Add Android release GitHub Actions workflow and keep OAuth flow alive when app backgrounds#7
Conversation
|
🚀 Thank you @CheFu-code for the Pull Request! Our automated CI tests are spinning up now to check the changes. A maintainer will review your code shortly. 💖 Love what we're building? Support the ecosystem on GitHub Sponsors! |
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
📝 WalkthroughWalkthroughAdds a full GitHub Actions workflow for building and signing Android release APKs and AABs, including artifact uploads, SHA256 checksums, and release notes. Separately, ChangesAndroid Release Build Workflow
useQuantumAuth Background App-State Guard
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related PRs
Poem
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1da801ee42
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| -PreactNativeDevServerPort=8081 \ | ||
| -PreactNativeArchitectures="${ARCHITECTURES}" \ | ||
| -Pandroid.injected.signing.store.file="${{ steps.decode_keystore.outputs.keystore_path }}" \ | ||
| -Pandroid.injected.signing.store.password="${{ secrets.KEYSTORE_PASSWORD }}" \ |
There was a problem hiding this comment.
Pass signing secrets through env vars
When a keystore password contains shell metacharacters such as $, backticks, or quotes, substituting ${{ secrets.KEYSTORE_PASSWORD }} directly into the run script lets bash interpret those characters before Gradle receives the value, so release signing can fail with a corrupted password; the same pattern is repeated in the bundle step. Put the signing secrets in env and pass quoted shell variables instead so the secret value is not re-expanded by the shell.
Useful? React with 👍 / 👎.
Motivation
AppStatechange handling.Description
android-release-build.ymlthat installs SDK components, decodes a base64 keystore from secrets, runs./gradlew app:assembleReleaseandapp:bundleRelease, uploads APK/AAB artifacts and checksums, and emits arelease-notes.mdartifact.useQuantumAuthadd anauthPromptActiveRefflag and short-circuit theAppStatechange handler to avoid aborting the auth operation whilestartQuantumSignInis in progress, and ensure the flag is cleared on success or error.keeps the OAuth operation alive while the auth browser backgrounds the appinuseQuantumAuthtests that mocksAppState.addEventListenerand verifies the sign-in completes and the session is saved.Testing
npm testwhich includesrc/hooks/__tests__/useQuantumAuth.test.tsx, and the test suite (including the new backgrounding test) passed locally.Codex Task
Summary by CodeRabbit