Modified GH options

Author: awhitchurch

.github/workflows/android-deploy.yml

@@ -24,6 +24,17 @@ jobs:
         with:
           flutter-version: '3.35.4'
 
+      - name: Prepare CI keystore from GitHub Secrets
+        if: ${{ secrets.KEYSTORE_BASE64 != '' }}
+        run: |
+          echo "Decoding GitHub secret keystore to move/ci_keystore.jks"
+          echo "${{ secrets.KEYSTORE_BASE64 }}" | base64 --decode > move/ci_keystore.jks
+          echo "Exporting signing env vars"
+          if [ -n "${{ secrets.KEY_ALIAS }}" ]; then echo "KEY_ALIAS=${{ secrets.KEY_ALIAS }}" >> $GITHUB_ENV; fi
+          if [ -n "${{ secrets.KEY_PASSWORD }}" ]; then echo "KEY_PASSWORD=${{ secrets.KEY_PASSWORD }}" >> $GITHUB_ENV; fi
+          if [ -n "${{ secrets.STORE_PASSWORD }}" ]; then echo "STORE_PASSWORD=${{ secrets.STORE_PASSWORD }}" >> $GITHUB_ENV; fi
+
+
       - name: Cache pub
         uses: actions/cache@v4
         with:

.gitignore

@@ -1,2 +1,3 @@
 move/android/app/local.properties
 .github/copilot-instructions.md
+keystore.base64

move/android/app/build.gradle.kts

@@ -43,19 +43,37 @@ android {
 
     signingConfigs {
         create("release") {
-            keyAlias = keystoreProperties["keyAlias"] as String
-            keyPassword = keystoreProperties["keyPassword"] as String
-            storeFile = keystoreProperties["storeFile"]?.let { file(it) }
-            storePassword = keystoreProperties["storePassword"] as String
+            if (keystorePropertiesFile.exists()) {
+                // use Properties.getProperty which returns null if missing (safer than cast)
+                keyAlias = keystoreProperties.getProperty("keyAlias")
+                keyPassword = keystoreProperties.getProperty("keyPassword")
+                keystoreProperties.getProperty("storeFile")?.let { storeFile = file(it) }
+                storePassword = keystoreProperties.getProperty("storePassword")
+            } else if (System.getenv("KEYSTORE_BASE64") != null) {
+                // Decode base64 keystore provided via environment (CI secret)
+                val keystoreBytes = java.util.Base64.getDecoder().decode(System.getenv("KEYSTORE_BASE64"))
+                val keystoreOut = rootProject.file("ci_keystore.jks")
+                keystoreOut.writeBytes(keystoreBytes)
+                storeFile = keystoreOut
+                keyAlias = System.getenv("KEY_ALIAS")
+                keyPassword = System.getenv("KEY_PASSWORD")
+                storePassword = System.getenv("STORE_PASSWORD")
+            } else {
+                // Leave release signing empty so CI can build without a keystore present
+            }
         }
     }
     buildTypes {
         release {
             // TODO: Add your own signing config for the release build.
             // Signing with the debug keys for now,
             // so `flutter run --release` works.
-            signingConfig = signingConfigs.getByName("debug")
-            signingConfig = signingConfigs.getByName("release")
+            // Use release signing when key.properties exists or CI keystore env var is set
+            if (keystorePropertiesFile.exists() || System.getenv("KEYSTORE_BASE64") != null) {
+                signingConfig = signingConfigs.getByName("release")
+            } else {
+                signingConfig = signingConfigs.getByName("debug")
+            }
         }
     }