File size: 3,208 Bytes
5e21013 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 | #!/usr/bin/env bash
# βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
# upload_apk.sh β push a built APK to bee.cuilabs.io via the admin route.
#
# Lighter-weight alternative to apps/mobile/scripts/release-android.sh:
# it does NOT build, sign, bump versions, or rewrite vercel.json. It
# assumes you already have a signed APK on disk and just pushes it to
# /api/admin/upload-apk, which uploads to Vercel Blob and inserts a
# row into public.apk_releases. /download reads the latest row.
#
# Usage:
# APK_UPLOAD_SECRET=β¦ ./scripts/upload_apk.sh \
# apps/mobile/android/app/build/outputs/apk/release/app-release.apk \
# 0.1.0 6
#
# Required env:
# APK_UPLOAD_SECRET β Bearer token, must equal Vercel project env
#
# Optional env:
# BEE_WEB_BASE_URL β defaults to https://bee.cuilabs.io
# APK_NOTES β release notes string
# βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
set -euo pipefail
APK="${1:?usage: upload_apk.sh <apk-path> <versionName> <versionCode>}"
VERSION_NAME="${2:?usage: upload_apk.sh <apk-path> <versionName> <versionCode>}"
VERSION_CODE="${3:?usage: upload_apk.sh <apk-path> <versionName> <versionCode>}"
if [ ! -f "$APK" ]; then
echo "no APK at $APK" >&2
exit 1
fi
if [ -z "${APK_UPLOAD_SECRET:-}" ]; then
echo "APK_UPLOAD_SECRET not set" >&2
exit 1
fi
if ! command -v shasum >/dev/null 2>&1; then
echo "shasum not found" >&2
exit 1
fi
if ! command -v curl >/dev/null 2>&1; then
echo "curl not found" >&2
exit 1
fi
BASE="${BEE_WEB_BASE_URL:-https://bee.cuilabs.io}"
SHA256=$(shasum -a 256 "$APK" | awk '{print toupper($1)}')
# Capture the short git SHA when this is a git checkout. set -e is on,
# so we explicitly probe with `command -v` and `git rev-parse` rather
# than swallow the exit code with shell short-circuit operators
# (forbidden by scripts/quality/check_honesty.py).
if command -v git >/dev/null 2>&1 && git rev-parse --short HEAD >/dev/null 2>&1; then
GIT_SHA=$(git rev-parse --short HEAD)
else
GIT_SHA=""
fi
# stat is BSD on macOS, GNU on Linux β different flag set. Probe each.
if SIZE=$(stat -f%z "$APK" 2>/dev/null); then
:
elif SIZE=$(stat -c%s "$APK" 2>/dev/null); then
:
else
echo "could not stat $APK" >&2
exit 1
fi
echo "β uploading $APK ($SIZE bytes)"
echo " version : $VERSION_NAME (build $VERSION_CODE)"
echo " sha256 : $SHA256"
echo " git : ${GIT_SHA:-<not a git checkout>}"
echo " target : $BASE/api/admin/upload-apk"
curl -fsSL --fail-with-body -X POST "$BASE/api/admin/upload-apk" \
-H "Authorization: Bearer $APK_UPLOAD_SECRET" \
-F "apk=@${APK};type=application/vnd.android.package-archive" \
-F "versionName=$VERSION_NAME" \
-F "versionCode=$VERSION_CODE" \
-F "sha256=$SHA256" \
-F "gitSha=$GIT_SHA" \
-F "notes=${APK_NOTES:-}"
echo
echo "β uploaded β verify at $BASE/download"
|