Read sensible data from the env and do not rely to an external script anymore.

2022-12-01 16:25:40 +01:00 · 2022-12-01 16:25:40 +01:00 · d580d4cdb6
parent da5db0ed15
commit d580d4cdb6
1 changed files with 133 additions and 21 deletions
--- a/tools/release/releaseScript.sh
+++ b/tools/release/releaseScript.sh
@ -19,22 +19,58 @@
 # Ignore any error to not stop the script
 set +e
-printf "\n"
+printf "\n================================================================================\n"
 printf "================================================================================\n"
 printf "|                    Welcome to the release script!                            |\n"
 printf "================================================================================\n"
-releaseScriptLocation="${RELEASE_SCRIPT_PATH}"
+printf "Checking environment...\n"
 envError=0
-if [[ -z "${releaseScriptLocation}" ]]; then
+# Path of the key store (it's a file)
-    printf "Fatal: RELEASE_SCRIPT_PATH is not defined in the environment. Please set to the path of your local file 'releaseElement2.sh'.\n"
+keyStorePath="${ELEMENT_KEYSTORE_PATH}"
 if [[ -z "${keyStorePath}" ]]; then
    printf "Fatal: ELEMENT_KEYSTORE_PATH is not defined in the environment.\n"
    envError=1
 fi
 # Keystore password
 keyStorePassword="${ELEMENT_KEYSTORE_PASSWORD}"
 if [[ -z "${keyStorePassword}" ]]; then
    printf "Fatal: ELEMENT_KEYSTORE_PASSWORD is not defined in the environment.\n"
    envError=1
 fi
 # Key password
 keyPassword="${ELEMENT_KEY_PASSWORD}"
 if [[ -z "${keyPassword}" ]]; then
    printf "Fatal: ELEMENT_KEY_PASSWORD is not defined in the environment.\n"
    envError=1
 fi
 # GitHub token
 gitHubToken="${ELEMENT_GITHUB_TOKEN}"
 if [[ -z "${gitHubToken}" ]]; then
    printf "Fatal: ELEMENT_GITHUB_TOKEN is not defined in the environment.\n"
    envError=1
 fi
 # Android home
 androidHome="${ANDROID_HOME}"
 if [[ -z "${androidHome}" ]]; then
    printf "Fatal: ANDROID_HOME is not defined in the environment.\n"
    envError=1
 fi
 # @elementbot:matrix.org matrix token / Not mandatory
 elementBotToken="${ELEMENT_BOT_MATRIX_TOKEN}"
 if [[ -z "${elementBotToken}" ]]; then
    printf "Warning: ELEMENT_BOT_MATRIX_TOKEN is not defined in the environment.\n"
 fi
 if [ ${envError} == 1 ]; then
  exit 1
 fi
-releaseScriptFullPath="${releaseScriptLocation}/releaseElement2.sh"
+buildToolsVersion="30.0.2"
 buildToolsPath="${androidHome}/build-tools/${buildToolsVersion}"
-if [[ ! -f ${releaseScriptFullPath} ]]; then
+if [[ ! -d ${buildToolsPath} ]]; then
-  printf "Fatal: release script not found at ${releaseScriptFullPath}.\n"
+    printf "Fatal: ${buildToolsPath} folder not found, ensure that you have installed the SDK version ${buildToolsVersion}.\n"
    exit 1
 fi
@ -42,20 +78,22 @@ fi
 git flow config >/dev/null 2>&1
 if [[ $? == 0 ]]
 then
-    printf "Git flow is initialized"
+    printf "Git flow is initialized\n"
 else
    printf "Git flow is not initialized. Initializing...\n"
    # All default value, just set 'v' for tag prefix
    git flow init -d -t 'v'
 fi
 printf "OK\n"
 printf "\n================================================================================\n"
 # Guessing version to propose a default version
 versionMajorCandidate=`grep "ext.versionMajor" ./vector-app/build.gradle | cut  -d " " -f3`
 versionMinorCandidate=`grep "ext.versionMinor" ./vector-app/build.gradle | cut  -d " " -f3`
 versionPatchCandidate=`grep "ext.versionPatch" ./vector-app/build.gradle | cut  -d " " -f3`
 versionCandidate="${versionMajorCandidate}.${versionMinorCandidate}.${versionPatchCandidate}"
 printf "\n"
 read -p "Please enter the release version (example: ${versionCandidate}). Just press enter if ${versionCandidate} is correct. " version
 version=${version:-${versionCandidate}}
@ -229,14 +267,89 @@ printf "Wait for the GitHub action https://github.com/vector-im/element-android/
 read -p "After GHA is finished, please enter the artifact URL (for 'vector-gplay-release-unsigned'): " artifactUrl
 printf "\n================================================================================\n"
-printf "Running the release script...\n"
+printf "Downloading the artifact...\n"
-cd ${releaseScriptLocation}
+
-${releaseScriptFullPath} "v${version}" ${artifactUrl}
+# Download files
-cd -
+targetPath="./tmp/Element/${version}"
 # Ignore error
 set +e
 python3 ./tools/release/download_github_artifacts.py \
    --token ${gitHubToken} \
    --artifactUrl ${artifactUrl} \
    --directory ${targetPath} \
    --ignoreErrors
 # Do not ignore error
 set -e
 printf "\n================================================================================\n"
 printf "Unzipping the artifact...\n"
 unzip ${targetPath}/vector-gplay-release-unsigned.zip -d ${targetPath}
 # Flatten folder hierarchy
 mv ${targetPath}/gplay/release/* ${targetPath}
 rm -rf ${targetPath}/gplay
 printf "\n================================================================================\n"
 printf "Signing the APKs...\n"
 cp ${targetPath}/vector-gplay-arm64-v8a-release-unsigned.apk \
   ${targetPath}/vector-gplay-arm64-v8a-release-signed.apk
 ./tools/release/sign_apk_unsafe.sh \
    ${keyStorePath} \
    ${targetPath}/vector-gplay-arm64-v8a-release-signed.apk \
    ${keyStorePassword} \
    ${keyPassword}
 cp ${targetPath}/vector-gplay-armeabi-v7a-release-unsigned.apk \
   ${targetPath}/vector-gplay-armeabi-v7a-release-signed.apk
 ./tools/release/sign_apk_unsafe.sh \
    ${keyStorePath} \
    ${targetPath}/vector-gplay-armeabi-v7a-release-signed.apk \
    ${keyStorePassword} \
    ${keyPassword}
 cp ${targetPath}/vector-gplay-x86-release-unsigned.apk \
   ${targetPath}/vector-gplay-x86-release-signed.apk
 ./tools/release/sign_apk_unsafe.sh \
    ${keyStorePath} \
    ${targetPath}/vector-gplay-x86-release-signed.apk \
    ${keyStorePassword} \
    ${keyPassword}
 cp ${targetPath}/vector-gplay-x86_64-release-unsigned.apk \
   ${targetPath}/vector-gplay-x86_64-release-signed.apk
 ./tools/release/sign_apk_unsafe.sh \
    ${keyStorePath} \
    ${targetPath}/vector-gplay-x86_64-release-signed.apk \
    ${keyStorePassword} \
    ${keyPassword}
 # Ref: https://docs.fastlane.tools/getting-started/android/beta-deployment/#uploading-your-app
 # set SUPPLY_APK_PATHS="${targetPath}/vector-gplay-arm64-v8a-release-unsigned.apk,${targetPath}/vector-gplay-armeabi-v7a-release-unsigned.apk,${targetPath}/vector-gplay-x86-release-unsigned.apk,${targetPath}/vector-gplay-x86_64-release-unsigned.apk"
 #
 # ./fastlane beta
 printf "\n================================================================================\n"
 printf "Please check the information below:\n"
 printf "File vector-gplay-arm64-v8a-release-signed.apk:\n"
 ${buildToolsPath}/aapt dump badging ${targetPath}/vector-gplay-arm64-v8a-release-signed.apk | grep package
 printf "File vector-gplay-armeabi-v7a-release-signed.apk:\n"
 ${buildToolsPath}/aapt dump badging ${targetPath}/vector-gplay-armeabi-v7a-release-signed.apk | grep package
 printf "File vector-gplay-x86-release-signed.apk:\n"
 ${buildToolsPath}/aapt dump badging ${targetPath}/vector-gplay-x86-release-signed.apk | grep package
 printf "File vector-gplay-x86_64-release-signed.apk:\n"
 ${buildToolsPath}/aapt dump badging ${targetPath}/vector-gplay-x86_64-release-signed.apk | grep package
 read -p "\nDoes it look correct? Press enter when it's done."
 printf "\n================================================================================\n"
 read -p "Installing apk on a real device, press enter when a real device is connected. "
-apkPath="${releaseScriptLocation}/Element/v${version}/vector-gplay-arm64-v8a-release-signed.apk"
+apkPath="${targetPath}/vector-gplay-arm64-v8a-release-signed.apk"
 adb -d install ${apkPath}
 read -p "Please run the APK on your phone to check that the upgrade went well (no init sync, etc.). Press enter when it's done."
@ -250,9 +363,8 @@ printf "Message for the Android internal room:\n\n"
 message="@room Element Android ${version} is ready to be tested. You can get if from https://github.com/vector-im/element-android/releases/tag/v${version}. Please report any feedback here. Thanks!"
 printf "${message}\n\n"
-matrixOrgToken="${MATRIX_ORG_TOKEN}"
+if [[ -z "${elementBotToken}" ]]; then
-if [[ -z "${matrixOrgToken}" ]]; then
+  read -p "ELEMENT_BOT_MATRIX_TOKEN is not defined in the environment. Cannot send the message for you. Please send it manually, and press enter when it's done "
  read -p "MATRIX_ORG_TOKEN is not defined in the environment. Cannot send the message for you. Please send it manually, and press enter when it's done "
 else
  read -p "Send this message to the room (yes/no) default to yes? " doSend
  doSend=${doSend:-yes}
@ -261,7 +373,7 @@ else
    transactionId=`openssl rand -hex 16`
    # Element Android internal
    matrixRoomId="!LiSLXinTDCsepePiYW:matrix.org"
-    curl -X PUT --data $"{\"msgtype\":\"m.text\",\"body\":\"${message}\"}" -H "Authorization: Bearer ${matrixOrgToken}" https://matrix-client.matrix.org/_matrix/client/r0/rooms/${matrixRoomId}/send/m.room.message/\$local.${transactionId}
+    curl -X PUT --data $"{\"msgtype\":\"m.text\",\"body\":\"${message}\"}" -H "Authorization: Bearer ${elementBotToken}" https://matrix-client.matrix.org/_matrix/client/r0/rooms/${matrixRoomId}/send/m.room.message/\$local.${transactionId}
  else
    printf "Message not sent, please send it manually!\n"
  fi