# GitHub Secrets Checklist for APK Signing **Quick reference for repository secret configuration** 📍 **Configure at**: Repository Settings → Secrets and variables → Actions --- ## ✅ Worker Mobile (Staff App) - 12 Secrets ### Dev Environment - [ ] `WORKER_KEYSTORE_DEV_BASE64` - [ ] `WORKER_KEYSTORE_PASSWORD_DEV` - [ ] `WORKER_KEY_ALIAS_DEV` - [ ] `WORKER_KEY_PASSWORD_DEV` ### Staging Environment - [ ] `WORKER_KEYSTORE_STAGING_BASE64` - [ ] `WORKER_KEYSTORE_PASSWORD_STAGING` - [ ] `WORKER_KEY_ALIAS_STAGING` - [ ] `WORKER_KEY_PASSWORD_STAGING` ### Production Environment - [ ] `WORKER_KEYSTORE_PROD_BASE64` - [ ] `WORKER_KEYSTORE_PASSWORD_PROD` - [ ] `WORKER_KEY_ALIAS_PROD` - [ ] `WORKER_KEY_PASSWORD_PROD` --- ## ✅ Client Mobile - 12 Secrets ### Dev Environment - [ ] `CLIENT_KEYSTORE_DEV_BASE64` - [ ] `CLIENT_KEYSTORE_PASSWORD_DEV` - [ ] `CLIENT_KEY_ALIAS_DEV` - [ ] `CLIENT_KEY_PASSWORD_DEV` ### Staging Environment - [ ] `CLIENT_KEYSTORE_STAGING_BASE64` - [ ] `CLIENT_KEYSTORE_PASSWORD_STAGING` - [ ] `CLIENT_KEY_ALIAS_STAGING` - [ ] `CLIENT_KEY_PASSWORD_STAGING` ### Production Environment - [ ] `CLIENT_KEYSTORE_PROD_BASE64` - [ ] `CLIENT_KEYSTORE_PASSWORD_PROD` - [ ] `CLIENT_KEY_ALIAS_PROD` - [ ] `CLIENT_KEY_PASSWORD_PROD` --- ## 📦 Total: 24 Secrets **Status**: ⬜ Not Started | 🟡 In Progress | ✅ Complete --- ## 🔧 Quick Setup Commands ### Generate base64 for existing keystores: ```bash # Worker Mobile Dev (already in repo) base64 -i apps/mobile/apps/staff/android/app/krow_with_us_staff_dev.jks # Client Mobile Dev (already in repo) base64 -i apps/mobile/apps/client/android/app/krow_with_us_client_dev.jks # For staging/prod keystores (retrieve from secure storage first): base64 -i /path/to/krow_staff_staging.jks base64 -i /path/to/krow_staff_prod.jks base64 -i /path/to/krow_client_staging.jks base64 -i /path/to/krow_client_prod.jks ``` ### Or use the helper script: ```bash .github/scripts/setup-mobile-github-secrets.sh ``` --- ## 📋 Dev Environment Values (Public - Already in Repo) **Worker Mobile:** - Password: `krowwithus` - Alias: `krow_staff_dev` - Key Password: `krowwithus` - Keystore: `apps/mobile/apps/staff/android/app/krow_with_us_staff_dev.jks` **Client Mobile:** - Password: `krowwithus` - Alias: `krow_client_dev` - Key Password: `krowwithus` - Keystore: `apps/mobile/apps/client/android/app/krow_with_us_client_dev.jks` --- ## 🚨 Important Notes 1. **Staging/Production keystores** should NEVER be committed to the repository 2. Retrieve staging/prod keystores from: - CodeMagic Team Settings → Code signing identities - Or your organization's secure key management system 3. Keep keystore passwords in a password manager 4. Test with **dev environment first** before configuring staging/prod --- ## 📚 Related Documentation - [Complete Setup Guide](./APK_SIGNING_SETUP.md) - [Release Workflow](./MOBILE_RELEASE_PLAN.md)