#!/bin/bash # ============================================================================= # GitHub Secrets Setup Helper # ============================================================================= # This script helps you configure GitHub Secrets for APK signing # # Usage: # ./setup-mobile-github-secrets.sh # # Reference: docs/RELEASE/APK_SIGNING_SETUP.md # ============================================================================= set -e REPO_ROOT=$(git rev-parse --show-toplevel) cd "$REPO_ROOT" echo "🔐 GitHub Secrets Setup Helper for APK Signing" echo "================================================" echo "" # Colors for output GREEN='\033[0;32m' YELLOW='\033[1;33m' RED='\033[0;31m' NC='\033[0m' # No Color # Track successful secret generations SECRETS_FOUND=0 TOTAL_SECRETS=24 # ============================================================================= # Helper Functions # ============================================================================= print_secret_config() { local app=$1 local env=$2 local keystore_path=$3 local password=$4 local alias=$5 local key_password=$6 local app_upper=$(echo "$app" | tr '[:lower:]' '[:upper:]') local env_upper=$(echo "$env" | tr '[:lower:]' '[:upper:]') echo "" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo " ${app_upper} Mobile - ${env_upper} Environment" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" if [ -f "$keystore_path" ]; then echo -e "${GREEN}✅ Keystore found:${NC} $keystore_path" # Show keystore info echo "" echo "📋 Keystore Information:" keytool -list -v -keystore "$keystore_path" -storepass "$password" 2>/dev/null | head -n 15 || echo " (Use keytool to inspect)" # Generate base64 echo "" echo "📦 Base64 Encoded Keystore:" echo "" BASE64_OUTPUT=$(base64 -i "$keystore_path") echo "$BASE64_OUTPUT" echo "" echo "GitHub Secrets to create:" echo "" echo " ${app_upper}_KEYSTORE_${env_upper}_BASE64" echo " ${app_upper}_KEYSTORE_PASSWORD_${env_upper} = $password" echo " ${app_upper}_KEY_ALIAS_${env_upper} = $alias" echo " ${app_upper}_KEY_PASSWORD_${env_upper} = $key_password" echo "" # Increment success counter (4 secrets per keystore) SECRETS_FOUND=$((SECRETS_FOUND + 4)) else echo -e "${YELLOW}⚠️ Keystore not found:${NC} $keystore_path" echo "" echo "This keystore should be stored securely (CodeMagic or secure storage)." echo "" fi } # ============================================================================= # Worker Mobile (Staff App) # ============================================================================= echo "" echo "═══════════════════════════════════════════════════════" echo " WORKER MOBILE (Staff App) Configuration" echo "═══════════════════════════════════════════════════════" # DEV Environment print_secret_config \ "worker" \ "dev" \ "$REPO_ROOT/apps/mobile/apps/staff/android/app/krow_with_us_staff_dev.jks" \ "krowwithus" \ "krow_staff_dev" \ "krowwithus" # STAGING Environment print_secret_config \ "worker" \ "staging" \ "$REPO_ROOT/keystores/krow_staff_staging.jks" \ "YOUR_STAGING_PASSWORD" \ "krow_staff_staging" \ "YOUR_STAGING_KEY_PASSWORD" # PROD Environment print_secret_config \ "worker" \ "prod" \ "$REPO_ROOT/keystores/krow_staff_prod.jks" \ "YOUR_PROD_PASSWORD" \ "krow_staff_prod" \ "YOUR_PROD_KEY_PASSWORD" # ============================================================================= # Client Mobile # ============================================================================= echo "" echo "═══════════════════════════════════════════════════════" echo " CLIENT MOBILE Configuration" echo "═══════════════════════════════════════════════════════" # DEV Environment print_secret_config \ "client" \ "dev" \ "$REPO_ROOT/apps/mobile/apps/client/android/app/krow_with_us_client_dev.jks" \ "krowwithus" \ "krow_client_dev" \ "krowwithus" # STAGING Environment print_secret_config \ "client" \ "staging" \ "$REPO_ROOT/keystores/krow_client_staging.jks" \ "YOUR_STAGING_PASSWORD" \ "krow_client_staging" \ "YOUR_STAGING_KEY_PASSWORD" # PROD Environment print_secret_config \ "client" \ "prod" \ "$REPO_ROOT/keystores/krow_client_prod.jks" \ "YOUR_PROD_PASSWORD" \ "krow_client_prod" \ "YOUR_PROD_KEY_PASSWORD" # ============================================================================= # Summary # ============================================================================= echo "" echo "═══════════════════════════════════════════════════════" echo " SUMMARY" echo "═══════════════════════════════════════════════════════" echo "" echo "Total secrets needed: ${TOTAL_SECRETS}" echo "Secrets successfully generated: ${SECRETS_FOUND}" echo "" echo " • 6 keystores (base64 encoded)" echo " • 6 keystore passwords" echo " • 6 key aliases" echo " • 6 key passwords" echo "" if [ $SECRETS_FOUND -gt 0 ]; then echo "Generated secrets to add to GitHub:" echo "" # Worker Dev Secrets if [ -f "$REPO_ROOT/apps/mobile/apps/staff/android/app/krow_with_us_staff_dev.jks" ]; then echo " ✅ WORKER_KEYSTORE_DEV_BASE64" echo " $(base64 -i "$REPO_ROOT/apps/mobile/apps/staff/android/app/krow_with_us_staff_dev.jks")" echo "" echo " ✅ WORKER_KEYSTORE_PASSWORD_DEV" echo " krowwithus" echo "" echo " ✅ WORKER_KEY_ALIAS_DEV" echo " krow_staff_dev" echo "" echo " ✅ WORKER_KEY_PASSWORD_DEV" echo " krowwithus" echo "" fi # Client Dev Secrets if [ -f "$REPO_ROOT/apps/mobile/apps/client/android/app/krow_with_us_client_dev.jks" ]; then echo " ✅ CLIENT_KEYSTORE_DEV_BASE64" echo " $(base64 -i "$REPO_ROOT/apps/mobile/apps/client/android/app/krow_with_us_client_dev.jks")" echo "" echo " ✅ CLIENT_KEYSTORE_PASSWORD_DEV" echo " krowwithus" echo "" echo " ✅ CLIENT_KEY_ALIAS_DEV" echo " krow_client_dev" echo "" echo " ✅ CLIENT_KEY_PASSWORD_DEV" echo " krowwithus" echo "" fi fi if [ $SECRETS_FOUND -lt $TOTAL_SECRETS ]; then echo "Missing secrets (keystores not found):" echo "" if [ ! -f "$REPO_ROOT/keystores/krow_staff_staging.jks" ]; then echo " ⚠️ WORKER_KEYSTORE_STAGING_BASE64" echo " ⚠️ WORKER_KEYSTORE_PASSWORD_STAGING" echo " ⚠️ WORKER_KEY_ALIAS_STAGING" echo " ⚠️ WORKER_KEY_PASSWORD_STAGING" fi if [ ! -f "$REPO_ROOT/keystores/krow_staff_prod.jks" ]; then echo " ⚠️ WORKER_KEYSTORE_PROD_BASE64" echo " ⚠️ WORKER_KEYSTORE_PASSWORD_PROD" echo " ⚠️ WORKER_KEY_ALIAS_PROD" echo " ⚠️ WORKER_KEY_PASSWORD_PROD" fi if [ ! -f "$REPO_ROOT/keystores/krow_client_staging.jks" ]; then echo " ⚠️ CLIENT_KEYSTORE_STAGING_BASE64" echo " ⚠️ CLIENT_KEYSTORE_PASSWORD_STAGING" echo " ⚠️ CLIENT_KEY_ALIAS_STAGING" echo " ⚠️ CLIENT_KEY_PASSWORD_STAGING" fi if [ ! -f "$REPO_ROOT/keystores/krow_client_prod.jks" ]; then echo " ⚠️ CLIENT_KEYSTORE_PROD_BASE64" echo " ⚠️ CLIENT_KEYSTORE_PASSWORD_PROD" echo " ⚠️ CLIENT_KEY_ALIAS_PROD" echo " ⚠️ CLIENT_KEY_PASSWORD_PROD" fi echo "" echo "Retrieve missing keystores from CodeMagic Team Settings or secure storage." fi echo "" echo "To configure GitHub Secrets:" echo "" echo " 1. Go to: https://github.com/Oloodi/krow-workforce/settings/secrets/actions" echo " 2. Click 'New repository secret'" echo " 3. Add each secret listed above" echo "" echo "For complete documentation, see:" echo " docs/RELEASE/APK_SIGNING_SETUP.md" echo "" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo ""