Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatic releases #308

Merged
merged 2 commits into from
Sep 12, 2020
Merged

Automatic releases #308

merged 2 commits into from
Sep 12, 2020

Conversation

niknetniko
Copy link
Member

  • Adds a GitHub Action that will automatically create a signed APK and GitHub release for certain tags.
  • Removes Travis integration

In the long term, these automatic releases could be pushed to the Play Store automatically.

Security wise, the risk is not 0%: it is possible to get the keystore file from the actions. However, this requires write-access to the repo, which means it basically boils down to if we trust Zeus WPI members or not. (I assume we do).

Note that other repositories with automatic deployment, such as https://github.com/ZeusWPI/hydra and https://github.com/ZeusWPI/zeus.ugent.be have the same problem.

However, one complication is that the Android keystore cannot be changed. In the case of the other repo's, we can always change SSH keys on the server.

For this reason, I suggest we wait until we have implemented App signing by Google Play, which would allow us to request a reset of the key in the action.

This last bit is blocked by #307.

@niknetniko niknetniko changed the title [WIP] Automatic releases Automatic releases Sep 12, 2020
@niknetniko niknetniko changed the base branch from development to master September 12, 2020 11:22
@niknetniko niknetniko marked this pull request as ready for review September 12, 2020 11:24
@niknetniko niknetniko merged commit 5989c06 into master Sep 12, 2020
@niknetniko niknetniko deleted the auto-release branch September 12, 2020 11:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@niknetniko