fix(android): guard release signingConfig on missing storeFile

[ValwareIRC]

Summary

The Tauri Android jobs (`publish-android` + `publish-android-google-play-internal`) on main started failing after #198 with:

```

A failure occurred while executing com.android.build.gradle.tasks.PackageAndroidArtifact$IncrementalSplitterRunnable
SigningConfig "release" is missing required property "storeFile".
```

The new `signingConfigs { release { ... } }` block in src-tauri/gen/android/app/build.gradle.kts falls back to `/.android/debug.keystore` when no `keystore.properties` is present. GitHub-hosted runners ship without `/.android/debug.keystore`, so the release signingConfig ends up half-initialised (`storeFile == null`). The unconditional `signingConfig = signingConfigs.getByName("release")` on the release build type then propagated the bad config into `packageUniversalRelease`.

The workflow signs the AAB/APK via `apksigner` after the gradle build, so the build itself doesn't need a configured signer — we just need gradle to produce an unsigned artifact.

This guards the assignment on `releaseSign.storeFile != null`. With a real keystore present (Play Store sign-in-place builds), the signing happens during gradle as before. Without one (CI), the artifact comes out unsigned and the workflow's apksigner step takes over.

Test plan

• CI's `Tauri Build and Publish > publish-android` job reaches the apksigner step
• `publish-android-google-play-internal` likewise reaches its signing step
• Local `npm run tauri android build` still produces a signed APK when `~/.android/debug.keystore` exists (dev sideload path)

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)

• src-tauri/gen/android/app/build.gradle.kts is excluded by !**/gen/**

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 4ac745f9-307e-418b-bad7-48cd1dcd8756

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/android-signing-storefile-guard

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Preview URL: https://fix-android-signing-storefil.obsidianirc.pages.dev

Automated deployment preview for the PR in the Cloudflare Pages.