Sign CI builds

.github/workflows/android.yml

@@ -57,11 +57,13 @@ jobs:
 
     - name: Gradle build
       run: |
+        echo "${{ secrets.RELEASE_KEYSTORE }}" > app/gha.keystore.asc
+        gpg -d --passphrase "${{ secrets.RELEASE_KEYSTORE_PASSWORD }}" --batch app/gha.keystore.asc > app/gha.jks
         chmod +x gradlew
-        ./gradlew assemble
+        ./gradlew assembleYggdrasil
 
     - name: Upload artifact
       uses: actions/upload-artifact@v3
       with:
         name: yggdrasil-android
-        path: app/build/outputs/apk/release/app-release-unsigned.apk
+        path: app/build/outputs/apk/yggdrasil/app-yggdrasil.apk

app/build.gradle

@@ -17,11 +17,27 @@ android {
         testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
     }
 
+    signingConfigs {
+        create("yggdrasil") {
+            // You need to specify either an absolute path or include the
+            // keystore file in the same directory as the build.gradle file.
+            storeFile = file("gha.jks")
+            storePassword = "g1thub4ct10n34yggdr4s1l4ndr01d"
+            keyAlias = "yggdrasil-android"
+            keyPassword = "g1thub4ct10n34yggdr4s1l4ndr01d"
+        }
+    }
+
     buildTypes {
         release {
             minifyEnabled false
             proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
         }
+        yggdrasil {
+            minifyEnabled false
+            proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
+            signingConfig = signingConfigs.getByName("yggdrasil")
+        }
     }
     compileOptions {
         sourceCompatibility JavaVersion.VERSION_1_8

readme.md

@@ -26,7 +26,7 @@ cp /tmp/yggdrasil-go/yggdrasil.aar /tmp/yggdrasil-android/app/libs/
 
 ```
 cd /tmp/yggdrasil-android
-./gradew assemble
+./gradew assembleRelease
 ```
 
 note: you will need to use jdk-11 as jdk-16 `"doesn't work" ™`