Developing apps with Flutter framework is easy. Deploying the apps for testing/release is not, especially if continuous development work is carried out on regular basis. This is where CI/CD pipelines come in handy. In this blog, we’ll look at how we can configure a CI/CD pipleline for our Flutter app, for both Android and iOS.
This article is split into two parts, Part-1 focuses on Android and Part-2 on iOS with Fastlane.
The Challenge
To form a plan of attack, let’s break down the task into individual story points. Here in Part-1, we’ll focus on the Android configuration.
- Environment setup
- Creating signing key
- Generate build
- Deploy the build to Firebase App Distribution.
Our Toolset
Before we proceed any further, let’s mention the tools that we’ll use to solve the problem
- GitHub (Obviously. To generate build and to store our keys and passwords)
- GPG (To create the signing key. A Linux system is required to create the GPG encryption key)
- Firebase App Distribution (To distribute the generated build).
- Various GitHub actions apps, to generate build.
Setting up the Environment
Before we start writing the script for the GitHub actions, we need to do some setup work.
First off, we need to setup Git and Android and iOS apps in Firebase console. You can refer to the links provided and finish setting up Git and Firebase apps.
Setup Android and iOS apps in Firebase
For signed Android builds, we need to create a signing certificate. If you haven’t got one already generate a signing key.
For Mac
keytool -genkey -v -keystore ~/key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias release
For Windows
keytool -genkey -v -keystore c:/Users/USER_NAME/key.jks -storetype JKS -keyalg RSA -keysize 2048 -validity 10000 -alias release
Remember your key password, your alias name and your alias password. Copy key.jks to <yourproject>/android folder.
Configure Gradle
Open up app/build.gradle and find the line that says
buildTypes {
release {
// TODO: Add your own signing config for the release build.
// Signing with the debug keys for now, so `flutter run --release` works.
signingConfig signingConfigs.debug
}
}
Replace them with this
signingConfigs{
release {
keyAlias keystoreProperties['keyAlias']
keyPassword keystoreProperties['keyPassword']
storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : nullstorePassword keystoreProperties['storePassword']
}
}buildTypes {
release {
signingConfig signingConfigs.release
}
}
We’ll also configure a key.properties file to read key alias and password when generating builds.
Create a file named [project]/android/key.properties that contains a reference to your keystore:
storePassword=<password from previous step>
keyPassword=<password from previous step>
keyAlias=upload
storeFile=<location of the key store file, such as /Users/<user name>/upload-keystore.jks>
Also, update android/build.gradle to use the key.properties to load the signing certificate
def keystoreProperties = new Properties()
def keystorePropertiesFile = rootProject.file('key.properties')
if (keystorePropertiesFile.exists()) {
keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
}
Release keystore cannot be checked to GitHub or shared online. Hence we need to encrypt the key and store in GitHub secrets.
At this point, you should have permissions to add/edit/update secrets on the Git repo. If not, request repo owner for permissions.
Github Action Secrets
Secrets are encrypted environment variables that you create in an organization, repository, or repository environment. The secrets that you create are available to use in GitHub Actions workflows. From the Settings tab of any repository, there’s an option to add a GitHub Actions secret. Simply provide a name for the secret and a corresponding value and click the Add secret button.
Here’s how a reference to a GitHub Actions secret would present itself in a YAML build file:
