-
Notifications
You must be signed in to change notification settings - Fork 1
171 lines (145 loc) · 5.58 KB
/
build.yml
File metadata and controls
171 lines (145 loc) · 5.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
name: Build and Release Module
on:
push:
branches: [ main, master ]
tags:
- 'v*'
pull_request:
branches: [ main, master ]
workflow_dispatch:
env:
MODULE_ID: reqable-cert-installer
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get version info
id: version
run: |
VERSION=$(grep 'version=' module.prop | cut -d'=' -f2)
VERSION_CODE=$(grep 'versionCode=' module.prop | cut -d'=' -f2)
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "version_code=$VERSION_CODE" >> $GITHUB_OUTPUT
- name: Validate module structure
run: |
echo "🔍 Validating module structure..."
# Check required files
required_files=("module.prop" "customize.sh" "post-fs-data.sh" "service.sh" "action.sh" "uninstall.sh" "META-INF/com/google/android/update-binary" "META-INF/com/google/android/updater-script")
for file in "${required_files[@]}"; do
if [ ! -f "$file" ]; then
echo "❌ Missing required file: $file"
exit 1
fi
echo "✅ Found: $file"
done
# Check certificate directory exists
if [ ! -d "system/etc/security/cacerts" ]; then
echo "❌ Missing certificate directory"
exit 1
fi
echo "✅ Certificate directory exists"
# Check for placeholder file
if [ ! -f "system/etc/security/cacerts/.gitkeep" ]; then
echo "⚠️ Creating .gitkeep placeholder"
touch system/etc/security/cacerts/.gitkeep
fi
echo "✅ Module structure validated!"
- name: Make scripts executable
run: |
chmod +x post-fs-data.sh
chmod +x service.sh
chmod +x customize.sh
chmod +x action.sh
chmod +x uninstall.sh
chmod +x META-INF/com/google/android/update-binary
- name: Build module ZIP
run: |
MODULE_NAME="Reqable-Cert-Installer-${{ steps.version.outputs.version }}"
echo "📦 Building $MODULE_NAME.zip..."
# Create zip with only required files
zip -r9 "${MODULE_NAME}.zip" \
module.prop \
customize.sh \
post-fs-data.sh \
service.sh \
action.sh \
uninstall.sh \
update.json \
META-INF/ \
system/ \
webroot/
echo "✅ Module built: ${MODULE_NAME}.zip"
echo "module_zip=${MODULE_NAME}.zip" >> $GITHUB_ENV
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: reqable-cert-installer-${{ steps.version.outputs.version }}
path: ${{ env.module_zip }}
retention-days: 30
release:
needs: build
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/v')
permissions:
contents: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get version info
id: version
run: |
VERSION=$(grep 'version=' module.prop | cut -d'=' -f2)
echo "version=$VERSION" >> $GITHUB_OUTPUT
- name: Make scripts executable
run: |
chmod +x post-fs-data.sh
chmod +x service.sh
chmod +x customize.sh
chmod +x action.sh
chmod +x uninstall.sh
chmod +x META-INF/com/google/android/update-binary
- name: Build release ZIP
run: |
MODULE_NAME="Reqable-Cert-Installer-${{ steps.version.outputs.version }}"
zip -r9 "${MODULE_NAME}.zip" \
module.prop \
customize.sh \
post-fs-data.sh \
service.sh \
action.sh \
uninstall.sh \
update.json \
META-INF/ \
system/ \
webroot/
echo "module_zip=${MODULE_NAME}.zip" >> $GITHUB_ENV
- name: Generate changelog
id: changelog
run: |
echo "## Reqable Certificate Installer ${{ steps.version.outputs.version }}" > RELEASE_NOTES.md
echo "" >> RELEASE_NOTES.md
echo "**Author:** [firdausmntp](https://github.com/firdausmntp)" >> RELEASE_NOTES.md
echo "" >> RELEASE_NOTES.md
echo "### Features" >> RELEASE_NOTES.md
echo "- ✅ Universal root support (Magisk/KernelSU/SukiSU/APatch)" >> RELEASE_NOTES.md
echo "- ✅ Android 5.0 - 16 (API 21-36) support" >> RELEASE_NOTES.md
echo "- ✅ **APEX CA bypass for Android 14+**" >> RELEASE_NOTES.md
echo "- ✅ WebUI for certificate management" >> RELEASE_NOTES.md
echo "- ✅ SELinux enforcing compatible" >> RELEASE_NOTES.md
echo "" >> RELEASE_NOTES.md
echo "### Installation" >> RELEASE_NOTES.md
echo "1. Download the ZIP file below" >> RELEASE_NOTES.md
echo "2. Install via Magisk/KernelSU/SukiSU/APatch Manager" >> RELEASE_NOTES.md
echo "3. **Add your Reqable certificate** (.0 format) to module" >> RELEASE_NOTES.md
echo "4. Reboot device" >> RELEASE_NOTES.md
echo "" >> RELEASE_NOTES.md
echo "### Important for Android 14+" >> RELEASE_NOTES.md
echo "This module includes APEX bypass to inject certificates into \`com.android.conscrypt\` APEX." >> RELEASE_NOTES.md
echo "If Reqable shows 'Certificate Not Installed', check logs at \`/data/local/tmp/ReqableCert.log\`" >> RELEASE_NOTES.md
- name: Create Release
uses: softprops/action-gh-release@v1
with:
files: ${{ env.module_zip }}
body_path: RELEASE_NOTES.md