Update workflows to 2.0.0

[matejsemancik]

Summary by CodeRabbit

• New Features

  • Added a nightly build pipeline to produce regular test builds.

• Chores

  • Pinned CI workflow references to stable versions.
  • Removed obsolete pipelines: docs auto-deploy, on-demand QA deploys, and QA deploys on merge.
  • Switched Android app versioning and release signing to use environment-provided values.
  • Updated release workflows and removed unused release inputs.

[coderabbitai]

Walkthrough

• Removed workflows: docs_deploy.yml, on_demand_deploy.yml, on_merge_pull_request.yml.
• Added on_cron.yml: nightly build workflow with a generate_version job and invocation of reusable workflow futuredapp/.../[email protected]; supports cron and manual runs and passes many inputs and secrets.
• Updated on_pull_request.yml: pinned reusable workflow references to version 2.0.0.
• Updated on_release.yml: pinned reusable workflow references to 2.0.0 and removed Android SIGNING_KEYSTORE_PATH input.
• androidApp/build.gradle.kts: versionCode/versionName and release signing credentials now read from environment variables.
• buildSrc ProjectSettings.kt: removed Android.VersionCode, Android.VersionName, and Android.Signing.Release properties.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Trigger as Scheduler / Manual
  participant GHA as GitHub Actions
  participant GV as Job: generate_version
  participant NB as Reusable Workflow\[email protected]

  Trigger->>GHA: schedule / workflow_dispatch
  GHA->>GV: run generate_version
  GV-->>GHA: output version_name
  GHA->>NB: invoke reusable workflow\n(with version_name, params, secrets)
  NB-->>GHA: run build & distribution steps
  GHA-->>Trigger: workflow completed

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title “Update workflows to 2.0.0” accurately indicates that workflow references are being bumped to version 2.0.0 but does not capture the broader scope of adding a nightly build and removing several outdated workflows, making it only partly descriptive of the full changeset.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/workflows-2.0.0

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 970163d and e8993b4.

📒 Files selected for processing (1)

• .github/workflows/on_cron.yml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/on_cron.yml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: check-ios / Test
• GitHub Check: check-android / Lint & Tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/on_release.yml (1)

26-45: Align signing secrets and provision keystore

• Replace SIGNING_KEYSTORE_PASSWORD, SIGNING_KEY_PASSWORD, SIGNING_KEY_ALIAS with the expected ANDROID_KEYSTORE_BASE64, ANDROID_KEYSTORE_PASSWORD, ANDROID_KEY_ALIAS, ANDROID_KEY_PASSWORD parameters.
• Decode ANDROID_KEYSTORE_BASE64 at runtime into a keystore file and update Gradle’s storeFile to point to that generated file.

🧹 Nitpick comments (2)

androidApp/build.gradle.kts (1)

27-28: Env‑based versioning LGTM. Consider coerceAtLeast(1) for extra safety on versionCode.

-        versionCode = System.getenv("ANDROID_BUILD_NUMBER")?.toIntOrNull() ?: 1
+        versionCode = (System.getenv("ANDROID_BUILD_NUMBER")?.toIntOrNull() ?: 1).coerceAtLeast(1)

.github/workflows/on_cron.yml (1)

31-33: Version name uniqueness on reruns.

github.run_id stays constant on rerun; include date or run_attempt/sha to avoid collisions.

-            VERSION_NAME="nightly-${{ github.run_id }}"
+            VERSION_NAME="nightly-$(date -u +%Y%m%d)-${{ github.run_number }}-${{ github.run_attempt }}"

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 57789ce and 970163d.

📒 Files selected for processing (8)

• .github/workflows/docs_deploy.yml (0 hunks)
• .github/workflows/on_cron.yml (1 hunks)
• .github/workflows/on_demand_deploy.yml (0 hunks)
• .github/workflows/on_merge_pull_request.yml (0 hunks)
• .github/workflows/on_pull_request.yml (2 hunks)
• .github/workflows/on_release.yml (2 hunks)
• androidApp/build.gradle.kts (2 hunks)
• buildSrc/src/main/kotlin/app/futured/kmptemplate/gradle/configuration/ProjectSettings.kt (0 hunks)

💤 Files with no reviewable changes (4)

• .github/workflows/on_merge_pull_request.yml
• .github/workflows/on_demand_deploy.yml
• .github/workflows/docs_deploy.yml
• buildSrc/src/main/kotlin/app/futured/kmptemplate/gradle/configuration/ProjectSettings.kt

🧰 Additional context used

📓 Path-based instructions (1)

**/*.{kt,kts}

📄 CodeRabbit inference engine (CLAUDE.md)

Max line length: 140 characters

Files:

• androidApp/build.gradle.kts

🔇 Additional comments (4)

.github/workflows/on_release.yml (1)

10-10: Pinning to 2.0.0 looks good.

.github/workflows/on_pull_request.yml (1)

11-11: Good move pinning reusable workflows to 2.0.0.

Also applies to: 16-16, 25-25

.github/workflows/on_cron.yml (2)

5-5: Cron runs Tue–Sat only. Intentional?

2–6 excludes Sun/Mon. Confirm schedule.

---

41-43: Verify Gradle task names in on_cron.yml
Ensure packageEnterpriseUniversalApk and appDistributionUploadEnterprise are valid tasks in your Android project’s plugin and buildType setup to avoid nightly CI failures.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Fail‑fast on missing signing env and support SIGNING_ fallback to match CI.*

Empty strings defer errors to signing time. Resolve early and align with workflow secrets.

-            storePassword = System.getenv("ANDROID_KEYSTORE_PASSWORD").orEmpty()
-            keyAlias = System.getenv("ANDROID_KEY_ALIAS").orEmpty()
-            keyPassword = System.getenv("ANDROID_KEY_PASSWORD").orEmpty()
+            val storePwd = System.getenv("ANDROID_KEYSTORE_PASSWORD")
+                ?: System.getenv("SIGNING_KEYSTORE_PASSWORD")
+                ?: error("Missing ANDROID_KEYSTORE_PASSWORD/SIGNING_KEYSTORE_PASSWORD")
+            val alias = System.getenv("ANDROID_KEY_ALIAS")
+                ?: System.getenv("SIGNING_KEY_ALIAS")
+                ?: error("Missing ANDROID_KEY_ALIAS/SIGNING_KEY_ALIAS")
+            val keyPwd = System.getenv("ANDROID_KEY_PASSWORD")
+                ?: System.getenv("SIGNING_KEY_PASSWORD")
+                ?: error("Missing ANDROID_KEY_PASSWORD/SIGNING_KEY_PASSWORD")
+            storePassword = storePwd
+            keyAlias = alias
+            keyPassword = keyPwd

Optionally drive the keystore path from env to avoid committing it:

-            storeFile = file("keystore/todo_your_release_keystore.keystore")
+            val ksPath = System.getenv("ANDROID_KEYSTORE_PATH") ?: "keystore/release.keystore"
+            storeFile = file(ksPath)

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	storePassword = System.getenv("ANDROID_KEYSTORE_PASSWORD").orEmpty()
	keyAlias = System.getenv("ANDROID_KEY_ALIAS").orEmpty()
	keyPassword = System.getenv("ANDROID_KEY_PASSWORD").orEmpty()
	val storePwd = System.getenv("ANDROID_KEYSTORE_PASSWORD")
	?: System.getenv("SIGNING_KEYSTORE_PASSWORD")
	?: error("Missing ANDROID_KEYSTORE_PASSWORD/SIGNING_KEYSTORE_PASSWORD")
	val alias = System.getenv("ANDROID_KEY_ALIAS")
	?: System.getenv("SIGNING_KEY_ALIAS")
	?: error("Missing ANDROID_KEY_ALIAS/SIGNING_KEY_ALIAS")
	val keyPwd = System.getenv("ANDROID_KEY_PASSWORD")
	?: System.getenv("SIGNING_KEY_PASSWORD")
	?: error("Missing ANDROID_KEY_PASSWORD/SIGNING_KEY_PASSWORD")
	storePassword = storePwd
	keyAlias = alias
	keyPassword = keyPwd

[matejsemancik]

Falling back to error if null causes crash during Gradle Sync = during configuration phase the entire script is evaluated, so we need to provide meaningful default value even if not building release type.

[coderabbitai]

@matejsemancik, you're absolutely right—I overlooked the Gradle configuration phase behavior. Since the entire script is evaluated during sync regardless of the build type, using error() would indeed break the developer experience for anyone running a simple Gradle sync or building debug variants without release signing credentials.

The current .orEmpty() approach is the appropriate solution here. It allows configuration to succeed while deferring validation to the actual signing phase, where missing credentials will naturally fail if someone attempts a release build. This strikes the right balance between validation and usability.

Thanks for the clarification!

---

✏️ Learnings added

Learnt from: matejsemancik
PR: futuredapp/kmp-futured-template#131
File: androidApp/build.gradle.kts:51-53
Timestamp: 2025-10-07T09:54:12.559Z
Learning: In Gradle build scripts, using `error()` for missing environment variables in signing configurations causes crashes during Gradle Sync because the entire script is evaluated during the configuration phase, even when not building that specific variant. Use `.orEmpty()` or provide default values instead to allow configuration to succeed, with validation deferred to actual build/signing time.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

[matejsemancik]

No problem, rookie mistake.

[coderabbitai]

@matejsemancik, appreciate the understanding! Always learning. 😊

---

🧠 Learnings used

Learnt from: matejsemancik
PR: futuredapp/kmp-futured-template#131
File: androidApp/build.gradle.kts:51-53
Timestamp: 2025-10-07T09:54:12.559Z
Learning: In Gradle build scripts, using `error()` for missing environment variables in signing configurations causes crashes during Gradle Sync because the entire script is evaluated during the configuration phase, even when not building that specific variant. Use `.orEmpty()` or provide default values instead to allow configuration to succeed, with validation deferred to actual build/signing time.

[github-actions]

	2 Warnings
⚠️	Feature or fix PR title should include JIRA-ID and short description.
⚠️	Feature or fix PR branch name should include JIRA-ID and short description.

Generated by 🚫 Danger

[github-actions]

	2 Warnings
⚠️	Feature or fix PR title should include JIRA-ID and short description.
⚠️	Feature or fix PR branch name should include JIRA-ID and short description.

	2 Messages
📖	iosAppUITests: Executed 1 test, with 0 failures (0 expected) in 6.801 (6.801) seconds
📖	iosAppTests: Executed 1 test, with 0 failures (0 expected) in 0.001 (0.001) seconds

Generated by 🚫 Danger