svrnty/docker-flutter-sdk
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 21 Wiki Activity

Update Android SDK to latest versions and add version check workflow

Browse Source 
- Update cmdline-tools from 11076708 to 14742923 (v20.0)
- Update build-tools from 36.0.0 to 36.1.0
- Add Android SDK version checking to update-check workflow
- Creates issues when Android SDK updates are available

This reduces CVEs from 26 to 4 (all from protobuf-java 2.6.1 bundled by Google).

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Mathias Beaulieu-Duncan 2026-02-03 00:47:15 -05:00
parent 935a638ee3
commit a8331e9516
2 changed files with 100 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
.gitea/workflows/update-check.yaml
View File

@ -1,4 +1,4 @@
name: Check for Flutter SDK Updates name: Check for Flutter SDK and Android SDK Updates
on: on:
schedule: schedule:
@ -9,6 +9,9 @@ jobs:
check-update: check-update:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Get latest Flutter stable version - name: Get latest Flutter stable version
id: flutter id: flutter
run: | run: |
@ -17,7 +20,47 @@ jobs:
echo "version=${LATEST}" >> $GITHUB_OUTPUT echo "version=${LATEST}" >> $GITHUB_OUTPUT
echo "Latest Flutter stable: ${LATEST}" echo "Latest Flutter stable: ${LATEST}"
- name: Check if release already exists - name: Get latest Android SDK versions
id: android
run: |
REPO_XML=$(curl -fsSL "https://dl.google.com/android/repository/repository2-1.xml")
# Latest stable build-tools (exclude rc/alpha/beta)
BUILD_TOOLS=$(echo "$REPO_XML" | grep -o 'path="build-tools;[0-9]*\.[0-9]*\.[0-9]*"' | \
sed 's/path="build-tools;//;s/"//' | sort -V | tail -1)
# Latest stable platform
PLATFORM=$(echo "$REPO_XML" | grep -o 'path="platforms;android-[0-9]*"' | \
sed 's/path="platforms;android-//;s/"//' | sort -n | tail -1)
# Latest cmdline-tools download ID
CMDLINE_DOWNLOAD=$(echo "$REPO_XML" | grep -o 'commandlinetools-linux-[0-9]*_latest' | \
sed 's/commandlinetools-linux-//;s/_latest//' | sort -n | tail -1)
echo "build_tools=${BUILD_TOOLS}" >> $GITHUB_OUTPUT
echo "platform=${PLATFORM}" >> $GITHUB_OUTPUT
echo "cmdline_tools=${CMDLINE_DOWNLOAD}" >> $GITHUB_OUTPUT
echo "Latest Android build-tools: ${BUILD_TOOLS}"
echo "Latest Android platform: ${PLATFORM}"
echo "Latest cmdline-tools download: ${CMDLINE_DOWNLOAD}"
- name: Check current Android SDK versions in Dockerfile
id: current
run: |
CURRENT_CMDLINE=$(grep -o 'ANDROID_SDK_TOOLS_VERSION=[0-9]*' Dockerfile.android | cut -d= -f2)
CURRENT_BUILD_TOOLS=$(grep -o 'ANDROID_BUILD_TOOLS=[0-9.]*' Dockerfile.android | cut -d= -f2)
CURRENT_PLATFORM=$(grep -o 'ANDROID_COMPILE_SDK=[0-9]*' Dockerfile.android | cut -d= -f2)
echo "cmdline_tools=${CURRENT_CMDLINE}" >> $GITHUB_OUTPUT
echo "build_tools=${CURRENT_BUILD_TOOLS}" >> $GITHUB_OUTPUT
echo "platform=${CURRENT_PLATFORM}" >> $GITHUB_OUTPUT
echo "Current cmdline-tools: ${CURRENT_CMDLINE}"
echo "Current build-tools: ${CURRENT_BUILD_TOOLS}"
echo "Current platform: ${CURRENT_PLATFORM}"
- name: Check if Flutter release already exists
id: existing id: existing
run: | run: |
VERSION="${{ steps.flutter.outputs.version }}" VERSION="${{ steps.flutter.outputs.version }}"
@ -31,7 +74,29 @@ jobs:
echo "Release ${VERSION} not found, will create" echo "Release ${VERSION} not found, will create"
fi fi
- name: Create release for new version - name: Determine if Android SDK update is needed
id: android_update
run: |
NEEDS_UPDATE=false
if [ "${{ steps.android.outputs.cmdline_tools }}" != "${{ steps.current.outputs.cmdline_tools }}" ]; then
echo "cmdline-tools update available: ${{ steps.current.outputs.cmdline_tools }} -> ${{ steps.android.outputs.cmdline_tools }}"
NEEDS_UPDATE=true
fi
if [ "${{ steps.android.outputs.build_tools }}" != "${{ steps.current.outputs.build_tools }}" ]; then
echo "build-tools update available: ${{ steps.current.outputs.build_tools }} -> ${{ steps.android.outputs.build_tools }}"
NEEDS_UPDATE=true
fi
if [ "${{ steps.android.outputs.platform }}" != "${{ steps.current.outputs.platform }}" ]; then
echo "platform update available: ${{ steps.current.outputs.platform }} -> ${{ steps.android.outputs.platform }}"
NEEDS_UPDATE=true
fi
echo "needs_update=${NEEDS_UPDATE}" >> $GITHUB_OUTPUT
- name: Create release for new Flutter version
if: steps.existing.outputs.exists == 'false' && steps.flutter.outputs.version != '' if: steps.existing.outputs.exists == 'false' && steps.flutter.outputs.version != ''
run: | run: |
VERSION="${{ steps.flutter.outputs.version }}" VERSION="${{ steps.flutter.outputs.version }}"
@ -47,3 +112,33 @@ jobs:
\"draft\": false, \"draft\": false,
\"prerelease\": false \"prerelease\": false
}" }"
- name: Create issue for Android SDK updates
if: steps.android_update.outputs.needs_update == 'true'
run: |
BODY="Android SDK updates are available:\n\n"
BODY+="| Component | Current | Latest |\n"
BODY+="|-----------|---------|--------|\n"
BODY+="| cmdline-tools | ${{ steps.current.outputs.cmdline_tools }} | ${{ steps.android.outputs.cmdline_tools }} |\n"
BODY+="| build-tools | ${{ steps.current.outputs.build_tools }} | ${{ steps.android.outputs.build_tools }} |\n"
BODY+="| platform | ${{ steps.current.outputs.platform }} | ${{ steps.android.outputs.platform }} |\n"
BODY+="\nUpdate \`Dockerfile.android\` to use the latest versions."
# Check if issue already exists
EXISTING=$(curl -s -H "Authorization: token ${{ secrets.GITEA_TOKEN }}" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/issues?state=open&labels=android-sdk-update" | jq length)
if [ "$EXISTING" = "0" ]; then
curl -fsSL -X POST \
-H "Authorization: token ${{ secrets.GITEA_TOKEN }}" \
-H "Content-Type: application/json" \
"${{ github.server_url }}/api/v1/repos/${{ github.repository }}/issues" \
-d "{
\"title\": \"Android SDK updates available\",
\"body\": \"$(echo -e "$BODY")\",
\"labels\": [\"android-sdk-update\"]
}"
echo "Created issue for Android SDK updates"
else
echo "Issue for Android SDK updates already exists"
fi

4
Dockerfile.android
View File

@ -1,9 +1,9 @@
FROM svrnty/base-distro:flutter-sdk-android-latest FROM svrnty/base-distro:flutter-sdk-android-latest
ARG FLUTTER_VERSION=3.38.9 ARG FLUTTER_VERSION=3.38.9
ARG ANDROID_SDK_TOOLS_VERSION=11076708 ARG ANDROID_SDK_TOOLS_VERSION=14742923
ARG ANDROID_COMPILE_SDK=36 ARG ANDROID_COMPILE_SDK=36
ARG ANDROID_BUILD_TOOLS=36.0.0 ARG ANDROID_BUILD_TOOLS=36.1.0
LABEL org.opencontainers.image.title="flutter-sdk-android" LABEL org.opencontainers.image.title="flutter-sdk-android"
LABEL org.opencontainers.image.description="Flutter SDK for Android CI builds" LABEL org.opencontainers.image.description="Flutter SDK for Android CI builds"