Skip to content

Add Android release GitHub Actions workflow and keep OAuth flow alive when app backgrounds#7

Merged
CheFu-code merged 1 commit into
mainfrom
codex/fix-signing-implementation-issue-lif9ma
Jun 20, 2026
Merged

Add Android release GitHub Actions workflow and keep OAuth flow alive when app backgrounds#7
CheFu-code merged 1 commit into
mainfrom
codex/fix-signing-implementation-issue-lif9ma

Conversation

@CheFu-code

@CheFu-code CheFu-code commented Jun 20, 2026

Copy link
Copy Markdown
Owner

Motivation

  • Provide a reproducible CI job to build Android release APK/AAB, produce artifacts, checksums and release notes for tagged releases and branch pushes.
  • Prevent an in-progress OAuth sign-in from being cancelled when the app is backgrounded due to AppState change handling.

Description

  • Add a new GitHub Actions workflow android-release-build.yml that installs SDK components, decodes a base64 keystore from secrets, runs ./gradlew app:assembleRelease and app:bundleRelease, uploads APK/AAB artifacts and checksums, and emits a release-notes.md artifact.
  • In useQuantumAuth add an authPromptActiveRef flag and short-circuit the AppState change handler to avoid aborting the auth operation while startQuantumSignIn is in progress, and ensure the flag is cleared on success or error.
  • Add a unit test keeps the OAuth operation alive while the auth browser backgrounds the app in useQuantumAuth tests that mocks AppState.addEventListener and verifies the sign-in completes and the session is saved.

Testing

  • Ran unit tests via npm test which include src/hooks/__tests__/useQuantumAuth.test.tsx, and the test suite (including the new backgrounding test) passed locally.

Codex Task

Summary by CodeRabbit

  • Bug Fixes
    • Improved authentication stability when the app transitions to the background, preventing interruption of ongoing sign-in operations.

@github-actions

Copy link
Copy Markdown

🚀 Thank you @CheFu-code for the Pull Request!

Our automated CI tests are spinning up now to check the changes. A maintainer will review your code shortly.

💖 Love what we're building? Support the ecosystem on GitHub Sponsors!

@coderabbitai

coderabbitai Bot commented Jun 20, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: fdb32b16-c81f-4187-b756-542483188b8f

📥 Commits

Reviewing files that changed from the base of the PR and between 0166d53 and 1da801e.

📒 Files selected for processing (3)
  • .github/workflows/android-release-build.yml
  • src/hooks/__tests__/useQuantumAuth.test.tsx
  • src/hooks/useQuantumAuth.ts

📝 Walkthrough

Walkthrough

Adds a full GitHub Actions workflow for building and signing Android release APKs and AABs, including artifact uploads, SHA256 checksums, and release notes. Separately, useQuantumAuth gains an authPromptActiveRef guard that prevents the AppState change listener from triggering session restore or reset while a sign-in prompt is in progress, with a corresponding test.

Changes

Android Release Build Workflow

Layer / File(s) Summary
Workflow triggers, concurrency, and job environment
.github/workflows/android-release-build.yml
Defines manual, branch-push, and version-tag triggers with a ref-keyed concurrency group. The single build-release job installs Node 22, Java 17, Gradle, Android SDK/NDK packages, runs npm install, expo prebuild, decodes the base64 keystore, validates the Expo config, and invokes Gradle to assemble signed release APK and AAB via injected signing properties.
Artifact upload, checksums, release notes, and build summary
.github/workflows/android-release-build.yml
Generates build metadata (UTC timestamp, short SHA, ref name), uploads APK and AAB artifacts, computes SHA256 checksums into checksums.txt, writes and uploads release-notes.md, and prints a final directory-listing summary step.

useQuantumAuth Background App-State Guard

Layer / File(s) Summary
authPromptActiveRef ref and AppState short-circuit
src/hooks/useQuantumAuth.ts
Adds authPromptActiveRef (useRef(false)). The AppState change handler exits early when authPromptActiveRef.current is true. The signIn function sets the ref to true before awaiting startQuantumSignIn() and resets it to false in both the resolution and error paths.
Background-during-sign-in test
src/hooks/__tests__/useQuantumAuth.test.tsx
Imports AppState in the test file and adds a test that captures the AppState listener, fires a "background" event while startQuantumSignIn is pending, resolves the promise with a mocked StoredAuthSession, and asserts the hook reaches authenticated status with the correct notice and persisted session.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

  • CheFu-code/Quantum-App#1: Modifies startQuantumSignIn (nonce/state generation and base64 decoding), which is the exact function that useQuantumAuth now wraps with the authPromptActiveRef guard in this PR.

Poem

🐇 Hoppity-hop through the pipeline I go,
Signing my APKs, row by row!
A background sneaks in? Not during my quest—
authPromptActiveRef puts that state to rest.
Checksums and notes, all bundled with care,
This rabbit ships builds with the greatest of flair! 🥕

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/fix-signing-implementation-issue-lif9ma

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@CheFu-code CheFu-code merged commit 79c345b into main Jun 20, 2026
2 of 3 checks passed

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1da801ee42

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

-PreactNativeDevServerPort=8081 \
-PreactNativeArchitectures="${ARCHITECTURES}" \
-Pandroid.injected.signing.store.file="${{ steps.decode_keystore.outputs.keystore_path }}" \
-Pandroid.injected.signing.store.password="${{ secrets.KEYSTORE_PASSWORD }}" \

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Pass signing secrets through env vars

When a keystore password contains shell metacharacters such as $, backticks, or quotes, substituting ${{ secrets.KEYSTORE_PASSWORD }} directly into the run script lets bash interpret those characters before Gradle receives the value, so release signing can fail with a corrupted password; the same pattern is repeated in the bundle step. Put the signing secrets in env and pass quoted shell variables instead so the secret value is not re-expanded by the shell.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant