.github/workflows/pipeline.yml

name: Build

on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master

jobs:
  check-code-style:
    name: Check code style
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Decrypt encrypted data
        env:
          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/debug.keystore -d ./keys/debug.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/release.keystore -d ./keys/release.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./ci.properties -d ./ci.properties.gpg
          fi

      - name: Validate decrypted data
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            echo "3a15a7065ed4a62a747af2e3477b0a3e1940a7bc2946df638b902bcb186998e7 *keys/debug.keystore" | sha256sum --check
            echo "36a3bb8b7bda141b414c2df7fac7dcd09a2775769c561e562d2b43f7b246bfa5 *keys/release.keystore" | sha256sum --check
            echo "b009011968e80d5b99eaa181141e6c94178a538c3dac0e413c43d5f95f50f557 *ci.properties" | sha256sum --check
          fi

      - name: Run spotless
        run: ./gradlew app:spotlessCheck

  run-tests:
    name: Run tests
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Decrypt encrypted data
        env:
          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/debug.keystore -d ./keys/debug.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/release.keystore -d ./keys/release.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./ci.properties -d ./ci.properties.gpg
          fi

      - name: Validate decrypted data
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            echo "3a15a7065ed4a62a747af2e3477b0a3e1940a7bc2946df638b902bcb186998e7 *keys/debug.keystore" | sha256sum --check
            echo "36a3bb8b7bda141b414c2df7fac7dcd09a2775769c561e562d2b43f7b246bfa5 *keys/release.keystore" | sha256sum --check
            echo "b009011968e80d5b99eaa181141e6c94178a538c3dac0e413c43d5f95f50f557 *ci.properties" | sha256sum --check
          fi

      - name: Run tests
        run: ./gradlew app:test

  build-gplay-debug:
    name: Build Google Play debug
    needs: [ check-code-style, run-tests ]
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Decrypt encrypted data
        env:
          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/debug.keystore -d ./keys/debug.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/release.keystore -d ./keys/release.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./ci.properties -d ./ci.properties.gpg
          fi

      - name: Validate decrypted data
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            echo "3a15a7065ed4a62a747af2e3477b0a3e1940a7bc2946df638b902bcb186998e7 *keys/debug.keystore" | sha256sum --check
            echo "36a3bb8b7bda141b414c2df7fac7dcd09a2775769c561e562d2b43f7b246bfa5 *keys/release.keystore" | sha256sum --check
            echo "b009011968e80d5b99eaa181141e6c94178a538c3dac0e413c43d5f95f50f557 *ci.properties" | sha256sum --check
          fi

      - name: Build
        run: |
          ./gradlew app:assembleGplayDebug

      - name: Store APK file
        uses: actions/upload-artifact@v3
        with:
          name: app-gplay-debug.apk
          path: |
            ./app/build/outputs/apk/gplay/debug/app-gplay-debug.apk

  build-gplay-release:
    name: Build Google Play release
    needs: [ check-code-style, run-tests ]
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Decrypt encrypted data
        env:
          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/debug.keystore -d ./keys/debug.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/release.keystore -d ./keys/release.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./ci.properties -d ./ci.properties.gpg
          fi

      - name: Validate decrypted data
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            echo "3a15a7065ed4a62a747af2e3477b0a3e1940a7bc2946df638b902bcb186998e7 *keys/debug.keystore" | sha256sum --check
            echo "36a3bb8b7bda141b414c2df7fac7dcd09a2775769c561e562d2b43f7b246bfa5 *keys/release.keystore" | sha256sum --check
            echo "b009011968e80d5b99eaa181141e6c94178a538c3dac0e413c43d5f95f50f557 *ci.properties" | sha256sum --check
          fi

      - name: Build
        run: |
          ./gradlew app:assembleGplayRelease

      - name: Store APK file
        uses: actions/upload-artifact@v3
        with:
          name: app-gplay-release.apk
          path: |
            ./app/build/outputs/apk/gplay/release/app-gplay-release.apk

  build-fdroid-debug:
    name: Build FDroid debug
    needs: [ check-code-style, run-tests ]
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Decrypt encrypted data
        env:
          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/debug.keystore -d ./keys/debug.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/release.keystore -d ./keys/release.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./ci.properties -d ./ci.properties.gpg
          fi

      - name: Validate decrypted data
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            echo "3a15a7065ed4a62a747af2e3477b0a3e1940a7bc2946df638b902bcb186998e7 *keys/debug.keystore" | sha256sum --check
            echo "36a3bb8b7bda141b414c2df7fac7dcd09a2775769c561e562d2b43f7b246bfa5 *keys/release.keystore" | sha256sum --check
            echo "b009011968e80d5b99eaa181141e6c94178a538c3dac0e413c43d5f95f50f557 *ci.properties" | sha256sum --check
          fi

      - name: Build
        run: |
          ./gradlew app:assembleFdroidDebug

      - name: Store APK file
        uses: actions/upload-artifact@v3
        with:
          name: app-fdroid-debug.apk
          path: |
            ./app/build/outputs/apk/fdroid/debug/app-fdroid-debug.apk

  build-fdroid-release:
    name: Build FDroid release
    needs: [ check-code-style, run-tests ]
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Decrypt encrypted data
        env:
          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/debug.keystore -d ./keys/debug.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./keys/release.keystore -d ./keys/release.keystore.gpg
            gpg --passphrase $GPG_PASSPHRASE --pinentry-mode loopback -o ./ci.properties -d ./ci.properties.gpg
          fi

      - name: Validate decrypted data
        run: |
          if [ -z "GPG_PASSPHRASE" ]; then
            echo "3a15a7065ed4a62a747af2e3477b0a3e1940a7bc2946df638b902bcb186998e7 *keys/debug.keystore" | sha256sum --check
            echo "36a3bb8b7bda141b414c2df7fac7dcd09a2775769c561e562d2b43f7b246bfa5 *keys/release.keystore" | sha256sum --check
            echo "b009011968e80d5b99eaa181141e6c94178a538c3dac0e413c43d5f95f50f557 *ci.properties" | sha256sum --check
          fi

      - name: Build
        run: |
          ./gradlew app:assembleFdroidRelease

      - name: Store APK file
        uses: actions/upload-artifact@v3
        with:
          name: app-fdroid-release.apk
          path: |
            ./app/build/outputs/apk/fdroid/release/app-fdroid-release.apk