diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d674feb298..0677bd6cf8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,6 +12,8 @@ on: env: TAG_REF: "${{ inputs.version || github.ref_name }}" + BUILD_ENV_FILE: ${{ vars.BUILD_ENV_FILE || 'beta-stable.env' }} + HAVE_KEYSTORE: ${{ secrets.SECRET_KEYSTORE != '' }} jobs: build: @@ -23,8 +25,6 @@ jobs: contents: read # to fetch code (actions/checkout) env: - BUILD_ENV_FILE: ${{ vars.BUILD_ENV_FILE || 'beta-stable.env' }} - HAVE_KEYSTORE: ${{ secrets.SECRET_KEYSTORE != '' }} GRADLE_OPTS: "-Dorg.gradle.project.kotlin.compiler.execution.strategy=in-process" steps: @@ -32,19 +32,29 @@ jobs: with: ref: "${{ env.TAG_REF }}" + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + distribution: temurin + java-version: 17 + cache: gradle + - name: Set up builder image run: docker-compose build working-directory: reproducible-builds - name: Export CI environment variables run: | + cp -v "ci/$BUILD_ENV_FILE" .env for var in APP_TITLE APP_FILENAME PACKAGE_ID \ BUILD_VARIANTS FORCE_INTERNAL_USER_FLAG \ MAPS_API_KEY; do if [ -n "${!var}" ]; then + echo "Setting CI_$var=${!var}" echo "CI_$var=${!var}" >> $GITHUB_ENV fi done + working-directory: reproducible-builds env: APP_TITLE: ${{ vars.CI_APP_TITLE }} APP_FILENAME: ${{ vars.CI_APP_FILENAME }} @@ -62,12 +72,12 @@ jobs: - name: Build without signing if: "env.HAVE_KEYSTORE == 'false'" - run: docker-compose --env-file "ci/$BUILD_ENV_FILE" run assemble + run: docker-compose run -v "$HOME/.gradle/caches:/.gradle-ro-cache:ro" assemble working-directory: reproducible-builds - name: Build and sign if: "env.HAVE_KEYSTORE == 'true'" - run: docker-compose --env-file "ci/$BUILD_ENV_FILE" run assemble + run: docker-compose run -v "$HOME/.gradle/caches:/.gradle-ro-cache:ro" assemble working-directory: reproducible-builds env: CI_KEYSTORE_PATH: certs/keystore.jks diff --git a/.github/workflows/reprocheck.yml b/.github/workflows/reprocheck.yml index 575f4e48e5..f800b96fe9 100644 --- a/.github/workflows/reprocheck.yml +++ b/.github/workflows/reprocheck.yml @@ -15,6 +15,7 @@ permissions: env: TAG_REF: "${{ github.event.inputs.version || github.event.release.tag_name }}" + BUILD_ENV_FILE: ${{ vars.BUILD_ENV_FILE || 'beta-stable.env' }} jobs: build: @@ -22,7 +23,6 @@ jobs: runs-on: ubuntu-22.04 env: - BUILD_ENV_FILE: ${{ vars.BUILD_ENV_FILE || 'beta-stable.env' }} GRADLE_OPTS: "-Dorg.gradle.project.kotlin.compiler.execution.strategy=in-process" steps: @@ -36,13 +36,16 @@ jobs: - name: Export CI environment variables run: | + cp -v "ci/$BUILD_ENV_FILE" .env for var in APP_TITLE APP_FILENAME PACKAGE_ID \ BUILD_VARIANTS FORCE_INTERNAL_USER_FLAG \ MAPS_API_KEY; do if [ -n "${!var}" ]; then + echo "Setting CI_$var=${!var}" echo "CI_$var=${!var}" >> $GITHUB_ENV fi done + working-directory: reproducible-builds env: APP_TITLE: ${{ vars.CI_APP_TITLE }} APP_FILENAME: ${{ vars.CI_APP_FILENAME }} @@ -52,7 +55,7 @@ jobs: MAPS_API_KEY: ${{ vars.CI_MAPS_API_KEY }} - name: Build release - run: docker-compose --env-file "ci/$BUILD_ENV_FILE" run assemble + run: docker-compose run assemble working-directory: reproducible-builds - uses: actions/upload-artifact@v4 diff --git a/Dockerfile b/Dockerfile index bd0a39647a..a2dc156d4f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -32,6 +32,8 @@ COPY gradlew /molly/ COPY gradle /molly/gradle/ RUN /molly/gradlew --version +ENV GRADLE_RO_DEP_CACHE=/.gradle-ro-cache + COPY . /molly/ WORKDIR /molly RUN git clean -df diff --git a/reproducible-builds/docker-compose.yml b/reproducible-builds/docker-compose.yml index e71c68b9f8..6e89acbf91 100644 --- a/reproducible-builds/docker-compose.yml +++ b/reproducible-builds/docker-compose.yml @@ -1,4 +1,3 @@ -version: '3.2' services: assemble: image: reproducible-molly