on: push: tags: - 'v*' jobs: build: runs-on: macos-latest steps: - uses: actions/checkout@v4 - name: Set up ruby env uses: ruby/setup-ruby@v1 with: ruby-version: 3.2.1 bundler-cache: true - name: Setup java for android build uses: actions/setup-java@v4 with: java-version: '17' distribution: 'zulu' - name: Setup android SDK uses: android-actions/setup-android@v3 - name: Install Flutter uses: subosito/flutter-action@v2 with: channel: stable flutter-version: 3.22.0 cache: true - name: Infer version number from git tag id: version env: REF_NAME: ${{ github.ref_name }} run: # remove the 'v' prefix from the tag name echo "BUILD_NAME=${REF_NAME//v}" >> $GITHUB_ENV - name: Load secrets id: load-secrets uses: hashicorp/vault-action@v3 with: url: https://api.hashicorp.com token: ${{ secrets.VAULT_TOKEN }} secrets: | secret/release GOOGLE_MAPS_API_KEY | GOOGLE_MAPS_API_KEY ; secret/release ANDROID_SECRET_PROPERTIES_BASE64 | ANDROID_SECRET_PROPERTIES_BASE64 ; secret/release ANDROID_GOOGLE_PLAY_JSON_BASE64 | ANDROID_GOOGLE_PLAY_JSON_BASE64 ; secret/release ANDROID_KEYSTORE_BASE64 | ANDROID_KEYSTORE_BASE64 ; - name: Put selected secrets into files run: | echo "${{ steps.load-secrets.outputs.ANDROID_SECRET_PROPERTIES_BASE64 }}" | base64 -d > secrets.properties echo "${{ steps.load-secrets.outputs.ANDROID_GOOGLE_PLAY_JSON_BASE64 }}" | base64 -d > google-key.json echo "${{ steps.load-secrets.outputs.ANDROID_KEYSTORE_BASE64 }}" | base64 -d > release.keystore working-directory: android - name: Install fastlane run: bundle install working-directory: android - name: Run fastlane lane run: bundle exec fastlane deploy_release working-directory: android env: BUILD_NUMBER: ${{ github.run_number }} # BUILD_NAME is implicitly available GOOGLE_MAPS_API_KEY: ${{ steps.load-secrets.outputs.GOOGLE_MAPS_API_KEY }}