From 0cd4ceb9a881430958117ba10b53f9dc295e2f6e Mon Sep 17 00:00:00 2001 From: Daniel Agoston <5380799+Deniel9204@users.noreply.github.com> Date: Fri, 26 Jun 2026 20:13:41 +0200 Subject: [PATCH] Build a debug-signed Android APK when no release keystore is configured The Android release jobs failed with "RangeError ... 0..1: 2": with no signing secrets (a fork without ANDROID_KEY_STORE_B64 / ANDROID_KEY_PASSWORD), the CI command becomes `--key_password --key_b64` with no values, and setup_android_release.dart indexed past the args. - setup_android_release.dart: make getArg bounds-safe, and skip writing key.properties when no keystore is provided (null/empty/leading "--"). - android/app/build.gradle: the release build now falls back to signingConfigs. debug when key.properties is absent, so it produces an installable (sideload-only) APK instead of an unsigned one. With a real keystore present it still release-signs exactly as before. --- commet/android/app/build.gradle | 6 +++++- commet/scripts/setup_android_release.dart | 23 +++++++++++++++++++---- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/commet/android/app/build.gradle b/commet/android/app/build.gradle index 171ec4a2..a5dff529 100644 --- a/commet/android/app/build.gradle +++ b/commet/android/app/build.gradle @@ -76,7 +76,11 @@ android { applicationIdSuffix ".debug" } release { - signingConfig signingConfigs.release + // Use the release keystore when one is configured (key.properties + // present); otherwise fall back to debug signing so CI without + // signing secrets still produces an installable (sideload-only) APK + // instead of an unsigned one. + signingConfig keystorePropertiesFile.exists() ? signingConfigs.release : signingConfigs.debug } } diff --git a/commet/scripts/setup_android_release.dart b/commet/scripts/setup_android_release.dart index 6cf0ed85..09ce3c13 100644 --- a/commet/scripts/setup_android_release.dart +++ b/commet/scripts/setup_android_release.dart @@ -3,7 +3,10 @@ import 'dart:io'; String? getArg(List args, String name) { int index = args.indexOf(name); - if (index == -1) return null; + // Not present, or present with no value after it (e.g. a CI secret expanded to + // an empty string, so the flag ended up last). Return null instead of + // indexing out of bounds. + if (index == -1 || index + 1 >= args.length) return null; return args[index + 1]; } @@ -47,9 +50,21 @@ void main(List args) { return; } - String keyData = getArg(args, "--key_b64")!; - String keyPassword = getArg(args, "--key_password")!; + String? keyData = getArg(args, "--key_b64"); + String? keyPassword = getArg(args, "--key_password"); + + // No release keystore configured (e.g. a fork without ANDROID_KEY_STORE_B64 / + // ANDROID_KEY_PASSWORD secrets). Skip writing key.properties so the build + // falls back to debug signing (see android/app/build.gradle) and still + // produces an installable, sideload-only APK. A leading "--" means the secret + // expanded to empty and getArg picked up the next flag. + if (keyData == null || keyData.isEmpty || keyData.startsWith("--")) { + stdout.writeln( + "No Android release keystore provided; skipping release signing " + "(the APK will be debug-signed)."); + return; + } decodeAndWriteKeyFile(keyData); - writeKeyProperties(keyPassword); + writeKeyProperties(keyPassword ?? ""); }