跳到主要内容

CI/CD 自动化

问题

Android 项目如何搭建 CI/CD 流水线?

答案

CI/CD 流程

GitHub Actions 示例

.github/workflows/android-ci.yml
name: Android CI

on:
  push:
    branches: [main, develop]
  pull_request:
    branches: [main]

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v4

      - name: Setup JDK 17
        uses: actions/setup-java@v4
        with:
          java-version: '17'
          distribution: 'temurin'

      - name: Setup Gradle
        uses: gradle/actions/setup-gradle@v3
        with:
          cache-read-only: ${{ github.ref != 'refs/heads/main' }}

      - name: Run Lint
        run: ./gradlew lint

      - name: Run Unit Tests
        run: ./gradlew testDebugUnitTest

      - name: Build Debug APK
        run: ./gradlew assembleDebug

      - name: Upload APK
        uses: actions/upload-artifact@v4
        with:
          name: debug-apk
          path: app/build/outputs/apk/debug/*.apk

  release:
    needs: build
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v4

      - name: Setup JDK 17
        uses: actions/setup-java@v4
        with:
          java-version: '17'
          distribution: 'temurin'

      - name: Build Release AAB
        run: ./gradlew bundleRelease
        env:
          KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
          KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
          KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}

      - name: Upload to Google Play
        uses: r0adkll/upload-google-play@v1
        with:
          serviceAccountJsonPlainText: ${{ secrets.PLAY_SERVICE_ACCOUNT }}
          packageName: com.example.app
          releaseFiles: app/build/outputs/bundle/release/*.aab
          track: internal

Gradle 缓存策略

缓存配置
- name: Setup Gradle
  uses: gradle/actions/setup-gradle@v3
  with:
    # 非 main 分支只读缓存,避免缓存污染
    cache-read-only: ${{ github.ref != 'refs/heads/main' }}

发布流程最佳实践

阶段触发条件分发目标说明
开发测试Push to developFirebase / 蒲公英开发自测
内部测试PR merged to mainGoogle Play InternalQA 测试
封闭测试手动触发Google Play Closed Testing小范围用户验证
公开发布手动触发Google Play Production正式上线,可分阶段发布

常见面试问题

Q1: CI/CD 中如何安全管理签名密钥?

答案

  • 密码:存储在 CI 平台的 Secrets 中(如 GitHub Secrets),通过环境变量注入
  • Keystore 文件:Base64 编码后存储为 Secret,CI 中解码还原;或使用 Google Play App Signing 托管签名密钥
  • 本地开发:使用 local.properties(已 .gitignore)或环境变量
  • 绝不在版本控制中提交密钥文件或密码

Q2: APK 和 AAB 有什么区别?

答案

APK(Android Package)是直接可安装的包。AAB(Android App Bundle)是上传到 Google Play 的发布格式,由 Google Play 根据用户设备生成优化的 APK(Dynamic Delivery),按需分发匹配的资源(语言、屏幕密度、ABI),包体积通常减少 15-20%。

Google Play 要求新应用必须使用 AAB 格式上传。国内应用商店仍使用 APK。

相关链接