Setup CI/CD to automatically compile and deploy builds to Internal Testing on Google Play

[M4dhav]

Description

This PR sets up a CI/CD Workflow to automatically compile and push app builds to the Google Play Store into internal testing. Additionally, it updates the Build Number in pubspec.yaml and makes changes to fetch sensitive information from Env Variables in constants.dart. It also makes the necessary documentation updates.

Fixes #504

Type of change

• New feature (non-breaking change which adds functionality)

How Has This Been Tested?

Workflow runs were examined and verified to be functioning as expected.

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• Any dependent changes have been merged and published in downstream modules
• I have checked my code and corrected any misspellings

Maintainer Checklist

• closes Setup CI/CD Pipeline to automatically compile and deploy builds to Internal Testing on Google Play #504
• Tag the PR with the appropriate labels

Summary by CodeRabbit

• New Features

  • Added automated workflow for building and deploying the Android app to Google Play internal testing.

• Documentation

  • Updated onboarding instructions to clarify how to configure the base domain using environment variables or runtime arguments.

• Refactor

  • Changed key configuration constants to use compile-time environment variables with default values for improved flexibility.

• Chores

  • Updated Android .gitignore to exclude the keys/ directory.
  • Incremented app version number.

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

A new GitHub Actions workflow is introduced to automate building and deploying the Android app to Google Play's internal testing track. Supporting changes include environment-variable-based configuration for deployment, updated documentation for configuration, version bumping, and expanded .gitignore rules to exclude sensitive keys.

Changes

Cohort / File(s)	Change Summary
CI/CD Workflow .github/workflows/store_deploy_android.yml	Adds a GitHub Actions workflow to automate build and deployment of Android app to Play Store internal testing.
Environment-based Configuration lib/utils/constants.dart	Switches key constants to be set via compile-time environment variables with default fallbacks.
Documentation Update ONBOARDING.md	Expands instructions for configuring baseDomain using either code or runtime environment variable.
Android Git Ignore android/.gitignore	Adds keys/ directory to ignore list to prevent sensitive files from being tracked.
Version Bump pubspec.yaml	Increments app version from 1.0.1+2 to 1.0.1+3.

Sequence Diagram(s)

sequenceDiagram
    participant Developer
    participant GitHub Actions
    participant Google Play Store

    Developer->>GitHub Actions: Push to main/master/deploy-actions
    GitHub Actions->>GitHub Actions: Checkout code, setup Java & Flutter
    GitHub Actions->>GitHub Actions: Decode secrets (keystore, configs)
    GitHub Actions->>GitHub Actions: Install dependencies & build AAB
    GitHub Actions->>GitHub Actions: Upload AAB artifact
    GitHub Actions->>Google Play Store: Deploy AAB to Internal Testing (using service account)

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Setup CI/CD Pipeline using GitHub Actions to automatically build and deploy to Google Play Internal Testing (#504)	✅
Trigger workflow on pushes to main/master, automate signing, build, and upload process (#504)	✅

Assessment against linked issues: Out-of-scope changes

No out-of-scope changes detected.

Poem

A bunny hops with nimble feet,
CI/CD now can't be beat!
Android builds deploy with ease,
No more manual, just a breeze.
Secrets safe, configs neat—
🎉 Our code hops forward, can't be beat! 🐇

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

🎉 Welcome @M4dhav!
Thank you for your pull request! Our team will review it soon. 🔍

• Please ensure your PR follows the contribution guidelines. ✅
• All automated tests should pass before merging. 🔄
• If this PR fixes an issue, link it in the description. 🔗

We appreciate your contribution! 🚀

[Copilot]

Pull Request Overview

This PR establishes a complete CI/CD pipeline for automated Android app deployment to Google Play Store's internal testing track. The changes enable environment-based configuration management and automatic build deployment on main branch pushes.

Key changes:

• Added GitHub Actions workflow for automated Android app bundle compilation and Google Play deployment
• Refactored hardcoded configuration values to use environment variables with fallback defaults
• Updated build number and documentation to reflect new deployment process

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
.github/workflows/store_deploy_android.yml	New CI/CD workflow for automated Android deployment to Google Play internal testing
lib/utils/constants.dart	Replaced hardcoded values with environment variables for flexible configuration
pubspec.yaml	Incremented build number from +2 to +3
android/.gitignore	Added keys/ directory to ignore list for security
ONBOARDING.md	Updated documentation to reflect new environment variable usage

Comments suppressed due to low confidence (1)

.github/workflows/store_deploy_android.yml:20

• Flutter version 3.32.5 does not exist. The latest stable Flutter version as of my knowledge cutoff is 3.24.x. Please verify and use a valid Flutter version.

      FLUTTER_VERSION: 3.32.5

[Copilot]

Using actions/checkout@v3 is outdated. Consider upgrading to actions/checkout@v4 for better performance and security updates.

Suggested change

	uses: actions/checkout@v3
	uses: actions/checkout@v4

[Copilot]

Using actions/setup-java@v2 is deprecated. Consider upgrading to actions/setup-java@v4 for better performance and security updates.

Suggested change

	uses: actions/setup-java@v2
	uses: actions/setup-java@v4

[Copilot]

Using actions/upload-artifact@master is not recommended as it references a moving target. Use a specific version tag like actions/upload-artifact@v4 for better stability and security.

Suggested change

	uses: actions/upload-artifact@master
	uses: actions/upload-artifact@v4

[Copilot]

The 'deploy-actions' branch appears to be a temporary development branch. Consider removing it from the production workflow triggers to avoid unintended deployments from feature branches.

Suggested change

- deploy-actions

[M4dhav]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 3

♻️ Duplicate comments (1)

.github/workflows/store_deploy_android.yml (1)

7-10: Temporary branch in production trigger

deploy-actions looks like a feature branch; leaving it in the trigger risks unintentional store pushes.

🧹 Nitpick comments (4)

android/.gitignore (1)

17-17: Inconsistent ignore entry vs. workflow paths

keys/ is now ignored, yet the workflow decodes the keystore to android/upload-keystore.jks and android/key.properties, not inside keys/.
Unless another process places credentials under keys/, this line is redundant noise in .gitignore.

Remove the entry or point the workflow to keys/ for consistency.

ONBOARDING.md (1)

106-107: Minor grammar & clarity

Consider:

“… you can either update the default value of baseDomain in constants.dart, or pass it …”

.github/workflows/store_deploy_android.yml (2)

64-66: Cache Pub packages to cut CI time

Each run downloads all dependencies. Add flutter-action’s cache or a manual actions/cache step.

---

30-97: YAML-lint: trailing spaces & missing EOF newline

Clean up trailing whitespace (Lines 7, 14, 38, 55, 59) and add a newline at EOF to keep the linter green.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ddbf872 and 37d5f53.

📒 Files selected for processing (5)

• .github/workflows/store_deploy_android.yml (1 hunks)
• ONBOARDING.md (1 hunks)
• android/.gitignore (1 hunks)
• lib/utils/constants.dart (1 hunks)
• pubspec.yaml (1 hunks)

🧰 Additional context used

🪛 YAMLlint (1.37.1)

.github/workflows/store_deploy_android.yml

[error] 7-7: trailing spaces

(trailing-spaces)

---

[error] 14-14: trailing spaces

(trailing-spaces)

---

[error] 38-38: trailing spaces

(trailing-spaces)

---

[error] 55-55: trailing spaces

(trailing-spaces)

---

[error] 59-59: trailing spaces

(trailing-spaces)

---

[error] 97-97: no new line character at the end of file

(new-line-at-end-of-file)

🔇 Additional comments (1)

pubspec.yaml (1)

20-20: Version bump acknowledged

Build number increment aligns with Play Store internal-testing requirements.

[coderabbitai]

⚠️ Potential issue

Suspicious Flutter version

3.32.5 does not match any released Flutter SDK tag (current stable < 4.0). The action will fail when it tries to fetch this version.

-      FLUTTER_VERSION: 3.32.5
+      # Pin to an existing stable tag (e.g. the version used by the repo)
+      FLUTTER_VERSION: 3.22.0

Verify against flutter --version in the project.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# Setup env variables that will be used throughout the workflow
	JAVA_VERSION: 17.0.12
	FLUTTER_VERSION: 3.32.5
	AAB_PATH: build/app/outputs/bundle/release/app-release.aab
	# Setup env variables that will be used throughout the workflow
	JAVA_VERSION: 17.0.12
	# Pin to an existing stable tag (e.g. the version used by the repo)
	FLUTTER_VERSION: 3.22.0
	AAB_PATH: build/app/outputs/bundle/release/app-release.aab

🤖 Prompt for AI Agents

In .github/workflows/store_deploy_android.yml around lines 18 to 21, the Flutter
version is set to 3.32.5, which is not a valid released Flutter SDK version and
will cause the action to fail. Check the actual Flutter version used in the
project by running `flutter --version` locally, then update the FLUTTER_VERSION
variable to match the correct stable version tag.

[coderabbitai]

🛠️ Refactor suggestion

Hard-fail build when secrets are absent

If a secret is undefined, flutter build will insert an empty string, producing the localhost fallback above. Add set -euo pipefail and explicit checks:

- run: |
+ run: |
     [[ -n "${{ secrets.APPWRITE_BASE_DOMAIN }}" ]] || { echo "Missing APPWRITE_BASE_DOMAIN"; exit 1; }
     [[ -n "${{ secrets.APPWRITE_PROJECT_ID }}" ]]   || { echo "Missing APPWRITE_PROJECT_ID"; exit 1; }
     flutter build appbundle \

🤖 Prompt for AI Agents

In .github/workflows/store_deploy_android.yml around lines 75 to 82, the flutter
build command uses secrets that may be undefined, causing fallback to localhost.
To fix this, add `set -euo pipefail` at the start of the run script and insert
explicit checks for the presence of APPWRITE_BASE_DOMAIN and APPWRITE_PROJECT_ID
secrets before running flutter build. If any secret is missing, output an error
message and exit with failure to prevent proceeding with empty values.

[coderabbitai]

⚠️ Potential issue

Environment-variable fallback may silently hit localhost in production

If APPWRITE_BASE_DOMAIN / APPWRITE_PROJECT_ID secrets are missing at build-time, the release build will connect to localhost / resonate, causing hard-to-debug prod outages.

-const String baseDomain =
-    String.fromEnvironment('APPWRITE_BASE_DOMAIN', defaultValue: 'localhost');
+const String baseDomain = String.fromEnvironment('APPWRITE_BASE_DOMAIN');
 
-const String appwriteProjectId =
-    String.fromEnvironment('APPWRITE_PROJECT_ID', defaultValue: 'resonate');
+const String appwriteProjectId = String.fromEnvironment('APPWRITE_PROJECT_ID');
+
+// Fail fast – throw if envs are absent in non-debug builds.
+void _ensureEnv() {
+  const bool _isDebug =
+      bool.fromEnvironment('dart.vm.product') == false; // true in debug/profile
+  if (!_isDebug && (baseDomain.isEmpty || appwriteProjectId.isEmpty)) {
+    throw StateError('Missing required compile-time env variables.');
+  }
+}
+// Call once on app start (e.g. in main()).

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const String baseDomain =
	String.fromEnvironment('APPWRITE_BASE_DOMAIN', defaultValue: 'localhost');
	const String appwriteProjectId =
	String.fromEnvironment('APPWRITE_PROJECT_ID', defaultValue: 'resonate');
	const String baseDomain = String.fromEnvironment('APPWRITE_BASE_DOMAIN');
	const String appwriteProjectId = String.fromEnvironment('APPWRITE_PROJECT_ID');
	// Fail fast – throw if envs are absent in non-debug builds.
	void _ensureEnv() {
	const bool _isDebug =
	bool.fromEnvironment('dart.vm.product') == false; // true in debug/profile
	if (!_isDebug && (baseDomain.isEmpty || appwriteProjectId.isEmpty)) {
	throw StateError('Missing required compile-time env variables.');
	}
	}
	// Call once on app start (e.g. in main()).

🤖 Prompt for AI Agents

In lib/utils/constants.dart around lines 4 to 7, the current environment
variable fallbacks default to 'localhost' and 'resonate', which can cause
production builds to silently connect to incorrect values if the variables are
missing. Remove or modify the defaultValue parameters so that missing
environment variables cause a clear failure or warning at build time, preventing
silent fallback to unsafe defaults in production.

[github-actions]

✅ PR Closed - Thank You, @M4dhav!

• If this PR was merged: Congratulations! Your contribution is now part of the project. 🚀
• If this PR was closed without merging: Don’t worry! You can always improve it and submit again. 💪

We appreciate your effort and look forward to more contributions from you! 🤝