Improve release process

- Persistent signing key taken from Github secrets
- Make tagged release on every push under SEMVER tag (v0.0.0), make
"latest" release on every push to "main" branch

.github/workflows/build.yml

@@ -2,9 +2,13 @@ name: Build
 on:
   push:
     branches:
-      - master
+      - 'main'
+      - 'v*.*.*'
   workflow_dispatch:
 
+permissions:
+  contents: write
+
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -14,17 +18,29 @@ jobs:
         with:
           submodules: recursive
 
-      - name: Build
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: gradle
+
+      - name: Decode Keystore
+        run: |
+          echo "${{ secrets.ANDROID_KEYSTORE }}" | base64 -d > pixelpilot.jks
+
+      - name: Build APK
+        env:
+          KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
         run: |
-          sudo apt-get update
-          sudo apt-get install openjdk-17-jdk
-          export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64
-          keytool -genkeypair -dname CN=OpenIPC -keyalg RSA -validity 8000 -alias fpv -keystore fpv.jks -storepass release -noprompt
-          ./gradlew assembleDebug
-          mv app/build/outputs/apk/debug/app-debug.apk PixelPilot.apk
+          ./gradlew assembleRelease -Pandroid.injected.signing.store.file=pixelpilot.jks \
+          -Pandroid.injected.signing.store.password=$KEYSTORE_PASSWORD \
+          -Pandroid.injected.signing.key.alias=pixelpilot \
+          -Pandroid.injected.signing.key.password=$KEYSTORE_PASSWORD
+          mv app/build/outputs/apk/release/app-release.apk PixelPilot.apk
 
-      - name: Upload
+      - name: Upload Release
         uses: softprops/action-gh-release@v2
         with:
-          tag_name: latest
+          tag_name: ${{ github.ref_name == 'main' ? 'latest' : github.ref_name }}
           files: PixelPilot.apk