Skip to content
F-Droid Repository

F-Droid Repository #3

Sign in to view logs

F-Droid Repository

F-Droid Repository #3

Workflow file for this run

.github/workflows/fdroid-repo.yml at 6c4f6da
name: F-Droid Repository
# Runs whenever the main "Build & Release" workflow publishes a GitHub Release.
# Can also be triggered manually via the Actions tab (workflow_dispatch).
#
# How it works:
# 1. Downloads the signed APK from the GitHub Release.
# 2. Uses fdroidserver to generate a proper F-Droid repo index (index.xml / index-v1.jar).
# 3. Commits the result to docs/fdroid/ on master — served by GitHub Pages at:
# https://<owner>.github.io/<repo>/fdroid/repo
#
# Users add this URL to their F-Droid app:
# https://codejq.github.io/live-player/fdroid/repo
#
# Required GitHub Secrets:
# FDROID_KEYSTORE_BASE64 — Base64-encoded JKS keystore used to sign the repo index.
# FDROID_KEYSTORE_PASS — Password for the keystore and the "fdroid" key alias.
#
# Generate the F-Droid repo keystore once (run locally):
# keytool -genkey -v -keystore fdroid.jks -alias fdroid -keyalg RSA \
# -keysize 4096 -sigalg SHA256withRSA -validity 10000 \
# -dname "CN=StreamPlayer F-Droid Repo" \
# -storepass YOUR_PASSWORD -keypass YOUR_PASSWORD
#
# Encode for GitHub Secret:
# Linux/macOS: base64 -w 0 fdroid.jks
# Windows PS: [Convert]::ToBase64String([IO.File]::ReadAllBytes("fdroid.jks"))
#
# GitHub Pages setup (one-time):
# Settings → Pages → Source: Deploy from branch → Branch: master → Folder: /docs
on:
# Fires when "Build & Release" completes — avoids the GitHub limitation
# where releases created via GITHUB_TOKEN don't trigger `release:` events
# in other workflows.
workflow_run:
workflows: ["Build & Release"]
types: [completed]
workflow_dispatch:
jobs:
update-fdroid-repo:
name: Update F-Droid Repo
runs-on: ubuntu-latest
# Only run when the upstream workflow succeeded (skip on failure / cancel)
if: github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success'
permissions:
contents: write # required to push docs/fdroid/ back to master
steps:
# ── 1. Checkout (with write token so we can push back) ────────────────
- name: Checkout source
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
# ── 2. JDK 17 ────────────────────────────────────────────────────────
# Required so fdroidserver's keytool subprocess uses JDK 17.
# Without this, the system JDK may fail to read modern PKCS12 keystores.
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
# ── 3. Install fdroidserver ───────────────────────────────────────────
- name: Install fdroidserver
run: |
sudo apt-get update -qq
sudo apt-get install -y libmagic1 aapt
pip install fdroidserver
# ── 4. Prepare working directories ───────────────────────────────────
- name: Prepare directories
run: mkdir -p fdroid-work/repo fdroid-work/metadata
# ── 5. Restore F-Droid repo signing key ──────────────────────────────
# Convert to JKS with absolute path so fdroidserver can always find it.
- name: Restore F-Droid keystore
env:
FDROID_PASS: ${{ secrets.FDROID_KEYSTORE_PASS }}
run: |
echo "${{ secrets.FDROID_KEYSTORE_BASE64 }}" | base64 --decode > /tmp/fdroid-orig.jks
keytool -importkeystore \
-srckeystore /tmp/fdroid-orig.jks \
-srcstorepass "$FDROID_PASS" \
-destkeystore "$GITHUB_WORKSPACE/fdroid-work/keystore.jks" \
-deststoretype JKS \
-deststorepass "$FDROID_PASS" \
-noprompt
rm -f /tmp/fdroid-orig.jks
# Verify the keystore is readable before continuing
keytool -list \
-keystore "$GITHUB_WORKSPACE/fdroid-work/keystore.jks" \
-storepass "$FDROID_PASS" 2>&1 | grep -E "Keystore type|Your keystore contains|Alias"
# ── 6. Write fdroid config ────────────────────────────────────────────
- name: Write fdroid config
env:
PASS: ${{ secrets.FDROID_KEYSTORE_PASS }}
run: |
REPO_URL="https://${{ github.repository_owner }}.github.io/${{ github.event.repository.name }}/fdroid/repo"
KS_PATH="$GITHUB_WORKSPACE/fdroid-work/keystore.jks"
cat > fdroid-work/config.yml << EOF
repo_url: "${REPO_URL}"
repo_name: "StreamPlayer"
repo_description: "StreamPlayer — live internet radio for Android"
archive_older: 5
keystore: "${KS_PATH}"
keystorepass: "${PASS}"
keypass: "${PASS}"
repo_keyalias: fdroid
keydname: "CN=StreamPlayer F-Droid Repo"
EOF
chmod 600 fdroid-work/config.yml
# ── 7. Write app metadata ─────────────────────────────────────────────
- name: Write app metadata
run: |
cat > fdroid-work/metadata/com.streamplayer.app.yml << 'EOF'
Categories:
- Multimedia
License: MIT
SourceCode: https://github.com/${{ github.repository }}
Name: StreamPlayer
Summary: Live internet radio and audio streaming
Description: |-
Resilient Android background audio streaming for live internet radio.
Survives crashes, network drops, device reboots, Doze mode, and
aggressive OEM battery killers. Features auto-relaunch watchdogs,
network auto-recovery, and adaptive 8-30s buffering.
EOF
# ── 8. Download signed APK from GitHub Release ────────────────────────
- name: Download APK from release
env:
GH_TOKEN: ${{ github.token }}
run: |
# Always fetch the latest published release tag
# (works for workflow_run, workflow_dispatch, and any future triggers)
TAG=$(gh release view --json tagName -q .tagName)
gh release download "$TAG" \
--pattern "StreamPlayer-*.apk" \
--dir fdroid-work/repo
# ── 9. Build F-Droid repo index ───────────────────────────────────────
- name: Build F-Droid repo index
run: |
cd fdroid-work
fdroid update -c
# ── 10. Remove keystore before committing ────────────────────────────
- name: Remove keystore
if: always()
run: rm -f fdroid-work/keystore.jks
# ── 11. Copy repo output to docs/fdroid/ and commit to master ─────────
# GitHub Pages serves docs/ from the master branch, so the F-Droid
# repo is available at /fdroid/repo alongside the homepage.
- name: Publish to docs/fdroid/
run: |
mkdir -p docs/fdroid/repo docs/fdroid/metadata
# Copy generated repo files (APKs + index)
cp -r fdroid-work/repo/. docs/fdroid/repo/
# Commit and push back to master
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git add docs/fdroid/
if git diff --staged --quiet; then
echo "F-Droid repo is already up-to-date — nothing to commit."
else
git commit -m "chore: update F-Droid repo [skip ci]"
git pull --rebase origin master
git push origin master
fi