diff --git a/commet/android/app/build.gradle b/commet/android/app/build.gradle index 171ec4a2..a5dff529 100644 --- a/commet/android/app/build.gradle +++ b/commet/android/app/build.gradle @@ -76,7 +76,11 @@ android { applicationIdSuffix ".debug" } release { - signingConfig signingConfigs.release + // Use the release keystore when one is configured (key.properties + // present); otherwise fall back to debug signing so CI without + // signing secrets still produces an installable (sideload-only) APK + // instead of an unsigned one. + signingConfig keystorePropertiesFile.exists() ? signingConfigs.release : signingConfigs.debug } } diff --git a/commet/scripts/setup_android_release.dart b/commet/scripts/setup_android_release.dart index 6cf0ed85..09ce3c13 100644 --- a/commet/scripts/setup_android_release.dart +++ b/commet/scripts/setup_android_release.dart @@ -3,7 +3,10 @@ import 'dart:io'; String? getArg(List args, String name) { int index = args.indexOf(name); - if (index == -1) return null; + // Not present, or present with no value after it (e.g. a CI secret expanded to + // an empty string, so the flag ended up last). Return null instead of + // indexing out of bounds. + if (index == -1 || index + 1 >= args.length) return null; return args[index + 1]; } @@ -47,9 +50,21 @@ void main(List args) { return; } - String keyData = getArg(args, "--key_b64")!; - String keyPassword = getArg(args, "--key_password")!; + String? keyData = getArg(args, "--key_b64"); + String? keyPassword = getArg(args, "--key_password"); + + // No release keystore configured (e.g. a fork without ANDROID_KEY_STORE_B64 / + // ANDROID_KEY_PASSWORD secrets). Skip writing key.properties so the build + // falls back to debug signing (see android/app/build.gradle) and still + // produces an installable, sideload-only APK. A leading "--" means the secret + // expanded to empty and getArg picked up the next flag. + if (keyData == null || keyData.isEmpty || keyData.startsWith("--")) { + stdout.writeln( + "No Android release keystore provided; skipping release signing " + "(the APK will be debug-signed)."); + return; + } decodeAndWriteKeyFile(keyData); - writeKeyProperties(keyPassword); + writeKeyProperties(keyPassword ?? ""); }