diff --git a/.gitea/workflows/android.yml b/.gitea/workflows/android.yml index cc79437e..fc58d39f 100644 --- a/.gitea/workflows/android.yml +++ b/.gitea/workflows/android.yml @@ -143,20 +143,39 @@ jobs: # release.yml's bundled in-app-update fetcher (which polls this # exact filename) resolves to the native APK with no further # workflow plumbing. + # + # Previous version of this step silently exited 0 on a failed + # upload because the curl exit code was being swallowed by the + # implicit shell. set -euxo pipefail surfaces it, and -w "...\n" + # forces curl to print the HTTP status of the upload so a 4xx + # is visible in the log. shell: bash env: CI_TOKEN: ${{ secrets.CI_TOKEN }} run: | + set -euxo pipefail TAG="${GITHUB_REF#refs/tags/}" REPO="${GITHUB_REPOSITORY}" - RELEASE_ID=$(curl -fsSL \ + APK_PATH="app/build/outputs/apk/release/app-release.apk" + ls -lh "${APK_PATH}" + + RELEASE_JSON="$(curl -fsSL \ -H "Authorization: token ${CI_TOKEN}" \ - "https://git.fabledsword.com/api/v1/repos/${REPO}/releases/tags/${TAG}" \ - | grep -oP '"id":\s*\K[0-9]+' | head -1) + "https://git.fabledsword.com/api/v1/repos/${REPO}/releases/tags/${TAG}")" + RELEASE_ID="$(printf '%s' "${RELEASE_JSON}" | grep -oP '"id":\s*\K[0-9]+' | head -1)" if [ -z "${RELEASE_ID}" ]; then echo "::error::release for ${TAG} not found"; exit 1 fi - curl -fsSL \ + echo "release_id=${RELEASE_ID}" + + UPLOAD_HTTP=$(curl -sS -L -o /tmp/upload.out -w '%{http_code}' \ -H "Authorization: token ${CI_TOKEN}" \ - -F "attachment=@app/build/outputs/apk/release/app-release.apk" \ - "https://git.fabledsword.com/api/v1/repos/${REPO}/releases/${RELEASE_ID}/assets?name=minstrel-${TAG}.apk" + -F "attachment=@${APK_PATH}" \ + "https://git.fabledsword.com/api/v1/repos/${REPO}/releases/${RELEASE_ID}/assets?name=minstrel-${TAG}.apk") + echo "upload_http=${UPLOAD_HTTP}" + cat /tmp/upload.out || true + echo + if [ "${UPLOAD_HTTP}" -lt 200 ] || [ "${UPLOAD_HTTP}" -ge 300 ]; then + echo "::error::APK upload returned HTTP ${UPLOAD_HTTP}" + exit 1 + fi