Configure android gradle release build type

[ashtanko]

Summary by CodeRabbit

• Chores
  • Configured proper Android release signing, replacing debug signing for production-ready builds.
  • Enabled V1 and V2 signing for broader device compatibility.
  • Turned on code minification and resource shrinking to reduce app size.
  • Applied optimized obfuscation rules to protect code and improve runtime efficiency.
  • Result: smaller downloads, faster installs, and more reliable publishing to app stores.

[coderabbitai]

Walkthrough

Configures Android release signing to load credentials from key.properties, defines a dedicated release signingConfig with V1/V2 signing, and updates the release build type to enable minification, resource shrinking, and ProGuard optimization, switching signing from debug to the new release configuration.

Changes

Cohort / File(s)	Summary of Changes
Android Gradle config android/app/build.gradle.kts	- Add top-level keystorePropertiesFile and keystoreProperties to load from key.properties when present - Define signingConfigs.release with V1/V2 signing and values from keystoreProperties (storeFile, storePassword, keyAlias, keyPassword) - Update buildTypes.release: enable minify and shrinkResources, add ProGuard optimize+rules, use signingConfigs.release

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Dev as Developer
  participant Gradle as Gradle (Android)
  participant FS as File System
  participant Props as keystoreProperties
  participant SC as signingConfigs.release
  participant BT as buildTypes.release

  Dev->>Gradle: assembleRelease
  Gradle->>FS: Check key.properties
  alt key.properties exists
    FS-->>Gradle: Provide file
    Gradle->>Props: Load Properties
  else
    Gradle-->>Props: Initialize empty Properties
  end

  Gradle->>SC: Configure V1/V2 + storeFile/password + keyAlias/password from Props
  Gradle->>BT: Enable minify, shrinkResources, ProGuard optimize + rules
  Gradle->>BT: Set signingConfig = SC
  Gradle-->>Dev: Build signed, optimized release APK/AAB

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• Configure flutter Android releases on the CI #26 — Adds CI steps to generate key.properties and keystore for Android release builds, directly supplying the values consumed by the new property-driven release signing configuration.

Poem

A carrot-orange keystore, snug on the lane,
I hop through Gradle fields after the rain.
V1, V2—two stamps on the seal,
ProGuard whispers, trims with zeal.
Shrink the twigs, sign the tree—
At last, a polished APK for me! 🥕📦

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The PR title "Configure android gradle release build type" succinctly and accurately describes the primary change in the changeset—configuring the Android Gradle release build (signing config, minification, resource shrinking, and ProGuard). It is specific and clear enough for a teammate scanning the project history.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/android_release_gradle_config

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Please see the documentation for more information.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

android/app/build.gradle.kts (2)

11-16: Close the stream when loading key.properties (avoid leak) and simplify.

Use inputStream().use { … } to auto-close; drops the need for FileInputStream import.

Apply this diff:

-val keystoreProperties = Properties().apply {
-    if (keystorePropertiesFile.exists()) {
-        load(FileInputStream(keystorePropertiesFile))
-    }
-}
+val keystoreProperties = Properties().apply {
+    if (keystorePropertiesFile.exists()) {
+        keystorePropertiesFile.inputStream().use { load(it) }
+    }
+}

---

1-2: Remove now-unneeded import.

Apply this diff if you switch to inputStream().use:

 import java.util.Properties
-import java.io.FileInputStream

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 84b95f3 and 3059f80.

📒 Files selected for processing (1)

• android/app/build.gradle.kts (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Codacy Static Code Analysis
• GitHub Check: App
• GitHub Check: Flutter Integration Tests (31)

🔇 Additional comments (1)

android/app/build.gradle.kts (1)

86-91: Minify + shrink resources: run a prodRelease sanity check.

proguard-rules.pro present (android/app/proguard-rules.pro); key.properties is not committed and is listed in android/.gitignore — run a prodRelease build and quick smoke tests (cold start + main flows) to confirm R8/resource shrinking didn't strip required classes/resources.

[coderabbitai]

⚠️ Potential issue

Use create(...) instead of register(...) for signingConfigs; add v3/v4 signing; tighten property reads.

register may not be supported on this container and can fail to configure the signing config. Also enable V3/V4 signing and use getProperty for typed reads.

Apply this diff:

-    signingConfigs {
-        register("release") {
-            enableV1Signing = true
-            enableV2Signing = true
-
-            storeFile = keystoreProperties["storeFile"]?.let { file(it) }
-            storePassword = keystoreProperties["storePassword"] as String?
-            keyAlias = keystoreProperties["keyAlias"] as String?
-            keyPassword = keystoreProperties["keyPassword"] as String?
-        }
-    }
+    signingConfigs {
+        create("release") {
+            enableV1Signing = true
+            enableV2Signing = true
+            enableV3Signing = true
+            enableV4Signing = true
+
+            keystoreProperties.getProperty("storeFile")?.let { storeFile = file(it) }
+            storePassword = keystoreProperties.getProperty("storePassword")
+            keyAlias = keystoreProperties.getProperty("keyAlias")
+            keyPassword = keystoreProperties.getProperty("keyPassword")
+        }
+    }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	signingConfigs {
	register("release") {
	enableV1Signing = true
	enableV2Signing = true
	storeFile = keystoreProperties["storeFile"]?.let { file(it) }
	storePassword = keystoreProperties["storePassword"] as String?
	keyAlias = keystoreProperties["keyAlias"] as String?
	keyPassword = keystoreProperties["keyPassword"] as String?
	}
	}
	signingConfigs {
	create("release") {
	enableV1Signing = true
	enableV2Signing = true
	enableV3Signing = true
	enableV4Signing = true
	keystoreProperties.getProperty("storeFile")?.let { storeFile = file(it) }
	storePassword = keystoreProperties.getProperty("storePassword")
	keyAlias = keystoreProperties.getProperty("keyAlias")
	keyPassword = keystoreProperties.getProperty("keyPassword")
	}
	}

🤖 Prompt for AI Agents

In android/app/build.gradle.kts around lines 72-82, replace
signingConfigs.register("release") with signingConfigs.create("release"), enable
V3/V4 signing by setting enableV3Signing = true and enableV4Signing = true, and
tighten property reads by using
keystoreProperties.getProperty("storeFile")/getProperty("storePassword")/getProperty("keyAlias")/getProperty("keyPassword")
(and only call file(...) if storeFile is non-null), so typed property access is
used instead of unchecked casts and the signing config is created with V1–V4
signing enabled.

[coderabbitai]

⚠️ Potential issue

Don’t hard-fail local release builds when key.properties is absent; gate signing or scope it to prod flavor.

As-is, devRelease/qaRelease will require real signing keys. Prefer a conditional fallback to debug signing locally (or assign release signing only to prod flavor).

Option A (inline fallback):

-            signingConfig = signingConfigs.getByName("release")
+            signingConfig = if (keystorePropertiesFile.exists())
+                signingConfigs.getByName("release")
+            else
+                signingConfigs.getByName("debug")

Option B (scope to prod flavor):

-    buildTypes {
-        release {
+    buildTypes {
+        release {
             ...
-            signingConfig = signingConfigs.getByName("release")
+        }
+    }
+    productFlavors {
+        // existing dev/qa/prod...
+        getByName("prod") {
+            signingConfig = signingConfigs.getByName("release")
         }
     }

Also verify that proguard-rules.pro exists and includes any Flutter/reflective keep rules to avoid runtime crashes after minification.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	isMinifyEnabled = true
	isShrinkResources = true
	proguardFiles(
	getDefaultProguardFile("proguard-android-optimize.txt"),
	"proguard-rules.pro"
	)
	signingConfig = signingConfigs.getByName("release")
	}
	isMinifyEnabled = true
	isShrinkResources = true
	proguardFiles(
	getDefaultProguardFile("proguard-android-optimize.txt"),
	"proguard-rules.pro"
	)
	signingConfig = if (keystorePropertiesFile.exists())
	signingConfigs.getByName("release")
	else
	signingConfigs.getByName("debug")
	}

🤖 Prompt for AI Agents

In android/app/build.gradle.kts around lines 86 to 93, the release build
currently hard-fails when signing keys (key.properties) are missing causing
devRelease/qaRelease to require production keys; change the config to either (A)
conditionally apply the release signingConfig only when key.properties is
present (fall back to debug signing for local/dev builds) or (B) move/assign the
release signingConfig only to the prod flavor block so dev/qa builds use debug
signing, and ensure the signingConfig lookup is guarded to avoid exceptions;
additionally verify proguard-rules.pro exists in the project and include
necessary Flutter/reflective -keep rules to prevent runtime crashes after
minification.

[codacy-production]

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation	Diff coverage
✅ +0.00% (target: -1.00%)	✅ ∅

Coverage variation details

	Coverable lines	Covered lines	Coverage
Common ancestor commit (9880eeb)	3077	2409	78.29%
Head commit (3059f80)	3077 (+0)	2409 (+0)	78.29% (+0.00%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details

	Coverable lines	Covered lines	Diff coverage
Pull request (#46)	0	0	∅ (not applicable)

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 83.80%. Comparing base (9880eeb) to head (3059f80).
⚠️ Report is 9 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #46   +/-   ##
=======================================
  Coverage   83.80%   83.80%           
=======================================
  Files         118      118           
  Lines        2451     2451           
=======================================
  Hits         2054     2054           
  Misses        397      397           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.