switch secrets to loading from env - towards a more unified way of handling secrets

frontend/.github/workflows/build_app_android.yaml

@@ -51,8 +51,9 @@ jobs:
         working-directory: android
 
       - name: Run fastlane lane
-        run: bundle exec fastlane deploy_testing
+        run: bundle exec fastlane deploy_release
         working-directory: android
         env:
           BUILD_NUMBER: ${{ github.run_number }}
           # BUILD_NAME is implicitly available
+          GOOGLE_MAPS_API_KEY: ${{ secrets.GOOGLE_MAPS_API_KEY }}

frontend/.github/workflows/build_app_ios.yaml

@@ -0,0 +1,53 @@
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  build:
+    runs-on: macos-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up ruby env
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.2.1
+          bundler-cache: true
+
+      - name: Install Flutter
+        uses: subosito/flutter-action@v2
+        with:
+          channel: stable
+          flutter-version: 3.22.0
+          cache: true
+
+      - name: Infer version number from git tag
+        id: version
+        env: 
+          REF_NAME: ${{ github.ref_name }}
+        run:
+          # remove the 'v' prefix from the tag name
+          echo "BUILD_NAME=${REF_NAME//v}" >> $GITHUB_ENV
+
+      - name: Load secrets from github
+        run: |
+          echo "${{ secrets.IOS_SECRET_PROPERTIES_BASE64 }}" | base64 -d > secrets.properties
+          echo "${{ secrets.IOS_GOOGLE_PLAY_JSON_BASE64 }}" | base64 -d > google-key.json
+          echo "${{ secrets.IOS_KEYSTORE_BASE64 }}" | base64 -d > release.keystore
+        working-directory: ios
+
+      - name: Install fastlane
+        run: bundle install
+        working-directory: ios
+
+      - name: Run fastlane lane
+        run: bundle exec fastlane deploy_release
+        working-directory: ios
+        env:
+          BUILD_NUMBER: ${{ github.run_number }}
+          # BUILD_NAME is implicitly available
+          GOOGLE_MAPS_API_KEY: ${{ secrets.GOOGLE_MAPS_API_KEY }}
+          IOS_ASC_KEY_ID: ${{ secrets.IOS_ASC_KEY_ID }}
+          IOS_ASC_ISSUER_ID: ${{ secrets.IOS_ASC_ISSUER_ID }}
+          IOS_ASC_KEY_P8: ${{ secrets.IOS_ASC_KEY_P8 }}

frontend/android/app/build.gradle

@@ -65,7 +65,7 @@ android {
     }
 
     defaultConfig {
-        // TODO: Specify your own unique Application ID (https://developer.android.com/studio/build/application-id.html).
+  
         applicationId "com.anydev.anyway"
         // You can update the following values to match your application needs.
         // For more information, see: https://docs.flutter.dev/deployment/android#reviewing-the-gradle-build-configuration.
@@ -77,7 +77,7 @@ android {
         versionCode flutterVersionCode.toInteger()
         versionName flutterVersionName
         // // Placeholders of keys that are replaced by the build system.
-        manifestPlaceholders += ['MAPS_API_KEY': secretProperties.getProperty('MAPS_API_KEY')]
+        manifestPlaceholders += ['MAPS_API_KEY': System.getenv('GOOGLE_MAPS_API_KEY')]
 
     }
 

frontend/android/fastlane/Fastfile

@@ -1,11 +1,8 @@
-# Uncomment the line if you want fastlane to automatically update itself
-# update_fastlane
-
 default_platform(:android)
 
 platform :android do
 
-  desc "Deploy a new version to closed testing"
+  desc "Deploy a new version to closed testing (play store)"
   lane :deploy_testing do
     build_name = ENV["BUILD_NAME"]
     build_number = ENV["BUILD_NUMBER"]
@@ -30,24 +27,26 @@ platform :android do
       )
   end
 
+
   desc "Deploy a new version as a full release"
   lane :deploy_release do
-    gradle(
+    build_name = ENV["BUILD_NAME"]
-      task: "clean assembleRelease",
+    build_number = ENV["BUILD_NUMBER"]
-      # todo update to a flutter call
+
-      properties: {
+    sh(
-        # loaded from environment
+      "flutter",
-        "android.injected.version.name" => ENV["VERSION_NAME"],
+      "build",
-      }
+      "appbundle",
+      "--release",
+      "--build-name=#{build_name}",
+      "--build-number=#{build_number}",
       )
+    
     upload_to_play_store(
-      track: "production",
+      track: 'production',
       skip_upload_apk: true,
       skip_upload_changelogs: true,
       aab: "../build/app/outputs/bundle/release/app-release.aab",
-      # this is the default output of flutter build ... --release
-      # in particular this the build folder lies in the flutter root folder
-      # this is the parent folder for the android folder
       )
   end
 end

frontend/ios/Runner/AppDelegate.swift

@@ -1,5 +1,6 @@
 import UIKit
 import Flutter
+import GoogleMaps
 
 @main
 @objc class AppDelegate: FlutterAppDelegate {
@@ -7,6 +8,9 @@ import Flutter
     _ application: UIApplication,
     didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?
   ) -> Bool {
+    // load the key from env
+    let key = ProcessInfo.processInfo.environment["GOOGLE_MAPS_API_KEY"]!
+    GMSServices.provideAPI(key)
     GeneratedPluginRegistrant.register(with: self)
     return super.application(application, didFinishLaunchingWithOptions: launchOptions)
   }

frontend/ios/fastlane/Fastfile

@@ -1,5 +1,3 @@
-
-
 default_platform(:ios)
 
 platform :ios do
@@ -10,16 +8,19 @@ platform :ios do
   desc "Load the App Store Connect API token"
   lane :load_asc_api_token do
     app_store_connect_api_key(
-      key_id: ENV["ASC_KEY_ID"],
+      key_id: ENV["IOS_ASC_KEY_ID"],
-      issuer_id: ENV["ASC_ISSUER_ID"],
+      issuer_id: ENV["IOS_ASC_ISSUER_ID"],
-      key_content: ENV["ASC_KEY_P8"],
+      key_content: ENV["IOS_ASC_KEY_P8"],
       is_key_content_base64: true,
       in_house: false
     )
   end
 
-  desc "Push a new beta build to TestFlight"
+  desc "Deploy a new version to closed testing (testflight)"
   lane :deploy_testing do
+    build_name = ENV["BUILD_NAME"]
+    build_number = ENV["BUILD_NUMBER"]
+
     api_key = lane_context[SharedValues::APP_STORE_CONNECT_API_KEY]
     sync_code_signing(
       api_key: api_key,
@@ -32,16 +33,58 @@ platform :ios do
       "build",
       "ipa",
       "--release",
-      "--build-name=1.0.10",
+      "--build-name=#{build_name}",
-      "--build-number=4"
+      "--build-number=#{build_number}",
     )
+
     # sign the app (whithout rebuilding it)
     build_app(
       skip_build_archive: true,
       archive_path: "../build/ios/archive/Runner.xarchive"
     )
+
     upload_to_testflight
   end
+
+
+  desc "Deploy a new version as a full release"
+  lane :deploy_release do
+
+    build_name = ENV["BUILD_NAME"]
+    build_number = ENV["BUILD_NUMBER"]
+
+    api_key = lane_context[SharedValues::APP_STORE_CONNECT_API_KEY]
+    sync_code_signing(
+      api_key: api_key,
+      type: "appstore",
+      readonly: true,
+    )
+
+    sh(
+      "flutter",
+      "build",
+      "ipa",
+      "--release",
+      "--build-name=#{build_name}",
+      "--build-number=#{build_number}",
+    )
+
+    # sign the app (whithout rebuilding it)
+    build_app(
+      skip_build_archive: true,
+      archive_path: "../build/ios/archive/Runner.xarchive"
+    )
+  
+    upload_to_app_store(
+      skip_screenshots: true,
+      skip_metadata: true,
+      skip_app_rating_config: true,
+      skip_app_review_information: true,
+      skip_submission: false,
+      # automatically submit the app for review
+      automatic_release: true,
+      # automatically release the app after review
+    )
 end