chore(android): rename RuStore signing secrets ANDROID_* -> ANDROID_RUSTORE_* #268

Merged
developer merged 1 commits from feature/rustore-signing-secrets into development 2026-07-14 18:21:36 +00:00
Owner

Rename the Gitea signing secrets ANDROID_*ANDROID_RUSTORE_* so the RuStore key is store-specific: RuStore self-signs (the cert is the app cert), Google Play re-signs via Play App Signing (the uploaded key is only an upload key), so a shared ANDROID_* name is ambiguous. Only the secret names changebuild.gradle keeps the store-agnostic env contract, so a future Google workflow feeds its own key into the same build.

New secret names to set: ANDROID_RUSTORE_KEYSTORE_BASE64 / ANDROID_RUSTORE_KEYSTORE_PASSWORD / ANDROID_RUSTORE_KEY_ALIAS / ANDROID_RUSTORE_KEY_PASSWORD.

Touches .gitea/workflows/android-build.yaml + deploy/README.md. ANDROID_PLAN.md refs get updated in the pending plan refresh. No functional change until the signed dispatch (needs this on master via the next promotion).

Rename the Gitea signing secrets `ANDROID_*` → `ANDROID_RUSTORE_*` so the RuStore key is store-specific: RuStore self-signs (the cert is the app cert), Google Play re-signs via Play App Signing (the uploaded key is only an upload key), so a shared `ANDROID_*` name is ambiguous. **Only the secret names change** — `build.gradle` keeps the store-agnostic env contract, so a future Google workflow feeds its own key into the same build. **New secret names to set:** `ANDROID_RUSTORE_KEYSTORE_BASE64` / `ANDROID_RUSTORE_KEYSTORE_PASSWORD` / `ANDROID_RUSTORE_KEY_ALIAS` / `ANDROID_RUSTORE_KEY_PASSWORD`. Touches `.gitea/workflows/android-build.yaml` + `deploy/README.md`. `ANDROID_PLAN.md` refs get updated in the pending plan refresh. No functional change until the signed dispatch (needs this on master via the next promotion).
developer added 1 commit 2026-07-14 18:08:27 +00:00
chore(android): rename the RuStore signing secrets ANDROID_* -> ANDROID_RUSTORE_*
CI / changes (pull_request) Successful in 2s
CI / unit (pull_request) Successful in 11s
CI / integration (pull_request) Successful in 23s
CI / ui (pull_request) Successful in 1m15s
CI / conformance (pull_request) Successful in 10s
CI / gate (pull_request) Successful in 0s
CI / deploy (pull_request) Successful in 1m59s
8d3f862b41
The signing key is store-specific: RuStore self-signs (the cert is the app cert), while Google Play re-signs via Play App Signing (the uploaded key is only the upload key). Keep a separate key per store and name the secrets accordingly. Only the Gitea secret names change; build.gradle keeps the store-agnostic env contract (ANDROID_KEYSTORE_*), so the same build serves a future Google key from its own workflow. New names: ANDROID_RUSTORE_KEYSTORE_BASE64 / _KEYSTORE_PASSWORD / _KEY_ALIAS / _KEY_PASSWORD.
owner approved these changes 2026-07-14 18:09:38 +00:00
developer merged commit 0e56e4de9a into development 2026-07-14 18:21:36 +00:00
developer deleted branch feature/rustore-signing-secrets 2026-07-14 18:21:36 +00:00
Sign in to join this conversation.
No Reviewers
No Label
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: developer/scrabble-game#268