Skip to content

enh(CI): Unify staging deploys into single dispatch workflow#201

Merged
nfebe merged 2 commits into
devfrom
refactor/ci-pipeline
Jun 9, 2026
Merged

enh(CI): Unify staging deploys into single dispatch workflow#201
nfebe merged 2 commits into
devfrom
refactor/ci-pipeline

Conversation

@austin047

Copy link
Copy Markdown
Collaborator

Description

Update the GitHub staging deployment pipeline

Type of Change

  • ✨ New feature (non-breaking change which adds functionality)
  • 🛠️ Bug fix (non-breaking change which fixes an issue)
  • ❌ Breaking change (fix or feature that would cause existing functionality to change)
  • 🧹 Code refactor
  • ✅ Build configuration change
  • 📝 Documentation
  • 🗑️ Chore

@austin047 austin047 marked this pull request as ready for review June 9, 2026 13:10
@sourceant

sourceant Bot commented Jun 9, 2026

Copy link
Copy Markdown

Code Review Summary

This PR consolidates the Android and iOS staging deployment workflows into a single workflow_dispatch enabled pipeline. It also includes some database migration refactoring and dependency downgrades in pubspec.lock.

🚀 Key Improvements

  • Unified CI management for staging builds.
  • Added manual trigger with platform selection (Android/iOS/Both).
  • Simplified database migration logic.

💡 Minor Suggestions

  • Fix Xcode and Flutter version strings to match real-world releases.
  • Add a cleanup step for sensitive credential files.

🚨 Critical Issues

  • The specified Xcode version 26 does not exist and will break the iOS pipeline.

@sourceant sourceant Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review complete. See the overview comment for a summary.

channel: ${{ env.FLUTTER_CHANNEL }}
cache: true

- name: Install Firebase CLI

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Installing firebase-tools and flutterfire_cli globally on every run is slow and can lead to version drift. Since the workflow uses Fastlane, it is better to manage these dependencies within the Ruby environment (using fastlane plugins) or only install them if strictly necessary for custom shell scripts. Additionally, manually modifying GITHUB_PATH for the pub cache is often unnecessary if using the subosito/flutter-action properly.

Suggested change
- name: Install Firebase CLI
- name: Install Firebase CLI
run: npm install -g firebase-tools
- name: Install FlutterFire CLI
run: dart pub global activate flutterfire_cli

@sourceant sourceant Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review complete. See the overview comment for a summary.

env:
FLUTTER_VERSION: "3.38.9"
FLUTTER_CHANNEL: "stable"
XCODE_VERSION: "26"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Xcode version '26' is invalid. Current stable major versions are 15 or 16. Using an incorrect version will cause the macos-latest runner to fail when locating the Xcode installation.

Suggested change
XCODE_VERSION: "26"
XCODE_VERSION: "16"

env:
GOOGLE_SERVICES_ACCOUNT_BASE64: ${{ secrets.GOOGLE_SERVICES_ACCOUNT_BASE64 }}
CREDENTIAL_FILE_CONTENT: ${{ secrets.CREDENTIAL_FILE_CONTENT }}
run: |

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Writing sensitive credentials to the filesystem should be followed by a cleanup step, or better yet, passed via environment variables directly if the CLI supports it. If files are necessary, ensure they are not uploaded as artifacts or left in a shared environment.

Suggested change
run: |
run: |
printf '%s' "$GOOGLE_SERVICES_ACCOUNT_BASE64" | base64 --decode > google_service_account.json
printf '%s' "$CREDENTIAL_FILE_CONTENT" > service_credentials_content.json
# Add to .gitignore dynamically or ensure cleanup
echo "google_service_account.json" >> .gitignore

if (from < 4) {
await _schemaUpgrade(m, from, 4);
}
await _schemaUpgrade(m, from, to);

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While refactoring to use dynamic to version is cleaner, ensure that _schemaUpgrade logic is exhaustive and handles every version jump between from and to. If it only contains logic up to version 4, jumping to version 5 might fail silently or corrupt data.

Suggested change
await _schemaUpgrade(m, from, to);
if (from < to) {
await _schemaUpgrade(m, from, to);
}

@austin047 austin047 requested a review from nfebe June 9, 2026 13:28
@nfebe nfebe merged commit 4e89dcd into dev Jun 9, 2026
3 checks passed
@nfebe nfebe deleted the refactor/ci-pipeline branch June 9, 2026 13:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants