.github/workflows/release_sdk.yaml

name: Release Android SDK
on:
  workflow_dispatch:
    inputs:
      version_override:
        description: 'The version to release. If not specified, the version will be inferred'
        required: false
        default: ''
      bump_version:
        type: boolean
        description: 'Whether to automatically bump and commit the version after the release'
        required: true
        default: true

concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}

jobs:
  release:
    runs-on: ubuntu-latest
    timeout-minutes: 30
    steps:
      - uses: actions/checkout@v4
      # https://github.com/actions/checkout/issues/766
      - name: Mark Git directory as Safe
        run: |
          git config --global --add safe.directory "$GITHUB_WORKSPACE"
      - uses: actions/setup-java@v4
        with:
          distribution: temurin
          java-version: 17
      - name: Decode Keystore
        id: decode_keystore
        uses: timheuer/base64-to-file@v1
        with:
          fileName: 'upload.jks'
          fileDir: './sample'
          encodedString: ${{ secrets.UPLOAD_KEYSTORE }}
      - name: Read Version
        id: read_version
        run: |
          if [ -n "${{ github.event.inputs.version_override }}" ]; then
            if [[ "${{ github.event.inputs.version_override }}" == *-SNAPSHOT ]]; then
              echo "Version cannot end in -SNAPSHOT (${{ github.event.inputs.version_override }})"
              exit 1
            fi
            echo "Using version override: ${{ github.event.inputs.version_override }}"
            version=${{ github.event.inputs.version_override }}
          else
            version=$(cat ./lib/VERSION)
            if [[ $version != *-SNAPSHOT ]]; then
              echo "Version $version from file does not end in -SNAPSHOT"
              exit 1
            fi
            version=${version%-SNAPSHOT}
          fi
          echo "version=$version" >> $GITHUB_OUTPUT
          if [[ $version == *alpha* || $version == *beta* || $version == *rc* ]]; then
              echo "is_prerelease=true" >> $GITHUB_OUTPUT
          else
              echo "is_prerelease=false" >> $GITHUB_OUTPUT
          fi
      - name: Push Tag
        run: |
          git config user.name "${GITHUB_ACTOR}"
          git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
          git tag -a "${tag}" -m "${message}"
          git push origin "${tag}"
        env:
          tag: v${{ steps.read_version.outputs.version }}
          message: Release v${{ steps.read_version.outputs.version }}
      - name: Setup Gradle
        uses: gradle/actions/setup-gradle@v3
      - name: Build, Test, Lint, and Publish
        run: ./gradlew lint build assembleRelease publish
        env:
          ORG_GRADLE_PROJECT_VERSION_NAME: ${{ steps.read_version.outputs.version }}
          ORG_GRADLE_PROJECT_SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
          ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
          ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
          ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.ARTIFACT_GPG_SIGNING_KEY }}
          ORG_GRADLE_PROJECT_signingInMemoryKeyId: ${{ secrets.ARTIFACT_GPG_SIGNING_KEY_ID }}
          ORG_GRADLE_PROJECT_uploadKeystorePassword: ${{ secrets.UPLOAD_KEYSTORE_PASSWORD }}
      - name: Archive SDK AAR
        uses: actions/upload-artifact@v4
        with:
          name: SDK AAR
          path: lib/build/outputs/aar/lib-release.aar
      - name: Archive Sample App
        uses: actions/upload-artifact@v4
        with:
          name: Sample App APK
          path: sample/build/outputs/apk/release/sample-release.apk
      - name: Create GitHub Release
        uses: actions/create-release@v1
        id: create_release
        env:
          # Use PAT instead of GITHUB_TOKEN so that the post-release workflow triggers
          # https://stackoverflow.com/a/69063453
          GITHUB_TOKEN: ${{ secrets.GH_PAT }}
        with:
          release_name: v${{ steps.read_version.outputs.version }}
          tag_name: v${{ steps.read_version.outputs.version }}
          prerelease: ${{ steps.read_version.outputs.is_prerelease }}
      - name: Upload Release Asset
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: lib/build/outputs/aar/lib-release.aar
          asset_name: com.smileidentity_android-sdk_${{ steps.read_version.outputs.version }}.aar
          asset_content_type: application/octet-stream
      - name: Upload Release Asset
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: sample/build/outputs/apk/release/sample-release.apk
          asset_name: sample_${{ steps.read_version.outputs.version }}.apk
          asset_content_type: application/vnd.android.package-archive
      - name: Bump Version
        if: ${{ github.event.inputs.bump_version == 'true' }}
        run: |
          version=${{ steps.read_version.outputs.version }}
          is_prerelease=${{ steps.read_version.outputs.is_prerelease }}
          major=$(echo $version | cut -d. -f1)
          minor=$(echo $version | cut -d. -f2)
          patch=$(echo $version | cut -d. -f3)
          if [[ $is_prerelease == "true" ]]; then
            prerelease=$(echo $version | cut -d- -f2)
            prerelease_number=$(echo $prerelease | cut -d0 -f2)
            new_prerelease_number=$((prerelease_number + 1))
            new_prerelease=$(echo $prerelease | sed "s/$prerelease_number/$new_prerelease_number/")
            new_version="$major.$minor.$patch-$new_prerelease"
          else
            patch=$((patch + 1))
            new_version="$major.$minor.$patch-SNAPSHOT"
          fi
          echo $new_version > ./lib/VERSION
          
          git config --local user.email "${{ github.actor }}@users.noreply.github.com"
          git config --local user.name "${{ github.actor }}"
          git add ./lib/VERSION
          git commit -m "Prepare for next development iteration"
          git push