release build that is uploaded to Firebase App Distribution -- _playstore-internal.yml_: any push to the release branch triggers a release build that is uploaded to Play Store Internal Test track +- _playstore-internal.yml_: any push to release branches (release/*) triggers a release build that is uploaded to Play Store Internal Test track #### Adding your own keystore's details on Github Actions @@ -139,7 +139,7 @@ To enable this for your own app, you need to: More details on creating a service account can be found in the [Google Play Android Developer API documentation](https://developers.google.com/android-publisher/getting_started). -With the default configuration, all commits to the release branch will be pushed to the Play Store Internal Test track. +With the default configuration, all commits to release branches (release/*) will be pushed to the Play Store Internal Test track. #### Self-hosted runner From 70a6b968049cce8a6f550f1f6c765b391cd4ae3c Mon Sep 17 00:00:00 2001 From: Nino van Hooff Date: Fri, 28 Nov 2025 16:12:16 +0100 Subject: [PATCH 7/7] FIX trigger internal test track on release/** and PR branch --- .github/workflows/playstore-internal.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/playstore-internal.yml b/.github/workflows/playstore-internal.yml index 939dd26..4a5c554 100644 --- a/.github/workflows/playstore-internal.yml +++ b/.github/workflows/playstore-internal.yml @@ -3,7 +3,7 @@ name: Publish to Play Store Internal Track on: workflow_dispatch: push: - branches: [ 'release/*' ] + branches: [ 'release/**', 'copilot/add-github-action-playstore' ] # Cancel any in-progress runs of this workflow if a new run is triggered within the same branch or PR concurrency: