use fastlane to deploy android app

2024-09-06 08:26:44 +02:00
parent 83d83b03a9
commit 0ae20e4995
33 changed files with 414 additions and 16 deletions
--- a/frontend/android/README.md
+++ b/frontend/android/README.md
@@ -2,13 +2,12 @@

 ### Keystore setup
 ```bash
-keytool -genkey -v -keystore release.keystore -keyalg RSA -keysize 2048 -validity 10000 -alias release
+keytool -genkey -v -keystore release.keystore -keyalg RSA -keysize 2048 -validity 10000 -alias upload
 ```
- This is required to store local credentials securely (not used for now).
- But necesseary in order to restrict the particular api key to a particular app (through the sha1 of the associated keystore).
+- This is required to store local credentials securely and more importantly to sign the app for google play store distribution.


-### Building and secret credentials
+### Using secret credentials during build
 Following the guide under [https://developers.google.com/maps/flutter-package/config#android_1](https://developers.google.com/maps/flutter-package/config#android_1).
 - Add the following to `android/build.gradle`:
    ```gradle
@@ -36,13 +35,39 @@ Following the guide under [https://developers.google.com/maps/flutter-package/co
        android:value="${MAPS_API_KEY}" />
    ```

+### Signing the app
+Compared to the flutter template application, a few changes have to be made:
+- Added to `android/app/build.gradle`:
+    ```gradle
+        signingConfigs {
+            release {
+                keyAlias = secretProperties['keyAlias']
+                keyPassword = secretProperties['keyPassword']
+                storeFile = secretProperties['storeFile'] ? file(secretProperties['storeFile']) : null
+                storePassword = secretProperties['storePassword']
+            }
+        }
+    ```
+- Changed the `buildTypes` to use the `release` signing config:
+    ```gradle
+        buildTypes {
+            release {
+                signingConfig signingConfigs.release
+            }
+        }
+    ```
+    This makes use of the `secretProperties` defined previously:
+    ```gradle
+        secretPropertiesFile.withReader('UTF-8') { reader ->
+            secretProperties.load(reader)
+        }
+    ```
+

 ### Using the credentials in CI
- Add the base64 encoded credentials to the repository secrets (e.g. `ANDROID_SECRETS`).
+- Add the secret files to the repository secrets (e.g. `ANDROID_SECRETS_PROPERTIES`).
+
+- temporarily write them back to files during the CI execution:
    ```bash
-    base64 -i android/secrets.properties
+    echo {{ secrets.ANDROID_SECRETS }} >> android/secrets.properties
    ```
- Use the following in the CI script:
-    ```bash
-    echo {{ secrets.ANDROID_SECRETS }} | base64 -d > android/secrets.properties
-    ```