vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-22 22:48:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e17d111990f117fe9eeb1b29d047570975741bfc
openclaw/apps/android/scripts/build-release-artifacts.ts

210 lines
5.8 KiB
TypeScript
Raw Blame History

#!/usr/bin/env bun
/**
* Android release helper that builds signed release artifacts from the pinned
* version metadata, verifies signatures, and writes SHA-256 checksum files.
*/
import { $ } from "bun";
import { existsSync, readdirSync } from "node:fs";
import { basename, dirname, join } from "node:path";
import { fileURLToPath } from "node:url";
import { resolveAndroidVersion, syncAndroidVersioning } from "../../../scripts/lib/android-version.ts";
type ReleaseArtifact = {
flavorName: "play" | "third-party";
kind: "aab" | "apk";
gradleTask: string;
sourcePath: string;
};
type CliOptions = {
dryRun: boolean;
};
const scriptDir = dirname(fileURLToPath(import.meta.url));
const androidDir = join(scriptDir, "..");
const rootDir = join(androidDir, "..", "..");
const releaseOutputDir = join(androidDir, "build", "release-artifacts");
function parseArgs(argv: string[]): CliOptions {
let dryRun = false;
for (const arg of argv) {
switch (arg) {
case "--dry-run": {
dryRun = true;
break;
}
case "-h":
case "--help": {
console.log(
[
"Usage: bun apps/android/scripts/build-release-artifacts.ts [--dry-run]",
"",
"Builds the signed Play AAB and third-party APK from apps/android/version.json.",
].join("\n"),
);
process.exit(0);
}
default: {
throw new Error(`Unknown argument: ${arg}`);
}
}
}
return { dryRun };
}
function releaseArtifacts(versionName: string): ReleaseArtifact[] {
return [
{
flavorName: "play",
kind: "aab",
gradleTask: ":app:bundlePlayRelease",
sourcePath: join(
androidDir,
"app",
"build",
"outputs",
"bundle",
"playRelease",
"app-play-release.aab",
),
},
{
flavorName: "third-party",
kind: "apk",
gradleTask: ":app:assembleThirdPartyRelease",
sourcePath: join(
androidDir,
"app",
"build",
"outputs",
"apk",
"thirdParty",
"release",
`openclaw-${versionName}-thirdParty-release.apk`,
),
},
];
}
async function sha256Hex(path: string): Promise<string> {
const buffer = await Bun.file(path).arrayBuffer();
const digest = await crypto.subtle.digest("SHA-256", buffer);
return Array.from(new Uint8Array(digest), (byte) => byte.toString(16).padStart(2, "0")).join("");
}
async function writeSha256File(path: string): Promise<string> {
const hash = await sha256Hex(path);
const checksumPath = `${path}.sha256`;
await Bun.write(checksumPath, `${hash} ${basename(path)}\n`);
return hash;
}
async function verifyAabSignature(path: string): Promise<void> {
await $`jarsigner -verify ${path}`.quiet();
}
function resolveApkSignerFromSdk(sdkRoot: string | undefined): string | null {
if (!sdkRoot) {
return null;
}
const buildToolsDir = join(sdkRoot, "build-tools");
if (!existsSync(buildToolsDir)) {
return null;
}
const candidates = readdirSync(buildToolsDir)
.toSorted((left, right) => right.localeCompare(left))
.map((version) => join(buildToolsDir, version, "apksigner"))
.filter((candidate) => existsSync(candidate));
return candidates[0] ?? null;
}
async function resolveApkSigner(): Promise<string> {
const sdkApkSigner =
resolveApkSignerFromSdk(Bun.env.ANDROID_HOME) ??
resolveApkSignerFromSdk(Bun.env.ANDROID_SDK_ROOT);
if (sdkApkSigner) {
return sdkApkSigner;
}
try {
return (await $`command -v apksigner`.text()).trim();
} catch {
throw new Error(
"Missing apksigner. Install Android SDK build-tools or put apksigner on PATH.",
);
}
}
async function verifyApkSignature(path: string): Promise<void> {
const apkSigner = await resolveApkSigner();
const apkSignerProcess = Bun.spawn([apkSigner, "verify", path], {
stdout: "ignore",
stderr: "inherit",
});
const exitCode = await apkSignerProcess.exited;
if (exitCode !== 0) {
throw new Error(`apksigner verification failed for ${path}`);
}
}
async function copyArtifact(sourcePath: string, destinationPath: string): Promise<void> {
const sourceFile = Bun.file(sourcePath);
if (!(await sourceFile.exists())) {
throw new Error(`Signed release artifact missing at ${sourcePath}`);
}
await Bun.write(destinationPath, sourceFile);
}
async function verifyArtifactSignature(artifact: ReleaseArtifact, outputPath: string): Promise<void> {
if (artifact.kind === "aab") {
await verifyAabSignature(outputPath);
} else {
await verifyApkSignature(outputPath);
}
}
async function main() {
const options = parseArgs(process.argv.slice(2));
syncAndroidVersioning({ mode: "check", rootDir });
const version = resolveAndroidVersion(rootDir);
const artifacts = releaseArtifacts(version.canonicalVersion);
console.log(`Android versionName: ${version.canonicalVersion}`);
console.log(`Android versionCode: ${version.versionCode}`);
for (const artifact of artifacts) {
console.log(`Release artifact: ${artifact.flavorName} ${artifact.kind}`);
console.log(`Gradle task: ${artifact.gradleTask}`);
}
if (options.dryRun) {
console.log("Dry run complete. No Gradle tasks were executed.");
return;
}
await $`mkdir -p ${releaseOutputDir}`;
await $`./gradlew ${artifacts.map((artifact) => artifact.gradleTask)}`.cwd(androidDir);
for (const artifact of artifacts) {
const outputPath = join(
releaseOutputDir,
`openclaw-${version.canonicalVersion}-${artifact.flavorName}-release.${artifact.kind}`,
);
await copyArtifact(artifact.sourcePath, outputPath);
await verifyArtifactSignature(artifact, outputPath);
const hash = await writeSha256File(outputPath);
console.log(`Signed ${artifact.kind.toUpperCase()} (${artifact.flavorName}): ${outputPath}`);
console.log(`SHA-256 (${artifact.flavorName}): ${hash}`);
}
}
await main();
Reference in New Issue View Git Blame Copy Permalink