Google services json file for github actions?

Question

I am currently working on a android project and I use github action to test the project. But whenever it build it ends up with an error for not finding the google-services.json file.

The error generated is as follows

File google-services.json is missing. The Google Services Plugin cannot function without it.

Now, I don't want to commit or upload the google-services.json file on the github. So, Is there any other way to solve this?

Answer 1

Well... I have found the solution but in case if anyone needs I am explaining here.

We can store the content of google-sevices.json in Environment variable (aka Secrets in github). Actually github uses linux based cli so we have to execute some command on the cli using github actions.

There will be two steps ...

• Firstly create the google-services.json file in base64

- name: Create file
  run: cat /home/runner/work/<Project-Name>/<Project-Name>/app/google-services.json | base64

• Then put data in the file (basically this fetch data from github secrets and put the data in json file before building the application)

- name: Putting data
  env:
    DATA: ${{ secrets.GOOGLE_SERVICES_JSON }}
  run: echo $DATA > /home/runner/work/<Project-Name>/<Project-Name>/app/google-services.json

• Then define the content of google-services.json file in the github secrets via: Setting > Secrets > New Repository Secret using name GOOGLE_SERVICES_JSON

Both of these commands should be placed before the gradle build command in gradle.yml

By doing this your google-services.json file will be created and has data also so the app will build successfully.

Answer 2

Adding any sort of credentials to your GitHub repo is dangerous and ill-advised. Even if the repo is private and you are the only one using it right now, maybe you'll invite other people later and unless you change the git history, your credentials will always be accessible even if you delete them via a new commit.

Instead, put your credentials (in this case, google-services.json) in a GitHub Action secret and read that secret from the CI file. GitHub secrets are a great place to store this information because only the actions you run can read them and not other members of the repository.

1. Encode your file as base64 on your local computer so that it may be easily stored in environment variables: base64 google-services.json
2. Copy the output and store it in a new GitHub Action secret (can be found in the Settings tab of your repository) named GOOGLE_SERVICES_JSON
3. In your GitHub Action yml, right before you build, add this step, which adds your encoded file to an environment variable, then decodes it and adds it into the Action's worker directory:

- name: Create Google Services JSON File
  env:
    GOOGLE_SERVICES_JSON: ${{ secrets.GOOGLE_SERVICES_JSON }}
  run: echo $GOOGLE_SERVICES_JSON | base64 -di > ./<folder>/google-services.json

<folder> is whatever folder you need for your build. In my Action, I was trying to build an android APK, so my path was ./android/app/google-services.json. Also, depending on your path, you may need to create the directory first: run: mkdir <folder> && echo $GOOGLE_SERVICES_JSON | base64 -di > ./<folder>/google-services.json

base64 -di decodes the encoded file and also gets rid of "garbage" characters, like newlines that were probably brought over when you copied the original encoded file into the Action secret.

Answer 3

If you are making any public repo or any sample app, you should not commit the google-services.json file to the Github repo.

While you are working on private repo it depends on how collaborators are managing the firebase credentials. google-services.json file will have access key and fingerprints of firebase projects.

Conclusion: Don't share the google-services.json file over any SVN or Git repo. User can add their own google-services.json file to the project and run it on the testing environment.