v2.3: Auto-detect cert, fix WebUI status, SukiSU changelog format #3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Release Module | |
| on: | |
| push: | |
| branches: [ main, master ] | |
| tags: | |
| - 'v*' | |
| pull_request: | |
| branches: [ main, master ] | |
| workflow_dispatch: | |
| env: | |
| MODULE_ID: reqable-cert-installer | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Get version info | |
| id: version | |
| run: | | |
| VERSION=$(grep 'version=' module.prop | cut -d'=' -f2) | |
| VERSION_CODE=$(grep 'versionCode=' module.prop | cut -d'=' -f2) | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| echo "version_code=$VERSION_CODE" >> $GITHUB_OUTPUT | |
| - name: Validate module structure | |
| run: | | |
| echo "🔍 Validating module structure..." | |
| # Check required files | |
| required_files=("module.prop" "customize.sh" "post-fs-data.sh" "service.sh" "action.sh" "uninstall.sh" "META-INF/com/google/android/update-binary" "META-INF/com/google/android/updater-script") | |
| for file in "${required_files[@]}"; do | |
| if [ ! -f "$file" ]; then | |
| echo "❌ Missing required file: $file" | |
| exit 1 | |
| fi | |
| echo "✅ Found: $file" | |
| done | |
| # Check certificate directory exists | |
| if [ ! -d "system/etc/security/cacerts" ]; then | |
| echo "❌ Missing certificate directory" | |
| exit 1 | |
| fi | |
| echo "✅ Certificate directory exists" | |
| # Check for placeholder file | |
| if [ ! -f "system/etc/security/cacerts/.gitkeep" ]; then | |
| echo "⚠️ Creating .gitkeep placeholder" | |
| touch system/etc/security/cacerts/.gitkeep | |
| fi | |
| echo "✅ Module structure validated!" | |
| - name: Make scripts executable | |
| run: | | |
| chmod +x post-fs-data.sh | |
| chmod +x service.sh | |
| chmod +x customize.sh | |
| chmod +x action.sh | |
| chmod +x uninstall.sh | |
| chmod +x META-INF/com/google/android/update-binary | |
| - name: Build module ZIP | |
| run: | | |
| MODULE_NAME="Reqable-Cert-Installer-${{ steps.version.outputs.version }}" | |
| echo "📦 Building $MODULE_NAME.zip..." | |
| # Create zip with only required files | |
| zip -r9 "${MODULE_NAME}.zip" \ | |
| module.prop \ | |
| customize.sh \ | |
| post-fs-data.sh \ | |
| service.sh \ | |
| action.sh \ | |
| uninstall.sh \ | |
| update.json \ | |
| META-INF/ \ | |
| system/ \ | |
| webroot/ | |
| echo "✅ Module built: ${MODULE_NAME}.zip" | |
| echo "module_zip=${MODULE_NAME}.zip" >> $GITHUB_ENV | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: reqable-cert-installer-${{ steps.version.outputs.version }} | |
| path: ${{ env.module_zip }} | |
| retention-days: 30 | |
| release: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Get version info | |
| id: version | |
| run: | | |
| VERSION=$(grep 'version=' module.prop | cut -d'=' -f2) | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| - name: Make scripts executable | |
| run: | | |
| chmod +x post-fs-data.sh | |
| chmod +x service.sh | |
| chmod +x customize.sh | |
| chmod +x action.sh | |
| chmod +x uninstall.sh | |
| chmod +x META-INF/com/google/android/update-binary | |
| - name: Build release ZIP | |
| run: | | |
| MODULE_NAME="Reqable-Cert-Installer-${{ steps.version.outputs.version }}" | |
| zip -r9 "${MODULE_NAME}.zip" \ | |
| module.prop \ | |
| customize.sh \ | |
| post-fs-data.sh \ | |
| service.sh \ | |
| action.sh \ | |
| uninstall.sh \ | |
| update.json \ | |
| META-INF/ \ | |
| system/ \ | |
| webroot/ | |
| echo "module_zip=${MODULE_NAME}.zip" >> $GITHUB_ENV | |
| - name: Generate changelog | |
| id: changelog | |
| run: | | |
| echo "## Reqable Certificate Installer ${{ steps.version.outputs.version }}" > RELEASE_NOTES.md | |
| echo "" >> RELEASE_NOTES.md | |
| echo "**Author:** [firdausmntp](https://github.com/firdausmntp)" >> RELEASE_NOTES.md | |
| echo "" >> RELEASE_NOTES.md | |
| echo "### Features" >> RELEASE_NOTES.md | |
| echo "- ✅ Universal root support (Magisk/KernelSU/SukiSU/APatch)" >> RELEASE_NOTES.md | |
| echo "- ✅ Android 5.0 - 16 (API 21-36) support" >> RELEASE_NOTES.md | |
| echo "- ✅ **APEX CA bypass for Android 14+**" >> RELEASE_NOTES.md | |
| echo "- ✅ WebUI for certificate management" >> RELEASE_NOTES.md | |
| echo "- ✅ SELinux enforcing compatible" >> RELEASE_NOTES.md | |
| echo "" >> RELEASE_NOTES.md | |
| echo "### Installation" >> RELEASE_NOTES.md | |
| echo "1. Download the ZIP file below" >> RELEASE_NOTES.md | |
| echo "2. Install via Magisk/KernelSU/SukiSU/APatch Manager" >> RELEASE_NOTES.md | |
| echo "3. **Add your Reqable certificate** (.0 format) to module" >> RELEASE_NOTES.md | |
| echo "4. Reboot device" >> RELEASE_NOTES.md | |
| echo "" >> RELEASE_NOTES.md | |
| echo "### Important for Android 14+" >> RELEASE_NOTES.md | |
| echo "This module includes APEX bypass to inject certificates into \`com.android.conscrypt\` APEX." >> RELEASE_NOTES.md | |
| echo "If Reqable shows 'Certificate Not Installed', check logs at \`/data/local/tmp/ReqableCert.log\`" >> RELEASE_NOTES.md | |
| - name: Create Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| files: ${{ env.module_zip }} | |
| body_path: RELEASE_NOTES.md |