Forem: Tharun Balaji R The latest articles on Forem by Tharun Balaji R (@tharunbalaji31). https://forem.com/tharunbalaji31 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1156823%2F3ddbc734-e96e-45f3-b668-a1d7500b5e34.png Forem: Tharun Balaji R https://forem.com/tharunbalaji31 en Android DevOps CI/CD Pipeline Architecture 📲⚙️ Tharun Balaji R Sun, 24 Dec 2023 02:22:30 +0000 https://forem.com/tharunbalaji31/android-devops-cicd-pipeline-architecture-4ma8 https://forem.com/tharunbalaji31/android-devops-cicd-pipeline-architecture-4ma8 <p> Hello there! Android devs👋, This article how to develop and maintain easy building, flexible maintenance, automated deployment and other DevOps operations for android applications using GitHub Actions and deployment in Google Play Store! Lets go 🚀 </p> <p> Article on Hashnode: https://tharunbalaji2004.hashnode.dev/android-ci-cd </p> <h3> What is meant by CI ? </h3> <p>CI stands for <strong><em>Continuous Integration</em></strong>, which is a development practice that delivers software to the end user with production reliability. The Continuous Integration (CI) is an <strong><em>automated integration process</em></strong> which generates a build and runs automates tests against it. Usually, a CI is attached with a Repository or Codebase and all the changes are merged before starting it.</p> <h3> What is meant by CD ? </h3> <p>CD stands for <strong><em>Continuous Delivery</em></strong>, which is an automated process of deploying and making the application available successfully to use. The CD process is started only when the application has passed through the integration process and tested with no critical issues.</p> <h3> CI/CD for Android App </h3> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fy1pqpqpx3ksbq3tif8j0.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fy1pqpqpx3ksbq3tif8j0.png" alt="Pasted image 20230626231334" width="800" height="279"></a></p> <p>(Figure: CI/CD Pipeline Architecture for Android)</p> <h1> CI pipeline </h1> <p>Now let us design our CI pipeline flow so that we are clear what we want to achieve. For any Android project I would recommend the following steps:</p> <ul> <li>Android Lint Check</li> <li>Unit Tests</li> <li>Instrumentation Tests</li> <li>Static Code Analysis</li> <li>Build Debug apk (Packaging)</li> </ul> <h3> 1. Setup GitHub Actions for repository </h3> <p>To add GitHub Actions workflow file to your repository you need to create a yaml file <code>.github/workflows/ci.yaml</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">CI</span> <span class="na">on</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">main</span><span class="pi">]</span> <span class="na">pull_request</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">main</span><span class="pi">]</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">start</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout the code</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Run sample script</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">echo Hello, world</span> </code></pre> </div> <ul> <li> <strong>name</strong> - refers the action name</li> <li> <strong>on push, pull_request</strong> - It states the branch to be used for CI process when push or pull_request to the specified branch happens.</li> <li> <strong>jobs</strong> - used for specifying the jobs to be performed</li> <li> <strong>sample</strong> - the name of job to be performed</li> <li> <strong>runs-on</strong> - it specifies on which serves should the process be performed <em>say ubuntu</em> </li> <li> <strong>steps</strong> <strong>(name, uses)</strong> - Each step has its own name and uses, and the first step should be to checkout the code</li> </ul> <h3> 2. Perform Android Lint check </h3> <p>🤔 <em>What is meant by Lint ?</em> </p> <p>😎 <em>The lint tool checks your Android project source files for potential bugs and optimization improvements for correctness, security, performance, usability, accessibility, and internationalization. Basically it's an basic code correction and suggestion tool</em></p> <p>Now that our basic configuration is in place, we will add Lint check as our first job. Let us understand what the following configuration does.</p> <p><strong>Step 1:</strong> <code>runs-on: ubuntu-latest</code> tells to run the job on latest ubuntu machine<br><br> <strong>Step 2:</strong> <code>actions/checkout@v2</code> action checks out the codebase on the machine<br><br> <strong>Step 3:</strong> Once we have the codebase on the machine, run <code>./gradlew lintDebug</code><br><br> <strong>Step 4:</strong> Publish the lint report as a github artifact<br><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">lint</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Perform lint check</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout the code</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Run lint</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">./gradlew lintDebug</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Upload html test report</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/upload-artifact@v2</span> <span class="na">with</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">lint.html</span> <span class="na">path</span><span class="pi">:</span> <span class="s">app/build/reports/lint-results-debug.html</span> </code></pre> </div> <ul> <li> <strong>with</strong> - it uploads the artifact as the specified name to the path</li> </ul> <h3> 3. Perform Android Unit Tests </h3> <p>🤔 <em>What is meant by Unit Testing ?</em></p> <p>😎 <em>Unit tests in Android are used to test individual units or components of an application in isolation. These tests focus on verifying the functionality of a specific class, method, or module without external dependencies.</em></p> <p>Unit Tests reference: <a href="https://developer.android.com/training/testing/local-tests" rel="noopener noreferrer">https://developer.android.com/training/testing/local-tests</a></p> <p>Our second job would be to run the unit tests. This job will run after the <code>lint</code> job and that is why you see <code>needs: [lint]</code> in the below config.</p> <p><strong>Step 1:</strong> <code>runs-on: ubuntu-latest</code> tells to run the job on latest ubuntu machine<br> <br> <strong>Step 2:</strong> <code>actions/checkout@v2</code> action checks out the codebase on the machine <br> <br> <strong>Step 3:</strong> Run <code>./gradlew test</code> will run the unit tests<br><br> <strong>Step 4:</strong> Publish the test report folder as a github artifact<br><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">unit-test</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Perform Unit Testing</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout the code</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Run tests</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">./gradlew test</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Upload test report</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions.upload-artifact@v2</span> <span class="na">with</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">unit_test_report</span> <span class="na">path</span><span class="pi">:</span> <span class="s">app/build/reports/test/testDebugUnitTest/</span> </code></pre> </div> <ul> <li> <strong>needs</strong> - the keyword states that the current job as to be executed only when the specified job is been completed <em>say lint</em> </li> </ul> <h3> 4. Perform Android Instrumentation Tests </h3> <p>🤔 <em>What is meant by Instrumnetation Testing in Android ?</em></p> <p>😎 <em>Instrumentation tests in Android are used to test the behavior of an application in a real device or emulator environment. These tests simulate user interactions and validate the integration between different components of the application. It also includes UI testing and functionality binding with UI</em></p> <p>Our 3rd job would run Android instrumentation tests. We are running this job on mac-latest machine. That is because the modern Intel Atom (x86 and x86_64) emulators require hardware acceleration from the host to run fast. The macOS VM provided by GitHub Actions has HAXM installed so we are able to create a new AVD instance, launch an emulator with hardware acceleration, and run our Android tests directly on the VM.</p> <blockquote> <p>⚠️ <strong>Important:</strong> Since macOS machines hosted by GitHub consumes more time compared to Linux and Windows machine. Make sure that you don't consume more amount of time spending instrumentation test, exceeding free plan. Checkout this official page for more reference: <a href="https://docs.github.com/en/billing/managing-billing-for-github-actions/about-billing-for-github-actions#minute-multipliers" rel="noopener noreferrer">GitHub Actions Minute multipliers</a> </p> </blockquote> <p>A 3rd party tool would be used for running Android Emulators <code>reactivecircus/android-emulator-runner@v2</code> and running the instrumentation tests using <code>./gradlew connectedCheck</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">instrumentation-test</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Perform Instrumentation Testing</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">macos-latest</span> <span class="c1"># MacOS runs faster</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout the code</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="c1"># Gradle v8.0.0 requires java JDK v17</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set up Java JDK </span><span class="m">17</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-java@v1</span> <span class="na">with</span><span class="pi">:</span> <span class="na">java-version</span><span class="pi">:</span> <span class="s1">'</span><span class="s">17'</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Run espresso tests</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">reactivecircus/android-emulator-runner@v2</span> <span class="c1"># 3rd party tool</span> <span class="na">with</span><span class="pi">:</span> <span class="na">api-level</span><span class="pi">:</span> <span class="m">29</span> <span class="na">script</span><span class="pi">:</span> <span class="s">./gradlew connectedCheck</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Upload Instrumentation Test report</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/upload-artifact@v2</span> <span class="na">with</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">instrumentation_test_report</span> <span class="na">path</span><span class="pi">:</span> <span class="s">app/build/reports/androidTests/connected</span> </code></pre> </div> <h3> 5. Static Code Analysis using Sonarqube </h3> <p>🤔 <em>How can check my code quality using external tools ?</em></p> <p>😎 <em>Static code analysis is a technique used to analyze the source code of a program without actually executing it. It helps identify potential bugs, security vulnerabilities, code smells, and other issues in the codebase. Static code analysis tools analyze the code for patterns, best practices, and potential issues based on predefined rules or heuristics</em></p> <p>In order to perform Static Code Analaysis, we will be using <a href="https://www.sonarsource.com/products/sonarqube/" rel="noopener noreferrer">Sonarqube</a> and SonarCloud. The minimum version required for sonar scanner is Java 11 and that is why you see a step to setup Java 11 jdk on the machine. To utilize Sonar scanner for analyzing code, a new account and project has to be created in <a href="https://sonarcloud.io/" rel="noopener noreferrer">Sonarcloud</a> to integrate with GitHub Actions.</p> <p><strong>Step 1:</strong> <code>runs-on: ubuntu-latest</code> tells to run the job on latest ubuntu machine<br><br> <strong>Step 2:</strong> <code>actions/checkout@v2</code> action checks out the codebase on the machine<br><br> <strong>Step 3:</strong> Modify <code>gradle.properties</code> with sonarcloud project details<br><br> <strong>Step 4:</strong> Create a <code>SONAR_TOKEN</code> for the project in Sonarcloud website<br><br> <strong>Step 5:</strong> Add the token to GitHub secrets and title with desired token name<br><br> <strong>Step 6:</strong> Run <code>./gradlew app:sonarqube -Dsonar.login=${{ secrets.SONAR_TOKEN }}</code> to allow sonarqube to scand and perform code analysis<br></p> <p>Add the following code to <code>gradle.properties</code> as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight properties"><code><span class="err">...</span> <span class="c"># Sonarqube </span><span class="py">systemProp.sonar.sources</span><span class="p">=</span><span class="s">./src/main</span> <span class="py">systemProp.sonar.host.url</span><span class="p">=</span><span class="s">https://sonarcloud.io/</span> <span class="py">systemProp.sonar.organization</span><span class="p">=</span><span class="s">tharunbalaji2004 # As per your sonarcloud profile</span> <span class="py">systemProp.sonar.projectKey</span><span class="p">=</span><span class="s">TharunBalaji2004_android-ci-cd # As per your sonarcloud profile</span> <span class="py">systemProp.sonar.projectName</span><span class="p">=</span><span class="s">android-ci-cd # As per your sonarcloud profile</span> </code></pre> </div> <p>Running sonar cloud scan command in <code>ci.yaml</code> file:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">static-code-analysis</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Perform static code analysis</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout the code</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set up Java JDK </span><span class="m">17</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-java@v1</span> <span class="na">with</span><span class="pi">:</span> <span class="na">java-version</span><span class="pi">:</span> <span class="s1">'</span><span class="s">17'</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">SonarCloud Scan</span> <span class="c1"># sonarcloud properties in gradle.properties file</span> <span class="na">run</span><span class="pi">:</span> <span class="s">./gradlew app:sonarqube -Dsonar.login=${{ secrets.SONAR_TOKEN }}</span> <span class="na">env</span><span class="pi">:</span> <span class="na">GITHUB_TOKEN</span><span class="pi">:</span> <span class="s">${{ secrets.GITHUB_TOKEN }}</span> </code></pre> </div> <h3> 6. Build Debug APK </h3> <p>Reaching the last section of <strong>Android CI</strong> Pipeline 😎✅</p> <p>The last step of Android CI ends with building up <code>.apk</code> debug package after passing all tests along the pipeline. </p> <p><strong>Step 1:</strong> <code>runs-on: ubuntu-latest</code> tells to run the job on latest ubuntu machine<br><br> <strong>Step 2:</strong> <code>actions/checkout@v2</code> action checks out the codebase on the machine<br><br> <strong>Step 3:</strong> Once we have the codebase on the machine, run <code>./gradlew assembleDebug --stacktrace</code> <br><br> <strong>Step 4:</strong> Upload the apk packkage to GitHub as artifact<br><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">debug-apk</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Generate Debug APK</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout the code</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set up Java JDK </span><span class="m">17</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-java@v1</span> <span class="na">with</span><span class="pi">:</span> <span class="na">java-version</span><span class="pi">:</span> <span class="s1">'</span><span class="s">17'</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build debug APK</span> <span class="na">run</span><span class="pi">:</span> <span class="s">./gradlew assembleDebug --stacktrace</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Upload APK</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/upload-artifact@v2</span> <span class="na">with</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">sample-app.apk</span> <span class="na">path</span><span class="pi">:</span> <span class="s">app/build/outputs/apk/debug/app-debug.apk</span> </code></pre> </div> <h1> CD pipeline </h1> <p>After lots of testing and validating the debug apk, lets design our CD pipeline. This involves creating release package to public users. I would recommend these methods:</p> <ul> <li>Functional Testing</li> <li>Build signed APK</li> <li>Build signed AAB </li> <li>Deploy app using Google Play Console</li> </ul> <h3> 1. Functional Testing </h3> <blockquote> <p>Functional testing for Android applications involves testing the application's functionality to ensure that it meets the desired requirements and behaves correctly. It also covers app UI testing, Navigation testing, Performance and Compatability Testing</p> </blockquote> <p>To perform functional testing for Android applications, you can use various tools and frameworks, such as Espresso, UI Automator, Appium, and Robolectric. These tools assist in automating the testing process and provide features for simulating user interactions, capturing test results, and generating reports. Also considering real-world scenarios and user workflows to ensure the application meets user expectations and delivers a positive user experience.</p> <p>🚧 Working on it 🚧</p> <h3> 2. Build signed APK </h3> <p>🤔 <em>Signing process of APKs</em></p> <p>😎 <em>Signing an APK (Android Package) is the process of adding a digital signature to the APK file. The digital signature serves as a way to verify the authenticity and integrity of the APK and ensure that it has not been tampered with since it was signed. The signing process involves generating a private key and a corresponding public key certificate</em></p> <p>Now lets create a new workflow <code>.yaml</code> file for CD pipeline, we will be building signed release <code>.apk</code> as out first job. Lets discuss about signing the apk: </p> <p><strong>Step 1:</strong> <code>runs-on: ubuntu-latest</code> tells to run the job on latest ubuntu machine<br><br> <strong>Step 2:</strong> <code>actions/checkout@v2</code> action checks out the codebase on the machine<br><br> <strong>Step 3:</strong> Once we have the codebase on the machine, run <code>./gradlew assembleRelease</code><br><br> <strong>Step 4:</strong> Using <code>r0adkll/sign-android-release@v1</code> sign the app from secret variables</p> <p>Add GitHub Actions CD workflow file to your repository you need to create a yaml file <code>.github/workflows/cd.yaml</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">apk</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build Release signed APK</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout the code</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set up JDK</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-java@v3</span> <span class="na">with</span><span class="pi">:</span> <span class="na">distribution</span><span class="pi">:</span> <span class="s">temurin</span> <span class="na">java-version</span><span class="pi">:</span> <span class="s1">'</span><span class="s">17'</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build Release APK</span> <span class="na">run</span><span class="pi">:</span> <span class="s">./gradlew assembleRelease</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Sign APK</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">r0adkll/sign-android-release@v1</span> <span class="na">id</span><span class="pi">:</span> <span class="s">sign_app</span> <span class="na">with</span><span class="pi">:</span> <span class="na">releaseDirectory</span><span class="pi">:</span> <span class="s">app/build/outputs/apk/release</span> <span class="na">signingKeyBase64</span><span class="pi">:</span> <span class="s">${{ secrets.SIGNING_KEY }}</span> <span class="na">alias</span><span class="pi">:</span> <span class="s">${{ secrets.KEY_ALIAS }}</span> <span class="na">keyStorePassword</span><span class="pi">:</span> <span class="s">${{ secrets.KEY_STORE_PASSWORD }}</span> <span class="na">keyPassword</span><span class="pi">:</span> <span class="s">${{ secrets.KEY_PASSWORD }}</span> <span class="na">env</span><span class="pi">:</span> <span class="na">BUILD_TOOLS_VERSION</span><span class="pi">:</span> <span class="s2">"</span><span class="s">30.0.2"</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Upload Signed APK</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/upload-artifact@v2</span> <span class="na">with</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">sample-app-signed</span> <span class="c1"># Artifact Name</span> <span class="na">path</span><span class="pi">:</span> <span class="s">app/build/outputs/apk/release/*.apk</span> </code></pre> </div> <h3> 3. Build signed AAB </h3> <p>🤔 <em>What does Android Application Bundle(AAB) mean ?</em></p> <p>😎 <em>AAB stands for Android App Bundle. It is a publishing format introduced by Google for Android applications, developers can use the AAB format to publish their apps on the Google Play Store. It also allows for more efficient updates and enables developers to take advantage of dynamic delivery features provided by the Google Play Store</em></p> <p>Now lets create a new workflow <code>.yaml</code> file for CD pipeline, we will be building signed release <code>.aab</code> as out first job. Lets discuss about signing the bundle: </p> <p><strong>Step 1:</strong> <code>runs-on: ubuntu-latest</code> tells to run the job on latest ubuntu machine<br><br> <strong>Step 2:</strong> <code>actions/checkout@v2</code> action checks out the codebase on the machine<br><br> <strong>Step 3:</strong> Once we have the codebase on the machine, run <code>./gradlew assembleRelease</code><br><br> <strong>Step 4:</strong> Using <code>r0adkll/sign-android-release@v1</code> sign the app from secret variables<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">bundle</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build Release AAB</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout the code</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set up JDK</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-java@v3</span> <span class="na">with</span><span class="pi">:</span> <span class="na">distribution</span><span class="pi">:</span> <span class="s">temurin</span> <span class="na">java-version</span><span class="pi">:</span> <span class="s1">'</span><span class="s">17'</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build Release AAB</span> <span class="na">run</span><span class="pi">:</span> <span class="s">./gradlew bundleRelease</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Sign app bundle</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">r0adkll/sign-android-release@v1</span> <span class="na">id</span><span class="pi">:</span> <span class="s">sign_app</span> <span class="na">with</span><span class="pi">:</span> <span class="na">releaseDirectory</span><span class="pi">:</span> <span class="s">app/build/outputs/bundle/release</span> <span class="na">signingKeyBase64</span><span class="pi">:</span> <span class="s">${{ secrets.SIGNING_KEY }}</span> <span class="na">alias</span><span class="pi">:</span> <span class="s">${{ secrets.KEY_ALIAS }}</span> <span class="na">keyStorePassword</span><span class="pi">:</span> <span class="s">${{ secrets.KEY_STORE_PASSWORD }}</span> <span class="na">keyPassword</span><span class="pi">:</span> <span class="s">${{ secrets.KEY_PASSWORD }}</span> <span class="na">env</span><span class="pi">:</span> <span class="na">BUILD_TOOLS_VERSION</span><span class="pi">:</span> <span class="s2">"</span><span class="s">30.0.2"</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Upload Signed AAB</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/upload-artifact@v2</span> <span class="na">with</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">sample-app-bundle</span> <span class="c1"># Artifact Name</span> <span class="na">path</span><span class="pi">:</span> <span class="s">app/build/outputs/bundle/release/app-release.aab</span> </code></pre> </div> <h3> 4. Deploy app using Google Play Console </h3> <blockquote> <p>For making a release to PlayStore, we need a service account json file, which is created from Google Play Console. And Play Store publisher permission access, which is created from Google Cloud. Kindy refer this <a href="https://www.skoumal.com/en/generate-json-key-for-google-play-deployment/" rel="noopener noreferrer">article</a> to create service account and grant permission for CD pipeline to deploy in play store</p> </blockquote> <p>After creating the service account <code>.json</code> file, upload it to GitHub secrets and specify the value in workflow file.</p> <p><strong>Step 1:</strong> <code>runs-on: ubuntu-latest</code> tells to run the job on latest ubuntu machine<br><br> <strong>Step 2:</strong> Specify the service account json secret file<br><br> <strong>Step 3:</strong> Using predefined action <code>r0adkll/upload-google-play@v1</code> to deploy app on playstore<br><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">deploy</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Deploy release AAB on Playstore</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Create service_account.json</span> <span class="na">run</span><span class="pi">:</span> <span class="s">echo '${{ secrets.SERVICE_ACCOUNT_JSON }}' &gt; service_account.json</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Deploy to Play Store</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">r0adkll/upload-google-play@v1</span> <span class="na">with</span><span class="pi">:</span> <span class="na">serviceAccountJson</span><span class="pi">:</span> <span class="s">service_account.json</span> <span class="na">packageName</span><span class="pi">:</span> <span class="s">${{ github.event.inputs.app_id }}</span> <span class="na">releaseFiles</span><span class="pi">:</span> <span class="s">app/build/outputs/bundle/release/*.aab</span> <span class="na">track</span><span class="pi">:</span> <span class="s">production</span> </code></pre> </div> <p>Thats it! Congrats for deploying you Android app on Play Store 😀✅</p> android kotlin githubactions devops