Continuous Delivery for Android Using GitHub Actions
Learn how to create a continuous delivery pipeline in Android to deploy your apps to the Google Play Store. By Subhrajyoti Sen.
Setting up Firebase
First, you need to create a new project on Firebase. Visit https://console.firebase.google.com and click Create a project.
Next, choose a project name. For this tutorial, name your project RW Quotes, then click Continue.
You don't need Google Analytics for this project, so disable it. Click Create project.
Next, you need to add an Android app to the project. To do this, click the Android icon:
You'll get a short form asking for the package name. The package name of the app is com.raywenderlich.android.rwquotes. Enter the package name and click Register app.
Because you're only using App Distribution, skip the next two sections of the form by clicking Next. Finally, click Continue to console to return to the home dashboard.
Adding Testers
From the left navigation bar, select App Distribution in the Release & Monitor section.
Accept the terms and conditions and click Get started. You'll see the App Distribution dashboard, which contains three tabs: Releases, Invite links and Testers and Groups. Go to the Testers and Groups tab.
In the Add testers input field, enter your email address. Firebase will then send you an invitation to become a tester for the app. Similarly, add the email addresses of the rest of your development and QA teams.
Next, you'll create a group. A group is a collection of testers you want to send a specific build to. To create a group, click Add group and enter a name for your group — in this case, QA. Now, you can choose the email addresses of all members of your QA team and add them here.
Fetching the App ID and Token
To give GitHub Actions access to your Firebase account, you'll need two things:
- App ID: An ID specific to your project.
- Token: An authentication token to access Firebase.
Click the gear icon at the top of the left navigation bar and select Project Settings from the menu. Scroll down until you see the package name of the app. Next to it, you'll see a section named App ID with a long alphanumeric string. Copy this string and add it as a Secret on the GitHub repository named FIREBASE_APP_ID.
Fetching the token is a bit more tricky. You need to install Firebase CLI first. To do so, follow the instructions at https://firebase.google.com/docs/cli to install the tool based on your operating system.
Once installed, run the following command from the command line:
firebase login:ci
This will open your browser and ask you to sign in using a Google account. If you have multiple accounts, choose the one you used to set up Firebase.
Once you've signed in, you have to grant Firebase CLI some permissions. Even though these are simple permissions, you should read through them.
Once you've read and granted the permissions, you'll see a message stating that you can close the browser tab. Go back to the command line you'll see some text:
Copy the token and add it as a GitHub Secret with the name FIREBASE_TOKEN.
Upload to Firebase Action
Now that you've set up Firebase and stored the secrets, you need to add the job to upload the app to Firebase App Distribution. For this, you'll use the wzieba/Firebase-Distribution-Github-Action action.
Add the following code to the workflow:
deploy-firebase:
# 1
needs: [ build ]
runs-on: ubuntu-latest
steps:
# 2
- uses: actions/download-artifact@master
with:
name: release.apk
#3
- name: upload artifact to Firebase App Distribution
uses: wzieba/Firebase-Distribution-Github-Action@v1
with:
appId: ${{secrets.FIREBASE_APP_ID}}
token: ${{secrets.FIREBASE_TOKEN}}
groups: QA
file: app-release-unsigned-signed.apk
The code above:
- Uses needs to specify that the job can only run if the build job has completed successfully.
- Uses the actions/download-artifact action to download the artifact of the release APK.
- Uploads the downloaded artifact to Firebase App Distribution and makes it available to the QA group you created earlier. It also uses the two secrets named FIREBASE_APP_ID and FIREBASE_TOKEN, which you added in the previous section.
Commit and push the changes to GitHub. Next, create a new tag and push it. Once you push the tag, visit the Actions tab in the repository. You'll see that the workflow is running.
Once the workflow has successfully finished running, verify that it uploaded the build by visiting the Releases tab on the App Distribution page on Firebase.
Congratulations, you've successfully set up a functional continuous delivery pipeline. The only thing left to add is the ability to release your app to the Play Store.
Visualizing a Workflow
On the Actions tab in the repository, select any workflow and you'll see a page like this:
In the image above, there are three boxes containing:
- unit_tests and android_tests
- The build job
- The deploy_firebase job
Horizontal lines connect the boxes. The box signifies that unit_tests and android_tests run in parallel. Only after both of them have completed will the build job run. Similarly, the deploy_firebase job will run only after the build job completes.
Deploying to Play Store
The action needed to deploy a build to the Play Store is similar to the one you used for app distribution but the setup is a bit more complex. It requires you to use a service account. Don't worry if you haven't heard of the term, you'll create one shortly.
Before you can publish to the Play Store, you need to add a new app to the Google Play Console. To do this, follow the tutorial on Android App Distribution: From Zero to Google Play Store.
Setting up a Service Account
Once you've completed the setup, you need to create the service account. Visit https://play.google.com/console and go to Settings ▸ Developer account ▸ API access. Once there, click the Create new project radio button and select Link Project in the bottom right corner of the page.
In the Service accounts section, click Create new service account. Follow the instructions on the pop-up and navigate to the google cloud platform page.
Once there, click the Create Service Account button on the top of the page.
Give the service account any name you want. Next, assign the service account the role of Editor, as shown below:
After assigning a role, click Done to return to the Service Accounts page. Click the three-dot menu next to the service account you just created, select Create key and choose the JSON option. The key will generate, then download to your computer.
Next, visit Google Developers Console API Library and search for Google Play Android Developer API. From the search result, select the API then click Enable, as shown below:
The Google Play Android Developer API lets the service account perform automated operations on the Google Play Console.
Go back to the Play Console tab on your browser and click Done on the pop-up. The Service account section will refresh and the account you just created will appear.
You need to grant access to the service account to manage releases. To do this, click Grant access, which will open the Invite user page. Scroll down and choose the Account permissions tab. In the Releases section, select Release to production, exclude devices, and use Play App Signing and Release apps to testing tracks. Finally, click Invite User.
Next, go to the App permissions tab on the same page and grant access to the app.
Open the service account key file you downloaded and add its contents as a GitHub Secret named SERVICE_ACCOUNT_JSON.
The service is now ready.